LESSON ONE: DON'T DO IT AGAIN

The Department of Computer Science at Princeton University has produced an eye-opening report into the lessons of the Sony-BMG copy protection debacle [pdf document] - it doesn't consider, of course, the financial costs incurred by Sony-BMG settling the claims raising rising from their botched Digital Rights Management system, or the terrible PR disaster, but instead focuses on the technology aspects.

The team spend some time knocking up a simple proof-of-concept model which explains how simple it actually was to switch off the DRM anyway, before moving on to point out that the system Sony-BMG was using relies on the autorun feature which is probably going to be disabled in Windows Vista (in other words, Sony had spent the cash on a system which would be bordering on obsolete in a few months), and concludes that the companies which produce the DRM offer a service which doesn't actually match what the record labels want it do; and which doesn't actually have anything to with the copyright laws they're meant to be protecting:

"[T]he design of DRM systems is only weakly connected to the contours of copyright law. The systems make no pretense of enforcing copyright law as written, but instead seek to enforce rules dictated by the label’s and vendor’s business models. These rules, and the technologies that try to enforce them, implicate other public policy concerns, such as privacy and security.

There's one final sting in the document, with a sly glance at the heavy-handedness of the entertainment industry:

Sadly, research of this type does seem to require support from a team of lawyers.

music sony bmg