How the war on hackers is picking our pockets and risking our lives

You wouldn't steal a car… so why steal our ability to rip DVDs?

Photograph: Getty Images

Yesterday, Sense About Science held its annual lecture, given by author and activist Cory Doctorow (of Boing Boing fame). Doctorow's talk was on the topic of internet freedom (and will apparently be posted on the Guardian's website shortly, I'll add a link here when it is), but there was one particular point that stuck with me.

If you'd bought a CD and a DVD in 1997, and stuck them in a vault for a decade, you would expect to pick them up in 2007 and be disappointed with this decade-old technology. After all, what is high-tech now is often out-of-date within ten months, let alone ten years.

That's largely true of DVDs: when you put it in the vault, it was a disc you could put in a player and use to watch a movie; when you take it out of the vault, it's a disc you can put in a player and use to watch a movie which is much lower quality than the Blu-Ray discs that are just beginning to hit the mainstream.

But the CD you put in the vault – which can only be put into a CD player and played – comes out as something which you can rip, remix, use to soundtrack your home movies, carry around with a hundred others on a portable player smaller than the disk itself, and so on. In his words, what you've got is appreciation in value; rather than your technology getting less valuable over time, it's got moreso.

The difference between CDs and DVDs, of course, is DRM (digital rights management, also known as copy protection). The need for copyright holders to prevent piracy has resulted in valuable features being "picked from your pocket".

But there's an interesting addendum to that argument, which was less touched-upon. Copy-protection is frequently seen as a technical matter. In fact, the beginning of Doctorow's talk consisted of laying out the reasons why the technology of copy-protection was doomed to fail: whereas normal encryption relies on Alice and Bob hiding a shared secret from Carol, copy protection involves Alice giving Bob the encrypted information, the keys to decrypt it, and instructions on how to use them – and then still hoping that Bob won't be able to keep the plain text.

But the copy-protection on DVDs was broken years ago. You can rip movies from them (and I know how, coincidentally, because I learned it from Cory Doctorow eight years ago); the distinction isn't in the effectiveness of the copy-protection, but the laws surrounding it. The fact that it remains illegal in most countries to ship software which breaks copy-protection is why, for instance, iTunes can rip CDs but not DVDs; which is in turn a large part of the reason why there never was a portable video player which was as successful as the iPod for music.

Of course, the point of DRM is never to reduce piracy. It utterly fails at that nearly every time it's implemented. Instead, as Google's Ian Hickson writes, it's to introduce a pathway of control from the content creators to the manufacturers of playback devices:

DRM is working really well in the video and book space. Sure, the DRM systems have all been broken, but that doesn't matter to the DRM proponents. Licensed DVD players still enforce the restrictions. Mass market providers can't create unlicensed DVD players, so they remain a black or gray market curiosity. DRM failed in the music space not because DRM is doomed, but because the content providers sold their digital content without DRM, and thus enabled all kinds of players they didn't expect (such as "MP3" players). Had CDs been encrypted, iPods would not have been able to read their content, because the content providers would have been able to use their DRM contracts as leverage to prevent it.

DRM is increasingly a legal construct than a technological one. The technical screw-ups, like Sony's rootkit debacle – when the company involuntarily installed DRM software on users' computers which left them vulnerable to malware – are being replaced with bad laws papering over sticking-plaster DRM.

And that's where we rejoin Doctorow's talk. As he said, summing up his own argument in the Q&A after, water-borne parasites can kill us, but few of us worry about that possibility in the developed world because we know that people smarter than us are alert to the possibility, and would warn the world if they found something dangerous. Our computers can, literally, kill us; but in an effort to support the power-struggles between the content and technology industries, we're locking up the hackers who give us the forewarning we need to make it out the other side.