Digital rights management

Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM), such as access control technologies, can restrict the use of proprietary hardware and copyrighted works. DRM technologies govern the use, modification and distribution of copyrighted works (e.g. software, multimedia content) and of systems that enforce these policies within devices. DRM technologies include licensing agreements and encryption.

Laws in many countries criminalize the circumvention of DRM, communication about such circumvention, and the creation and distribution of tools used for such circumvention. Such laws are part of the United States' Digital Millennium Copyright Act (DMCA), and the European Union's Information Society Directive – with the French DADVSI an example of a member state of the European Union implementing that directive.

Copyright holders argue that DRM technologies are necessary to protect intellectual property, just as physical locks prevent personal property from theft. For examples, they can help the copyright holders for maintaining artistic controls, and supporting licenses' modalities such as rentals. Industrial users (i.e. industries) have expanded the use of DRM technologies to various hardware products, such as Keurig's coffeemakers, Philips' light bulbs,  mobile device power chargers,   and John Deere's tractors. For instance, tractor companies try to prevent farmers from making repairs via DRM.

DRM is controversial. There is an absence of evidence about the DRM capability in preventing copyright infringement, some complaints by legitimate customers for caused inconveniences, and a suspicion of stifling innovation and competition. Furthermore, works can become permanently inaccessible if the DRM scheme changes or if a required service is discontinued. DRM technologies have been criticized for restricting individuals from copying or using the content legally, such as by fair use or by making backup copies. DRM is in common use by the entertainment industry (e.g., audio and video publishers). Many online stores such as OverDrive use DRM technologies, as do cable and satellite service operators. Apple removed DRM technology from iTunes around 2009. Typical DRM also prevents lending materials out through a library, or accessing works in the public domain.

Introduction
The rise of digital media and analog-to-digital conversion technologies has increased the concerns of copyright-owners, particularly within the music and video industries. While analog media inevitably lose quality with each copy generation and during normal use, digital media files may be duplicated without limit with no degradation. Digital devices make it convenient for consumers to convert (rip) media originally in a physical, analog or broadcast form into a digital form for portability or later use. Combined with the Internet and file-sharing tools, made unauthorized distribution of copyrighted content (digital piracy) much easier.

History
DRM became a major concern with the growth of the Internet in the 1990s, as piracy crushed CD sales and online video became popular. It peaked in the early 2000s as various countries attempted to respond with legislation and regulations and dissipated in the 2010s as social media and streaming services largely replaced piracy and content providers elaborated next-generation business models.

Early efforts
In 1983, the Software Service System (SSS) devised by the Japanese engineer Ryuichi Moriya was the first example of DRM technology. It was subsequently refined under the name superdistribution. The SSS was based on encryption, with specialized hardware that controlled decryption and enabled payments to be sent to the copyright holder. The underlying principle was that the physical distribution of encrypted digital products should be completely unrestricted and that users of those products would be encouraged to do so.

An early DRM protection method for computer and Nintendo Entertainment System games was when the game would pause and prompt the player to look up a certain page in a booklet or manual that came with the game; if the player lacked access to the material, they would not be able to continue.

An early example of a DRM system is the Content Scramble System (CSS) employed by the DVD Forum on DVD movies. CSS uses an encryption algorithm to encrypt content on the DVD disc. Manufacturers of DVD players must license this technology and implement it in their devices so that they can decrypt the content. The CSS license agreement includes restrictions on how the DVD content is played, including what outputs are permitted and how such permitted outputs are made available. This keeps the encryption intact as the content is displayed.

In May 1998, the Digital Millennium Copyright Act (DMCA) passed as an amendment to US copyright law. It had controversial (possibly unintended) implications. Russian programmer Dmitry Sklyarov was arrested for alleged DMCA infringement after a presentation at DEF CON. The DMCA has been cited as chilling to legitimate users; such as security consultants including Niels Ferguson, who declined to publish vulnerabilities he discovered in Intel's secure-computing scheme due to fear of arrest under DMCA; and blind or visually impaired users of screen readers or other assistive technologies.

In 1999, Jon Lech Johansen released DeCSS, which allowed a CSS-encrypted DVD to play on a computer running Linux, at a time when no compliant DVD player for Linux had yet been created. The legality of DeCSS is questionable: one of its authors was sued, and reproduction of the keys themselves is subject to restrictions as illegal numbers.

More modern examples include ADEPT, FairPlay, Advanced Access Content System.

The World Intellectual Property Organization Copyright Treaty (WCT) was passed in 1996. The US Digital Millennium Copyright Act (DMCA), was passed in 1998. The European Union enacted the Information Society Directive. In 2006, the lower house of the French parliament adopted such legislation as part of the controversial DADVSI law, but added that protected DRM techniques should be made interoperable, a move which caused widespread controversy in the United States. The Tribunal de grande instance de Paris concluded in 2006, that the complete blocking of any possibilities of making private copies was an impermissible behaviour under French copyright law.

2000s
The broadcast flag concept was developed by Fox Broadcasting in 2001, and was supported by the MPAA and the U.S. Federal Communications Commission (FCC). A ruling in May 2005 by a United States courts of appeals held that the FCC lacked authority to impose it on the US TV industry. It required that all HDTVs obey a stream specification determining whether a stream can be recorded. This could block instances of fair use, such as time-shifting. It achieved more success elsewhere when it was adopted by the Digital Video Broadcasting Project (DVB), a consortium of about 250 broadcasters, manufacturers, network operators, software developers, and regulatory bodies from about 35 countries involved in attempting to develop new digital TV standards.

In January 2001, the Workshop on Digital Rights Management of the World Wide Web Consortium was held.

On 22 May 2001, the European Union passed the Information Society Directive, with copyright protections.

In 2003, the European Committee for Standardization/Information Society Standardization System (CEN/ISSS) DRM Report was published.

In 2004, the Consultation process of the European Commission, and the DG Internal Market, on the Communication COM(2004)261 by the European Commission on "Management of Copyright and Related Rights" closed.

In 2005, DRM Workshops of Directorate-General for Information Society and Media (European Commission), and the work of the High Level Group on DRM were held.

In 2005, Sony BMG installed DRM software on users' computers without clearly notifying the user or requiring confirmation. Among other things, the software included a rootkit, which created a security vulnerability. When the nature of the software was made public much later, Sony BMG initially minimized the significance of the vulnerabilities, but eventually recalled millions of CDs, and made several attempts to patch the software to remove the rootkit. Class action lawsuits were filed, which were ultimately settled by agreements to provide affected consumers with a cash payout or album downloads free of DRM.

Microsoft's media player Zune released in 2006 did not support content that used Microsoft's PlaysForSure DRM scheme.

Windows Media DRM, reads instructions from media files in a rights management language that states what the user may do with the media. Later versions of Windows Media DRM implemented music subscription services that make downloaded files unplayable after subscriptions are cancelled, along with the ability for a regional lockout. Tools like FairUse4WM strip Windows Media of DRM restrictions.

The Gowers Review of Intellectual Property by the British Government from Andrew Gowers was published in 2006 with recommendations regarding copyright terms, exceptions, orphaned works, and copyright enforcement.

DVB (DVB-CPCM) is an updated variant of the broadcast flag. The technical specification was submitted to European governments in March 2007. As with much DRM, the CPCM system is intended to control use of copyrighted material by the end-user, at the direction of the copyright holder. According to Ren Bucholz of the Electronic Frontier Foundation (EFF), "You won't even know ahead of time whether and how you will be able to record and make use of particular programs or devices". The normative sections were approved for publication by the DVB Steering Board, and formalized by ETSI as a formal European Standard (TS 102 825-X) where X refers to the Part number. Nobody has yet stepped forward to provide a Compliance and Robustness regime for the standard, so it is not presently possible to fully implement a system, as no supplier of device certificates has emerged.

In December 2006, the industrial-grade Advanced Access Content System (AACS) for HD DVD and Blu-ray Discs, a process key was published by hackers, which enabled unrestricted access to AACS-protected content.

In January 2007, EMI stopped publishing audio CDs with DRM, stating that "the costs of DRM do not measure up to the results." In March, Musicload.de, one of Europe's largest internet music retailers, announced their position strongly against DRM. In an open letter, Musicload stated that three out of every four calls to their customer support phone service are as a result of consumer frustration with DRM.

Apple Inc. made music DRM-free after April 2007 and labeled all music as "DRM-Free" after 2008. Other works sold on iTunes such as apps, audiobooks, movies, and TV shows are protected by DRM.

A notable DRM failure happened in November 2007, when videos purchased from Major League Baseball prior to 2006 became unplayable due to a change to the servers that validate the licenses.

In 2007, the European Parliament supported the EU's direction on copyright protection.

Asus released a soundcard which features a function called "Analog Loopback Transformation" to bypass the restrictions of DRM. This feature allows the user to record DRM-restricted audio via the soundcard's built-in analog I/O connection.

Digital distributor GOG.com (formerly Good Old Games) specializes in PC video games and has a strict non-DRM policy.

Baen Books and O'Reilly Media, dropped DRM prior to 2012, when Tor Books, a major publisher of science fiction and fantasy books, first sold DRM-free e-books.

The Axmedis project completed in 2008. It was a European Commission Integrated Project of the FP6, has as its main goal automating content production, copy protection, and distribution, to reduce the related costs, and to support DRM at both B2B and B2C areas, harmonizing them.

The INDICARE project was a dialogue on consumer acceptability of DRM solutions in Europe that completed in 2008.

In mid-2008, the Windows version of Mass Effect marked the start of a wave of titles primarily making use of SecuROM for DRM and requiring authentication with a server. The use of the DRM scheme in 2008's Spore led to protests, resulting in searches for an unlicensed version. This backlash against the activation limit led Spore to become the most pirated game in 2008, topping the top 10 list compiled by TorrentFreak. However, Tweakguides concluded that DRM does not appear to increase video game piracy, noting that other games on the list, such as Call of Duty 4 and Assassin's Creed, use DRM without limits or online activation. Additionally, other video games that use DRM, such as BioShock, Crysis Warhead, and Mass Effect, do not appear on the list.

Many mainstream publishers continued to rely on online DRM throughout the later half of 2008 and early 2009, including Electronic Arts, Ubisoft, Valve, and Atari, The Sims 3 being a notable exception in the case of Electronic Arts. Ubisoft broke with the tendency to use online DRM in late 2008, with the release of Prince of Persia as an experiment to "see how truthful people really are" regarding the claim that DRM was inciting people to use illegal copies. Although Ubisoft has not commented on the results of the "experiment", Tweakguides noted that two torrents on Mininova had over 23,000 people downloading the game within 24 hours of its release.

In 2009, Amazon remotely deleted purchased copies of George Orwell's Animal Farm (1945) and Nineteen Eighty-Four (1949) from customers' Amazon Kindles after refunding the purchase price. Commentators described these actions as Orwellian and compared Amazon to Big Brother from Nineteen Eighty-Four. Amazon CEO Jeff Bezos then issued a public apology. FSF wrote that this was an example of the excessive power Amazon has to remotely censor content, and called upon Amazon to drop DRM. Amazon then revealed the reason behind its deletion: the e-books in question were unauthorized reproductions of Orwell's works, which were not within the public domain and that the company that published and sold on Amazon's service had no right to do so.

2010 – present
Ubisoft formally announced a return to online authentication on 9 February 2010, through its Uplay online game platform, starting with Silent Hunter 5, The Settlers 7, and Assassin's Creed II. Silent Hunter 5 was first reported to have been compromised within 24 hours of release, but users of the cracked version soon found out that only early parts of the game were playable. The Uplay system works by having the installed game on the local PCs incomplete and then continuously downloading parts of the game code from Ubisoft's servers as the game progresses. It was more than a month after the PC release in the first week of April that software was released that could bypass Ubisoft's DRM in Assassin's Creed II. The software did this by emulating a Ubisoft server for the game. Later that month, a real crack was released that was able to remove the connection requirement altogether.

In March 2010, Uplay servers suffered a period of inaccessibility due to a large-scale DDoS attack, causing around 5% of game owners to become locked out of playing their game. The company later credited owners of the affected games with a free download, and there has been no further downtime.

In 2011, comedian Louis C.K. released his concert film Live at the Beacon Theater as an inexpensive (US$5), DRM-free download. The only attempt to deter unlicensed copies was a letter emphasizing the lack of corporate involvement and direct relationship between artist and viewer. The film was a commercial success, turning a profit within 12 hours of its release. The artist suggested that piracy rates were lower than normal as a result, making the release an important case study for the digital marketplace.

In 2012, the EU Court of Justice ruled in favor of reselling copyrighted games.

In 2012, India implemented digital rights management protection.

In 2012, webcomic Diesel Sweeties released a DRM-free PDF e-book. He followed this with a DRM-free iBook specifically for the iPad that generated more than 10,000 downloads in three days. That led Stevens to launch a Kickstarter project – "ebook stravaganza 3000" – to fund the conversion of 3,000 comics, written over 12 years, into a single "humongous" e-book to be released both for free and through the iBookstore; launched 8 February 2012, with the goal of raising $3,000 in 30 days. The "payment optional" DRM-free model in this case was adopted on Stevens' view that "there is a class of webcomics reader who would prefer to read in large chunks and, even better, would be willing to spend a little money on it."

In February 2012, Double Fine asked for crowdfunding for an upcoming video game, Double Fine Adventure, on Kickstarter and offered the game DRM-free for backers. This project exceeded its original goal of $400,000 in 45 days, raising in excess of $2 million. Crowdfunding acted as a pre-order or alternatively as a subscription. After the success of Double Fine Adventure, many games were crowd-funded and many offered a DRM-free version.

Websites – such as library.nu (shut down by court order on 15 February 2012), BookFi, BookFinder, Library Genesis, and Sci-Hub – allowed e-book downloading by violating copyright.

As of 2013, other developers, such as Blizzard Entertainment put most of the game logic is on the "side" or taken care of by the servers of the game maker. Blizzard uses this strategy for its game Diablo III and Electronic Arts used this same strategy with their reboot of SimCity, the necessity of which has been questioned.

In 2014, the EU Court of Justice ruled that circumventing DRM on game devices was legal under some circumstances.

In 2014, digital comic distributor Comixology allowed rights holders to provide the option of DRM-free downloads. Publishers that allow this include Dynamite Entertainment, Image Comics, Thrillbent, Top Shelf Productions, and Zenescope Entertainment.

In February 2022, Comixology, which was later under the ownership of Amazon, ended the option of downloading DRM-free downloads on all comics, although any comics previously purchased prior to the date will have the option to download comics without DRM.

Product keys
A product key, typically an alphanumerical string, can represent a license to a particular copy of software. During the installation process or software launch, the user is asked to enter the key; if the key is valid (typically via internal algorithms), the key is accepted, and the user can continue. Product keys can be combined with other DRM practices (such as online "activation"), to prevent cracking the software to run without a product key, or using a keygen to generate acceptable keys.

Activation limits
DRM can limit the number of devices on which a legal user can install content. This restriction typically support 3-5 devices. This affects users who have more devices than the limit. Some allow one device to be replaced with another. Without this software and hardware upgrades may require an additional purchase.

Persistent online DRM
Always-on DRM checks and rechecks authorization while the content is in use by interacting with a server operated by the copyright holder. In some cases, only part of the content is actually installed, while the rest is downloaded dynamically during use.

Encryption
Encryption alters content in a way that means that it cannot be used without first decrypting it. Encryption can ensure that other restriction measures cannot be bypassed by modifying software, so DRM systems typically rely on encryption in addition to other techniques.

Copy restriction
Microsoft PlayReady prevents illicit copying of multimedia and other files.

Restrictions can be applied to electronic books and documents, in order to prevent copying, printing, forwarding, and creating backup copies. This is common for both e-publishers and enterprise Information Rights Management. It typically integrates with content management system software.

While some commentators claim that DRM complicates e-book publishing, it has been used by organizations such as the British Library in its secure electronic delivery service to permit worldwide access to rare documents which, for legal reasons, were previously only available to authorized individuals actually visiting the Library's document centre.

Four main e-book DRM schemes are in common use, from Adobe, Amazon, Apple, and the Marlin Trust Management Organization (MTMO).


 * Adobe's DRM is applied to EPUBs and PDFs, and can be read by several third-party e-book readers, as well as Adobe Digital Editions (ADE) software. Barnes & Noble uses DRM technology provided by Adobe, applied to EPUBs and the older PDB (Palm OS) format e-books.
 * Amazon's DRM is an adaption of the original Mobipocket encryption and is applied to Amazon's .azw4, KF8, and Mobipocket format e-books. Topaz format e-books have their own encryption system.
 * Apple's FairPlay DRM is applied to EPUBs and can be read only by Apple's iBooks app on iOS devices and Mac OS computers.
 * The Marlin DRM was developed and is maintained by open industry group Marlin Developer Community (MDC) and is licensed by MTMO. (Marlin was founded by Intertrust, Panasonic, Philips, Samsung, and Sony.) Online textbook publisher Kno uses Marlin to protect EPUB books. These books can be read on the Kno App for iOS and Android.

Runtime restrictions
Windows Vista contains a DRM system called Protected Media Path, which contains Protected Video Path (PVP). PVP tries to stop DRM-restricted content from playing while unsigned software is running, in order to prevent the unsigned software from accessing the content. Additionally, PVP can encrypt information during transmission to the monitor or the graphics card, which makes it more difficult to make unauthorized recordings.

Bohemia Interactive have used a form of technology since Operation Flashpoint: Cold War Crisis, wherein if the game copy is suspected of being unauthorized, annoyances like guns losing their accuracy or the players turning into a bird are introduced. Croteam's Serious Sam 3: BFE causes a special invincible foe in the game to appear and constantly attack the player until they are killed.

Regional lockout
Regional lockout (or region coding) prevents the use of a certain product or service, except in a specific region or territory. Lockout may be enforced through physical means, through technological means such as inspecting the user's IP address or using an identifying code, or through unintentional means introduced by devices that support only region-specific technologies (such as video formats, i.e., NTSC and PAL).

Watermarks
Digital watermarks can be steganographically embedded within audio or video data. They can be used for recording the copyright owner, the distribution chain or identifying the purchaser. They are not complete DRM mechanisms in their own right, but are used as part of a system for copyright enforcement, such as helping provide evidence for legal purposes, rather than enforcing restrictions.

Some audio/video editing programs may distort, delete, or otherwise interfere with watermarks. Signal/modulator-carrier chromatography may separate watermarks from the recording or detect them as glitches. Additionally, comparison of two separately obtained copies of audio using basic algorithms can reveal watermarks.

Metadata
Sometimes, metadata is included in purchased media which records information such as the purchaser's name, account information, or email address. Also included may be the file's publisher, author, creation date, download date, and various notes. This information is not embedded in the content, as a watermark is. It is kept separate from the content, but within the file or stream.

As an example, metadata is used in media purchased from iTunes for DRM-free as well as DRM-restricted content. This information is included as MPEG standard metadata.

Hardware
US Cable television set-top boxes require a specific piece of hardware to operate. The CableCard standard is used to restrict content to services to which the customer is subscribed. Content has an embedded broadcast flag that the card examines to decide whether the content can be viewed by a specific user.

Implementations

 * Analog Protection System (Macrovision)
 * DCS Copy Protection
 * B-CAS
 * CableCARD
 * Broadcast flag
 * DVB-CPCM
 * Conditional-access module
 * Copy Control Information
 * ISDB
 * FairPlay
 * Sony rootkit
 * Content Scramble System (CSS)
 * ARccOS protection
 * Advanced Access Content System (AACS)
 * Content Protection for Recordable Media (CPRM)
 * Digital Transmission Content Protection
 * High-bandwidth Digital Content Protection (HDCP)
 * Protected Media Path
 * Trusted Platform Module
 * Intel Management Engine
 * Cinavia
 * HTML video Encrypted Media Extensions (HTML EME, often implemented with Widevine)
 * Denuvo
 * StarForce
 * SafeDisc
 * SecuROM
 * SafetyNet
 * Google Play Integrity

In addition, platforms such as Steam may include DRM mechanisms. Most of the mechanisms above are copy protection mechanisms rather than DRM mechanisms per se.

Laws
The World Intellectual Property Organization supports the World Intellectual Property Organization Copyright Treaty (WCT) which requires nations to enact laws against DRM circumvention. The WIPO Internet Treaties do not mandate criminal sanctions, merely requiring "effective legal remedies".

China
China's Interim Regulations ostensibly regulate digital content. China claims to protect intellectual property rights, although the World Trade Organization (WTO) "determined that China's copyright laws do not provide the same efficacy to non-Chinese nationals as they do to Chinese citizens, as required by the Berne Convention" and that "China's copyright laws do not provide enforcement procedures so as to permit effective action against any act of infringement of intellectual property rights".

European Union
The EU operates under its Information Society Directive, its WIPO implementation. The European Parliament then directed member states to outlaw violation of international copyright for commercial purposes. Punishments range from fines to imprisonment. It excluded patent rights and copying for personal, non-commercial purposes. Copyrighted games can be resold. Circumventing DRM on game devices is legal under some circumstances; protections cover only technological measures the interfere with prohibited actions.

India
India is not a signatory to WIPO Copyright Treaty or the WIPO Performances and Phonograms Treaty. Its Copyright Act provides protections for digital content, criminalizing circumvention of technical protections and distribution of illicit copies. Punishment includes prison time. Fair use is not explicitly addressed.

Israel
Israel is not a signatory to the WIPO Copyright Treaty. Israeli law does not expressly prohibit the circumvention of technological protection measures.

Pakistan
Pakistan is not a signatory to the WIPO Copyright Treaty or the WIPO Performances and Phonograms Treaty. Pakistani law does not criminalize the circumvention of technological protection measures.

As of January 2022, Pakistan's Intellectual Property Office intended to accede to the WIPO Copyright Treaty and WIPO Performances and Phonograms Treaty. However, there has been no major progress for Pakistan to accede to the treaties, and the timeline of the enactments of amendments to the Copyright Ordinance is unclear. As of February 2023, Pakistan's Intellectual Property Office was currently finalizing draft amendments to its Copyright Ordinance.

United States
US protections are governed by the Digital Millennium Copyright Act (DMCA). It criminalizes the production and dissemination of technology that lets users circumvent copy-restrictions. Reverse engineering is expressly permitted, providing a safe harbor where circumvention is necessary to interoperate with other software.

Open-source software that decrypts protected content is not prohibited per se. Decryption done for the purpose of achieving interoperability of open source operating systems with proprietary systems is protected. Dissemination of such software for the purpose of violating or encouraging others to violate copyrights is prohibited.

DMCA has been largely ineffective. Cirumvention software is widely available. However, those who wish to preserve the DRM systems have attempted to use the Act to restrict the distribution and development of such software, as in the case of DeCSS. DMCA contains an exception for research, although the exception is subject to qualifiers that created uncertainty in that community.

Cryptanalytic research may violate the DMCA, although this is unresolved.

Notable lawsuits

 * DVD Copy Control Association, Inc. v. Bunner
 * DVD Copy Control Association, Inc. v. Kaleidescape, Inc.
 * RealNetworks, Inc. v. DVD Copy Control Association, Inc.
 * Universal v. Reimerdes

Opposition
DRM faces widespread opposition. John Walker and Richard Stallman are notable critics. Stallman has claimed that using the word "rights" is misleading and suggests that the word "restrictions", as in "Digital Restrictions Management", replace it. This terminology has been adopted by other writers and critics.

Other prominent critics include Ross Anderson, who heads a British organization that opposes DRM and similar efforts in the UK and elsewhere, and Cory Doctorow. EFF and organizations such as FreeCulture.org are opposed to DRM. The Foundation for a Free Information Infrastructure criticized DRM's effect as a trade barrier from a free market perspective.

Bruce Schneier argues that digital copy prevention is futile: "What the entertainment industry is trying to do is to use technology to contradict that natural law. They want a practical way to make copying hard enough to save their existing business. But they are doomed to fail." He described trying to make digital files uncopyable as like "trying to make water not wet".

The creators of StarForce stated that "The purpose of copy protection is not making the game uncrackable – it is impossible."

Bill Gates spoke about DRM at 2006 CES, saying that DRM causes problems for legitimate consumers.

The Norwegian consumer rights organization "Forbrukerrådet" complained to Apple in 2007 about the company's use of DRM, accusing it of unlawfully restricting users' access to their music and videos, and of using EULAs that conflict with Norwegian consumer legislation. The complaint was supported by consumers' ombudsmen in Sweden and Denmark, and was reviewed in the EU in 2014. The United States Federal Trade Commission held hearings in March 2009, to review disclosure of DRM limitations to customers' use of media products.

Valve president Gabe Newell stated, "most DRM strategies are just dumb" because they only decrease the value of a game in the consumer's eyes. Newell suggested that the goal should instead be "[creating] greater value for customers through service value". Valve operates Steam, an online store for PC games, as well as a social networking service and a DRM platform.

At the 2012 Game Developers Conference, the CEO of CD Projekt Red, Marcin Iwinski, announced that the company would not use DRM. Iwinski stated of DRM, "It's just over-complicating things... the game... is cracked in two hours." Iwinski added "DRM does not protect your game. If there are examples that it does, then people maybe should consider it, but then there are complications with legit users."

The Association for Computing Machinery and the Institute of Electrical and Electronics Engineers opposed DRM, naming AACS as a technology "most likely to fail" in an issue of IEEE Spectrum.

Public licenses
The GNU General Public License version 3, as released by the Free Software Foundation, has a provision that "strips" DRM of its legal value, so people can break the DRM on GPL software without breaking laws such as the DMCA. In May 2006, FSF launched a "Defective by Design" campaign against DRM.

Creative Commons provides licensing options that encourage creators to work without the use of DRM. Creative Commons licenses have anti-DRM clauses, making the use of DRM by a licensee a breach of the licenses' Baseline Rights.

DRM-free works


Many publishers and artists label their works "DRM-free". Major companies that have done so include Apple, GOG.com, Tor Books and Vimeo on Demand. Comixology once had DRM-free works available for sale until 2022 when its parent company, Amazon, removed the option to buy DRM-free works as part of their migration to Amazon's website, although previous purchases remained DRM-free.

Availability
Many DRM systems require online authentication. Whenever the server goes down, or a territory experiences an Internet outage, it locks out people from registering or using the material. This is especially true for products that require a persistent online connection, where, for example, a successful DDoS attack on the server essentially makes the material unusable.

Usability
Compact discs (CDs) with DRM schemes are not standards-compliant, and are labeled CD-ROMs. CD-ROMs cannot be played on all CD players or personal computers.

Performance
Certain DRM systems have been associated with reduced performance: some games implementing Denuvo Anti-Tamper performed better without DRM. However, in March 2018, PC Gamer tested Final Fantasy XV for the performance effects of Denuvo, which was found to cause no negative gameplay impact despite a little increase in loading time.

Robustness
DRM copy-prevention schemes can never be wholly secure since the logic needed to decrypt the content is present either in software or hardware and implicitly can be hacked. An attacker can extract this information, decrypt and copy the content, bypassing the DRM.

Satellite and cable systems distribute their content widely and rely on hardware DRM systems. Such systems can be hacked by reverse engineering the protection scheme.

Analog hole
Audio and visual material (excluding interactive materials, e.g., video games) are subject to the analog hole, namely that in order to view the material, the digital signal must be turned into an analog signal. Post-conversion, the material can be then be copied and reconverted to a digital format.

The analog hole cannot be filled without externally imposed restrictions, such as legal regulations, because the vulnerability is inherent to all analog presentation. The conversion from digital to analog and back reduces recording quality. The HDCP attempt to plug the analog hole was largely ineffective.

Ownership restrictions
DRM opponents argue that it violates private property rights and restricts a range of normal and legal user activities. A DRM component such as that found on a digital audio player restricts how it acts with regard to certain content, overriding user's wishes (for example, preventing the user from copying a copyrighted song to CD as part of a compilation). Doctorow described this as "the right to make up your own copyright laws".

Windows Vista disabled or degraded content play that used a Protected Media Path. DRM restricts the right to make personal copies, provisions lend copies to friends, provisions for service discontinuance, hardware agnosticism, software and operating system agnosticism, lending library use, customer protections against contract amendments by the publisher, and whether content can pass to the owner's heirs.

Obsolescence
When standards and formats change, DRM-restricted content may become obsolete.

When a company undergoes business changes or bankruptcy, its previous services may become unavailable. Examples include MSN Music, Yahoo! Music Store, Adobe Content Server 3 for Adobe PDF, and Acetrax Video on Demand.

Piracy
DRM laws are widely flouted: according to Australia Official Music Chart Survey, copyright infringements from all causes are practised by millions of people. According to the EFF, "in an effort to attract customers, these music services try to obscure the restrictions they impose on you with clever marketing."

Trade-offs between control and sales
Jeff Raikes, ex-president of the Microsoft Business Division, stated: "If they're going to pirate somebody, we want it to be us rather than somebody else". An analogous argument was made in an early paper by Kathleen Conner and Richard Rummelt. A subsequent study of digital rights management for e-books by Gal Oestreicher-Singer and Arun Sundararajan showed that relaxing some forms of DRM can be beneficial to rights holders because the losses from piracy are outweighed by the increase in value to legal buyers. Even if DRM were unbreakable, pirates still might not be willing to purchase, so sales might not increase.

Piracy can be beneficial to some content providers by increase consumer awareness, spreading and popularizing content. This can also increase revenues via other media, such as live performances.

Mathematical models suggest that DRM schemes can fail to do their job on multiple levels. The biggest failure is that the burden that DRM poses on a legitimate customer reduces the customer's willingness to buy. An ideal DRM would not inconvenience legal buyers. The mathematical models are strictly applicable to the music industry.

Alternatives
Several business models offer DRM alternatives.

Subscription
Streaming services have created profitable business models by signing users to monthly subscriptions in return for access to the service's library. This model has worked for music (such as Spotify, Apple Music, etc.) and video (such as Netflix, Disney+, Hulu, etc.).

"Easy and cheap"
Accessing a pirated copy can be illegal and inconvenient. Businesses that charge acceptable fees for doing so tend to attract customers. A business model that dissuades illegal file sharing is to make legal content downloading easy and cheap. Pirate websites are often host to malware which attach themselves to the files. If content is provided on legitimate sites and is reasonably priced, consumers are more likely to purchase media legally.

Crowdfunding or pre-order
Crowdfunding has been used as a publishing model for digital content.

Promotion for traditional products
Many artists give away individual tracks to create awareness for a subsequent album.

Artistic Freedom Voucher
The Artistic Freedom Voucher (AFV) introduced by Dean Baker is a way for consumers to support "creative and artistic work". In this system, each consumer receives a refundable tax credit of $100 to give to any artist of creative work. To restrict fraud, the artists must register with the government. The voucher prohibits any artist that receives the benefits from copyrighting their material for a certain length of time. Consumers would be allowed to obtain music for a certain amount of time easily and the consumer would decide which artists receive the $100. The money can either be given to one artist or to many, and this distribution is up to the consumer.