Bill's Bookshelf: Postcard from the Edge

SAN FRANCISCO (08/09/2000) - Mark Stefik is a brilliant scientist at Xerox Corp.'s PARC research labs. His research has spanned programming languages to knowledge management, and some of his recent work is now a foundational technology in the fast-growing area of Digital Rights Management (DRM). Four years ago, he wrote a book called Internet Dreams, which dealt with sociological aspects of the Internet. The book was a collection of writings by various authors, complete with Stefik's annotations.

Stefik's new book, The Internet Edge: Social, Technical, and Legal Challenges for a Networked World, is entirely his own writing. This heady, philosophical book, while not an easy read, is well worth the concentration. It fits with other musings on the transformative power of the Internet and related technologies, such as Esther Dyson's Release 2.0, but has some very interesting features.

First is Stefik's concept of edge. The title of the book is unfortunate, because it suggests yet another book about using the Internet to get ahead in business. The jacket illustration of a bird soaring in flight doesn't help. But Stefik's edge is a metaphor for unfamiliarity or change - as in leading or bleeding edge, something that makes one uncomfortable or confused.

Some people eagerly embrace edge situations, some recoil and step back, only to revisit the edge later when they feel more comfortable. This recently happened to my wife and me. We had been renting the same summer house for the past several years, but this year we rented another place. The first weekend we were there we hated it, mostly because it was unfamiliar. But we came back, and now we like it fine.

Edge effects

Stefik's book talks about the Internet's edge effects mostly in sociological terms but also in regard to law and politics. In explaining how we react to technological change, he uses three interesting points of reference.

The first, in which he examines how the building of the Erie Canal affected industry and society, is historical.

The second is Geoffrey Moore's classic Technology Adoption Lifecycle model, as explained in Moore's book The Gorilla Game. Moore's model indicates a chasm separating the early adopters of a technology - the gadget-heads who like to try new things without necessarily seeing practical applications - from the mainstream users who require practical applications for technology. Stefik explores in greater depth the edge effects that create Moore's chasm.

Stefik's third point of reference is a newsletter column called Technology Watch, which was produced by a book publishers' trade association for its members during the early 1980s. Stefik summarizes four years of Technology Watch, showing the emerging technologies that were affecting publishers' businesses, such as videotext, proprietary online services, and eventually the PC. It's fascinating to see how publishers reacted to these technologies. Some experimented, some gave up after initial attempts proved problematic, and others just sat on the sidelines and watched.

Another interesting feature of The Internet Edge is its focus on how the Net can improve the way people interact with information. Stefik's area of research at Xerox PARC is called Human Document Interaction, so it's not surprising that he would focus on this.

In fact, the most interesting parts of the book are those in which Stefik discusses his own work and that of his PARC colleagues on information processing. In particular, Stefik has been father to one powerful idea that is gaining prominence in the media and publishing world: the trusted system.

Trusted systems lie at the heart of today's DRM technology.

Trusted systems

DRM is a hot buzzword in the world of digital media. DRM technology allows owners of content to protect against users making unauthorized copies. Various technology vendors are marketing DRM solutions to publishers, record labels, stock photo agencies, and other content businesses. At the heart of most DRM solutions is technology akin to Stefik's trusted system.

Conceptually, a trusted system is a tamper-proof black box that allows access to information only under strictly specified conditions. These conditions include the rights that a user has to access the content, such as print, play, view, copy, or lend, and they require that the user authenticate his/her identity. In return for these rights, the user might pay a fee, supply demographic information, or agree to have his/her usage behavior monitored. A few years ago, Stefik invented a language for specifying such rights information in detail called DPRL (Digital Property Rights Language).

The idea behind DPRL is that DRM technology implementers could adopt it as a standard, so that if a piece of content contains a rights specification in DPRL, then any DRM system could determine what rights the user has to access the content, how much those rights cost, and so on, by interpreting the DPRL spec. This functionality could be built into any content-rendering devices, including printers, e-book readers, MP3 players and PCs. Xerox recently spun off a new company called ContentGuard, which produces DRM technology and promotes DPRL (now called XRML) as a Java-like open standard.

Trusted systems represent an ideal to which publishers and technology vendors aspire. In this ideal, technology restricts content access so that people only read, view, or listen to content in strict accordance with license terms, and a system records every use, as well as information about the user and possibly money from him/her. Publishers can get revenue and data about how their content is used.

That's the ideal, and perhaps the world of content and technology will approach it eventually. But the real world is not so simple. First, there are a number of technical hurdles to implementing the trusted systems idea. Stefik's original concept was to implement trusted systems as dedicated hardware devices, which could provide the necessary security. But for many years, the standard way of getting information over a network has been the PC, which is a terrible platform for trusted systems. It is too general-purpose and has too many security holes.

A few vendors tried to implement trusted or DRM systems with hardware devices that consumers could use alongside standard PCs, but such devices have never been accepted in the marketplace. Others tried building DRM solutions for PCs entirely in software, based on encryption technology. These systems are catching on slowly, especially in certain segments of the publishing industry, but they are still overly complex and cumbersome. It's likely that e-book readers and other network appliances will eventually assume the role of trusted systems.

The second problem with Stefik's trusted system model is that it needs to be everywhere in order to be effective. A house is only safe from burglary if all doors and windows are locked. If you invoke a print right on a document in a trusted system, then you can scan the resulting hardcopy with optical character recognition and get the same digital document that was in the trusted system.

But there are more subtle ramifications to the need for trusted system or DRM technology to be completely pervasive.

The user and the use

The website ArtToday has a huge library of clip art. When you sign up for access to the site, you get unlimited search and download access to the library for a modest annual fee, but you agree not to use any of the clip art for commercial purposes. The files that you download from this site are in standard formats like GIF or JPEG.

Now let's suppose that instead of plain files, you download files that are in an encrypted format, such as ContentGuard's Secure Protected Document (SPD) format, with a rights specification in XRML. You might want to insert pieces of clip art in various applications, from word processors to graphics programs.

For trusted systems to work, every one of those applications must be able to process a spec in XRML and decrypt the SPD format, as well as determine whether you are using the content in a way that's appropriate according to the contract terms you accepted on the registration form. That's complex, and in many cases impossible.

I use ArtToday for clip art that I insert into PowerPoint presentations for showing around the office, which is acceptable. But say I download a piece from ArtToday and insert it into a layout in QuarkExpress desktop publishing. I finish my layout and create a PostScript file for output. I could then send the PostScript file to a printer in the office to create handouts for a meeting, which would be fine. But what if I sent the file to my book publishing company's manufacturing operations? That's a commercial use and not acceptable.

Technology must exist that tracks not only the content and the identity of the user, but also the use of the content, and compare it to the terms granted in the license.

The other practical problem with trusted systems is that the cat is often out of the bag before the technology is ready. Everyone knows about how MP3-format audio files are giving the music industry fits. The major record companies would love to force manufacturers of MP3 players, like Diamond Technologies, to implement trusted system functionality. But that's unlikely to happen, and not just because users won't like the inconvenience. The major record labels cannot get together and impose standards for copy protection without being liable for antitrust action. The best that the music industry has been able to do so far is to extract several million dollars from Napster, the music-sharing website, as a blanket licensing fee. Napster users won't pay a penny of that fee.

Similarly, several years ago the film industry got together and sued videocassette makers like TDK and Maxell and got them to pay the movie studios a tax to cover revenue losses from pirated movies.

But once again, Mark Stefik is a research scientist, not a product manager. His trusted system idea is important and at the center of the many controversies in the digital media world. According to him, trusted systems are part of the Internet edge. They represent part of the change, unfamiliarity, and discomfort that results from content being easy to copy and distribute.

Perhaps the most remarkable thing about The Internet Edge is its tone, which sounds neither breathlessly optimistic, like most books of this genre, nor ominous like Lawrence Lessig's Code and other Laws of Cyberspace. It's a matter-of-fact observation about a large-scale phenomenon and how we react to it. The issues Mark Stefik explores are as deep as they are fascinating, and they make this book very worthwhile.

About the author

Bill Rosenblatt is the vice president of technology for in New York City.

Join the newsletter!

Error: Please check your email address.

More about Black Box Network ServicesClassic TechnologyContentGuardMaxellNapsterTDKXerox

Show Comments

Market Place