Until a few years ago I thought that the information you put up on your web site pages was fair game for anyone and everyone to look at and copy for their own use.  This may have been a result of listening at the London Computer Law Group to a very erudite legal debate over ‘deep linking’ and threatened litigation.

The case under discussion concerned two Scottish ‘digital’ news sites.  One had produced a system where they were able to link their web pages through to the content of the other site, and, more than that, show the other parties web pages inside their own borders so that they looked, as far as any user could tell, as if they were their own web pages and the original provider was not acknowledged.

The debate was not, I hasten to add, about the fact that the technology allowed this to happen seamlessly, but about whether it was legal or not.  It seemed, to those like myself, with little understanding of the complexities of Copyright law and how it might (or might not) apply to computerised systems, that if it was so easy to do, and so difficult to stop, and it seemed that no-one was likely to get any money back either.  And that in Scotland, where money is taken seriously. 

So perhaps I was overtaken, rightly or wrongly, by an English legal maxim – where there’s no remedy there’s no harm (or in the US, there’s no law).  The other fact that overtook my thinking was the rise in the capability of the Internet search engines.  It had become apparent that spiders could find their way into even the most secret of lairs, and that search tools could bypass most database access controls and index almost anything they wanted.

But looking back, I realise that I had been confused by the argument that if you are able to do something, then it’s alright to do it, and by the fact that the industry did not seem to be bothered to provide tools, methods or techniques to improve web page security.  In fact, the only concept of web page security available for many years was monitoring to warn you to repair a web site if it was hacked and/or defaced.

Publishing on the web should not mean the compulsory disclosure of your information to all and sundry.  You should still be able to decide who can actually see your information, and who can index it and make it available to whom.

Now maybe that might not seem like the Internet ideal.  But that could be interpreted by a curious misinterpretation of the saying, “Publish and be damned,” said by the Duke of Wellington when threatened by the publication of his letters and a lady’s memoirs.  There is no good reason to argue that just because you want to use a web site to publish information that you must be damned to public disclosure of that information. 

Even the academe suffer from the problem of the misuse of published information.  “They (students) confuse freely available material with "free to use" and fail to acknowledge sources,” says Northumbria Learning, which operates the Turnitin software (software used to detect plagiarism in exam scripts).  Text here in brackets is mine, added for clarification only, and not part of the original quotation.

So the answer is that you do need to be able to apply DRM controls to web site information in a wide variety of circumstances. 

When you are publishing and giving away all your information, stick to the current tools. 

When you are showing information that has value, such as pictures, or samples of high value reports, then DRM controls to prevent easy copying or handing on of the materials are essential if you are going to be able to exert your controls. 

If you want to make private or privileged information available, such as access to membership lists, price lists, internal directories and private contact information then DRM is absolutely necessary. 

If you provide information that is paid for by customers you obviously need DRM controls because there is no other way in which you can fully administer the situation.