Now it’s a rare thing to suggest that an operating system (or its supplier) might not be promoting DRM.  So isn’t this a kind of wild statement?

Well, as the lawyers would say, yes and no.  After all, this is a blog for goodness sake.

As has been featured in the press recently, Microsoft has been partying up to the European Commission (EC) to try and get it to ‘approve’ the way in which Microsoft is implementing its security measures so they don’t need to fear litigation from the EC because of anti-competitive approaches (the EC has previously ordered fines of millions of Euros from Microsoft because they did not provide, according to European Courts, adequate documentation to other suppliers to implement the Microsoft server systems).

Now as a taxpayer I think it is kind of wild that a company should expect a government to spend my taxes on studies to tell them if their products infringe or not.  Surely this is a problem for the company?  Just like our business, we build products that we believe comply with regulation.  It is then up to the government to tell us if we got it wrong.  So if that’s how we have to conduct our business, why should any other business be different?

Now I could understand if Microsoft had approached the EC and said, “Hey, can we pay one of your approved bodies (like CEN, the European standards body, perhaps) to carry out a study of what we are doing as compared with the current regulations and give an independent opinion.”  After all, if our business wanted a FIPS certification we would have to party up a bundle of money to NIST and some tame certification group of theirs for the pleasure.  (And in the UK it would be CESG and some friend of theirs.  And in any other country the story is the same.)  So why should Microsoft, with all their size economies of scale be getting this for free?

But looking deeper, there are some much more important questions.

It is well known that Microsoft have decided to implement their own DRM solution.  But, as with their other security solutions, are they providing transparency and full access to their solutions to third parties?

Recently CISCO (not perhaps the most open of organizations itself according to some of my colleagues) went public saying that they had concerns about the openness of the security solutions in Vista, and since release there have been big moves to allow the anti-virus community to be able to interoperate with the Microsoft facilities, and not find that competitor products are forbidden to run by the operating system.

Of course with any new introduction of an operating system there are fears and concerns.  When the biggest software company in the world sneezes, somebody catches a cold.  And the concern is that because DRM solutions are not as high profile as anti-virus or intrusion detection, that access to the Microsoft specifications could be significantly difficult.

After all, the relationship between Microsoft and Adobe (Adobe being, perhaps, previously the largest non-music DRM provider in the world) are hardly at an all time high.  Adobe recently put out a press release about how they had included flash in the Adobe product, whilst in the same breath saying they were relying on passwords and WinZip to provide their DRM security model says it all for their approach to DRM.

So Vista is a threat to DRM, more from what it does not say than what it does.  Meantime, the independent DRM providers – visible proof that there is a real, competitive and innovative market taking place – will continue to deliver solutions that do not rely upon what the big gorillas do.