Although not the only person to use the quotation, Margaret Thatcher famously said those words to describe losing the election to be the leader of the Conservative Party and therefore the post of Prime Minister and First Lord of the Treasury.

And when you look out at the IT security industry you risk having the same feeling that she did.

Although not very surprising, people have gone out and solved problems that were easy, leaving the difficult ones to specialists whilst using marketing muscle to ‘persuade’ customers that their solutions fit the problems.

A good case in point would be the global adoption of the secure connection technology SSL (Secure Sockets Layer).  Pedalled for many years as the certainty of a secure connection, it has been nothing of the kind.  Yes, it very securely connects together two locations that do not know each other.  And that’s the problem.  You only think you are connected to the bank, and they only think they are connected to you.

It’s been a bit the same with DRM.

At one level it has been stunningly bad.  The music and film copying brigades got it into their heads that just because in the cassette tape days you could tape anything off the radio or the record deck (mind you the quality was absolutely dreadful) and make copies (which were even worse – but you could do it!) then you had the divine right to copy anything. After all, let’s not worry about copyright.

And at the other end of the equation, DRM system providers did themselves no favours either.  They tried to implement DRM that prevented people from making copies of their own works, or DRM that just enabled suppliers to charge different amounts for exactly the same product in different places around the world.  Finally, DRM providers made the serious mistake of trying to embed themselves into operating systems, and behaving like viruses or hackers.

There has also been the dichotomy about use of DRM protected products – to print or not to print?  I have discussed this with several eBook publishers and they have mixed views.  At one level we all agree that the eBook has immense power and potential over the paper book – quick indexes; searching; linking both internal and external: all things a paper book simply can’t deliver.  At another level, people just don’t really read eBooks the same way they do paper.  

When did you last take your laptop to the lavatory so you could read something in peace?

And maybe that’s what’s lacking in the eBook development thinking?  An eBook version of a training course is not quite the same proposition as the eBook version of a fashion magazine.  And the eBook version of your broker’s guide to share trading is not the same as the latest best selling novel.

There are similarities, certainly, but a good guide would be found by looking at the ‘intended use scenario.’   Is the product intended primarily for social, domestic and leisure, or is it primarily for business?

Current document DRM systems are focused on business applications use (which includes handling formal business documents that may be used both at work and at home – the home element does not dominate the primary point that the business use dominates the rights and rights management).  Business DRM is reasonably well scoped.

But many suppliers are leaping onto the DRM bandwagon trying to apply it to scenarios where the use (and the formality of use) is very different.

If you argued that when you buy a novel, when you have read it then you can give it, in its entirety (not a copy) to someone else that might be an acceptable use.  But a business training course was never provided for that purpose.  It was provided for a specific and limited use, often for a very restricted period of time.  And the same concepts do not apply.

And some business documents are not being distributed for copying at all.  Some are business secrets, some are documents disclosed because they have to be, but only to identified individuals, and so on.  There is absolutely every reason for the distributor to want to be sure that the document is not copied, or forwarded to anyone, or maybe even printed.  

But the DRM mechanisms are just the same.  The secret is in who you apply them to and how you apply them.

Of course you will upset people by introducing DRM.  All the people who think they should be able to copy and distribute your information for starters!  And all the people who hate DRM just on principle (but please  see the first group again also).

But maybe those are the very people you wanted to control in the first place?

It’s a funny old world, isn’t it?