Today’s DRM excuses can be tomorrow’s DRM nightmares

Engadget reports that Apple Computer chief Steve Jobs recently spoke about DRM (digital restrictions management):

Q: I bought the movie Up on DVD, it had a digital download. I put it on my iPad. I hooked up my VGA adapter and tried to play it… but I couldn’t because of HDCP. Can you tell me how you’re helping with this?

A: We didn’t invent this stuff…

Q: But you did deploy it…

A: Well the content creators are trying to protect this stuff, and they’re grabbing at straws. Sometimes they grab the right ones, and sometimes they don’t. If we want access to this stuff, we have to play by some of their rules. I feel your pain.

So for proprietors it’s okay to deflect blame for restricting users from fully controlling their computers and simultaneously profit in restricting the users. Apple is big when it suits them (I’m sure they want consumers to believe they are the pre-eminent vehicle for delivering movies and music) and small and helpless against the publishers when it suits them (“We didn’t invent this stuff….”). This attitude rewards those who restrict and does nothing to help users who want to watch their legally obtained copies of movies as they see fit (dare one want to see a movie on a non-approved screen!).

This attitude is bad in itself, but not life threatening. As it applies to watching movies, this DRM is more annoying than anything else because there are plenty of free software movie players (like VLC) that will happily show you a movie on any device you like ignoring DRM that would otherwise get in your way; you can simply choose those programs instead of the proprietary stuff and go about enjoying a little bit more control over your life.

But what if DRM is in a device you need to live, like a heart pacemaker/defibrillator to monitor and regulate your heartbeats? Nowadays these devices are digital and run on software—software you aren’t privy to inspect, change, or share. Some of them are even set up so the software they run on can be altered remotely. Remote administration is sold on convenience, like proprietary traps usually are: A trained physician puts you within radio distance of a device that alters the pacemaker/defibrillator’s settings entirely wirelessly—no surgery or injection after the initial installation!

Remote control is a convenience you might be willing to accept for your garage and car door. But regulating a critical function in your body? This doesn’t sound so good when you consider the ramifications for a device you depend on in order to live. Brad Kuhn and Karen Sandler, co-hosts of the Software Freedom Law Show, recently discussed this problem. Sandler looked into these devices because she has a enlarged heart. The size of her heart increases her risk of sudden death. She has a pacemaker/defibrillator implanted inside her (it mostly monitors her heart but it could shock her heart to keep her alive). Sandler did research on these devices and learned some of the scary facts about them. She said that not only is patient information is carried in some of these devices which can be retrieved remotely without the user’s consent or knowledge, but she also learned that a similar device’s operation was altered without using the original manufacturer’s hardware. Knowing the risks of remote administration, she chose an older model which requires close contact with the device to be adjusted or interrogated. But most patients are not so well-versed in the consequences of choosing a modern medical implant; they’ll pick one which can be adjusted from a distance using something available to everyone (such as software defined radio, like GNU Radio).

What if manufacturers use DRM to restrict who can administer the implanted device? Why should anyone have to surrender control over their body in this way?

We need software freedom for medical devices. There are compelling ethical reasons we need software freedom for all published software (well-covered ground by the free software movement) but also because our lives could be at stake. Whether you choose to learn, alter, or share this software should be up to you as well.

Update 2010-07-21: SFLC publishes their report on “Safety Benefits of Free and Open Source Software in Critical Technology“. More on this report can be found on their site.