Digital Rights Management in E-Learning: Problem Statement and Terms of Reference
Digital Rights Management in E-learning: Problem Statement and Terms of Reference
Stephen Downes, National Research Council, Canada
Magda Mourad, IBM Research, U.S.A
Harry Piccariello, ContentGuard, U.S.A.
Robby Robson, Eduworks Corporation, U.S.A.
Abstract: Digital Rights Management (DRM) is the management of rights by digital means, specifically; intellectual property rights applied to digital content and services. DRM is a complex and explosive issue involving a both law and technology and is an issue with which the e-learning community must come to grips. In conjunction with a panel session at the E-learn 2003 conference sponsored by the Association for the Advancement of Computing in Education, this paper defines terms and states some of the problems associated with applying DRM in e-learning.
There are many reasons for wanting to manage the rights associated with intellectual property. Authors and artists wish to control what can be done with their creations, scholars wish to ensure that they receive proper attribution, commercial enterprises wish to support business models that involve licenses and fees, and consumers want an environment free of legal worries and unexpected costs. Although rights themselves are not technological in nature â they are defined by laws, beliefs and practices â technology can be used to transmit, verify, interpret and enforce rights as they apply to digital content and services. This is called digital rights management, or simply DRM.
DRM is very much in the public consciousness thanks to conflicts between the music and entertainment industries and file sharing services (and their users). Because of this, DRM is widely viewed as the ability to prevent consumers from accessing or distributing multimedia content without authorization. But DRM is much broader and much deeper than that. The recent spate of conflicts and legislation (such as the Digital Millennium Copyright Act) may in itself be an admission of the failure of an overly simplistic view of DRM that derives from a model where content is, in essence, published by a single source, distributed over a single channel and consumed by a single user.
In a distributed networked environment, multiple rights associated with multiple objects come into play as content and services are created, distributed, aggregated, disaggregated, stored, found, and used. This is particularly applicable to e-learning, where standards and technologies are being developed specifically to support the sharing and reuse of learning resources, for example via the collaborative and distributed generation of learning objects, the aggregation of smaller objects to create larger objects, and the creation of resource-sharing networks. In addition, managers of significant collections of learning objects (or metadata records of learning objects) are exploring ways to offer searches and other services. For e-learning to function in this type of environment, appropriate models and implementation of DRM are needed.
New models of DRM are, not surprisingly, coming out of the multimedia industry and the international standards arena. These models are embodied in rights expression languages and other technical artifacts. Also not surprisingly, the systemic application of these models is the subject of patents. Copyright Â© 2003 by the Association for the Advancement of Computing in Education (AACE). Page 1 [http://www.aace.org]. To appear in E-learn 2003 proceedings. Link to be provided when published. These new models have broad applicability. In theory they can be used to manage attribution, content creation workflows and copyright licenses as easily as they can be applied to traditional publisher license models. But go get from theory to practice we need experience and we need to know the lay of the land with regard to some important issues. The purpose of the E-learn panel with which this paper is associated is to explore three of these issues:
â¢ How can we implement DRM in e-learning technology and learning object repositories?
â¢ What international standards and standardization efforts are associated with DRM?
â¢ What is the scope and nature of patents that will effect the implementation of DRM?
The remainder of this paper consists of a list of terms and definitions intended to establish a common vocabulary for the panel discussion to be held at E-learn 2003. The list is not intended to be exhaustive.
E-learning and E-learning Content Terms and Definitions
E-learning: We will use the term e-learning to refer to all processes, activities and technologies that support learning through the use of information and communication technology.
Learning Object: As defined in (LOM, 2000): "Any entity, digital or non-digital, which can be used, re-used or referenced during technology supported learning." In many settings this term is used more narrowly to define digital entities that conform to certain specifications governing description and reuse, but for the purposes of this paper we employ the wider definition adopted by IEEE. A learning object may be referred to as an âasset' or a âresource'.
E-learning Content Lifecycle: E-learning content is digital content intended for use in learning. E-learning content has a lifecycle that takes it through many stages and through many hands before a learner interacts with it. Steps in the e-learning content lifecycle include:
â¢ Design. The first step in creating content is often design, which might include story boards, applying specific instructional design disciplines, graphical design, and specifying technological requirements.
â¢ Authoring, Creation, Composition. This is the phase in which writers and artists create content from scratch. It is considered distinct from the act of assembling existing content into larger forms.
â¢ Assembly or Aggregation. Much of what is loosely called "authoring" entails combining existing content such as text and graphics into a coherent presentation such as a Web page, module or course. This is called assembly. Assembly may follow a design and may include methods for making the content adaptive, so that different versions are seen by different types of learners.
â¢ Transport, Storage, search and discovery. At most stages content is transported from one system to another, stored (usually in databases) and is retrieved through a search engine or directory structure. Discovery is the act of finding content using search techniques. A course catalogue is an example of a mechanism that supports search and discovery. â¢ Delivery, interaction and tracking. Ultimately, content is delivered to the learner, the learner interacts with the content, and in some cases the results of these interactions are recorded. The term tracking refers to results recording.
Common Technologies Supporting the E-learning Content Lifecycle
E-learning is supported by numerous technologies. Many, ranging from word processors to enterprise infrastructure applications, are not specific to e-learning. Common product categories that play a role include:
â¢ Authoring tools (designed or adapted specifically for generating learning content)
â¢ Assembly tools, for example that can be used to create IMS Content Packages
â¢ Learning Content Management Systems. Systems based on a content repository and that generally have assembly components, search and discovery components, and delivery components
â¢ Learning Management Systems. In the corporate space, learning management systems refer to systems that manage learner records and learning resources. They keep track of certifications, perform skill gap analyses, maintain a learning catalog, manage classroom resources, handle financial transactions and deliver content. In the academic space, the term learning management system is often used as a synonym for course management system or virtual learning environment.
â¢ Course Management Systems and Virtual Learning Environments. These products enable teachers to assemble online courses, including syllabi, reading materials, chat rooms, email lists, and quizzes and tests.
Course management systems also maintain class lists and authenticate users. â¢ Learning Object Repositories. These are collections of learning content, or of metadata records that reference learning content, that can be searched or harvested and from which objects can be retrieved.
â¢ Assessment Engines. Quizzing and testing can be handled by separate products that offer ways to write online quizzes, maintain test banks and test question banks, deliver assessments, and analyze results.
Digital Rights Management Terms and Definitions
Intellectual Property Rights (IPR): According to the World Trade Organization, intellectual property rights are "the rights given to people over the creations of their minds (WTO, 2003)." In practice IPR most often refers to ownership rights of individuals, including copyrights, patents and trademarks. Attribution (the right to be recognized as an author or contributor) also falls in this category. Note that IPR is not necessarily owned not by the creator of a work. It could belong to an organization to which the rights have been assigned, voluntarily or as a condition of employment or publication. The laws and practices that govern IPR and the assignment of IPR can vary widely from culture to culture and country to country.
Digital Rights Management (DRM): Digital Rights Management is the management of rights by digital means, specifically; intellectual property rights applied to digital content and services. DRM is often used in a narrower sense to mean the enforcement of license agreements and copyrights through the use of copy protection, encryption, password protection, and security devices. For us, however, DRM goes beyond this.
Expression: In DRM expression refers to the expression of IPR (including copyright, distribution rights, licenses and license requirements, and attribution and attribution requirements) associated to a resource. The expression of rights is separate from their enforcement.
Rights Expression Language (REL): A rights expression language is a grammar for expressing rights in a form that can be read and interpreted by a machine. An REL can be used to express what may be done by whom with what under what conditions. Statements of this form can be aggregated into larger expressions and can be resolved or interpreted by software.
The most common rights expression languages are in XML (Extensible Markup Language). The actual vocabulary used in an REL can be thought of as separate from the language, just as vocabulary and grammar can be thought of as separate aspects of a natural language.
Enforcement: In DRM enforcement refers to using technology to ensure that rights are not violated. For example, creating an Adobe PDF with protection that prevents it from being printed is not an act of enforcement. The enforcement occurs when you try to print the file and can't.
Role-based Access Control: Access control refers to limiting access to a file system, Web site, or other digital environment, usually via some sort of authentication mechanism such as a password. Often access control involves giving different permissions to different users. Access control is role-based if your ability to access data depends on your role within an organization (teacher, student, manager, individual contributor, etc.). Many universities purchase research services or online library subscription that may be accessed from any computer in the university domain. This is also a form of role-based access control.
Persistent DRM: Persistent DRM is the process of associating rights to content or a service in a way that persists as the content or service is moves through a network and is used by different applications and different people. Persistent DRM may be contrasted with access control at the point of consumption, which describes a system where credentials are checked (usually via a password) when you try to use a piece of content or a service and are not persistently associated with the content or service.
Rights and Permissions: We normally think of rights as "the right to vote" or "the right to send this file to a friend." In DRM terms these are called permissions because they say what you are allowed to do. The use of the term âpermission' should not be taken to imply that such rights exist at the sole discretion of the rights-holder; some permissions, such as fair use, are granted by legislation and hence are viewed by many as being ârights' in the original sense of the term.
Trusted: In DRM, an application or system is trusted if it interprets and enforces DRM rules and if its validity and its capabilities can be established within a trusted computing framework â for example using a digital signature.
MPEG-REL and ODRL
The most recognized rights expression languages are the MPEG-REL (Moving Pictures Expert Group â Rights Expression Language) and ODRL (Open Digital Rights Language).
The MPEG-REL is based on the Extensible Rights Markup Language (XrML, 2003), a language with its roots in the Digital Property Rights Language developed at Xerox PARC during the early to mid 1990s. XrML was further developed by ContentGuard, owned by Xerox Corporation with Microsoft Corporation holding a minority position. XrML is being submitted to standards bodies for further development and maintenance. The MPEG-REL and an associated MPEG Rights Data Dictionary are nearing status as an ISO standard (MPEG, 2003).
ODRL was developed by IPR Systems, a company that provides a suite of DRM technologies and that grew out of research done by Propagate Pty Ltd. in the late 1990's. Documentation on ODRL may be found in a note submitted for discussion to the W3C September of 2002 (ODRL, 2002). A profile of ODRL has been endorsed by the Open Mobile Alliance.
LOM (2000). Draft Standard for Learning Object Metadata IEEE P1484.12/D4.1 IEEE. http://ltsc.ieee.org/doc/wg12/LOMv4.1.htm
MPEG (2002). MPEG Approves Another MPEG-21 Technology. MPEG Press Release, July 2003. http://www.jtc1.org/FTP/Public/JTC1/DOCREG/SC_29_WG_11_Press_Release.htm. Accessed September 13, 2003
ODRL (2002). The Open Digital Rights Language. W3C Note, 19 September, 2002. http://www.w3.org/TR/2002/NOTE-odrl-20020919/#99175. Accessed September 13, 2003.
WTO (2003). What are Intellectual Property Rights. World Trade Organization Web Site. http://www.wto.org/english/tratop_e/trips_e/intel1_e.htm. Accessed September 13, 2003.
XrML (2003). Extensible Rights Markup Language. http://www.xrml.org/. Accessed September 13, 2003. Some further selected references of interest may be found at in the GiantSteps DRM Bibliography, http://www.giantstepsmts.com/drmbiblio.htm. Accessed September 13, 2003
SUBSCRIBE TO OLDAILY DONATE TO DOWNES.CA
Web - Today's OLDaily
Web - This Week's OLWeekly
Email - Subscribe
RSS - Individual Posts
RSS - Combined version
JSON - OLDaily
National Research Council Canada
All My Articles
About Stephen Downes
About Stephen's Web
Subscribe to Newsletters
Privacy and Security Policy
Stephen's Web and OLDaily
Half an Hour Blog
Google Plus Page
Huffington Post Blog