Lessig seems very naive to me here. The DRM instead of being embedded
is merely transferred to a rights server. Thus the client, although
open-source open-standards blah blah blah can only unlock the
presumably encrypted content using a key linked to the meta-DRM data
in the file. So how is this helping fair-use? How does this guarantee
an 'ecology for creativity'? It just means that DRM can be
implemented on open-source systems unproblematically and opens the
door to truly ubiquitous DRM-everywhere.
If anything this is the killer-app for wide ranging DRM systems as
now even free software/open-source will not stand in the way of DRM
implementation as the kernel of encryption/decryption has been moved
away from the client and placed safely within the boundaries of the
corporation licensing. It just seems to me like a public/private key
encryption system (similar to email) that allows the content industry
to convince open-source developers to get onboard.
I suppose the devil is in the detail, so the question is what stands
in the way of the open-source developers taking the now decrypted
content and just saving it off as an MP3 or whatever? Certainly the
level of invasion of privacy by this system which licenses to the
user identity and continually watches how they 'consume' content is a
bit weird.
I would be very interested to hear what other techies, experts and so
on think about this development.