New Zealand government officials have responded to my criticism of their newly released national DRM strategy — their strategy for government adoption and use of technology that prevents copying and unauthorized use.
These technologies aren't fit for government use, for a number of reasons. Today, for example, whistle-blowers in government can take official documents that show malfeasance to an ombudsman or the press or their boss. Under the NZ proposal, they'll have to take their request for leaking sensitive information to a Ministry of DRM that will evaluate their request and determine whether to allow the disclosure. Even if you believe that such a Ministry would be efficient, honest, and even-handed, there's an undeniable chilling-effect inherent in having to approach a government ministry before releasing material that's damaging to the government.
Other problems abound, but the gravest is the harm to open source. Open source technology is technology that can be understood, modified, improved and re-published by its user. This methodology has produced the best server OS on the planet (GNU/Linux), the best browser (Firefox), the best mail-server, web-server, video-player, and so on. It's critical to security research, to development strategies for poor countries and rich, for education and for democracy.
But open source and DRM can't peacefully co-exist. As I wrote on Monday:
DRM relies on its owners not knowing how it works and not being able to change how it works. If I give you a song that can only be played on five computers, it defeats the point if you can change that to 50,000 computers. But the point of open source is that it is better for society, individuals, and competition if anyone who cares to can discover how her tools work, improve those tools, and publish her improvements.
Rob O'Neill from ZDNet Australia asked an NZ government spokesman for comment on this, and got this reply: "DRM on its own largely depends on users not being able to see how it works, but when combined with trusted computing it is possible to create DRM schemes where people know how they work but can't circumvent them."
This is nonsense. Yes, with trusted computing, you could have a DRM program where the source was available, but which would refuse to run if you changed it, but to say that that makes DRM safe for open source is to miss the point entirely.
Open source works not merely because the source is published. Critical to open source is the ability to modify, improve and republish the tools you use. Under the scheme described by the nameless government apparat quoted above, open source authors would need a separate license to modify, improve, and republish open source tools.
But that's just proprietary software by another name: by that definition, Microsoft Windows is open source, since you can theoretically get a license from Microsoft to modify and re-publish its products. The point of open source is that no further permission is ever needed to make open source tools better. The NZ proposal is one in which improvements can only ever come with permission from DRM consortia, which are universally — to a one — dominated by American companies.
It would be a terrible betrayal for NZ to adopt a policy where its NZ programmers needed to seek permission from American companies in order to make tools that read, manipulated, and made available documents produced the NZ government, at NZ taxpayers' expense.