What is Rights Management?
Rights management is a peculiar term that seems to have been invented for control systems that allow a rights owner to exert control over information immediately.
There are two types of rights management to consider:
- the rights of the creator/owner of a work
- the rights of the user of a work.
When we use the word ‘work’ we mean, very loosely, anything that has been stored in a digital form. So this could be (almost) anything, an ebook, a video, a picture, a trademark, a document, music, data, an elearning course, or a film. It is worth mentioning that all these works have different rights for those involved in their creation, but this note was not prepared as an analysis of author’s rights. If anyone wants a detailed statement we recommend Copyright Law in the United Kingdom by Sterling and Carpenter, published by Legal Books Pty in 1986 with addendum. For database rights in Europe we recommend the following EU Directive – http://europa.eu.int/ISPO/legal/en/ipr/database/text.html
Generally, when we talk about rights management we mean that the author/owner of a work has the ability to define, by a license, rights that may (or may not) be granted to the user or recipient of a work in a digital form or format.
In simple terms, rights are usually:
- personal use
- ability to pass to others
- ability to edit, extract or copy
- right to use for a defined or an undefined period.
Rights management is therefore the ability to be able to apply rights being granted such that the recipient is bound by them in compliance with the license agreement made between them and the owner. For digital content protection and control, rights management is often referred to as Digital Rights Management or DRM, Information Rights Management, or Enterprise Rights Management. Some online systems (where access rights and controls can be instantly changed) refer to their rights management technology as Active Rights Management. Effectively these are all the same and perform the same function – preventing unauthorized access and controlling use to content whether that be digital documents, emails, web pages, music, movies, etc. – but are marketed using different terminology. In the past, DRM was more closely associated with video and music content but now equally applies to documents and emails – although some companies market this as Information Rights Management or Enterprise Rights Management.
There may be statutory rights granted by law that override rights granted by license, such as the right to produce criticism or parody. These may not be refused by the owner, and they may vary from country to country.
In some cases, rights management may also be understood to be an employer exerting their authority to control rights in information owned or licensed by an Enterprise. In this case the meaning of rights management is much broader, covering trade secrets, secrets in the course of litigation, and is primarily covered by a contract of employment which may contain terms and penalties that would not be appropriate in a license agreement.
In all cases, Court orders may require the disclosure of any information, whether the subject of rights management or not. If you receive a direction from a Court to disclose information you should take legal advice.
Rights Management software
In 2003, Microsoft released Rights Management Services (RMS) for Windows 2003 server which enabled administrators to encrypt MS document formats, and through policies embedded in the documents, prevent the protected content from being decrypted except by authorized users. Specific document operations like printing, copying, editing, forwarding, etc. could be allowed or disallowed. However, an alleged attack in 2016 showed that authorized users could remove the protection, thus rendering it useless.
Since then, various companies have produced rights management for documents that use plugins to the underlying application (i.e. Word, Adobe Acrobat, etc.) to add additional security. These however are not without their problems. Another plugin could compromise the security (say by recording the decryption key) or stop the rights management plugin from working altogether. An update to the application could prevent the plugin from working, or underlying security issues of the application could also compromise the overall security of the system. These issues have all been prevalent in the real world.
Other companies such as Locklizard have created standalone applications that can provide additional security. The security of the system is not at the mercy of the original application and other security controls can be added at the Operating System level (i.e. the prevention of third party screen grabbers or printing to file drivers) since the application has direct control. Preventing plugins from loading stops an easy way in to attack the system.
Rights management software has also been widely implemented in the browser using either HTML5 or flash technology to control access to and use of documents. This approach is popular with secure data room systems to securely share information that is confidential – e.g. controlling use of board documents, due diligence and M&A material. However, since no software is installed on the client computer, there is less control available over what users can do with documents. For example, users can take screenshots of documents or print to file drivers (if printing is allowed), so a browser based rights management system is not as secure as a device installed one.
Further reading on Rights Management
To learn more about rights management, please take a look at History of Rights Management.
Download Rights Management Software
Download rights management software for PDF documents, web pages, images, flash and elearning courses. Locklizard DRM software controls access to and use of your information.