A DRM Architecture for Securing User Privacy by Design

Abstract

Privacy considerations are one serious point against current DRM systems, because they would allow the License-Issuers to collect large amounts of user data, up to the the time a user listens to a song or which users are reading which kind of books. This sort of data could be used for marketing purposes but also for malicious deeds. This paper addresses this threat and establishes a DRM architecture which protects user privacy by the core of its design by adding a third trusted party and an appropriate communication protocol. The work was influenced by a project in mobile DRM based on the OMA specification[1].