Hardware-based ID, rights management, and trusted systems

Technologies involving the assignment and use of common user identifiers, s uch as Intel's ill-fated Processor Serial Number, provide a straightforward way for publishers to verify the authenticity of messages claiming authori zation to receive digital works. These technologies ave a useful adjunct to trusted systems, which allow content providers to prevent recipients from passing usable copies of the work to anyone who has not paid the content pr ovider, and give content providers flexibility in specifying the nature of the event that will trigger a payment obligation. But their consequences ar e undesirable: Trusted systems relying on common identifiers will reduce an onymity and informational privacy on the Internet. They raise the prospect that a much larger proportion of ordinary transactions will require consume rs to present unique identification numbers digitally linked to a wide rang e of personally identifiable information. They are well-suited to being use d across the board by a large number of unrelated information collectors, i ncreasing the ease with which a wide range of information about a person ca n be aggregated into a single overall dossier. Moreover, the combination of trusted-systems technology (allowing publisher s to ensure that speech released to Bob does not make its way, via sharing or secondary markets, to Alice) and the privacy effects described above (al lowing publishers to collect extensive individualized information on consum ers) will sharply enhance producers' ability to discriminate among individu al consumers in connection with the sale and marketing of information goods . Some commentators suggest that this concentration of control is a good th ing; the price discrimination it enables, they urge, will broaden distribut ion of information goods. Yet the benefits of such a system are clouded; an y increase in distribution due to price discrimination comes at the cost of shutting down distribution that comes, in today's less-controlled system t hrough sharing or secondary markets. It will likely be accompanied by incre ased media concentration and a self-reinforcing cycle of commercial pressur e on individual privacy. In considering these effects, we should remember t hat they are unnecessary; publishers could get the benefits of trusted syst ems without relying on common identifiers at all.