The Center for Democracy and Technology weighed in today on the delicate subject of privacy and digital watermarks, recommending a series of best practices for protecting consumers against the unauthorized use of personal information. It's a tricky issue because watermarks -- unique digital identifiers that can't be detected with the naked eye -- are emerging as an anti-piracy tool, in which case the whole point is to identify the source of an infringing file. Nevertheless, as the 17-page report (download here) notes, even watermarks used for such purposes are subject to abuses that could invade innocent consumers' privacy or, worse, expose them to lawsuits for infringements they did not commit. And as the use of watermarks in online and digital media spreads, the threats proliferate. As the report puts it:
Perhaps the most frequently raised privacy concern is the idea that watermarks could enable increased monitoring, recording, or disclosure of an individualâs media purchases or usage. The fear, in other words, is that watermarking could compromise an individualâs ability to use and enjoy lawfully acquired media on a private, anonymous basis. Particular media usage choices could be sensitive if exposed, or could contribute to the creation of profiles of individualsâ overall media purchase and consumption habits, which might be used in ways that the individuals do not expect or understand. Other possible privacy concerns include the risk that watermarks could contain personal information that could be exposed to third parties, and the risk that errors in or manipulation of watermark data could paint a false picture of an individualâs behavior and perhaps lead to adverse consequences, including potential legal liability.
The right approach, the report says, starts by excluding any "independently useful" personal information from the watermark. No names or addresses, in other words. Any information collected about the file's recipient should be kept in a database that the watermark links to. Those recipients need to be told about the watermarks' presence and, if they're designed to combat infringement, warned about the potential liability -- a disclosure that would enhance the deterrent value of the technology.
Other recommendations aim to limit abuse by third parties who find ways to compromise the watermarks' security. The center also warns against using watermarks for anything but their original purpose, because mission creep and data retention increase the risk of privacy problems. For example, it notes that watermarks in DVDs that are designed to combat piracy could -- but shouldn't -- be used to collect information about individual consumers' viewing habits.
Although the report focuses on individualized watermarks (ones that are unique to the file in which they're embedded), it notes that generic watermarks (ones that are the same for every copy of a particular type of work) can also be used to infringe on privacy. It cites the example of movie or music watermarks that contain the title of the work, which might be used in combination with other software to compile lists of what a person plays on his or her PC. But the same kind of privacy invasion could be done without watermarks, simply by using file metadata, the report observes.
The report is nuanced, as one would expect from CDT -- an advocacy group that doesn't view commercial uses of the Net as inherently evil. So rather than denounce watermarks as DRM Lite, or call on content owners to abandon their anti-piracy efforts, it tries to navigate a path that protects the rights of buyers and sellers alike.