Apple CEO Steve Jobs’ posts rare open letter: ‘Thoughts on Music’ – calls for DRM-free music

Apple CEO Steve Jobs has posted a rare open letter, “Thoughts on Music,” on Apple’s website. Here it is verbatim:

Steve Jobs
February 6, 2007

With the stunning global success of Apple’s iPod music player and iTunes online music store, some have called for Apple to “open” the digital rights management (DRM) system that Apple uses to protect its music against theft, so that music purchased from iTunes can be played on digital devices purchased from other companies, and protected music purchased from other online music stores can play on iPods. Let’s examine the current situation and how we got here, then look at three possible alternatives for the future.

To begin, it is useful to remember that all iPods play music that is free of any DRM and encoded in “open” licensable formats such as MP3 and AAC. iPod users can and do acquire their music from many sources, including CDs they own. Music on CDs can be easily imported into the freely-downloadable iTunes jukebox software which runs on both Macs and Windows PCs, and is automatically encoded into the open AAC or MP3 formats without any DRM. This music can be played on iPods or any other music players that play these open formats.

The rub comes from the music Apple sells on its online iTunes Store. Since Apple does not own or control any music itself, it must license the rights to distribute music from others, primarily the “big four” music companies: Universal, Sony BMG, Warner and EMI. These four companies control the distribution of over 70% of the world’s music. When Apple approached these companies to license their music to distribute legally over the Internet, they were extremely cautious and required Apple to protect their music from being illegally copied. The solution was to create a DRM system, which envelopes each song purchased from the iTunes store in special and secret software so that it cannot be played on unauthorized devices.

Apple was able to negotiate landmark usage rights at the time, which include allowing users to play their DRM protected music on up to 5 computers and on an unlimited number of iPods. Obtaining such rights from the music companies was unprecedented at the time, and even today is unmatched by most other digital music services. However, a key provision of our agreements with the music companies is that if our DRM system is compromised and their music becomes playable on unauthorized devices, we have only a small number of weeks to fix the problem or they can withdraw their entire music catalog from our iTunes store.

To prevent illegal copies, DRM systems must allow only authorized devices to play the protected music. If a copy of a DRM protected song is posted on the Internet, it should not be able to play on a downloader’s computer or portable music device. To achieve this, a DRM system employs secrets. There is no theory of protecting content other than keeping secrets. In other words, even if one uses the most sophisticated cryptographic locks to protect the actual music, one must still “hide” the keys which unlock the music on the user’s computer or portable music player. No one has ever implemented a DRM system that does not depend on such secrets for its operation.

The problem, of course, is that there are many smart people in the world, some with a lot of time on their hands, who love to discover such secrets and publish a way for everyone to get free (and stolen) music. They are often successful in doing just that, so any company trying to protect content using a DRM must frequently update it with new and harder to discover secrets. It is a cat-and-mouse game. Apple’s DRM system is called FairPlay. While we have had a few breaches in FairPlay, we have been able to successfully repair them through updating the iTunes store software, the iTunes jukebox software and software in the iPods themselves. So far we have met our commitments to the music companies to protect their music, and we have given users the most liberal usage rights available in the industry for legally downloaded music.

With this background, let’s now explore three different alternatives for the future.

The first alternative is to continue on the current course, with each manufacturer competing freely with their own “top to bottom” proprietary systems for selling, playing and protecting music. It is a very competitive market, with major global companies making large investments to develop new music players and online music stores. Apple, Microsoft and Sony all compete with proprietary systems. Music purchased from Microsoft’s Zune store will only play on Zune players; music purchased from Sony’s Connect store will only play on Sony’s players; and music purchased from Apple’s iTunes store will only play on iPods. This is the current state of affairs in the industry, and customers are being well served with a continuing stream of innovative products and a wide variety of choices.

Some have argued that once a consumer purchases a body of music from one of the proprietary music stores, they are forever locked into only using music players from that one company. Or, if they buy a specific player, they are locked into buying music only from that company’s music store. Is this true? Let’s look at the data for iPods and the iTunes store – they are the industry’s most popular products and we have accurate data for them. Through the end of 2006, customers purchased a total of 90 million iPods and 2 billion songs from the iTunes store. On average, that’s 22 songs purchased from the iTunes store for each iPod ever sold.

Today’s most popular iPod holds 1000 songs, and research tells us that the average iPod is nearly full. This means that only 22 out of 1000 songs, or under 3% of the music on the average iPod, is purchased from the iTunes store and protected with a DRM. The remaining 97% of the music is unprotected and playable on any player that can play the open formats. Its hard to believe that just 3% of the music on the average iPod is enough to lock users into buying only iPods in the future. And since 97% of the music on the average iPod was not purchased from the iTunes store, iPod users are clearly not locked into the iTunes store to acquire their music.

The second alternative is for Apple to license its FairPlay DRM technology to current and future competitors with the goal of achieving interoperability between different company’s players and music stores. On the surface, this seems like a good idea since it might offer customers increased choice now and in the future. And Apple might benefit by charging a small licensing fee for its FairPlay DRM. However, when we look a bit deeper, problems begin to emerge. The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak. The Internet has made such leaks far more damaging, since a single leak can be spread worldwide in less than a minute. Such leaks can rapidly result in software programs available as free downloads on the Internet which will disable the DRM protection so that formerly protected songs can be played on unauthorized players.

An equally serious problem is how to quickly repair the damage caused by such a leak. A successful repair will likely involve enhancing the music store software, the music jukebox software, and the software in the players with new secrets, then transferring this updated software into the tens (or hundreds) of millions of Macs, Windows PCs and players already in use. This must all be done quickly and in a very coordinated way. Such an undertaking is very difficult when just one company controls all of the pieces. It is near impossible if multiple companies control separate pieces of the puzzle, and all of them must quickly act in concert to repair the damage from a leak.

Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies. Perhaps this same conclusion contributed to Microsoft’s recent decision to switch their emphasis from an “open” model of licensing their DRM to others to a “closed” model of offering a proprietary music store, proprietary jukebox software and proprietary players.

The third alternative is to abolish DRMs entirely. Imagine a world where every online store sells DRM-free music encoded in open licensable formats. In such a world, any player can play music purchased from any store, and any store can sell music which is playable on all players. This is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat. If the big four music companies would license Apple their music without the requirement that it be protected with a DRM, we would switch to selling only DRM-free music on our iTunes store. Every iPod ever made will play this DRM-free music.

Why would the big four music companies agree to let Apple and others distribute their music without using DRM systems to protect it? The simplest answer is because DRMs haven’t worked, and may never work, to halt music piracy. Though the big four music companies require that all their music sold online be protected with DRMs, these same music companies continue to sell billions of CDs a year which contain completely unprotected music. That’s right! No DRM system was ever developed for the CD, so all the music distributed on CDs can be easily uploaded to the Internet, then (illegally) downloaded and played on any computer or player.

In 2006, under 2 billion DRM-protected songs were sold worldwide by online stores, while over 20 billion songs were sold completely DRM-free and unprotected on CDs by the music companies themselves. The music companies sell the vast majority of their music DRM-free, and show no signs of changing this behavior, since the overwhelming majority of their revenues depend on selling CDs which must play in CD players that support no DRM system.

So if the music companies are selling over 90 percent of their music DRM-free, what benefits do they get from selling the remaining small percentage of their music encumbered with a DRM system? There appear to be none. If anything, the technical expertise and overhead required to create, operate and update a DRM system has limited the number of participants selling DRM protected music. If such requirements were removed, the music industry might experience an influx of new companies willing to invest in innovative new stores and players. This can only be seen as a positive by the music companies.

Much of the concern over DRM systems has arisen in European countries. Perhaps those unhappy with the current situation should redirect their energies towards persuading the music companies to sell their music DRM-free. For Europeans, two and a half of the big four music companies are located right in their backyard. The largest, Universal, is 100% owned by Vivendi, a French company. EMI is a British company, and Sony BMG is 50% owned by Bertelsmann, a German company. Convincing them to license their music to Apple and others DRM-free will create a truly interoperable music marketplace. Apple will embrace this wholeheartedly.

Source: http://www.apple.com/hotnews/thoughtsonmusic/
This letter will prove to be a defining, transformative moment for the music industry. And, if the music labels balk, with The Beatles’ Apple Corps settlement behind them, Apple is free to eliminate the middlebronfman.

Note, too, that Jobs has deftly positioned Apple as the anti-DRM company, just as Microsoft has inflicted the heavily-DRM-laden Vista upon the Windows sufferers.

As we’ve often written, as recently as January 24, 2007, “We do wish the music labels would give up on DRM altogether which would just about solve everything.”

And, from our MacDailyNews Take on January 14, 2007, “We wish DRM didn’t exist. Apple doesn’t need it: the iPod, iTunes, and the forthcoming iPhone are each plenty strong enough to appeal to large swaths of consumers on their own merits. Plus, DRM is so easily removed, that it’s pointless. The mass pirates, about whom the music labels are supposedly worried, aren’t going to let a little DRM get in their way, so the only people that DRM is affecting are regular, law-abiding consumers who just want to listen to their music. Thankfully, Apple’s iTunes Store does allow music to be burned without DRM to music CD to be played in CD players and/or transferred to any device they desire. We are all for selling music without DRM. Hopefully, someday we’ll get there.”

Related articles:
Apple Inc. and The Beatles’ Apple Corps Ltd. enter into new agreement – February 05, 2007
Norwegian Ombudsman: Apple’s FairPlay DRM is illegal in Norway – January 24, 2007
Major music labels ponder DRM-free future – January 23, 2007
Clash, Pink Floyd manager: ‘DRM is dead’ – November 06, 2006
Study reports the obvious: most music on iPods not from iTunes Store – September 17, 2006

255 Comments

  1. Reality Check is right in saying that the code itself can be released to third parties, or even open sourced, without breaking security.

    The issue that SJ identified, though, is not whether the code is secret or not, but rather how many parties would have to update their code if Apple had to update its implementation in order to counter previous codes that where stolen or broken.

    SJ is right in saying that this would be cumbersome and difficult. And SJ is right for calling for DRM-free music, rather than trying to stick with an inherently cumbersome and difficult process.

    This would benefit consumers, and it would benefit Apple.

    The benefit of DRM-free music is much less clear for music labels.

    So the labels would probably respond that, in exchange for DRM-free music, they want to be free to to charge higher prices generally, as well as adopt differential pricing (e.g. for new releases vs older songs) — something that Apple adamantly opposes.

    This clearly is a complex negotiation between music labels and technology providers. The big four and Apple will have to dance this dance, and we’ll see how it comes out.

    In the meantime, the consumer regulatory bodies will continue, rightly, to pressure Apple, on behalf of consumers. If nothing else, this gives Apple another club to beat the music labels over the head with.

  2. I have a friend who has signed up several times with Napster, downloaded over 100 gigs of music and then stripped the DMR out of the napster/MS DMR music.

    I am all for non-DMR music. The record industry needs to change.

    Anybody read what Courney Love wrote how the music industry screws artist?

  3. Cheering – I don’t think the issue of 3rd parties updating their code as a big issue – particularly if the underlying code was freely available. It wouldn’t be much more difficult than an automated software update.

  4. I’ve said from the beginning (4 years ago) that it would be cool if Apple would allow other storefronts to appear in the iTunes list. This would allow people to competitively shop for music while maintaining iTunes as the primary interface. I could see an iTunes Music store then below it an eMusic music store (which is already DRM-free btw). Sony store below that. Then all pruchases dump right into iTunes.

    No reason why this couldnt be done.

  5. @ Reality Check

    “…That’s why I exclusively use my own CD’s and http://www.emusic.com for my iPod…”

    “…licensing their DRM to the other company so that we, the consumers, are not locked into one hardware solution or the other”

    Um… doesn’t sound like your “locked” in.

  6. It doesn’t matter how difficult it is or isn’t Apple CAN NOT guarantee those other companies WILL update the DRM in a timely fashion, thus they make themselves vulnerable to losing massive chunks of their catalog due to another company’s ineptitude.

  7. Spot the difference:

    An equally serious problem is how to quickly repair the damage caused by such a leak. A successful repair will likely involve enhancing the music store software, the music jukebox software, and the software in the players with new secrets, then transferring this updated software into the tens (or hundreds) of millions of Macs, Windows PCs and players already in use. This must all be done quickly and in a very coordinated way. Such an undertaking is very difficult when just one company controls all of the pieces. It is near impossible if multiple companies control separate pieces of the puzzle, and all of them must quickly act in concert to repair the damage from a leak.

    An equally serious problem is how to quickly repair the damage caused by such a virus. A successful attack will likely involve enhancing the anti-virus software, the spyware software, and the OS software in the hard drives with new secrets, then transferring this updated software into the tens (or hundreds) of millions of Windows PCs already in use. This must all be done quickly and in a very coordinated way. Such an undertaking is very difficult when just one company controls all of the pieces. It is near impossible if multiple companies control separate pieces of the puzzle, and all of them must quickly act in concert to repair the damage from a virus.

    This was a nice move by Steve, he is polite but firm in laying the blame for DRM at the hands of the record labels (records?) and I agree with what he is saying.

    Next time Steve, put a P.S. on the end and tell us what’s happening with Leopard!

  8. “The largest, Universal, is 100% owned by Vivendi, a French company. EMI is a British company, and Sony BMG is 50% owned by Bertelsmann, a German company. Convincing them to license their music to Apple and others DRM-free will create a truly interoperable music marketplace. Apple will embrace this wholeheartedly.” The European are freaking phonies!!!

  9. Chris: “Get a clue! Nobody needs to know the names of the Scandanavian agencies, let alone their leadership, to know that they’re barking up the wrong tree.”

    Uh, my point was that the original writer didn’t have any facts whatsoever (not even basic ones, such as names or leadership) to back up his statements.

    You need facts – and lots of data – to make a coherent policy analysis. (Try analyzing the Environmental Protection Agency’s record, or that of the Occupational Safety and Health Administration, without any reliable facts. You’ll get laughed out of town at a Congressional oversight hearing.)

    Making conclusions in the absence of those facts results in ideological hot air, which is useless.

    “If you really want to be able to buy your music from any online vendor, then you’ve got to go after the Music Labels. The computer companies (not only Apple) just don’t have the authority to change the rules.”

    Again, this is contrary to reality. Apple does indeed have commercial negotiating clout – as SJ himself acknowledged in his open letter. That’s why Apple was able to negotiate, and obtain, better consumer rights than what the labels originally proposed.

    You are right that Apple cannot unilaterally change the contracts, but it sure can enter into commerical negotiations with a great deal of clout behind it.

    So it is very convenient for Apple to divert the blame toward the music labels. However, this is not a valid legal defense (in my view) against the Scandinavian allegations of being anti-consumer. The legal reasoning is that, in this case, Apple is the entity that tangibly imposes the DRM, and refuses to license it to third parties. Apple is therefore rightly the logical first target of inquiry by consumer protection bodies.

    In summary, I see SJ’s letter as less a legal defense to anti-consumer allegations, and more of a commerical negotiation ploy, an effort to step up pressure on the music labels.

    We’ll see who blinks first.

  10. Norway immediately convened a special session to respond to Apple’s “ultimatum” and “unparalleled aggression” and the following edicts were announced nationwide 06 February 2007 20:21 GMT:

    iPods are banned and individuals in possession of iPods are subject to arrest and forfeiture of all civil and human rights including, but not limited to, ownership of property, admission to university, tenure, old age pensions, and weekly coupons.

    Norway’s civil security and military forces are permitted to hold all subjects without charge for 4 years.

    “iPodding” and “iTuning” are declared treasonable acts subject to life imprisonment or death by hanging.

    Shipments of iPods are to be confiscated and destroyed nationwide. The Norwegian Navy has been ordered to inspect all ships and boats within Norwegian territorial waters and “deep six” all iPods. Ships and boats not submitting to inspection will be fired upon until the captain relents or vessels are sunk. Roadblocks are set up at all border crossings with Sweden, Finland, and Russia to inspect all vehicles entering Norway that may be carrying contraband iPods. Train tracks will be removed that cross international borders. Tunnels that exist between Norway, Sweden, Finland, and Russia will be filled with steel-reinforced cement. All planes carrying iPods or passengers suspected of carrying iPods are to be forced to land at designated military airfields as directed by fighter pilots. Captains of planes that do not obey instruction will be declared “mercantile mercenaries of Steve Jobs” and planes declared “transports of Apple insurgents” and destroyed at will. Apple stores are to be razed.

    The “Musikal Freedom Party”, “National Gramophone Action Party”, and “League of Historical Reconstructionism and Archaic Technologies” demand that all instrumental and vocal recordings be sold only as analog versions of LP plastic discs.

    The letter “i” is stricken from the Norwegian alphabet and is replaced by “*”.

    Compulsory military and naval service is required of all Norwegian citizens from ages 16 to 65 years.

    So it is written so shall it be done.

  11. Reality Check…I don’t get you.

    “That’s why I exclusively use my own CD’s and http://www.emusic.com for my iPod – and not iTunes.”

    “…we actually rely on someone – either Apple or Microsoft – licensing their DRM to the other company so that we, the consumers, are not locked into one hardware solution or the other. I’m more concerned with the limitations for me, as a consumer, than on licking Steve Job’s anus.”

    One sentence you’re saying you simply don’t buy DRM protected music and that’s what you load on your iPod and then at the end you say DRM locks you into the device so that’s why Jobs would want DRM to continue (and for some bizarre reason for you to lick his ass).

    You have the device of your choice, the iPod and you’ve obviously found a way to enjoy it without being “locked in” should you decide to use another device in the future. So how does DRM keep you using the iPod (because it’s the iPod that’s the real moneymaker, not the music store) and therefore keep Jobs rolling in money (and once again the ass lickings)? It doesn’t.

    It seems like if there’s no DRM Jobs might actually get MORE money. From people, like yourself, who are so afraid of FairPlay DRM — even though you can make a CD of music bought on iTunes and rip it as MP3s (a good idea for backing up your files) and there’s no DRM and it can play on any device. So I don’t think he’s bullshitting or using the Distortion Field or whatever. I think he’s just making some good points.

  12. Chris: “Get a clue! Nobody needs to know the names of the Scandanavian agencies, let alone their leadership, to know that they’re barking up the wrong tree.”

    Uh, my point was that the original writer didn’t have any facts whatsoever (not even basic ones, such as names or leadership) to back up his statements.

    You need facts – and lots of data – to make a coherent policy analysis. (Try analyzing the Environmental Protection Agency’s record, or that of the Occupational Safety and Health Administration, without any reliable facts. You’ll get laughed out of town at a Congressional oversight hearing.)

    Making conclusions in the absence of those facts results in ideological hot air, which is useless.

    “If you really want to be able to buy your music from any online vendor, then you’ve got to go after the Music Labels. The computer companies (not only Apple) just don’t have the authority to change the rules.”

    You are right that Apple cannot unilaterally change the contracts. But that’s only part of the story.

    Apple does indeed have commercial negotiating clout – as SJ himself acknowledged in his open letter. That’s why Apple was able to negotiate, and obtain, better consumer rights than what the labels originally proposed.

    So it is very convenient for Apple to divert the blame toward the music labels. However, this is not a valid legal defense (in my view) against the Scandinavian allegations of being anti-consumer. The legal reasoning is that, in this case, Apple is the entity that tangibly imposes the DRM, and refuses to license it to third parties. Apple is therefore rightly the logical first target of inquiry by consumer protection bodies.

    In summary, I see SJ’s letter as less a legal defense to anti-consumer allegations, and more of a commerical negotiation ploy, an effort to step up pressure on the music labels.

    We’ll see who blinks first.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.