The plague-stricken town, traversed throughout with hierarchy, surveillance, observation, writing; the town immobilized by the functioning of an extensive power that bears in a distinct way over all individual bodies – this is the utopia of the perfectly governed city.
– Michel Foucault, Discipline and Punish: The Birth of the Prison

It is our most sincere desire to identify a technological solution to the plague of piracy. – Jack Valenti,

To the great dismay of copyright owners, a perceived “plague” of infringement has been thriving on the world’s digital networks. Digital rights management (DRM) technology is hailed as a cure for this modern plague. DRM technology promises copyright owners a utopia of perpetual, automated and near-perfect control over their works everywhere the works may go. To the extent DRM systems can deliver on this promise, they are poised to become the ubiquitous regulators of our ability to access and use copyright works and virtually any other type of information product. Much like approaches to controlling plagues of the past, DRM embodies an architecture of panoptic power. It also embodies much more.

Common foundations

At a most basic level, DRM and panopticism are similar because they share a similar underlying epistemologically-based understanding of power relationships. DRM and panopticism derive power from information and knowledge about their respective objects of surveillance.

In both DRM and the Panopticon, the objects of surveillance are denied privacy. As a condition of participation in the architectures (as if they had a choice), the objects are required to lay themselves and their activities bare before their supervisors. This requirement ensures that all information is available for the supervisors to see and use. This information is the root of the supervisor’s power and the more information there is, the greater their power.

Thus, DRM and panopticism both buy into a particular theory of knowledge about people. This theory of knowledge holds that the more data available about a person, and the better it can be processed and classified, the better a person can be known. However, this is not knowledge for the sake of knowledge – it is knowledge in the sense of a re-creation or reconstruction of the individual. Under this theory of knowledge, information leads to ‘data-mined-and-profiled’ truth, and to power.

Common operation

In terms of its operational mechanisms, DRM is analogous to the Panopticon because DRM systems contain technological components that track and report on the works that they protect. However, this tracking and reporting creates information not only about works but, more importantly, about the people that access or use works. The fundamental premise of DRM is one of authentication – i.e. managing who has permission to do what in relation to a work. DRM requires that users disclose personal information in order access or use works. This means that DRM systems can gather detailed information about the types of works that particular users access as well as fine-grained information about how particular users use works. DRM therefore has the capability to simultaneously ‘backlight’ the activities of every user of DRM-protected works so that they are all perfectly observed at an individual level.

Beyond these similarities between DRM and the Panopticon, there are a number of ways that DRM may go beyond the Panopticon in its power.

Differing scope of conformity

First, through DRM, users may be likely to conform their behaviour very closely to all of the self-serving expectations of copyright owners. In other words, under the DRM regime, copyright owners will largely define infringement for users and what copyright owners more generally consider appropriate behaviour in relation to works. For example, beyond the non-infringement expectation, we should expect that copyright owners might establish an expectation that they are entitled to be paid for every possible use of a work, no matter what the law says or how insignificant the use might be. Under the coercive force of DRM, users who access content may be likely to conform their behaviour to this expectation. To the extent that users want access to DRM-protected content, they will have no choice but to conform.

Second, the panoptic effect of DRM may affect user behaviour even in respect of non-DRM protected works, both with respect to non-infringement and other expectations that copyright owners may coerce. In other words, once copyright owners’ expectations are internalized in users through DRM, users may automatically conform their behaviour for all copyright works and other (non-copyright) works that are not protected by DRM. Rather than take on a risk of violating the coerced expectations, users may be likely to conform across the board. This effect may be dependent on the extent to which users can distinguish between works that are protected by DRM and ones that are not. Or perhaps more accurately, it may depend on the extent to which users will avoid risk by refusing to wager being watched or getting caught on their ability to distinguish between the two categories of works.

Third, like other forms of surveillance, DRM is likely to have a broad effect on the kinds of content that users choose to access as well as the uses of content they choose to make. For example, users may self-censor by choosing not to access particular controversial works out of fear that their actions are being watched and recorded and may be exposed. In this way, DRM fundamentally interferes with intellectual exploration. Importantly, in this example users are not strictly conforming their behaviour to the expectations of copyright owners; instead, they are conforming their behaviour to perceived broader social expectations. Because this seems to have little to do with copyright interests, it may be an unintended but nonetheless powerful consequence of panopticism in DRM.

Differing scope for autonomy

Although not typically the focus of analysis in the literature discussing panopticism, it is important to note that the Panopticon sets direct limits on the scope of its subjects’ autonomous behaviour. Those limits take the physical form of prison walls and prison bars. Thus, when it comes to a discussion of the internalization effect of surveillance, panopticism typically must reserve a zone for autonomous action. The Panopticon assumes that the prisoners have some room for autonomous action within the confines of their cells – for Foucault the prisoners are “actors” in “small theaters”. Even if these actors may know that they are being watched and that they will face punishment if their behaviour does not conform to the expectations of the supervisors, at a basic level they still have room to choose how to behave. If there were no scope for autonomous action (i.e. if the coercion took the form of absolute physical restraints), then there would no point in surveillance and there would also be no internalization effect. In fact, it is arguable that the more physical the constraint is, the less effective the panoptic effect would be.

DRM similarly imposes strict constraints on end-users. The architecture of DRM seems to be more about where the walls of the metaphorical prison cell are drawn rather than what goes on inside those walls. With DRM tightly controlling access and use of copyright works, there is little scope for users to choose how to behave. In this way, DRM may not principally rely on the panoptic internalization effect to coerce; instead DRM builds the prison cell a bit smaller.

When it comes to circumvention of DRM, however, the surveillance and internalization effect in DRM is probably more significant then direct coercion. On this issue, DRM does erect some direct constraints on behaviour because it is resistant to circumvention. However, it is arguable that even with a legal architecture of coercion, users have a greater scope for autonomy because they have the ability to choose whether to try to circumvent DRM or not. In this area, DRM panoptically coerces compliance with non-circumvention legislation because of its surveillance functionality – if DRM is always watching and can detect (and act) on circumvention attempts, then users are unlikely to even attempt to circumvent. The effects of this surveillance are internalized.