[Infowarrior] - NZ draws line on DRM and trusted computing

Tue Sep 5 10:30:53 EDT 2006

NZ draws line on DRM and trusted computing

Rob O'Neill, ZDNet Australia
September 05, 2006
URL: 
http://www.zdnet.com.au/news/software/soa/NZ_draws_line_on_DRM_and_trusted_c
omputing/0,130061733,339270846,00.htm

New Zealand¹s lead state-sector authority has drawn a line in the sand to
ensure government information security is not compromised by new "trusted
computing" and digital rights management (DRM) technologies.

The policies, released by the New Zealand State Services Commission (SSC)
today, are an acknowledgement of the risks posed by the trusted computing
and DRM initiatives being driven by international IT vendors and media
organisations.

They also call for new standards and features to be developed and included
in trusted computing and DRM systems to meet the needs of international
governments.

The policies are designed, the SSC says, "to ensure that the use of trusted
computing and digital rights management technologies does not adversely
affect the integrity (including availability and confidentiality) of
government-held information or related government systems."

The policies are not New Zealand-specific, the SSC says, and other
governments are invited to make use of and contribute to them.

"We believe that collaboration between governments is vital to ensure that
these technologies develop in a way consistent with government requirements.
By agreeing on a common set of principles and policies that reflect their
requirements, governments can more effectively influence ICT product vendors
to develop standards and features that will meet these requirements, for
example a standard for disclosing the DRM restrictions associated with a
computer file."

The policies outline basic principles that oppose externally imposed
restrictions on access to government information except where government has
given informed consent. Government must also have full control of any DRM
encumbrance over the master copy of any information it owns.

They also call for a common set of rights definitions and proscribe the use
of hardware or software that could modify or hinder access to information
held by government. Such systems also cannot compromise information privacy.
Agencies must have knowledge about the information flows into and out of
such systems.

Trusted computing systems can, broadly, restrict access to information if
the client system is not operating properly while DRM restricts access to
protect intellectual property.

The SSC is inviting other government, vendors and interest groups wishing to
collaborate on the project to visit its Web site.

The "Trusted Computing and Digital Rights Management Principles and
Policies" have been developed over the last year by officials from central
and local government with input from vendors such as IBM, Hewlett-Packard
and Microsoft.