The evolution of technology is challenging the status quo of IP management in many ways. This section and Appendix E focus on technical protection services (TPSs) that may be able to assist in controlling the distribution of digital intellectual property on the Internet.1 The focus here is on how technical tools can assist in meeting the objectives stated throughout the report, as well as what they cannot do and what must therefore be sought elsewhere. Appendix Explores how the tools work, details what each kind of tool brings to bear on the challenges described throughout the report, and projects the expected development and deployment for each tool. For ease of exposition,m the presentation in this chapter is framed in terms of protecting individual objects (texts, music albums, movies, and so on); however,many of the issues raised are applicable to collections ( e.g., libraries and databases),2 and many of the techniques discussed are relevant to them as well.
A number of general points are important to keep in mind about TPSs:
• Technology provides means, not ends; it can assist in enforcing IP policy, but it cannot provide answers to social, legal, and economic questions about the ownership of and rights over works, nor can it make up for incompletely or badly answered questions.
• No TPS can protect perfectly. Technology changes rapidly, making previously secure systems progressively less secure. Social environments also change, with the defeat of security systems attracting more (or less) interest in the population. Just as in physical security systems, there are inherent trade-offs between the engineering design and implementation quality of a system on the one hand and the cost of building and deploying it on the other. The best that can be hoped for is steady improvement in TPS quality and affordability and keeping a step ahead of these bent on defeating the systems.
1Note that the phrase "technical protection services" is used deliberately. Although it is tempting to talk about technical protection systemspackages of tools integrated into digital environments and integrated with each otherthe committee believes that such systems are difficult to implement reasonably in the information infrastructure, an open network of interacting components, lacking boundaries that usefully separate inside and outside. In this environment it is better to talk about technical protection services; services; each service will be drawn on by information infrastructure components and will generally interact with other services.
2For example, as reported by a committee member, in February 1999 the special assistant to the director of Chemical Abstracts Service (CAS) indicated that there were one to three "hacking" attempts per day to get into the CAS database.