With your support, EFF has helped raise the bar in ongoing discussions about how to better protect users against the abuse of their rights through DRM. Our submission [PDF] to the United Nations Conference on Trade and Development (UNCTAD) at an Expert Group Meeting on Consumer Protection last week, pointed out that the then-current draft text for a revised set of Guidelines for Consumer Protection completely omitted to deal with the problems that DRM causes consumers of digital products and services—for example how it misleads them into getting less than they paid for, prevents them from reusing or even repairing digital devices, chills innovation, and even endangers their security and their privacy.

Against tough opposition, but also with valued support from other civil society representatives and forward-thinking countries, our advocacy had a real impact, as reflected in the new draft of the Guidelines that were released for comment today. A new proposed paragraph of the Guidelines, although not following the language that we supported, attempts to cover some of the key issues:

Member States should promote the offer of digital content products in terms no less favorable than for other forms of content. Licences should allow consumers to time, space and format shift digital content products, taking into account applicable national laws and international treaties, in particular those that allow for “fair use” and “private use”.

This paragraph can be split into two separate provisions. The first raises an expectation that if you purchase a digital product such as an e-book, it shouldn't come with any fewer rights than a book in any other format; in other words, you should be able to lend it, resell it, read it aloud, quote from it, and adapt it as copyright law allows, without being impeded by DRM or by the small print of a hidden EULA. On the other hand, we are concerned that the current form of this recommendation is too weak. Rather than just addressing member states, it should also be directed to vendors themselves, who naturally play a very key part in determining the terms on which they offer their products. Other paragraphs of the Guidelines are directly addressed to businesses, so it would not be out of keeping for this provision to do so as well.

The second provision of the new paragraph makes a strong statement that reasonable uses of digital products such as time, space, and format shifting should be allowed—and we certainly agree with that. But again, the party being addressed by this recommendation is wrong; and in this case, the problem is exactly the opposite as for the preceding provision. It states that these acts should be allowed by licenses; meaning by a private agreement between the vendor and the user. Then confusingly, it references "applicable national laws and international treaties" that allow for "fair use and private use".

While the references to fair use and private use are welcome (and, if eventually approved by the General Assembly of the United Nations, would be unprecedented in a UN resolution of any kind), it is backwards to suggest that licensors of digital products should merely take these legal doctrines into account. Rather, the right to time, space, and format shift should come from the law, rather than the whim of the product vendor, and those rights should be made inalienable (as they are, for example, under the UK's amended copyright law). Thus, this provision should be principally addressed to member states.

Additionally, the enumeration of "time, space and format shifting" as the acts that should be allowed is constraining. What about product repair? What about remix? What about reverse engineering for security analysis, and many other uses? The proposed language that we supported was more flexible, simply stating that DRM should not preclude the use of products or services "in ways that would otherwise be reasonable, lawful and safe".

Another omission from the draft Guidelines is a requirement for vendors to disclose the effects that any DRM may have on the use of a digital product or its interoperability with other hardware and software. This shouldn't be a controversial inclusion—since it is taken almost directly from the European Consumer Rights Directive of 2011, which came into effect in Europe's 28 member states last year.

We will be sending a further submission to UNCTAD setting out these concerns. The next meeting of the Expert Group on Consumer Protection, which will consider these amendments, is to be held on March 25. We will report back about further developments then.