Applied Cryptography in Electronic Commerce: Impact of DRM on music consumption and perception

Grace Chimezie
FALL 2017
CCTP 820

Applied Cryptography in Electronic Commerce:

Impact of DRM on music consumption and perception


Digital Rights Management (DRM), has been an area of continuous discuss in the music industry, with music streaming companies constantly at loggerheads with the rest of the industry which includes users and consumers. In January of 2017 the ¹Financial times wrote a report with headline “How streaming saved the music industry” while some arguments made by Anna Nicolaou, may hold weight, I feel strongly in the opposite direction towards that statement and here is why. In 2017, one would have thought that the fight would have come to an end with the removal of DRM licensing from major music platforms and Apple inc. leading the way a few years back. It turns out we thought wrong, few years later we are plagued with companies like Spotify and Pandora entrenching DRM in our daily lives in sublime ways through their online streaming platforms. This research paper tries to access the impact of these new trend and how it has shaped music consumption, from users and creative end. A major look at how the spiral effect of this has brought the new norm of recommender systems as a way of engaging and keeping users locked on their platforms. Users mostly are at the receiving end of the whole socio-technical complexities but we have those who are at the dual side of the table. These decisions are complex and affect human behavior on how music is perceived. It also highlights that cryptography in e-commerce in form of ratings exhibit different personas using the algorithms recommended, showing that it isn’t a one size fits all problem. This research intends to use the information and network theory to measure the implication of living with this complexity. The title makes it clear as to the intention, but the connections of the impact of relying on these companies and ratings as a means of e-commerce isn’t as simple as it may appear. Research on this is important in that it provides information as to how users and consumers are affected by open system architecture and the implementation of recognizable and automatic features. ²Hence, this paper will look into other studies that demonstrate the integration of information from multiple modalities which in turn is used by encrypted nodes to translate to transactable and interpretable data.

Keywords: E-commerce, cryptography, DRM,  ratings, consumption, music, information theory, socio-technical systems


²A Survey of Affect Recognition Methods: Audio, Visual, and Spontaneous Expressions


A maximum of explicitness leads to a minimum of understability

–Ungeheuer, 1982



Making connections

Music like all forms of art is a way of representation of human feelings, emotions wants and needs John Street (2012: 1) and so is commerce, right there embodying the same qualities in a social system. Many have argued that music and commerce are two separate entities, but as we’ve seen over the years, our social systems are all interconnected in one form or another (McDonnell and Powers, 1995: Toybee, 1993; Whiteley, 1997). On the other hand technology has seen the coming together of these different systems in a streamlined way that makes discussing issues surrounding its impact and consumption worthwhile.

Commerce can be defined as the exchange of goods and services usually of monetary or economic value between different parties. E-commerce, connotes similar concept, except transaction occurs through electronic communication methods  such as mobile or internet networks. Primarily, e-commerce is being understood as transaction of business across the internet or mobile networks. Challenges however, followed this new socio-technical system, which are unique in the history of e-commerce. Unlike, the means of physical transaction between two parties, as seen in  traditional commerce, e-commerce, on the other hand is conducted without the physical presence and largely anonymous.

One of the many ways in which commerce happens online is through music, which is made through music streaming licensed companies having Digital Rights Management (DRM) e.g. iTunes, Spotify, Google play, Pandora etc. One of the best ways to ensuring that the artist whose contents is found on their platform gets the right exposure is through ‘recommender systems which are an important part of the information and e-commerce ecosystem’ Michael Ekstrand (2010 : 1). They act as tools allowing for users to manage large information and product spaces’.

The argument is hinged mostly on users not being affected to the negative by as to what rules and affordances are provided them by online streaming platforms. At almost no cost, subscribers have immediate access to millions of songs not limited to their environment, on a single and easy to use platform. However, there are no real losers and winners in this and the spiral effect, affects us all.

E-commerce as defined by Information Resources Management Association USA 369

Michael Ekstrand  2010: Collaborative filtering Recommender systems: foundations and trends in human-computer interaction. Vol 4


Most people do not realise that their music is locked up and tied to a particular system. They experience issues like their system crashing and losing all their music as normal. Corporations claim that DRM is necessary to fight copyright infringement online and keep consumers safe from viruses. But there’s no evidence that  DRM does either of those. Long before now, people had to line up at their favorite stores and get CD’s that could only be played on devices that could accept it. From records, to cassette tapes, to CDs, ways of consuming music has changed vastly from what it used to be and continues to. Music streaming platforms have contributed a major deal to the dynamics witnessed in music and companies such as Apple music, Spotify, Pandora, Google Play offering their streaming services in a different ways . This situation turns sour when you look at the different issues that arise from using these music services.


Outside the technological industry there isn’t a clear knowledge as to the function of DRM. Everything is black boxed and users are presented with software applications. Between 2003 and 2009, most music purchased through Apple’s iTunes store was locked using Apple’s FairPlay digital restrictions management (DRM) software, which is designed to prevent users from copying music they purchased. Apple did not seem particularly concerned by the fact that FairPlay was not effective at stopping unauthorized distribution and users could find a way of taking it off with public tools. But for the most part, FairPlay was effective at curbing most users from playing their purchased music on devices that were not made by Apple (Kim, Howard, Ravingdranath, & Park 2008; Sobel, 2007).

FairPlay permitted about five devices to accept music bought from different platforms, but was forced on users by a recording industry paranoid about file sharing and more importantly, by technology companies like Apple, who were eager to control the digital infrastructure of music distribution and consumption. In 2007 30% was charged to users for music files not using the FairPlay platform, they will need to pay per song (or % cost of album) to upgrade their music to a non-DRM iTunes plus version . After numerous lawsuits which were filed in Europe and in US, with years of protest, Apple took into consideration their users complaints and removed DRM from most of their iTunes music catalog. Unfortunately, after an obvious short lived victory, a few years later the return of DRM is no longer news and have appeared on several online music streaming platforms.

Research Question

My mind wanders around, and I conceive of different things day and night. Like a science-fiction writer, I’m thinking, “What if it were like this?”

–Claude Shannon (1948)

Looking at the task at hand few questions emerge to what extent has DRM influenced  how music is being consumed and perceived

  • What happens when one of the DRM streaming companies you’re subscribed to changes its mind?
  • How has streaming companies managed this?
  • how has the outcome influenced new features added on streaming platforms e.g recommender systems?

Moving from Consumer to thought leader


Fig 1.1 Online music streaming  serivces



Itunes approach to fair use by working to integrate capabilities within its FairPlay DRM solution, developed by Apple for storage, categorization, and playback of digital media. While early versions of the software focused on music, the ability to manage and play podcast, television shows and movies, music videos, video games and other plug-in-applications, have been added to its portfolio.

iTunes has been also popular in supporting mobile access to managed digital media by offering support for both proprietary and non-Apple portable media devices. Some criticism over their DRM enabled digital media, and loss of revenue to competitors have enabled them to change their strategy to survive competition and remain in the market.

iTunes Approach to fair use

This software application is installable on both Macintosh and Windows platforms. It currently supports the following video and audio formats, WAV, MP3, MPEG-4. iTunes creates and maintains a library using two files in ITL and XML format a database to categorise information about the digital media in the library including: artist, genre, comments, ratings, play count, last played date, playlist used by the user, track numbers, location of file, and other media specific details.

The FairPlay DRM uses an MP4 container to hold a protected AAC file with most algorithms applied in the encryption scheme being public (AES, MPEG-4) with the exception of the user’s key database component (Grzonkowski, et al. 2007), another area of concern since the proprietary protection of Fairplay prevents interoperability.  

However, Apple needed to cash in to the raving world of online music streaming, hence its launch of Apple Music and the streaming service by 2016 already had 11 million subscribers.

Apple Music

Users with free accounts have access to Beats 1, an internet radio station. Paying customers can play any song on demand. Available on all its platforms, with users only able to use it one one device at a time for both free and paid version. However Family plans, allow up to six people to stream music. Paying subscribers can stream music when their devices isn’t connected to data or Wi-Fi networks.


Spotify is a proprietary music streaming online platform using DRM, supported by many big record companies, such as Warner, Sony, EMI, Universal, giving instant access to millions of songs. By its Proprietary use of DRM its users do not enjoy spotify music freely, such as playing on car players, burning spotify to a CD and so on.

With over 75 million users, it’s difficult to miss this name created by Daniel Ek and Martin Lorentzon in 2005. Music can be played only on one device at a time, with up to three devices signed in to the service at any time, and has available playback offline for only Premium users


The Pandora player is a free, Web-based Flash application. The availability of Flash 7 or 8 installed on the computer gives you the affordance to use it. With $36 per year and $12 for three months the user is provided a free add version.

Pandora delivers a 128-Kbs stream of music, and it only works with a broadband connection. It derives music license from the DMCA (Digital Millennium Copyright Act of 1998) guidelines for streaming internet radio. The use of DRM can be seen in notable ways. Pandora will never play a specific song on demand; if you add a song to a station, it will show up eventually, but Pandora can use that only at random. Users, can only skip songs in an hour this is so you don’t skip a song you intended to listen to. “The licence also limits the number of times Pandora can play a particular song or artist in a particular time period” Julia Layton, storing up music in your computers flash local storage history indicating that it has played.  Pandora also plays the explicit content of songs so as not to take away the artist original intentions for the song.

As all other streaming online music services it also stores your user data to provide recommenders. Pandora music recommenders are built to meet these two needs in balance users want to discover new music while also listening to music they know they like Herlocker et al. (2015)

One cool feature the company has incorporated into its platform is the Music Genome Project.  When a listener chooses a song for the radio station, the Music Genome project chooses the songs that have the strongest edges to the original song.

Google play

For Android users after purchasing an Mp3 on Google play, Google prevents competing applications and third party developers from accessing the file using technical and legal means. Making it obvious that DRM is being implemented on their platform, since music purchased can only be played on on Google’s Play app.

It goes further, to limit the number of devices which you can use to listen to your own music and allows you to “deauthorize” 4 devices per year, including phones and tablets. In addition, each time you flash your device with popular custom ROM such as CyanogenMod, you use one of your authorizations”, John Lech (2015).

It also doesn’t allow you to share your music library with members of your household and can only download the music twice from play music to play on PC or Mac, until the end of time.

There exist other online streaming music services such as soundcloud, tidal, google play etc


Artist’s Discontent

The arguments are mostly streamlined to saying that users are the the ones with the most benefits, but once analysed indepthly there is no winner or loser. Both groups are facing similar issues which vary. For little or no cost the consumers are provided access to millions of songs, through a simple, easy to use platform. The most visible losers are the songwriters, producers, and others involved in the creative aspects of producing music. Most often than not, artist are paid peasantly (Future music coalition 2015), for streaming of their songs on platforms such as Spotify and Pandora.

A big part of the problem is that most consumers attribute very little value to the recording itself with available video and streaming services like Youtube or BitTorrent coming at Zero cost to the listener Paul Rensnilkoff , (2015).

Effect on Users consumption and Perception; From Arguments to Examples (Cases)

Lady gaga: The artist in 2015, through her manager, Troy Carter had decried receiving less for the millions of streams from platforms like Spotify.  He says Universal Music group had paid the singer nothing despite the amount of times her music was downloaded from their platform. However, “Spotify says they pay the labels, though this is often with huge, multi-million dollar advances and or equity positions attached” Paul Rensnlkolf, (2015). This unfortunately doesn’t get to the artist, either for legitimate or illegitimate reasons.  

Taylor swift: In June of 2015, Taylor Swift came under attack, ”when she objected to Apple’s plan to offer free trials at the expense of artist and labels”. Writing an open letter to Apple Music in which she made known that she would not release her album ‘1989’, on their streaming service due to their free 3 month trial policy which writers, producers and artist are not paid.  Explaining herself in this light.

“ This is not about me… This is about the new artist or band that has released their first single and will not be paid for its success. This is about the young songwriter who just got his or her first cut and thought that the royalties from that would get them out of debt. This is about the producer who works tirelessly to innovate and create”.

Not long after this she also had a similar issue with spotify, over similar circumstances.These are not the only stars who have been forthcoming about their experiences, we had Kanye West and Tidal, resulting in him pulling out his “Life of Pablo” from Tidals’ streaming platform.

This on the other hand, sparked a national conversation in regards to the economics surrounding worldwide digital music. The digital market which is valued at around $6.9B is on most days not the center of controversy.

With these issues, companies are finding ways to keep their users on their platforms and there comes recommender systems, which has provided opportunities for users to be exposed to music of their interest at a wide range without regional boundaries.

Source: Digital music

Fig 2.1



Recommender System

With users who are unaware of what goes on behind the scene, one day, they are left to wonder what has become of all the music they loved. They barely have control as to the tides which these streaming services decide to tow. Rather they are bombarded with features which these software companies decide to implement to keep these users glued to their services.  One of which is the Recommender systems.

Many recommender systems are developed in particular contexts, and their evaluations will be on data sets relevant to that context or an internal data sets.

Recommendation is not  the only need users have with respect to their relationship with a recommender system. It can also be used to alter user experience and behavior. Cosel et al (Check year) Recommender systems are frequently “black boxes”, presenting recommendations to the user without any explanation of why the user might like the recommended item. Music streaming e-commerce sites typically uses recommendations to increase sales volume, increasing the importance of persuasion as a goal (Michael ). If the system however, has a reputation of recommending the wrong kind of songs, they lose the trust of users and they suffer in the long run.

Social Impact of Recommenders:

Due to the nature of recommender systems which include collecting data of users, in substantial volume, users of e-commerce platforms face important privacy and security challenges. I’ll love to highlight of one famous ways of recommending which is through star ratings


Economics is recognizing itself as an information science, considering that part of its developmental arc is transforming from matter to bits, storing itself in large computer and magnetic strips. “Even when money seemed to be material treasure, heavy in pockets and ships’ holds and bank vaults, it always was information” James Gleick (2011).

In the bid to keep up and see that music is consumed and people have access to it at a wider range, software companies rely heavily on recommender systems such as the like button, rating etc. This is good for lower selling albums who do not have access to larger platforms, especially those in less developed regions. My argument, is that DRM gave rise to the use of recommenders. On the other hand the instability that follows the features and content on streaming platforms, which is being influenced by DRM is affecting how music is being consumed and perceived, with many users and music providers caught up with what happens behind the scene.

Network Dependence enabling E-commerce: Star Ratings


“The emergence of stars as indicators of quality are, of course, not confines to music”.  John street (2012). Ratings have been used for different purposes an e.g rating of restaurants on a five star scale to the rating of books on Amazon goodreads, hospitals and so have university departments for quality in research, we also have rating of products from experiences. Colin Symes (2004:186) suggests that use of ratings in music may be the legacy Baedeker travel guides. Now part of a general process of audit culture or audit society (Power, 1997), … the star system has become a way of delivering new obligations.

Music criticism is one of the forces that have shaped the modern world, a flow from Europe, a flashback as far as the the eighteenth century. Since then criticism has come to encompass our choice for for a better standard in modern times.  A logic expounded by the economist Richard Caves (2000), who viewed cultural criticism primarily as a way of conveying market information to others. A concept that has been built into the recommender algorithm.

‘Ratings are so important because they influence what shows up on your recommendations. The less helpful the rating system the worse your recommendation will be.

After its disappearance in 2016, itunes returned later in that same year in a 10.2 Beta version,  proving that the star rating system may mean much more to users who tend to their playlist. The Itunes case isn’t a peculiar one. Netflix in march has swapped out its five rating system for a simpler one. ‘According to the online streaming service, its reason is a clear cut one. For it a 5 star rating impresses people and a thumbs up or down, is brutal honesty David sims (2017).

Most users use the star ratings for final control on what gets on to their playlist and synced to their devices .The star rating system has been implemented for different purpose on music streaming platforms. Some serve as recommenders as seen on Google play, but Itunes uses the star ratings to help sort out and arrange playlist of its users, while providing other features like the love and dislike buttons to aid recommenders. iTunes maintains the digital library it creates using two files of ITL and XML format as database to help categorize information on digital media available in the library, for Spotify, the star ratings.

Source: Spotify community


Michael Ekstrand  2010: Collaborative filtering Recommender systems: foundations and trends in human-computer interaction. Vol 4

Brusilovsky, 1996: Methods and techniques of adaptive hypermedia,: User Modeling and User-Adapted interaction, vOL. 6 NO. 2, pp87-129


Sociotechnical systems and  Network Dependency of Ratings.

A system is understood to be an entity that can be separated into parts, which are all simultaneously linked to each other in a specific way.

                                                                                                                —  Pieter Vermaas (2010)

“Socio-technical systems comprises of the interaction and dependencies between aspects such as human actors, organisational units, communication processes, documented information, work procedures, processes, technical units, human-computer interactions and competencies” (Kunau, Loser and Menold, 2004 Jahnke, 2007).  

The starting point in this is to realise that in our socio-technical systems thinking, we come to understand culture and media technologies are co-produced or co-constitute and thus form a necessary system of co-mediation.

Rating system in itself does not exist as a physical property but depends on built in functions of physical technologies, such as PC and Mobile devices. Since, the main focus is on music we would like to focus a bit sociotechnical systems, is the ability to accommodate many users at any one moment and, secondly, that they involve people in some of the issues to be addressed are interoperability of DRM solutions, support, portability, choice in content provider, support for true archives of owned data.

The complexity of sociotechnical systems, revolves around the fact that it has many users, which is unlikely to be found in other typical technical artefacts e.g a calculator. The functioning of the rating system as a whole, as it appears to each of its users, not only requires coordination between the technical or hardware aspects of the system and the behavior of users, but also, and especially, the mutual coordination of the behavior of the many users. An example can be see in the recent return of itunes star ratings to its music player.

Rating an item isn’t limited to music alone. Moreso systems of ratings have been existing since the beginning. In  reply to that argument, one may likely excuse that while engineers are likely to anticipate uses they cannot  determine them Vermass et al (2011).

All this is made possible following concepts adapted from information and communication theory. And we we look at how it all gets connected by analysing Shannons, theory in his paper  “A Mathematical Theory of Communication”

Peter Kroes, 2010: A philosophy of sociotechnical systems: Morgan & Claypool Publishers 


The Theory Behind Mp3

Uncompressed digital CD-quality audio signals consume a large amount of data and are therefore not suited for storage and transmission. “The need to reduce this amount without any significant quality loss was stated in the late 80’s by the International Organisation for Standardization (ISO)” Rassol Raissi, (2002). A working  group from with the ISO referred to the Moving Pictures Experts Group (MPEG), developed a standard that contained several techniques for both audio and video compression. The audio part consisting of three modes, with the third layer managing music compression from CD at 1.4 Mbits/s to 128 Kbit/s with almost no audible degradation. This technique, which is now implemented, has become popular and known as MP3.  

The theory of data compression was first formulated by Claud E. Shannon in 1949 when he released his paper. “A Mathematical Theory of Communication” proving that it was possible to compress data without losing information.

Information Theory and Transmission model of communication:

Perhaps coming up with a theory of information and its processing is a bit like building a transcontinental railway. You can start in the east, trying to understand how agents can process anything, and head west. Or you can start in the west, with trying to understand what information is and then head east. One hopes that these tracks will meet

                                                                                                                   —Jon Barwise (1986)


Transforming information

During his keynote address at the ACM conference in 2009, Martin argued that the algorithms are a small part of the problem. Some work well, there is still much work to be done on user experience, data collection, and other problems which make up the whole of the recommender experience.

Computers do more than just transmit information: they transform it. ‘Transformation opens many new possibilities, most notably the creation of new information’ Peter Denning (2003). Shannon’s classical information theory shows that information can be transmitted and received accurately by processes that do not depend on information meaning. Information depends on the observer

This brings us to Weaver and Wiener’s formulations, a significant formulation in regards to the recommender system is that Information theory

In Glieks “The Information” he gives a overview as to how we got to today’s concept and it shows how relevant his theory is today in the application of features and new concepts explored by the online music streaming services “ …Shannon proposed feeding “cultural things,” such as music, to an electronic brain”.

Ronald Day, 2000: “The conduit Metaphor” and The nature and politics of Information Studies: University of Oklahoma

James Gleick, 2011: The information: A History, A Theory, A Flood: Pantheon Books, New York



MetaData might be the solution

According to Annie Lin, (2015) “Technology has made it possible to offer massive quantities of music to millions of users at once, making metadata more important than ever”. Music licensing which has a complicated structure becomes a difficult hassle when it comes to licensing. However, few companies are trying to find a middle ground For e.g Sony music is giving artist 100% access to their streaming data. The application built towards transparency provides data and shares key information of artist daily streaming earnings as well as the profile and category of people who listens to their songs.

Formerly, “No single comprehensive database of song ownership metadata exists, which means that identifying the owner of any single song requires a hint-and-peck search across multiple limited proprietary databases” say Annie Lin, in her article on


This paper has looked into DRM, its impact to the music industry and how recommender systems grew out of the desperation of companies of companies to keep users locked in. Looking at star ratings as one of the most used forms of recommendation. We also looked at how we got here through Information theory propounded by Shannon.

Technology is advancing too quickly for the world to keep up with, and with DRM still prevalent in music streaming the future of music becomes questionable.Online, various articles and softwares are paraded to aid hackways in which users can use illegal means to getting their music used freely, cutting away the financial gain. As more and more users pay more to be on more than one streaming service because of the different features available, music  moves away from one of its initial intent, which is to entertain or educate, to becoming more political.


More research needs to be done in the area of financial implications of online streaming application to its users. On the other hand it will be encouraging to see that substantial evidence and theories are recommended to seeing how metadata, will proffer a more enduring solution.



Arthur, W. B. (2011). The Nature of Technology: What It Is and How It Evolves (Reprint edition). New York: Free Press.

Gleick, J. (2012). The Information: A History, A Theory, A Flood (2.5.2012 edition). New York: Vintage.

Murray, J. H. (2011). Inventing the Medium: Principles of Interaction Design as a Cultural Practice (1st edition). Cambridge, Mass: The MIT Press.

Norman, D. (2013). The Design of Everyday Things: Revised and Expanded Edition (Rev Exp edition). New York, New York: Basic Books.

Pieter Vermaas, Peter Kroes, Ibo van de Poel, Maarten Franssen, and Wybo Houkes. A Philosophy of Technology: From Technical Artefacts to Sociotechnical Systems. San Rafael, CA: Morgan & Claypool Publishers, 2011

Regis Debray, “What is Mediology?” (Also as PDF.) Le Monde Diplomatique, Aug., 1999. Trans. Martin Irvine.

Vermaas, P., Kroes, P., Franssen, M., Poel, I. van de, & Houkes, W. (2011). A Philosophy of Technology: From Technical Artefacts to Sociotechnical Systems. San Rafael, Calif. (1537 Fourth Street, San Rafael, CA 94901 USA): Morgan & Claypool Publishers.

Werner Rammert, “Where the Action Is: Distributed Agency Between Humans, Machines, and Programs,” 2008. Social Science Open Access Repository (SSOAR).

Clickable Links

Netflix Officially Kills Star Ratings, Replacing Them With Thumbs Up and Down