It takes about seven minutes into any conversation with a publisher before the DRM issue comes up. We’ve counted. And we get it – protecting content is important and we don’t take it lightly. But the web is different. It has evolved its own set of controls. To that end we’ve written up a short document on how BookGlutton approaches content protection. Here are a few hightlights. Download the PDF or, even better, Read and comment on Bookglutton.


We are headed quickly into a future where almost all intellectual commodities get distributed through the web. Instead of fearing this, we need to face the reality that the web is the one network that empowers people to find exactly what they’re looking for, and enjoy it with others. That’s something people are willing to pay for. The “long tail” of publishing will be on the Web.

The nature of sharing on BookGlutton’s service is linking, not copying. On the web, consumers would much rather have links than files. They would also much rather share a clipping or snippet of text than an entire book. That said, the illegal copying and redistribution of text is still a concern for publishers and authors. Steps taken to address this concern usually involve some combination of the following measures:

  1. Dynamically generating the HTML to display pages, so “viewing source” doesn’t reveal it.
  2. Chunking files into smaller segments to prevent outright copying of an entire file
  3. Chunking text to prevent outright copying of long passages
  4. Disabling right-click mouse actions or key presses such as CTRL-C
  5. Disabling the ability to select text
  6. Using Flash or some other plugin to protect text when it’s displayed in the browser
  7. Creating images of each page

BookGlutton uses  some, but not all of these approaches.

An important point to remember: encrypting files protects them “in the wild,” but it does very little when they are already in a highly secure web system. Using Adobe’s form of EPUB encryption, for example, in a web system would require decrypting book content before sending it to the browser, which would defeat the purpose of the encryption. Besides, the web already offers strong encryption for securing that content in its path from server to browser, and it’s the same encryption used to transmit passwords and credit card numbers: SSL.

New criteria are needed for evaluating the risks of web-based services. Instead of vetting a service based on whether it licenses and uses a particular form of file encryption or DRM, it’s far better to require the following:

  1. Users identify themselves before purchasing, sharing or consuming content
  2. Content is chunked, and the entire file is never available to the consumer
  3. The platform is based on linking, not copying
  4. The service and the content are tied together, so that one without the other represents a significant drop in value for the consumer
  5. The service’s network architecture meets the same stringent requirements for the storing of credit card data and other sensitive information…

Download the full 3 page PDF

Even better: Read on Bookglutton