Posted on


Adobe’s new DRM (RMSDK 10), designed to encrypt their Adobe Digital Editions and Adobe Content Server platforms was launched back in January. This was part of a comprehensive upgrade plan to improve security within ePub format and PDFs.

This move was initially welcomed – Adobe’s DRM upgrade has been long, four years in the making in fact. Since that time numerous weaknesses have been exploited to the detriment of publishers employing the ePub format everywhere, and it doesn’t have to be mentioned that Adobe have many big-name partners in this space.

While under development, Adobe has been closely working alongside big name partners in this time such as Sony to help refine elements of the code base, making it more secure. Alongside this, the source code is now firmly under lock and key to prevent any encryption methods being broken.

At this point it all sounds good from a publisher’s perspective, so where’s the controversy coming from?

The problem:

When this solution was announced last month there were many voices that expressed some concern Adobe was planning to require that everyone (eBookstores, device makers etc.) had to update to the new DRM to RMSDK 10 by July 2014, dropping support for older versions along the way meaning that readers and vendors offering ePubs that employed prior Adobe DRM software simply wouldn’t work anymore, past that deadline date.

Here’s a video of an Adobe/Datalogics webinar which explains the timing of the switchover and the planned obsolescence of previous versions:

What’s particularly bizarre about this video is that, 13:00 minutes in there’s an announcement that RMSDK 10 is not yet available for all ARM/Linux based e-readers and that it won’t be available until March at the earliest. So bluntly, it’s impossible for ARM/Linux based to even release a firmware update at this point as the necessary software isn’t available for them to do so and the window of opportunity for them to do so is remarkably narrow.

Whether this is merely an oversight of omission on Adobe’s part, or a larger error, it’s astonishing this wasn’t addressed.

Naturally, Amazon Kindle and iPad users wouldn’t be affected by this, as these platforms employ not only their own proprietary formats, but their own proprietary DRM too.
The whole controversy is interesting because of a larger issue it underscores. In this case, ePub books are generally assumed to be an open, vendor-free format and this is, generally, assumed to be a positive thing by many. The problem is that Adobe, as the main ePub DRM provider to those, has become a kind of de facto monopolist over the format even though it possesses no actual rights to it. It’s similar to how, if every app developer prioritized cross-platform runtime environments, the kingmakers in that space would shift from Apple/Google as OS providers to companies like Oracle, as cross-platform development framework providers.

Open formats like ePub are therefore not as necessarily “open” as advertised, being contingent upon closed-source software to function at a commercial level, this simply shifts the power over to those who provide said software, i.e. Adobe.

Adobe’s response:

In the past few days Adobe have beat a hasty retreat from the idea of a July upgrade requirement. From the Datalogics blog:

After receiving feedback from customers and webinar attendees, Adobe has revised the migration timetable for customers. “Adobe does not plan to stop support for ACS 4 or RMSDK 9. ACS 5 books will be delivered to the older RMSDK 9 based readers”, according to Shameer Ayyappan, Senior Product Manager at Adobe. “We will let our resellers and publishers decide when they wish to set the DRM flag on ACS 5, thus enforcing the need for RMSDK 10 based readers.”

The mass outrage from publishers, device makers and others doubtlessly contributed to this statement, but again it’s worth asking the question of how much power Adobe has over the ePub format as a whole.