Skip to content.
|Networking government in New Zealand.
You are here: Home » Resources » News - @your.service » 2003 » November 2003 » News - Advice on digital rights management

News - Advice on digital rights management

Advice on digital rights management

3 November 2003

The E-government Unit recently issued advice to agencies on the use of digital rights management (DRM) within government. The advice recommends that agencies do not enable the DRM features of recently available software capable of an early form of DRM called “information rights management” (IRM).

There are five principal reasons for this:

  • Using IRM may negatively impact on agencies ability to meet their obligations under legislation such as the Official Information Act, the Archives Act, the Privacy Act, and impede the working of other legislation such as the Protected Disclosures Act and the National Library of New Zealand Act.
  • Poor implementation of IRM could create unwanted legacy information management issues for agencies - in the worst case information could become inaccessible or irrecoverable.
  • There is uncertainty about the backwards and cross-product compatibility of IRM.
  • IRM is a new form of information security that has unknown implications for government - depending on this technology to increasingly do the work of manual security policies, protocols and practices may create new vulnerabilities.
  • Individual agency decisions to implement IRM could have longer run implications for the collective interest of government - it may be preferable that agencies take a consistent approach to using IRM if it is implemented in government.

Information Rights Management (IRM) is part of Microsoft Server 2003 and Office 2003, which are now available to agencies. These products ship with IRM disabled, and require a number of steps to be taken at both the server and application level before it can be used.

The E-government Unit is now advising agencies that they should not upgrade to Microsoft Server and Office 2003, and has discussed its advice with Microsoft New Zealand.

The E-government Unit will be undertaking further assessment of the implications of IRM for government, as part of a larger assessment of trusted computing. It is currently talking to Microsoft, GCSB, and Archives New Zealand, and discussions will broaden over the next few months. Further advice to agencies will be provided as soon as possible.