Some history and some comments.
The 1st Coming of DRM
Leaving aside the conditional access technologies used in satellite and cable systems, the 1st incarnation of DRM was in the mid- to late-80s. Often referred to as "metering," most of the 1st generation efforts focused on the release of content conditioned on payment. Some companies distributed CDs with font libraries, software, and other content collections. Files were release on payment. So minimal were the capabilities that these companies have, for the most part, not survived, and if they have, they've done it only by evolving their technologies and/or business models. [Gord Larose maintains a DRM graveyard list. Most of the entries are of 1st and early 2nd generation DRM companies.]
The 2nd Coming of DRM
In the mid-to late 90s many companies focused on the persistent protection of digital content. InterTrust, IBM, and many others deployed technologies would make it difficult for individuals to access content without authorization, regardless of when or where access was requested. Some envisioned, created, and deployed DRM with Peer-to-peer (P2P) architectures, while others deployed DRM incorporating client/server architectures. Each architectural approach had its own merits and disadvantages.
P2P DRM enabled communities to share information among authorized users without necessarily having to talk to a central server. Client / server DRM was easier to implement since a lot of the capabilities were on the server rather than on client side.
P2P DRM made it easier to support off-line authorized use while client / server required either a preauthorization prior to going off-line or required the rule maker to authorized use for a period of time without having been specifically authorized.
Another architectual debate of that period concerned whether rules, controls, rights should be inextricably embedded in the content file or whether they should be loosely, but securely associated with one or more content files. Mark Stefik, then at Xerox PARC, wrote that rights had to be inextricably incorporated into the files. InterTrust took the contrary position, arguing that rights should be associated with content in order to make updating or revoking rights easier and to support subscriptions covering a collection of documents some of which might be created at some future point in time.
The 3rd Coming of DRM
In the post-Bubble, post 9/11 environment, some DRM companies that had survived got additional funding and were able to expanding their offerings. Other DRM companies received their initial funding and brought their own DRM value propositions to market.
At the present time, market segment boundaries are probably more discernible then the in the 2nd wave. From my vantage point, these are the major segments:
rich media - music and/or video
games and software
Regardless of segment, a majority of DRM offerings are client / server rather than P2P.
Compared with earlier generations of DRM technologies, the 3rd generation offerings are much more user friendly. Ease of use has been taken serious in Apple's FairPlay and Enterprise DRM from Sealed Media, to mention just two examples. These (and others) compare favorably with some 2nd generation DRM user interfaces that presented the consumer or employee with too much complexity.
On the consumer side, look for evolution toward P2P architectures and increasing sophistication of the rights models enabled by the underlying DRM technology. One example would be the use of some sort of digital credential to allow file sharing among a defined group or community of users.
On the Enterprise side, look for further integration with Digital Asset (or Content) Management applications and other Enterprise IT infrastructure systems.
Most 3rd generation DRM systems support only an end-user rights model, that is, the rights pertain to what the authorized person can or can not do with the content: export from the protected environment, print, modify (edit), print to file, etc.
Still to be implemented in a systematic way are rights about rights that enable virtual supply chain management or what InterTrust referres to as a "chain of handling and control." In the Consumer space, this capability would allow consumers to pass on the content with the option of them adding a provision enabling them to receive compensation (perhaps within pre-specified limits) for having recommended the content.
Example: I buy a song for 99 cents and send it to 5 friends, each of whom agrees to buy it for the same 99 cents. The distributor may give me a portion of the 99 cents, let's say 10 cents, since my recommendation contributed to the sale. In another media example, a publisher may create rules that apply to distributors and to consumers. Example rules might be that the distributor can modify the content to the extent that they can add distributor branding and can mark up the price no more than 20%.
Chain of handling and control is even more significant for the Enterprise segment. Today documents and forms are passed along as part of various business workflows within a company and between a company, its suppliers, and/or its customers. Rules might specify what the next person / entity in the chain can or can not do.
For example, if I am the creator of a purchase order, at creation time my company may require certain rules be applied to me. I may not be able to create a PO whose value exceeds $50,000. There may be a restricted set of approved companies to which my PO may be addressed.
I may be able to modify the document at will. I may want others in the internal processing chain only to be able to modify selected portions, and I may want the recipient company to be able to modify other selected portions, specifically, those parts that apply to fulfillment and their own internal processes.
Ideally, an authorized person in the receiving company should be able to add rules specifying who and how the PO gets handled in their own environment and systems.
We're a ways away from Nirvana. But that's OK. Today's DRM technologies provide useful capabilities and are much more user friendly than 2nd generation offerings.