Readium: Difference between revisions
→External links: added an external link as an alternative to screenshots because fair use might not apply with those |
changed dates to iso format |
||
| Line 15: | Line 15: | ||
*New York Public Library | *New York Public Library | ||
*New York University Library | *New York University Library | ||
*DRM Inside Co., Ltd.}}<ref name="membership">{{Cite web |title=Membership Overview |website=readium.org |url=https://readium.org/membership/overview/ |url-status=live |archive-url=https://web.archive.org/web/20260623133413/https://readium.org/membership/overview/ |archive-date=23 | *DRM Inside Co., Ltd.}}<ref name="membership">{{Cite web |title=Membership Overview |website=readium.org |url=https://readium.org/membership/overview/ |url-status=live |archive-url=https://web.archive.org/web/20260623133413/https://readium.org/membership/overview/ |archive-date=2026-06-23}}</ref><ref>{{Cite web |title=READIUM FOUNDATION CERTIFICATE OF INCORPORATION |url=https://readium.org/documents/READIUM-FOUNDATION-CERTIFICATE-OF-INCORPORATION.pdf |url-status=live |website=readium.org |archive-url=https://web.archive.org/web/20240801153456/https://readium.org/documents/READIUM-FOUNDATION-CERTIFICATE-OF-INCORPORATION.pdf |archive-date=2024-08-01 |access-date=2026-06-23}}</ref><ref>{{Cite web |title=Readium Project Goals |url=https://readium.org/about/project_goals.html/ |url-status=live |website=readium.org |archive-url=https://web.archive.org/web/20260311013954/https://readium.org/about/project_goals.html/ |archive-date=2026-03-11 |access-date=2026-06-23}}</ref> | ||
One of its main products is the Readium LCP [[Digital rights management |DRM]] system. | One of its main products is the Readium LCP [[Digital rights management |DRM]] system. | ||
==Consumer-impact summary== | ==Consumer-impact summary== | ||
While it is commendable that Readium and its partners (like EDRLab) promote open source code and wished to design a DRM system that aimed to avoid vendor lock-in (which could have caused a lack of innovation, diversity, features and would have handed one vendor total control), aimed to be more interoperable, simpler, secure and ensuring that: <blockquote>The solution is designed to be minimally intrusive for end-users, who don’t need to create a third-party account. User can share their ebooks with their family or close friends</blockquote><ref name="rlcp">{{Cite web |title=Readium LCP |website=edrlab.org |url=https://www.edrlab.org/readium-lcp/ |url-status=live |archive-url=https://web.archive.org/web/20260617083801/https://www.edrlab.org/readium-lcp/ |archive-date=17 | While it is commendable that Readium and its partners (like EDRLab) promote open source code and wished to design a DRM system that aimed to avoid vendor lock-in (which could have caused a lack of innovation, diversity, features and would have handed one vendor total control), aimed to be more interoperable, simpler, secure and ensuring that: <blockquote>The solution is designed to be minimally intrusive for end-users, who don’t need to create a third-party account. User can share their ebooks with their family or close friends</blockquote><ref name="rlcp">{{Cite web |title=Readium LCP |website=edrlab.org |url=https://www.edrlab.org/readium-lcp/ |url-status=live |archive-url=https://web.archive.org/web/20260617083801/https://www.edrlab.org/readium-lcp/ |archive-date=2026-06-17 |access-date=2026-06-23}}</ref> it can be argued that DRM in itself is negatively affecting consumers (see: [[Digital rights management#Why it is a problem|DRM]]). Moreover, the Readium SDK was reportedly developed so that it would support multiple DRM technologies, allowing other DRM vendors to easily integrate their systems with Readium. | ||
Readium has also filed DMCA takedown requests to force tools which circumvented Readium LCP to remove code from their repositories. As a result, it is currently not possible for users to archive their own ebooks without Readium LCP DRM in an easy way (or perhaps any way). Though some users claim they were able to do it with methods such as [[Readium#Response to a published circumvention method (2025)|Terence Eden's method]], the consensus seems to be that many suggested tools do not work. And as it turns out, there are several examples of users complaining or asking for help with the exact issue of being stuck with DRM on something they paid for ([[Right to own]]). (Refer to [[Readium#External links|External links]] for examples.) | Readium has also filed DMCA takedown requests to force tools which circumvented Readium LCP to remove code from their repositories. As a result, it is currently not possible for users to archive their own ebooks without Readium LCP DRM in an easy way (or perhaps any way). Though some users claim they were able to do it with methods such as [[Readium#Response to a published circumvention method (2025)|Terence Eden's method]], the consensus seems to be that many suggested tools do not work. And as it turns out, there are several examples of users complaining or asking for help with the exact issue of being stuck with DRM on something they paid for ([[Right to own]]). (Refer to [[Readium#External links|External links]] for examples.) | ||
| Line 32: | Line 32: | ||
In short, I want to read my books on my choice of hardware and software; not yours. | In short, I want to read my books on my choice of hardware and software; not yours. | ||
I believe that everyone deserves the right to read on their platform of choice without having to seek permission from a 3rd party.</blockquote><ref name="eden">{{Cite web |title=Extracting content from an LCP "protected" ePub |author=Terence Eden |date=16 | I believe that everyone deserves the right to read on their platform of choice without having to seek permission from a 3rd party.</blockquote><ref name="eden">{{Cite web |title=Extracting content from an LCP "protected" ePub |author=Terence Eden |date=2025-03-16 |url=https://shkspr.mobi/blog/2025/03/towards-extracting-content-from-an-lcp-protected-epub/ |website=shkspr.mobi |url-status=live |archive-url=https://web.archive.org/web/20260624090702/https://shkspr.mobi/blog/2025/03/towards-extracting-content-from-an-lcp-protected-epub/ |archive-date=2026-06-24}}</ref> | ||
==Incidents== | ==Incidents== | ||
| Line 38: | Line 38: | ||
===DMCA takedown (2022-01-04)=== | ===DMCA takedown (2022-01-04)=== | ||
Readium filed a [[Digital Millennium Copyright Act |DMCA]] takedown notice with [[GitHub|GitHub]] in 2022. The notice stated that: <blockquote>The user "noDRM" has published on GitHub software which specifically allows the decryption of ebooks protected by the LCP Profile 1.0 and allows saving them as non-protected ebooks. This infringement violates our legal business and affects authors and publishers’ IP. This codebase is presented as a plug-in of the well-known Calibre software, an open-source ebook manager.</blockquote> | Readium filed a [[Digital Millennium Copyright Act |DMCA]] takedown notice with [[GitHub|GitHub]] in 2022. The notice stated that: <blockquote>The user "noDRM" has published on GitHub software which specifically allows the decryption of ebooks protected by the LCP Profile 1.0 and allows saving them as non-protected ebooks. This infringement violates our legal business and affects authors and publishers’ IP. This codebase is presented as a plug-in of the well-known Calibre software, an open-source ebook manager.</blockquote> | ||
As well as that the explicit circumvention of Readium LCP was in a file called "lcpdedrm.py." And that: <blockquote>The user noDRM is actively promoting the activity of cracking both library loans and one-off purchases</blockquote>followed by a link to a GitHub Issue to substantiate the claim.<ref>{{Cite web |title=2022-01-04-readium |author=[private] |date=2022-01-04 |url=https://github.com/github/dmca/blob/master/2022/01/2022-01-04-readium.md |url-status=live |archive-url=https://web.archive.org/web/20260604153156/https://github.com/github/dmca/blob/master/2022/01/2022-01-04-readium.md |archive-date= | As well as that the explicit circumvention of Readium LCP was in a file called "lcpdedrm.py." And that: <blockquote>The user noDRM is actively promoting the activity of cracking both library loans and one-off purchases</blockquote>followed by a link to a GitHub Issue to substantiate the claim.<ref>{{Cite web |title=2022-01-04-readium |author=[private] |date=2022-01-04 |url=https://github.com/github/dmca/blob/master/2022/01/2022-01-04-readium.md |url-status=live |archive-url=https://web.archive.org/web/20260604153156/https://github.com/github/dmca/blob/master/2022/01/2022-01-04-readium.md |archive-date=2026-06-04 |access-date=2026-06-23}}</ref> | ||
As a result, the relevant files as well as relevant [[wikipedia:Git|Git]] history was removed from the repository.<ref>{{Cite web |author=captn3m0 |date=17 | As a result, the relevant files as well as relevant [[wikipedia:Git|Git]] history was removed from the repository.<ref>{{Cite web |author=captn3m0 |date=2025-03-17 |title=Extracting content from an LCP “protected” ePub |url=https://news.ycombinator.com/item?id=43378627 |url-status=live |website=news.ycombinator.com |archive-url=https://web.archive.org/web/20260616102133/https://news.ycombinator.com/item?id=43378627 |archive-date=16 Jun 2026 |access-date=2026-06-24}}</ref> | ||
===Response to a published circumvention method (2025)=== | ===Response to a published circumvention method (2025)=== | ||
[[File:Llemeur.webp|alt=Mastodon comment by @llemeur|thumb|Mastodon comment by @llemeur]] | [[File:Llemeur.webp|alt=Mastodon comment by @llemeur|thumb|Mastodon comment by @llemeur]] | ||
In March 2025, a Mastodon user called Terence Eden (@[email protected]) made a post about circumventing Readium LCP, and later described his method in a blog post. Shortly after, he reportedly received a [[LinkedIn]] message from somebody at the Readium Foundation. | In March 2025, a Mastodon user called Terence Eden (@[email protected]) made a post about circumventing Readium LCP, and later described his method in a blog post. Shortly after, he reportedly received a [[LinkedIn]] message from somebody at the Readium Foundation. | ||
There is also a comment on Eden's Mastodon post by a user named "llemeur" ([email protected]), stating, "@Edent, that would be disappointing. PM on LinkedIn." While the username is similar to the initials of "Laurent Le Meur"- a Readium board member<ref name="membership" /> as well as Director and CTO of EDRLab<ref>{{Cite web |title=About |url=https://www.edrlab.org/about/ |url-status=live |website=edrlab.org |archive-url=https://web.archive.org/web/20260502070949/https://www.edrlab.org/about/ |archive-date= | There is also a comment on Eden's Mastodon post by a user named "llemeur" ([email protected]), stating, "@Edent, that would be disappointing. PM on LinkedIn." While the username is similar to the initials of "Laurent Le Meur"- a Readium board member<ref name="membership" /> as well as Director and CTO of EDRLab<ref>{{Cite web |title=About |url=https://www.edrlab.org/about/ |url-status=live |website=edrlab.org |archive-url=https://web.archive.org/web/20260502070949/https://www.edrlab.org/about/ |archive-date=2026-05-02 |access-date=2026-06-26}}</ref>, it is unclear who the commenter actually was. | ||
The person "congratulated" Eden and mentioned that:<blockquote>We managed to convince publishers (even big US publishers) to adopt a solution that is flexible for readers and appreciated by public libraries and booksellers. | The person "congratulated" Eden and mentioned that:<blockquote>We managed to convince publishers (even big US publishers) to adopt a solution that is flexible for readers and appreciated by public libraries and booksellers. | ||
| Line 55: | Line 55: | ||
You can, for sure, publish information relative to your discoveries to the extent UK laws allow. After study, we'll do our best to make the technology more robust. If your discourse represents a circumvention of this technical protection measure, we'll command a take-down as a standard procedure.</blockquote>The correspondence came to a close after Eden's reply:<blockquote>As you have raised the possibility of legal action, I think it is best that we terminate this conversation.</blockquote><ref name="eden" /><ref name="mastodon">{{Cite web |author=Terence Eden |date=Mar 2025 |title=114155981621627317 |url=https://mastodon.social/@Edent/114155981621627317 |url-status=live |website=mastodon.social |archive-date=24 | You can, for sure, publish information relative to your discoveries to the extent UK laws allow. After study, we'll do our best to make the technology more robust. If your discourse represents a circumvention of this technical protection measure, we'll command a take-down as a standard procedure.</blockquote>The correspondence came to a close after Eden's reply:<blockquote>As you have raised the possibility of legal action, I think it is best that we terminate this conversation.</blockquote><ref name="eden" /><ref name="mastodon">{{Cite web |author=Terence Eden |date=Mar 2025 |title=114155981621627317 |url=https://mastodon.social/@Edent/114155981621627317 |url-status=live |website=mastodon.social |archive-date=2026-06-24 |archive-url=https://web.archive.org/web/20260624093517/https://mastodon.social/@Edent/114155981621627317}}</ref> | ||
(Refer to [[Readium#External links|External links]] for the entire correspondence.) | (Refer to [[Readium#External links|External links]] for the entire correspondence.) | ||
==Company background== | ==Company background== | ||
<blockquote>The Readium project was started by the IDPF in 2012 because the EPUB 3.0 specification had been released late in 2011, but no implementation yet existed (or, at least, had been publicly released). So IDPF provided some funding and encouragement and two firms, Evident Point and Bluefire, took the lead in developing a JavaScript implementation of a significant part of the EPUB 3 spec.</blockquote> The [[wikipedia:JavaScript|JavaScript]] implementation lacked features and was written as a [[Google Chrome]] extension. It also didn't provide native implementations for devices and "it couldn’t support DRM securely." After additional development, they released the open source Readium SDK Core.<blockquote>The SDK was designed from the beginning to support DRM ( Digital Rights Management ), a mandatory feature for digital library lending, and also required by many publisher for anti-piracy matters. It was moreover designed to be DRM-agnostic, able to support multiple DRM implementations. However, while that capability existed in the SDK, there was also an increasing perception over time that the existing DRM implementations (Adobe, Kobo, Sony) were too heavyweight and proprietary and there existed a need for a new open-source DRM specification and implementation. The result was the Readium LCP (Licensed Content Protection) specification and implementation, which is rolling out in 2017.</blockquote><ref>{{Cite web |title=A Bit of History |website=readium.org |url=https://readium.org/about/history.html/ |url-status=live |archive-url=https://web.archive.org/web/20260623141903/https://readium.org/about/history.html/ |archive-date=23 | <blockquote>The Readium project was started by the IDPF in 2012 because the EPUB 3.0 specification had been released late in 2011, but no implementation yet existed (or, at least, had been publicly released). So IDPF provided some funding and encouragement and two firms, Evident Point and Bluefire, took the lead in developing a JavaScript implementation of a significant part of the EPUB 3 spec.</blockquote> The [[wikipedia:JavaScript|JavaScript]] implementation lacked features and was written as a [[Google Chrome]] extension. It also didn't provide native implementations for devices and "it couldn’t support DRM securely." After additional development, they released the open source Readium SDK Core.<blockquote>The SDK was designed from the beginning to support DRM ( Digital Rights Management ), a mandatory feature for digital library lending, and also required by many publisher for anti-piracy matters. It was moreover designed to be DRM-agnostic, able to support multiple DRM implementations. However, while that capability existed in the SDK, there was also an increasing perception over time that the existing DRM implementations (Adobe, Kobo, Sony) were too heavyweight and proprietary and there existed a need for a new open-source DRM specification and implementation. The result was the Readium LCP (Licensed Content Protection) specification and implementation, which is rolling out in 2017.</blockquote><ref>{{Cite web |title=A Bit of History |website=readium.org |url=https://readium.org/about/history.html/ |url-status=live |archive-url=https://web.archive.org/web/20260623141903/https://readium.org/about/history.html/ |archive-date=2026-06-23}}</ref> | ||
==Readium LCP== | ==Readium LCP== | ||
===Preliminary=== | ===Preliminary=== | ||
Readium LCP is Readium's DRM system. Readium Foundation is responsible for maintenance of the Readium LCP specification, while: <blockquote>management of the Readium LCP ecosystem is handled by EDRLab, acting as Certification Authority.</blockquote><ref>{{Cite web |title=Readium Projects |website=readium.org |url=https://readium.org/development/projects |url-status=live |archive-url=https://web.archive.org/web/20260527112832/https://readium.org/development/projects |archive-date=27 | Readium LCP is Readium's DRM system. Readium Foundation is responsible for maintenance of the Readium LCP specification, while: <blockquote>management of the Readium LCP ecosystem is handled by EDRLab, acting as Certification Authority.</blockquote><ref>{{Cite web |title=Readium Projects |website=readium.org |url=https://readium.org/development/projects |url-status=live |archive-url=https://web.archive.org/web/20260527112832/https://readium.org/development/projects |archive-date=2026-05-27 |access-date=2026-06-23}}</ref>(EDRLab is also a member of the Readium Foundation)<ref name="membership" /> | ||
The design of Readium Licensed Content Protection (LCP) was influenced by a 2012 paper called "EPUB Lightweight Content Protection: Use Cases & Requirements" by Bill Rosenblatt (link in the External Links section). | The design of Readium Licensed Content Protection (LCP) was influenced by a 2012 paper called "EPUB Lightweight Content Protection: Use Cases & Requirements" by Bill Rosenblatt (link in the External Links section). | ||
| Line 91: | Line 91: | ||
The Readium LCP library software is mostly open-source, only uk = userkey(h) isn’t (in the open-source version it is void). Only trusted licence providers and trusted app developers know what this string transform is. Therefore one cannot take the open-source software and simply add a “save as clear epub” feature applied on ebooks provided by certified servers.</blockquote> | The Readium LCP library software is mostly open-source, only uk = userkey(h) isn’t (in the open-source version it is void). Only trusted licence providers and trusted app developers know what this string transform is. Therefore one cannot take the open-source software and simply add a “save as clear epub” feature applied on ebooks provided by certified servers.</blockquote> | ||
<ref>{{Cite web |title=LCP principles |website=edrlab.org |url=https://www.edrlab.org/readium-lcp/principles/ |url-status=live |archive-url=https://web.archive.org/web/20260623162817/https://www.edrlab.org/readium-lcp/principles/ |archive-date=23 | <ref>{{Cite web |title=LCP principles |website=edrlab.org |url=https://www.edrlab.org/readium-lcp/principles/ |url-status=live |archive-url=https://web.archive.org/web/20260623162817/https://www.edrlab.org/readium-lcp/principles/ |archive-date=2026-06-23}}</ref> | ||
==Products== | ==Products== | ||