Monthly Archives: December 2014

PDF Printing

It is often the case that PDFs are distributed without really thinking about protecting them against printing. Quite often people will add basic protection against copying and editing using the tools provided in Adobe Acrobat or similar software (see further, below), but files that are not protected against printing or do not control the printing process, can easily be copied, scanned (including to PDF with OCR) and onward distributed.

Pros and Cons of PDFs

There is a lot to be said for the humble PDF. It allows us to share documents easily across multiple platforms, preserving everything from our intended layout, to the correct page order, to our chosen font size and style. However, as noted above, standard PDFs are not protected against the editing or copying of content, nor from printing.

Using the Tools facility in Adobe Acrobat it is possible to add various forms of content protection. These include protection against copying, editing and printing. Date/time-based protection is not provided.

However, these facilities are specific to the Adobe PDF technology and can be bypassed by widely available software that implements decryption, memory-scraping and screen-scraping. Perhaps more importantly they do not provide protection against copying entire documents by simply forwarding these to third parties.

Knowing When to Secure PDFs against Printing

It goes without saying that printing sensitive information carries a significant security risk. Whether this be internally within your company, such as staff payroll documents, contracts, financial statements, or marketing plans, or externally when printing is outsourced. Securing against printing is an ideal way of limiting the unauthorized views of your documents. There may be other benefits, such as managing costs and meeting environmental objectives.

Protecting PDFs

For real protection of PDFs they need to be encrypted and have controls or permissions associated with them. Various tools exist for protecting PDFs. Many PC users, for example, have Microsoft Office as their main document creation facility, As with all current MS Office applications, the File menu, Export facility enables you to save the current document as a PDF. This includes on Options form, as illustrated below,which includes an option to encrypt the document with a password. This provides a level of security against opening the document – the saved document will only open in Adobe Reader if the correct password is entered. Note that this provides no protection otherwise, i.e. printing etc are still permitted.

wordexport

If Adobe Acrobat is installed on the same computer as above, it will automatically appear as an option on the File menu in MS Office applications as “Save as Adobe PDF”. In this case a different form is displayed, with more security facilities (see below). This is where you can see the options to control for printing (and for editing/copying etc.). The default settings are shown. As can be seen, in addition to the Open document password control there is a second password protected Permissions section.

adobeprotect

Digital Rights Management protection

The protection mechanism above works quite well, especially for documents that are not particularly sensitive or high value. There are two main problems with the above approaches however. The first problem is that the document can still be sent to anyone, anywhere in the world, and viewed and copied any number of times. The second problem is that the security applied can be removed in many cases, or simply ignored by using a different PDF reader that does not adhere to Adobe’s settings. The solution to both problems is to apply digital rights management (DRM) controls to the document. In this case the steps are:

  1. create a standard PDF with no special settings
  2. use a special program to encrypt and add security permissions to the file, such as print controls
  3. make the file available to the target user(s) via email, web download etc together with details of how they can open and view the secured document
  4. the target user(s) open the document using a PDF reader (general a free PDF reader provided by the DRM service operator). The document will only open if additional security checks are passed, in all cases requiring a local or wide area network connection, typically to an in-network DRM service. This all happens in 1-2 seconds and includes centralized logging of the events so that actions may be tracked

For more information on providing print security and other DRM-enabled facilities, please contact us

Amazon Kindle Direct Publishing (KDP) and new European VAT rules for eBooks

In an email just issued to European Community-based KDP customers, Amazon have taken the decision to change the ebook pricing model they apply in order to cater for new European Community VAT rules coming into force on January 1st 2015. Essentially they are asking all publishers to adopt a VAT “inclusive” pricing model for their publications or they will impose one automatically. We at Drumlin Security have already requested that our customers do likewise, where their publications are sold to European-based consumer customers. For publishers who sell all or almost all of their publications outside the EEC the problem does not apply.

The core text from Amazon is shown below. More details from Amazon can be found here

“On January 1, 2015, European Union (EU) tax laws regarding the taxation of digital products (including eBooks) will change: previously, Value Added Tax (VAT) was applied based on the seller’s country – as of January 1st, VAT will be applied based on the buyer’s country. As a result, starting on January 1st, KDP authors must set list prices to be inclusive of VAT. We will also make a one-time adjustment for existing books published through KDP to move from VAT-exclusive list prices to list prices which include VAT. We’ll put these changes into effect starting January 1st; you may always change your prices at any time, but you do not need to take any action unless you wish to do so.

Starting January 1st, for any titles already published in KDP, we will make a one-time adjustment to convert VAT-exclusive list prices provided to us to VAT-inclusive list prices. Subject to minimum and maximum thresholds, we will add the applicable VAT based on the primary country of the marketplace to the VAT-exclusive list price provided. For example, if an author had previously set £5.00 as the VAT-exclusive list price for amazon.co.uk, the new VAT-inclusive list price will be £6.00 because the applicable VAT rate in the UK is 20%. Please note, if an author had set a consistent VAT-exclusive list price for all Euro based Kindle stores, those prices will now be different due to varying VAT rates for the primary country of each Kindle store. For example, if an author had previously provided a €6.00 VAT-exclusive list price for amazon.de, amazon.fr, amazon.es, and amazon.it Kindle stores, the list prices including VAT will be €7.14 (19% VAT), €6.33 (5.5% VAT), €7.26 (21% VAT), and €7.32 (22% VAT) respectively.

Minimum and maximum list prices for the 35% and 70% royalty plans will now also include VAT. For books published before January 1st that would fall outside these new limits after VAT is included, we will adjust the list price to ensure the book remains in the same royalty plan that was previously selected.”