Data such as a musical track is stored as a secure portable track (SPT) which can be bound to one or more players and can be bound to a particular storage medium, restricting playback of the SPT to the specific players and ensuring that playback is only from the original storage medium. The SPT is bound to a player by encrypting data of the SPT using a storage key which is unique to the player, is difficult to change, and is held in strict secrecy by the player. The SPT is bound to a particular storage medium by including data uniquely identifying the storage medium in a tamper-resistant form, e.g., cryptographically signed. The SPT can also be bound to the storage medium by embedding cryptographic logic circuitry, e.g., integrate circuitry, in the packaging of the storage medium. The SPT is bound by encrypting an encryption key using the embedded logic. By using unique cryptographic logic, only that particular storage medium can decrypt the encryption key and, therefore, the data of the SPT encrypted with the encryption key. To allow a user to playback the SPT on a number of players, players can share storage keys with one another. Such key sharing is done in a cryptographically secure manner. Before downloading an SPT to a particular external player, the ability of the external player to enforce restrictions placed upon the SPT is verified.