jump to navigation

Mayweather-Pacquiao Fight Exposes Live Event Streaming Piracy Challenges May 6, 2015

Posted by Bill Rosenblatt in Fingerprinting, Video, Watermarking.
add a comment

Piracy of live-streamed sports events ceased to be “inside baseball” (pun intended) for the media industry last weekend with HBO’s broadcast of the Floyd Mayweather-Manny Pacquiao boxing match in the US market.  Even in the mainstream media (such as here and here), it seems that the public’s ability to watch the fight online for free in close to real time got more attention than the fight itself.

This is why protection of live sports event streams is a growth area in the field of anti-piracy technology today.  Broadcasters like HBO pay huge sums of money for exclusive rights to live sports; therefore they have big incentives to protect the streams from infringement.  Recent articles in re/code and Mashable attempted — with limited success — to explain how HBO’s stream was massively pirated and how that piracy could possibly have been curtailed.

Both articles focused on the many pirated streams of the fight that were available on the Periscope app, which allows users to broadcast video in real time from their iOS devices, and is owned by Twitter.  As Peter Kafka at re/code explained (accurately enough), it’s not possible to use fingerprint-based systems like Google’s Content ID with live event streams.  Such systems depend on a service provider getting a copy of the content in advance so that it can take a “fingerprint” — a shorthand numerical representation of it — and use that to flag attempted user uploads of the same content later.  By definition, no advance copy of a live event exists, so fingerprinting can’t be used.

Furthermore, just because a single service uses fingerprinting to block unauthorized uploads doesn’t mean that other services do.  YouTube might block an upload thanks to Content ID, but that doesn’t prevent a user from putting the same file up on BitTorrent or a cyberlocker.

However, it is possible to use watermarks to flag content.  HBO could insert watermarks into the live video as it goes out the door.  Watermarks are much more efficient to detect and calculate than fingerprints, and a well-designed watermark can be detected even if the content is “camcorded” from a TV screen.

Two things can happen with watermarks.  First, a cooperating service could agree to detect the watermark and block the content — or do something else, such as allow the content through, play an ad, and share the revenue with the rights holder, as Google does with Content ID.  Second, a piracy monitoring service could detect watermarks of streams out in the wild (including on Periscope) and rapidly serve takedown notices on the services that are distributing the unauthorized streams, meaning that the services need not do anything proactive.

Given what Christina Warren at Mashable experienced (camcorded streams appearing on Periscope and then disappearing later), the latter probably happened.  Several streaming providers and anti-piracy services use watermarks to aid detection of unauthorized copies of live streams.  In the Caribbean market, for example, Netherlands-based pay-TV platform provider Cleeng carried the pay-per-view broadcast of the fight for Sportsmax TV, and it’s likely that Cleeng used its live-stream watermarking technology to protect the content.  (Another anti-piracy provider, Irdeto, has similar technology but admitted to Bloomberg that it wasn’t working on the fight.  That leaves Friend MTS as my guess for the provider that monitored the fight in other geographies such as Europe and North America.)

It is also possible to automate the process more fully by embedding so-called session-based watermarks that contain identifiers for the user accounts or devices that are receiving the content legally — such as set-top boxes receiving HBO over cable or satellite services.  Session-based watermarks are used today with movies released in early windows in high definition, and Hollywood would like them to be used in all 4K/UHD movie distributions.

With session-based watermarks, a monitoring service can (in many cases) determine the device from which the unauthorized stream originated and inform the pay-TV provider, which can then shut off the signal to that device. The entire process would require no human intervention and take just a few seconds.

But with Periscope-style camcording, this could lead to the following interesting situation: Alice invites some friends over to watch the fight on her big-screen TV and pays the $100 fee to HBO through her cable company.  Everyone sits down, and the fight starts.  Bob pulls out his iPhone and fires up Periscope.  A few seconds later, the TV goes blank or displays a warning message about possible copyright infringement.  Alice calls her cable company and finds herself on hold, waiting behind the hundreds or thousands of other furious customers to whom the same thing happened.

Ergo I don’t believe HBO is able to require session-based watermarking to protect its live events through pay-TV providers.  The situation with live sports is different from early-window HD movies: movies have already been in theaters (where they have been camcorded), and users value the timeliness of Periscope-style camcords for live events more than their often questionable quality.

What also clearly did not happen is that HBO made a deal with Twitter to detect the watermarks and block the live Periscope streams.  As both the Mashable and re/code articles note, Twitter/Periscope experienced a ton of traffic before, during, and after the event, much of which was “second-screen” in nature, such as commentary on the fight and the fighters.  Yet Google’s Content ID showed that a service provider could be willing to detect copyrighted materially proactively if given sufficient incentive.  If the likes of HBO can find sufficient incentives — cross-promotion, ad revenue share, or something else — then the Periscopes of the world might be inclined to follow in Google’s footsteps.

Digimarc Launches Social DRM for E-books September 17, 2014

Posted by Bill Rosenblatt in Fingerprinting, Publishing, Technologies.
add a comment

Digimarc, the leading supplier of watermarking technology, announced this week the release of Digimarc Guardian Watermarking for Publishing, a transactional watermarking (a/k/a “social DRM”) scheme that complements its Guardian piracy monitoring service. Launch customers include the “big five” trade publisher HarperCollins, a division of News Corp., and the e-book supply chain company LibreDigital, a division of the printing giant RR Donnelley that distributes e-books for HarperCollins in the US.

With this development, Digimarc finally realizes the synergies inherent in its acquisition of Attributor almost two years ago.  Digimarc’s roots are in digital image watermarking, and it has expanded into watermarking technology for music and other media types.  Attributor’s original business was piracy monitoring for publishers via a form of fingerprinting — crawling the web in search of snippets of copyrighted text materials submitted by publisher customers.

One of the shortcomings in Attributor’s piracy monitoring technology was the difficulty in determining whether a piece of text that it found online was legitimately licensed or, if not, if it was likely to be a fair use copy.  Attributor could use certain cues from surrounding text or HTML to help make these determinations, but they are educated guesses and not infallable.

The practical difference between fingerprinting and watermarking is that watermarking requires the publisher to insert something into its material that can be detected later, while fingerprinting doesn’t.  But watermarking has two advantages over fingerprinting.  One is that it provides a virtually unambiguous signal that the content was lifted wholesale from its source; thus a copy of content with a watermark is more likely to be infringing.  The other is that while fingerprinting can be used to determine the identity of the content, watermarking can be used to embed any data at all into it (up to a size limit) — including data about the identity of the user who purchased the file.

The Digimarc Guardian watermark is complementary to the existing Attributor technology; Digimarc has most likely adapted Attributor’s web-crawling system to detect watermarks as well as use fingerprinting pattern-matching techniques to find copyrighted material online.

Digimarc had to develop a new type of watermark for this application, one that’s similar to those of Booxtream and other providers of what Bill McCoy of the International Digital Publishing Forum has called “social DRM.”  Watermarks do not restrict or control use of content; they merely serve as forensic markers, so that watermark detection tools can find content in online places (such as cyberlockers or file-sharing services) where they probably shouldn’t be.

A “watermark” in an e-book can consist of text characters that are either plainly visible or hidden among the actual material.  The type of data most often found in a “social DRM” scheme for e-books likewise can take two forms: personal information about the user who purchased the e-book (such as an email address) or an ID number that the distributor can use to look up the user or transaction in a database and is otherwise meaningless.   (The idea behind the term “social DRM” is that the presence of the watermark is intended to deter users from “oversharing” files if they know that their identities are embedded in them.)  The Digimarc scheme adopted by LibreDigital for HarperCollins uses hidden watermarks containing IDs that don’t reveal personal information by themselves.

In contrast, the tech publisher O’Reilly Media uses users’ email addresses as visible watermarks on its DRM-free e-books. Visible transactional watermarking for e-books dates back to Microsoft’s old Microsoft Reader (.LIT) scheme in the early 2000s, which gave publishers the option of embedding users’ credit card numbers in e-books — information that users surely would rather not “overshare.”

HarperCollins uses watermarks in conjunction with the various DRM schemes in which its e-books are distributed.  The scheme is compatible with EPUB, PDF, and MOBI (Amazon Kindle) e-book formats, meaning that it could possibly work with the DRMs used by all of the leading e-book retailers.

However, it’s unclear which retailers’ e-books will actually include the watermarks.   The scheme requires that LibreDigital feed individual e-book files to retailers for each transaction, rather than single files that the retailers then copy and distribute to end users; and the companies involved haven’t specified which retailers work with LibreDigital in this particular way.  (I’m not betting on Amazon being one of them.)  In any case, HarperCollins intends to use the scheme to gather information about which retailers are “leaky,” i.e., which ones distribute e-books that end up in illegal places online.

Hollywood routinely uses a combination of transactional watermarks and DRM for high-value content, such as high-definition movies in early release windows.  And at least some of the major record labels have used a simpler form of this technique in music downloads for some time: when they send music files to retailers, they embed watermarks that indicate the identity of the retailer, not the end user. HarperCollins is unlikely to be the first publisher to use both “social DRM” watermarks and actual DRM, but it is the first one to be mentioned in a press release.  The two technologies are complementary and have been used separately as well as together.

 

Copyright Alert System Releases First Year Results June 10, 2014

Posted by Bill Rosenblatt in Europe, Fingerprinting, Law, United States, Watermarking.
2 comments

The Center for Copyright Information (CCI) released a report last month summarizing the first calendar year of activity of the Copyright Alert System (CAS), the United States’ voluntary graduated response scheme for involving ISPs in flagging their subscribers’ alleged copyright infringement. The report contains data from CAS activity as well as results of a study that CCI commissioned on consumer attitudes in the US towards copyright and file sharing.

The way CAS works, copyright owners monitor ISPs’ networks for allegedly illegal file sharing, using MarkMonitor’s piracy monitoring service.  MarkMonitor determines which ISP manages the user’s IP address and sends a notice to that ISP.  The ISP then looks up the subscriber ID associated with that ISP address and sends a copyright alert.  The first two copyright alerts sent to a given user are purely educational, not requiring the user to take any action. Subsequent alerts proceed from “educational” to “acknowledgement” (requiring the user to acknowledge the alert in some way, similar to the way in which users agree to terms of use on websites) and then to “mitigation” (the ISP imposes some penalty, such as temporarily throttling the user’s bandwidth).

There are two alerts at each level, for a total of six, but the three categories make it easier to compare the CAS with “three strikes” graduated response regimes in other countries.  As I discussed recently, the CAS’s “mitigation” penalties are very minor compared to punitive measures in other systems such as those in France and South Korea.

The CCI’s report indicates that during the first ten months of operation, it sent out 1.3 million alerts.  Of these, 72% were “educational,” 20% were “acknowledgement,” and 8% were “mitigation.”  The CAS includes a process for users to submit mitigation alerts they receive to an independent review process.  Only 265 review requests were sent, and among these, 47 (18%) resulted in the alert being overturned.  Most of these 47 were overturned because the review process found that the user’s account was used by someone else without the user’s authorization.  In no case did the review process turn up a false positive, i.e. a file that the user shared that was actually not unauthorized use of copyrighted material.

It’s particularly instructive to compare these results to France’s HADOPI system.  This is possible thanks to the detailed research reports that HADOPI routinely issues.  Two of these were presented at our Copyright and Technology London conferences and are available on SlideShare (2012 report here; 2013 report here).  Here is a comparison of the percent of alerts issued by each system at each of the three levels:

Alert Level HADOPI 2012 HADOPI 2013 CAS 2013
1st/Educational 91.65% 90.80% 72.39%
2nd/Acknowledgement 8.32% 9.17% 20.05%
3rd/Mitigation 0.03% 0.03% 7.56%

Of course these comparisons are not precise; but it is hard not to draw an inference from them that threats of harsher punitive measures succeed in deterring file-sharing.  In the French system — in which users can face fines of up to €1500 and one year suspensions of their Internet service — only 0.03% of those who received notices kept receiving them up to the third level, and only a tiny handful of users actually received penalties.  In the US system — where penalties are much lighter and not widely advertised — almost 8% of users who received alerts went all the way to the “mitigation” levels. (Of that 8%, 3% went to the sixth and final level.)

Furthermore, while the HADOPI results are consistent from 2012 to 2013, they reflect a slight upward shift in the number of users who receive second-level notices, while the percent of third-level notices — those that could involve fines or suspensions — remained constant.  This reinforces the conclusion that actual punitive measures serve as deterrents.  At the same time, the 2013 results also showed that while the HADOPI system did reduce P2P file sharing by about one-third during roughly the second year of the system’s operation, P2P usage stabilized and even rose slightly in the two years after that.  This suggests that HADOPI has succeeded in deterring certain types of P2P file-sharers but that hardcore pirates remain undeterred — a reasonable conclusion.

It will be interesting to see if the CCI takes this type of data from other graduated response systems worldwide — including those with no punitive measures at all, such as the UK’s planned Vcap system — into account and uses it to adjust its level of punitive responses in the Copyright Alert System.

 

 

 

 

UK ISPs to Implement “Educational” Graduated Response System May 14, 2014

Posted by Bill Rosenblatt in Fingerprinting, Law, UK, Uncategorized, United States.
1 comment so far

The BBC has discovered documents that detail a so-called graduated response program for detecting illegal downloads done by customers of major UK ISPs and sending alert messages to them.  The program is called the Voluntary Copyright Alert Programme (Vcap).  It was negotiated between the UK’s four major ISPs (BT, Sky, Virgin Media, and TalkTalk) and trade associations for the music and film industries, and it is expected to launch sometime next year.

Vcap is a much watered-down version of measures defined in the Digital Economy Act of 2012, in that it calls only for repeated “educational” messages to be sent to ISP subscribers and for no punitive measures such as suspension or termination of their accounts.

In general, graduated response programs work like this: copyright owners engage network monitoring firms to monitor ISPs’ networks for infringing behavior.  Monitoring firms use a range of technologies, including fingerprinting to automatically recognize content that users are downloading.  If they find evidence of illegal behavior, they report it to a central authority, which passes the information to the relevant ISP, typically including the IP address of the user’s device.  The ISP determines the identity of the targeted subscriber and takes some action, which depends on the details of the program.

In some cases (as in France and South Korea), the central authority is empowered to force the ISP to take punitive action; in other cases (as in the United States’ Copyright Alert System (CAS) as well as Vcap), ISPs take action voluntarily.

Assuming that Vcap launches on schedule, we could soon have data points about the effectiveness of various types of programs for monitoring ISP subscribers’ illegal downloading behaviors.  The most important question to answer is whether truly punitive measures really make a difference in deterring online copyright infringement, or whether purely “educational” measures are enough to do the job. Currently there are graduated response programs in South Korea, New Zealand, Taiwan, and France that have punitive components, as well as one in Ireland (with Eircom, the country’s largest ISP) that is considered non-punitive.

Is America’s CAS punitive or educational?  That’s a good question.  CAS has been called a “six strikes” system (as opposed to other countries’ “three strikes”), because it defines six levels of alerts that ISPs must generate, although ISPs are intended to take “mitigation measures” against their subscribers starting at the fifth “strike.”  What are these mitigation measures?  It’s largely unclear.  The CAS’s rules are ambiguous and leave quite a bit of wiggle room for each participating ISP to define its own actions.

Instead, you have to look at the policies of each of the five ISPs to find details about any punitive measures they may take — information that is often ambiguous or nonexistent.  For example:

  • AT&T: its online documentation contains no specifics at all about mitigation measures.
  • Cablevision (Optimum Online): its policy is ambiguous, stating that it “may temporarily suspend your Internet access for a set period of time, or until you contact Optimum.”  Other language in Cablevision’s policy suggests that the temporary suspension period is 24 hours.
  • Comcast (Xfinity): Comcast’s written policy is also ambiguous, saying only that it will continue to post alert messages until the subscriber “resolve[s] the matter” and that it will never terminate an account.
  • Time Warner Cable: also ambiguous but suggesting nothing on the order of suspension or termination, or bandwidth throttling.  It states that “The range of actions may include redirection to a landing page for a period or until you contact Time Warner Cable.”
  • Verizon: Verizon’s policy is the only one with much specificity.  On the fifth alert, Verizon throttles the user’s Internet speed to 256kbps — equivalent to a bottom-of-the-line residential DSL connection in the US — for a period of two days after a 14-day advance warning.  At the sixth alert, it throttles bandwidth for three days.

In other words, the so-called mitigation measures are not very punitive at all, not even at their worst — at least not compared to these penalties in other countries:

  • France: up to ISP account suspension for up to one year and fines of up to €1500 (US $2000), although the fate of the HADOPI system in France is currently under legal review.
  • New Zealand: account suspension of up to six months and fines of up to NZ $15,000 (US $13,000).
  • South Korea: account suspension of up to six months.
  • Taiwan: suspension or termination of accounts, although the fate of Taiwan’s graduated response program is also in doubt.

[Major hat tip to Thomas Dillon’s graduatedresponse.org blog for much of this information.]

In contrast, Vcap will be restricted to sending out four alerts that must be “educational” and “promot[e] an increase in awareness” of copyright issues.  Vcap is intended to run for three years, after which it will be re-evaluated — and if judged to be ineffective, possibly replaced with something that more closely resembles the original, stricter provisions in the Digital Economy Act.  By 2018, the UK should also have plenty of data to draw on from other countries’ graduated response regimes about any relationship between punitive measures and reduced infringements.

 

Getty Images Reaches Image License Deal with Pinterest October 28, 2013

Posted by Bill Rosenblatt in Fingerprinting, Images, Rights Licensing.
1 comment so far

A year ago, Getty Images, one of the world’s largest stock image agencies, reached a licensing deal with a startup called SparkRebel, which I described as “Pinterest for fashionistas, with Buy buttons.”  On that site, people would post images of items of clothing they’re interested in.  An image recognition engine would try to identify the photo and thus the identity of each apparel item.  If the item was identified and its manufacturer had a deal with SparkRebel, the site would show a Buy button, which users could click to purchase the item.  It was a clever use of content identification technology to support licensing of content used for commercial purposes.

SparkRebel used Getty Images’ ImageIRC image recognition technology.  ImageIRC uses the concept of fingerprinting: it examines an image, calculates a set of numbers that represent the image, and looks those numbers up in a database of fingerprints to see if finds a match.  Matches needn’t be exact; the fingerprinting algorithm can usually compute the correct fingerprint even if the image has been color-shifted, downsampled, cropped (up to a point), etc.  In other words, Getty Images is to still images as Google’s Content ID is to YouTube videos and Audible Magic is to various sites that host music files.

In Getty Images’ deal with SparkRebel, SparkRebel would pay Getty Images a licensing fee whenever a user posted an image to which Getty owned the rights.  Those of use who watched this deal at the time wondered if Getty Images was trying to get Pinterest — the leading site where users posted images of commercial products — to agree to a similar deal.  Given Getty Images’ firm “no comment” replies to questions about it, the answer was clearly yes.  Many of the photos posted on Pinterest (as opposed to, say, Instagram) are commercial images copied and pasted from other websites, so Getty could have made a case that Pinterest was promoting infringement of its copyrights.

It took a while, but Getty Images did conclude a licensing deal with Pinterest last Friday — a few months after SparkRebel ceased operations.  Under the deal, whenever ImageIRC finds a match to an image that a user “pins” on Pinterest, Pinterest will pay Getty Images a licensing fee, just as with SparkRebel.  The additional feature of the deal is that Getty Images will send Pinterest metadata about the matched image, which Pinterest can display for the user.  The metadata includes the time and location of the photo, the identity of the photographer, caption, an image ID, and licensing information.

Neither Getty nor Pinterest has mentioned anything about blocking or flagging images that users aren’t permitted to pin to the site; Pinterest still allows any user photos on the site, regardless of the terms under which Getty normally licenses them.  Pinterest continues to follow DMCA 512 policies of responding to takedown notices and terminating the accounts of users who repeatedly violate copyrights.

Pinterest’s announcement of the deal on its blog mentions the license fees, but otherwise does not mention any copyright issues; instead it focuses on “New data to help improve Pinterest.”  Putting the fees aside, the deal is a win for Pinterest as well as Getty Images (not to mention Pinterest’s user community).

For Getty Images, this deal establishes an important precedent for image-sharing services that store lots of professional images and use them for commercial purposes.  Other services that use images to drive commerce will likely follow Pinterest’s example and make licensing deals with Getty Images.  But Getty gets another benefit besides money that could turn out to be just as important: distribution of image metadata.

One of the biggest problems that the stock image industry has with the Internet is that most ways of copying images from one place to another strip metadata away.  When photographers and editors prepare images for distribution, they use tools like Adobe Photoshop, which incorporates Adobe’s XMP (eXtensible Metadata Platform) metadata scheme for storing metadata that travels with images.  XMP metadata can be stored alongside images on web pages.  But it doesn’t survive copying and pasting photos through web browsers.

It is actually illegal under section 1202 of the Digital Millennium Copyright Act to intentionally remove “copyright management information” from a copyrighted work in order to evade detection of infringement, though there is some ambiguity over issues such as what qualifies as copyright management information.  Nevertheless, images that users copy and paste among websites generally have no copyright management information.*  Getty Images’ arrangement with Pinterest recovers metadata for images posted to the site that match its database.   This certainly won’t solve the image metadata problem in general, but it’s a start.

*Some images may have invisible embedded watermarks that indicate copyright management information.  Typically such watermarks will contain IDs that point to entries in image licensors’ databases, which in turn contain things like the photographer’s name, licensing terms, and so on.  Whether invisible embedded watermarks qualify as copyright management information under DMCA 1202 is somewhat up in the air.  If a high enough court decided that they do, that could make tools for hacking “social DRM” e-book watermarks illegal in the United States.

Comcast Adds Carrots to Sticks August 9, 2013

Posted by Bill Rosenblatt in Fingerprinting, Services, Video.
1 comment so far

Variety magazine reported earlier this week that Comcast is developing a new scheme for detecting illegal file downloads over its Internet service.  When it detects a user downloading content illegally, it will send a message to the user with links to legal alternatives, including from sources that aren’t Comcast properties.  This scheme would be independent of the Copyright Alert System (CAS) that launched in the United States earlier this year.

What a difference the right economic incentives make.  Comcast has significant incentive for offering carrots instead of sticks: it owns NBC Universal, a major movie studio and TV network.  This means that Comcast has incentives to protect content revenue, even if it comes from third parties like iTunes, Netflix, or Amazon.  In addition, if Comcast protects its own network from infringers, it has a stronger position from which to negotiate content distribution deals for its own Xfinity-branded services from other major studios.

Comcast will most likely use the same monitoring services as content owners — like NBC Universal, whose people are collaborating on the design of this (as yet unnamed) system — use to detect allegedly infringing downloads.  It will be able to send messages to users in close to real time — in contrast to CAS, which processes data about detected downloads through a third party before they get sent to users.

This scheme is reminiscent of one of the earliest uses of fingerprinting technologies in a commercially licensed service: around 2005, a P2P file-sharing network called iMesh cut a deal with the major record labels (or at least some of them).  They would allow iMesh to operate its network with audio fingerprinting (supplied by Audible Magic, still a leader in the field).  The fingerprinting technology would detect attempts to upload copyrighted music to the network and block them.  Instead, iMesh offered copyrighted music files supplied by the labels, encrypted with DRM, for purchase.  Given that several other P2P file-sharing networks (such as LimeWire) continued to operate at the time without such restrictions, iMesh wasn’t much of a success.

Comcast is hoping to get other ISPs to adopt similar schemes, presumably both as a service to major content owners and in hopes that this anti-piracy feature doesn’t drive users to its competitors.  But that gambit is unlikely to succeed.  Of the four other major ISPs in the US — AT&T, Cablevision, Time Warner Cable, and Verizon — none are corporate siblings to major content owners.  (Time Warner Cable was spun off from Time Warner in 2009, though it retains the name.)  In other words, they won’t have the right incentives.

In contrast, France’s HADOPI scheme is supposed to steer people to legal alternatives by simply giving those services a “seal of approval” that they can use themselves.  What Comcast has in mind ought to be more effective.  In the world of movies and TV shows, it would be that much more effective if legal services were to offer content with anything like the completeness of record label catalogs offered through legal music services.   But that’s another story for another day.

 

Copyright Alert System Launches in U.S. February 25, 2013

Posted by Bill Rosenblatt in Fingerprinting, Law, Music, Video.
2 comments

With today’s launch of the Copyright Alert System (CAS) by the Center for Copyright Information, the United States joins the list of countries that have adopted a so-called graduated response system for educating Internet users about online copyright infringement and taking steps to punish repeat offenders.  The CAS is finally launching after a few months’ delay, part of which was supposedly due to the effects of Sandy, the mega-storm that hit the northeast U.S. late last year.  Other graduated response countries include France, New Zealand, and South Korea; the United Kingdom is currently struggling with its own implementation.

The CAS is a partnership between music and video content owners on the one hand and major ISPs on the other.  The content owner representatives include not just the majors (RIAA and MPAA) but also the Independent Film and Television Alliance (IFTA) and American Association of Independent Music (A2IM).  On the ISP side, membership includes the five largest providers: AT&T, Verizon, Time Warner Cable, Comcast, and Cablevision.  Book and game publishers are not involved at this point.

The CAS is run by Jill Lesser, a tech policy veteran with deep experience on both the content and ISP sides.  It has an advisory board whose principal function seems to be to curb abuses: it includes advocates for looser copyright laws (Gigi Sohn of Public Knowledge) and user privacy (Jules Polonetsky of the Future of Privacy Forum).

The CAS works similarly to other graduated response regimes: copyright owners employ infringement monitoring services, which can identify copyrighted works as users send them around the Internet using fingerprinting and other content recognition technologies.  The monitoring services send notices to ISPs, which issue warning messages to users.  The warnings get stronger with repeat infringements.

ISPs can opt to punish repeat alleged offenders by such means as throttling bandwidth and making users watch videos about copyright.  (ISPs already have policies for terminating repeat infringers’ accounts, which they must have in order to maintain their eligibility for the DMCA safe harbor.)

Where the CAS differs from other graduated response systems is that it is not tied to law enforcement.  The arrangement between content owners and ISPs is voluntary. ISPs will not terminate or suspend users’ Internet accounts, nor will they pass information about infringements on to copyright owners.  Another difference is that the CAS is not being funded through taxes or levies on Internet service (although funding sources are confidential).

In other words, the CAS is a more purely educational approach than France’s HADOPI or other systems.  Analysis of the CAS’s results will therefore be more useful in determining how successful education by itself can be in getting people to respect copyright.  The hope is that education will do more than draconian statutory damages or blunt-instrument legislation.

Given how little effect those approaches have had, it may not be difficult to declare the Copyright Alert System a relative success in the years to come.  As it is now, it seems like quite a reasonable system: it raises awareness about the importance of copyright by using advanced Internet technologies instead of relegating enforcement to outmoded nontechnical legal means; it is permeated with references to legal content sources; and it doesn’t cost users a thing.

Digimarc Acquires Attributor December 4, 2012

Posted by Bill Rosenblatt in Fingerprinting, Images, Publishing, Watermarking.
1 comment so far

Digimarc announced yesterday that it has acquired Attributor Corp.  Attributor, based in Silicon Valley, is one of a handful of companies that crawls the Internet looking for instances of copyrighted material that may be infringing, using a pattern-recognition technology akin to fingerprinting.  Digimarc is a leader in digital watermarking technology, with a large and significant portfolio of IP in the space.  The acquisition price was a total of US $7.5 Million in cash, stock, and contingent compensation.

This is a synergistic and strategically significant move for Digimarc.  A few years ago, Digimarc had pruned its efforts to create products and services for digital media markets outside of still images.  It had decided, in effect, to leave products and services to its IP licensees, companies such as Civolution of the Netherlands and MarkAny of South Korea.  Attributor’s primary market is book publishing, with customers including four out of the “Big Six” trade book publishers as well as several leading educational and STM (scientific, technical, medical) publishers.

Digimarc intends to leverage Attributor’s relationships with book publishers to help it expand its watermarking technology into that market and to move into other markets such as magazine and financial publishing.  The company cited the explosive growth in e-books as a reason for the acquisition.

Beyond that, Digimarc’s acquisition is another sign of the increasing importance of infringement monitoring services; the previous such sign came over the summer, when Thomson Reuters acquired MarkMonitor.

There are two reasons for this increase in importance.  First is the rise of so-called progressive response legal regimes: copyright owners can monitor the Internet and submit data on alleged infringements to a legal authority, which sends users increasingly strong warning messages and, if they keep on infringing, potentially suspends their ISP accounts.  The most advanced progressive response regime is HADOPI in France, early results from which are encouraging.  The Copyright Alert System is supposedly gearing up for launch in the United States.  A handful of other countries have progressive response in place or in process as well.

The second reason for the increasing importance of so-called piracy monitoring is that copyright owners are starting to realize the value of the data they generate, beyond catching infringers.  Piracy is evidence of popularity of content — of demand for it.  The data that these services generate can be valuable for analytics purposes, to see who is interested in the content and in what ways.  Big Champagne, for example, has been supplying this type of data to the music industry for may years.  Attributor has been working on a new service that integrates piracy data with social media analytics; Digimarc intends to integrate this into its own data offerings for the image market.

In fact, we’ll have a discussion on the value of piracy data tomorrow at Copyright and Technology NYC 2012.  Leading the discussion will be Thomas Sehested of MarkMonitor.  There’s little doubt he will be called upon to talk about his new competition.

Getty Images Launches Automated Rights Licensing for Photo Sharing Services September 12, 2012

Posted by Bill Rosenblatt in Fingerprinting, Images, Law, Rights Licensing, Services.
add a comment

Getty Images announced on Monday a deal with SparkRebel, a site that calls itself a “collaborative fashion and shopping inspiration” — but is perhaps more expediently described as “Pinterest for fashionistas, with Buy buttons” — in which images that users post to the site are recognized and their owners compensated for the use.  The arrangement uses ImageIRC technology from PicScout, the Israeli company that Getty Images acquired last year.  ImageIRC is a combination of an online image rights registry and image recognition technology based on fingerprinting.  It also uses PicScout’s Post Usage Billing system to manage royalty compensation.

Here’s how it works: SparkRebel users post images of fashion items they like to their profile pages.  Whenever a user posts an image, SparkRebel calls PicScout’s content identification service to recognize it.  If it finds the image’s fingerprint in its database, it uses ImageIRC to determine the rights holders; then SparkRebel pays any royalty owed through Post Usage Billing.  PicScout ImageIRC’s database includes Getty’s own images; it is the largest stock image agency in the world.  (Getty Images itself was sold just last month to Carlyle Group, the private equity giant, for over US $3 Billion.)  In all, ImageIRC includes data on over 80 million images from more than 200 licensors, which can opt in to the arrangement with SparkRebel (and presumably similar deals in the future).

This deal is a landmark in various ways. It is a more practically useful application for image recognition than ever before, and it brings digital images into some of the same online copyright controversies that have existed for music, video, and other types of content.

Several content recognition platforms exist; examples include Civolution’s Teletrax service for video; Attributor for text; and Audible Magic, Gracenote, and Rovi for music.  Many of these technologies were first designed for catching would-be infringers: blocking uploads  and supplying evidence for takedown notices and other legal actions.  Some of them evolved to add rights licensing functionality, so that when they find content on a website, blog, etc., instead of sending a nastygram, copyright owners can offer revenue-sharing or other licensing terms.  The music industry has experimented with audio fingerprinting to automate radio royalty calculations.

The idea of extending a content identification and licensing service to user-posted content is also not new: Google’s Content ID technology for YouTube has led to YouTube becoming a major legal content platform and likely the largest source of ad revenue from music in the world.  But while Content ID is exclusive to YouTube, PicScout ImageIRC and Post Usage Billing are platforms that can be used by any service that publishes digital images.

PicScout has had the basic technology components of this system for a while; SparkRebel merely had to implement some simple code in its photo-upload function to put the pieces together.  So why don’t we see this on Pinterest, not to mention Flickr, Tumblr, and so many others?

The usual reason: money.  Put simply, SparkRebel has more to gain from this arrangement than most other image-sharing sites.  SparkRebel has to pay royalties on many of the images that its users post.  Yet many of those images are of products that SparkRebel sells; therefore if an image is very popular on the site, it will cost SparkRebel more in royalties but likely lead to more commissions on product sales.  Furthermore, a site devoted to fashion is likely to have a much higher percentage of copyrighted images posted to it than, say, Flickr.

Yet where there’s no carrot, there might be a stick.  Getty Images and other image licensors have been known to be at odds with sites like Pinterest over copyright issues.  Pinterest takes a position that is typical of social-media sites: that it is covered (in the United States) by DMCA 512, the law that enables them to avoid liability by responding to takedown notices — and as long as it responds to them expeditiously, it has no further copyright responsibility.

Courts in cases such as UMG v. Veoh and Viacom v. Google (YouTube) have also held that online services have no obligation to use content identification technology to deal with copyright issues proactively.  Yet the media industry is trying to change this; for example, that’s most likely the ultimate goal of Viacom’s pending appeal in the YouTube case.  (That case concerns content that users uploaded before Google put Content ID into place.)

On the other hand, the issue for site operators in cases like this is not just royalty payments; it’s also the cost of implementing the technology that identifies content and acts accordingly.  A photo-sharing site can implement PicScout’s technology easily and (unlike analogous technology for video) with virtually no impact on its server infrastructure or the response time for users.  This combined with the “make it easy to do the right thing” aspect of the scheme may bring the sides closer together after all.

The DMCA and Presidential Politics July 29, 2012

Posted by Bill Rosenblatt in Fingerprinting, Law, Music, United States.
3 comments

A minor firestorm has hit the techblogosphere over the past several days regarding the removal of a Mitt Romney campaign ad on YouTube that contained a short clip of President Obama singing Al Green’s “Let’s Stay Together” (while at a campaign stop at the Apollo Theater in Harlem).  Commentators used this as an occasion to blast an aspect of DMCA 512, the U.S. law that provides for “notice and takedown.”  The knee-jerk reactions to this incident have been wrong-headed and a little bit depressing.

The law says that if a copyright owner sends a proper notice to a site operator (in this case Google for YouTube) about an unauthorized content item, then the operator may take the  item down to avoid liability.  The law enables the operator to provide counternotice but stipulates that the operator must wait 10 days after issuing the counternotice for a reply period before it can repost the item without risk of liability.

Sites like Public Knowledge and Ars Technica have focused on the fact that the five-second clip in the Romney ad is highly likely to be fair use, how dare BMG Music Publishing do this, etc., etc.  Public Knowledge also complained that the counternotice period forced the political ad off the air for too long a time and thus constituted abuse of copyright.

There’s no question that the clip makes a fair use of the song snippet; the “fair use analyses” done by people like Public Knowledge’s Sherwin Siy are beside the point.  More importantly, it’s wrong to blame the “evil music company” for instigating the takedown.

Here’s a much more likely explanation of what happened: The Obama campaign contacted the copyright owner and asked them to issue the takedown notice, as a tactical response to Romney’s attack ad.  BMGMP issued the notice as a routine clerical matter, as it does all the time at the request of songwriters or their management.  The notice triggered YouTube’s automated system, which took the clip down.

Mike Masnick at TechDirt — the only one here who appears to have done some actual investigation instead of mere grandstanding — noticed that other YouTube clips of Obama singing the song remained up for a while until they were taken down as well.  He also found that other singers’ versions of the 1972 classic hit remained up.  Masnick attributed this to overzealous lawyers at BMGMP  “doubl[ing] down” on takedowns for the sake of consistency.

Uh,no.  The truth, once again, most likely lies in campaign tactics.  The Romney campaign (or allied interests) probably tried to re-post the ad several times with different titles or metadata.  The Obama camp then responded by asking BMGMP to use YouTube’s automated Content ID scheme (based on fingerprinting), which would find all instances of the singing president and get them taken down as well. And once again, BMGMP would have handled this as a routine request.  This was the only way that the Obamians could have ensured that the attack ad would not reappear.

It’s also worth pointing out here that the DMCA 512 does not obligate anyone to take content down; it only enables someone to avoid liability by doing so. YouTube automates 512 takedowns to minimize risk of liability and do so as efficiently as possible.

In other words, YouTube also responded to this situation in a routine fashion.  I would venture to guess that if a lawyer at YouTube actually looked at BMGMP’s takedown notice, he or she would have left the clip up, secure in the knowledge that no one would bother to file an actual copyright lawsuit against it.  (Similarly, I’m convinced that no one with a legal brain at BMGMP looked at this initially either.)

In other words, if anyone is liable for abuse of copyright — which is itself actionable — it’s the Obama campaign, which simply used routine mechanisms at both BMGMP and YouTube to accomplish its aims.  (Disclosure: I plan to vote for Obama in November.)  Otherwise, the errors were of omission, not commission; no actual human beings at BMGMP or YouTube appear to have thought or cared about, let alone considered the  fair use implications of, this incident.

Meanwhile, clips of Obama’s Apollo Theater performance have been restored to YouTube.  Yes, it took time, but that’s what you get when humans have to decide questions of Fair Use.

P.S. Romney’s ad has always been available elsewhere, just not on YouTube.

Follow

Get every new post delivered to your Inbox.

Join 677 other followers