Copyright Alert System Launches in U.S. February 25, 2013Posted by Bill Rosenblatt in Fingerprinting, Law, Music, Video.
With today’s launch of the Copyright Alert System (CAS) by the Center for Copyright Information, the United States joins the list of countries that have adopted a so-called graduated response system for educating Internet users about online copyright infringement and taking steps to punish repeat offenders. The CAS is finally launching after a few months’ delay, part of which was supposedly due to the effects of Sandy, the mega-storm that hit the northeast U.S. late last year. Other graduated response countries include France, New Zealand, and South Korea; the United Kingdom is currently struggling with its own implementation.
The CAS is a partnership between music and video content owners on the one hand and major ISPs on the other. The content owner representatives include not just the majors (RIAA and MPAA) but also the Independent Film and Television Alliance (IFTA) and American Association of Independent Music (A2IM). On the ISP side, membership includes the five largest providers: AT&T, Verizon, Time Warner Cable, Comcast, and Cablevision. Book and game publishers are not involved at this point.
The CAS is run by Jill Lesser, a tech policy veteran with deep experience on both the content and ISP sides. It has an advisory board whose principal function seems to be to curb abuses: it includes advocates for looser copyright laws (Gigi Sohn of Public Knowledge) and user privacy (Jules Polonetsky of the Future of Privacy Forum).
The CAS works similarly to other graduated response regimes: copyright owners employ infringement monitoring services, which can identify copyrighted works as users send them around the Internet using fingerprinting and other content recognition technologies. The monitoring services send notices to ISPs, which issue warning messages to users. The warnings get stronger with repeat infringements.
ISPs can opt to punish repeat alleged offenders by such means as throttling bandwidth and making users watch videos about copyright. (ISPs already have policies for terminating repeat infringers’ accounts, which they must have in order to maintain their eligibility for the DMCA safe harbor.)
Where the CAS differs from other graduated response systems is that it is not tied to law enforcement. The arrangement between content owners and ISPs is voluntary. ISPs will not terminate or suspend users’ Internet accounts, nor will they pass information about infringements on to copyright owners. Another difference is that the CAS is not being funded through taxes or levies on Internet service (although funding sources are confidential).
In other words, the CAS is a more purely educational approach than France’s HADOPI or other systems. Analysis of the CAS’s results will therefore be more useful in determining how successful education by itself can be in getting people to respect copyright. The hope is that education will do more than draconian statutory damages or blunt-instrument legislation.
Given how little effect those approaches have had, it may not be difficult to declare the Copyright Alert System a relative success in the years to come. As it is now, it seems like quite a reasonable system: it raises awareness about the importance of copyright by using advanced Internet technologies instead of relegating enforcement to outmoded nontechnical legal means; it is permeated with references to legal content sources; and it doesn’t cost users a thing.
As I have worked with video service providers that are trying to upgrade their offerings to include online and mobile services, I’ve seen bewilderment about the maze of codecs, streaming protocols, and player apps as well as content protection technologies that those service providers need to understand. Yet a development that took place earlier this month should help ease some of the complexity.
Microsoft’s PlayReady is becoming a popular choice for content protection. Dozens of service providers use it, including BSkyB, Canal+, HBO, Hulu, MTV, Netflix, and many ISPs, pay TV operators, and wireless carriers. PlayReady handles both downloads and streaming, and it is currently the only commercial DRM technology certified for use with UltraViolet (though that should change soon). Microsoft has developed a healthy ecosystem of vendors that supply things like player apps for different platforms, “hardening” of client implementations to ensure robustness, server-side integration services, and end-to-end services. And after years of putting in very little effort on marketing, Microsoft has finally upgraded its PlayReady website with information to make it easier to understand how to use and license the technology.
Streaming protocols are still a bit of an issue, though. Several vendors have created so-called adaptive streaming protocols, which monitor the user’s throughput and vary the bit rate of the content to ensure optimal quality without interruptions. Apple has HTTP Live Streaming (HLS), Microsoft has Smooth Streaming, Adobe has HTTP Dynamic Streaming (HDS), and Google has technology it acquired from Widevine. Yet operators have been more interested in Dynamic Adaptive Streaming over HTTP (DASH), an emerging vendor-independent MPEG standard. The hope with MPEG-DASH is that operators can use the same protocol to stream to a wide variety of client devices, thereby making deployment of TV Everywhere-type services cheaper and easier.
MPEG-DASH took a significant step towards real-world viability over the last few months with the establishment of the DASH Industry Forum, a trade association that promotes market adoption of the standard. Microsoft and Adobe are members, though not Apple or Google, indicating that at least some of the vendors of proprietary adaptive streaming will embrace the standard. The membership also includes a healthy critical mass of vendors in the video content protection space: Adobe, BuyDRM, castLabs, Irdeto, Nagra, and Verimatrix — plus Cisco, owner of NDS, and Motorola, owner of SecureMedia.
Adaptive streaming protocols need to be integrated with content protection schemes. PlayReady was originally designed to work with Smooth Streaming. It has also been integrated with HLS, which is probably the most popular of the proprietary adaptive streaming schemes. Integration of PlayReady with MPEG-DASH is likely to be viewed as a safe choice, in line with the way the industry is going. That solution came into view this month as BuyDRM and Fraunhofer IIS announced an integration of MPEG-DASH with PlayReady for the HBO GO service in Europe. HBO GO is HBO’s “over the top” service for subscribers.
For the HBO GO demo, BuyDRM implemented a version of its PlayReady client that uses Fraunhofer’s AAC 5.1 surround-sound codec, which ships with devices that run Android 4.1 Jelly Bean. The integration is being showcased with HD quality video on HBO’s “Boardwalk Empire” series. Users can connect Android 4.1 devices with the proper outputs — even handsets — to home-theater audio playback systems to get an experience equivalent to playing a Blu-ray disc. The current implementation supports live broadcasting, with VOD support on the way shortly.
PlayReady integrated with MPEG-DASH is likely to be a popular choice for a variety of video service providers, ranging from traditional pay TV operators to over-the-top services like HBO Go. BuyDRM and Fraunhofer’s deployment is an important step towards that choice becoming widely feasible.
New Study on the Changing Face of Video Content Security October 23, 2012Posted by Bill Rosenblatt in Conditional Access, Services, Video.
Farncombe Technologies, a pay TV technology consultancy based in the UK, has just released a white paper called “The Future of Broadcast Cardless Security.” The white paper incorporates the results of a survey of pay TV operators, content owners, security vendors, and device makers on pay TV security concerns today and in the future.
Operators of pay TV (cable, satellite, and telco-TV) networks have put more money and effort into digital content security than any other type of media distributor, certainly more than any digital music or e-book sellers ever have. That’s because the economic incentives of pay TV operators are aligned with those of content owners such as movie studios and TV networks: operators don’t want their signals stolen, while content owners want to minimize unauthorized use of the content that travels over those signals.
For a long time, the technology used to thwart signal theft was the same as that used to guard against copyright infringement: conditional access (CA). Life was simple when cable companies operated closed networks to dedicated set-top boxes (STBs): the content went from head ends to STBs and nowhere else. In that situation, if you secure the network, you secure the content. But nowadays, two developments threaten this alignment of incentives and thus blow open the question of how pay TV operators will secure content.
First, the model of so-called piracy has changed. Historically, pay TV piracy has meant enabling people to receive operators’ services without paying for them, by doing such things as sharing control words (decryption keys in CA systems) or distributing unauthorized smartcards for STBs. But now, with higher broadband distribution and technologies such as BitTorrent, people can get content that flows over pay TV networks without touching the pay TV network at all.
Second, operators are offering “TV Everywhere” type services that let users view the content on Internet-conneted devices such as PCs, tablets, smartphones, and so on, in addition to through their STBs. They are doing this in response to competition from “over the top” (OTT) services that make video content available over the Internet. Operators have less direct incentive to protect content being distributed to third-party Internet-connected devices than they do to protect it within their own networks.
The Farncombe study predicts the likely effects of these developments (and others) on pay TV security in the years to come. According to the survey results, operators’ primary piracy concerns today are, in order of priority: control word sharing, rebroadcasting their content over the Internet (illegal streaming), and downloads of their content over the Internet (e.g. torrents); but in five years’ time the order of priority is expected to reverse. The threat of bogus smartcard distribution is expected to diminish.
The intent of this whitepaper is to motivate the use of pure software security technology for pay-TV networks, i.e., schemes that don’t use smartcards. So-called cardless security schemes are available from vendors such as Verimatrix, which sponsored the whitepaper. They are cheaper to implement, and they now use software techniques such as whitebox encryption and code diversity that are often considered to be as strong as hardware techniques (for more on this, see my 2011 whitepaper The New Technologies for Pay TV Content Security, available here).
However, the whitepaper also calls for the use of forensic Internet antipiracy techniques instead of — or in addition to — those that (like CA) secure operators’ networks. In other words, if piracy takes place mostly on the Internet instead of on operators’ networks, then antipiracy measures ought to be more cost-effective if they take place on the Internet as well.
The paper advocates the use of techniques such as watermarking, fingerprinting, and other types of Internet traffic monitoring to find pirate services and gather evidence to get them shut down. It calls such techniques “new” although video security companies such as NDS (now Cisco) and Nagravision have been offering them for years, and Irdeto acquired BayTSP a year ago in order to incorporate BayTSP’s well-established forensic techniques into its offerings. A handful of independent forensic antipiracy services exist as well.
This all begs the question: will pay TV operators will continue to put as much effort into content security as they have done until now? Much of pay TV networks’ offerings consist of programming licensed non-exclusively from others. The amount of programming that is licensed exclusively to operators in their geographic markets — such as live major-league sports — is decreasing over time as a proportion of total programming that operators offer.
The answer is, most likely, that operators will continue to want to secure their core networks, if only because such techniques are not mutually exclusive with forensic Internet monitoring or other techniques. Yet operators’ security strategies are likely to change in two ways. First, as the Farncombe whitepaper points out, operators will want security that is more cost-effective — which cardless solutions provide.
Second, network security technologies will have to integrate with DRM and stream encryption technologies used to secure content distributed over operators’ “TV Everywhere” services. The whitepaper doesn’t cover this aspect of it, but for example, Verimatrix can integrate its software CA technology with a couple of DRM systems (Microsoft’s PlayReady and Intertrust’s Marlin) used for Internet content distribution. Licensors of content, especially those that make exclusive deals with operators, will insist on this.
The trouble is that such integrated security is more complex and costs more, not less, than traditional CA — and the costs and complexities will only go up as these services get more sophisticated and flexible. Operators may start to object to these growing costs and complexities when the content doesn’t flow over their networks. On the other hand, those same operators will become increasingly dependent on high-profile exclusive licensing deals to help them retain their audiences in the era of cord-cutting — meaning that content licensors will have a strong hand in dictating content security terms. It will be interesting to see how this dynamic affects video content security in the future as it emerges.
Irdeto Intelligence: Monitoring Video Content Beyond Managed Networks September 11, 2012Posted by Bill Rosenblatt in Conditional Access, Services, Video.
1 comment so far
Last week’s big IBC conference in Amsterdam brought a raft of announcements from video content protection vendors, most of which were typical customer success stories and strategic partnerships. One product launch announcement, however, was particularly interesting: Irdeto Intelligence, which launched last Friday.
Irdeto Intelligence is the result of the company’s acquisition of BayTSP in October 2011. The service is an extension of BayTSP’s existing offering and had been under development before the acquisition. It crawls the Internet looking for infringing content and provides an interactive dashboard that enables customers to see data such as where infringing files were found (by ISP or other service provider) and the volume for each title.
Before Irdeto acquired BayTSP last year, it was one of a handful of independent companies that crawl the Internet looking for infringing content; others include Attributor, Civolution, MarkMonitor, and Peer Media Technologies. The company wanted to grow its business beyond its core piracy monitoring service. It found — like other companies of its type — that the mountains of data on so-called piracy that it was collecting had value beyond helping copyright owners generate cease-and-desist or takedown notices.
The big issue with piracy monitoring services is — as with so many other technologies we discuss here — who pays for them. Hollywood studios (and other types of media businesses) pay the companies mentioned above to find infringing copies of their content. Now that BayTSP is part of a leading video security business, its customers become managed network operators (cable, satellite, telco-TV) and broadcasters. As I mentioned last year when the acquisition was announced, a cynic could read the deal as Hollywood’s attempt to push piracy monitoring costs downstream to operators, just as it does the cost of DRM and conditional access.
Irdeto confirmed that it is still offering BayTSP’s existing services to copyright owners. Still, Irdeto’s acquisition of BayTSP is something of a gamble. It’s part of a theme that I see growing in importance over the next few years: competition from Internet-based “over the top” (OTT) services is forcing managed network operators to offer “TV Anywhere” type services for viewing their programming over Internet-connected devices such as PCs, tablets, and mobile handsets.
Hollywood has always had a strong relationship with managed network operators on content protection because their economic incentives were aligned: Hollywood wanted to mitigate infringement of its movies and TV shows; operators wanted to mitigate theft of access to their networks. This has led to set-top boxes that are fortresses of security compared, say, to e-book readers, portable music players, and (especially) PCs.
But once operator-licensed content leaves managed networks to go “over the top,” just how much responsibility do operators have to protect content? This is a question that will loom larger and larger.
Other providers of conditional access (CA) technology for operators, such as NDS (now Cisco) and Nagra, offer piracy monitoring services. But those have typically been limited in scope to things like sharing of control words (content keys used in CA systems for the DVB standard), not illegal file-sharing. In acquiring BayTSP, Irdeto is betting that operators will want to pay more for this type of monitoring.
But why would, say, a cable operator care about content uploaded to file-sharing sites? Once they have this information, how would they use it if not to generate takedown notices or other legal means of getting infringing content removed?
Irdeto has two answers to this question. Most important is live event content, particularly sports. Hollywood has nothing to do with this type of content. Operators and terrestrial broadcasters suffer when users can view live events on illegal streaming sites with only slight time delays. Irdeto Intelligence updates its search results at five-minute intervals, so that operators can act to get illegal streams shut down very quickly.
The second reason has to do with the fact that more and more operators are offering so-called triple play services which include Internet service in addition to TV and telephony. A triple play provider will be seeking licenses to content from Hollywood, which will be more willing to grant licenses if provider actively addresses infringing content on its ISP service.
Irdeto says that it has signed two customers for Irdeto Intelligence so far, and that it received strong interest for the service on the show floor at IBC. It will be interesting to see how other video security vendors react as OTT and TV Anywhere continue to grow.
Inisoft of Korea Acquires BuyDRM May 24, 2012Posted by Bill Rosenblatt in DRM, Video.
add a comment
Inisoft, a Korean company that does software development for mobile media applications, has acquired Texas-based BuyDRM. BuyDRM is a well-established player in the Microsoft DRM ecosystem with customers including HBO, BBC, and NBC. The company offers a DRM platform called KeyOS that incorporates Microsoft’s PlayReady DRM; Inisoft focuses on media player applications and DRM clients for mobile devices.
The deal is a good one for both parties as well as the premium video content marketplace in general. It enables BuyDRM — which will continue to operate under its own name — to increase its ability to offer the “one stop shopping” that service providers are often looking for, to build services that work on multiple devices more quickly and easily. This is increasingly necessary as service providers are scrambling to build “TV Everywhere” type services over multiple networks to a growing number of devices.
The newly-merged company is in a sweet spot in the video market, due to PlayReady’s emergence as a leading DRM for Hollywood content, for both streaming and download. Yet while Microsoft has fostered a healthy partner ecosystem, as it typically does for “platform” technologies like PlayReady, the ecosystem that exists can be confusing to service providers.
For one thing, Microsoft isn’t supporting the most popular client platforms by itself. Microsoft provides PlayReady server code and client code for Windows, Silverlight (Microsoft’s web application development platform), and Windows Phone, plus an SDK for porting to non-Microsoft platforms. But unlike other video DRM providers (e.g., Widevine), it doesn’t provide the actual ports to other client devices — including the most popular (and admittedly competing) platforms, Apple’s iOS and Google’s Android. Instead it leaves that to its partners.
The other problem is that Microsoft’s PlayReady partners cover an overlapping array of technologies and services that can be confusing to service providers who just want to get something up and running that meets Hollywood’s content protection requirements. There’s a profusion of vendors with different and often overlapping product sets. As a few examples: Discretix and Trusted Logic offer secure client ports but not server code; Axinom and castLabs offer server-side only; AuthenTec and Irdeto offer both server and client implementations; Verimatrix integrates PlayReady with its own stream protection technology; yet other vendors like Azuki Systems provide complete platforms for multiscreen Internet video content delivery with many more components beyond DRM.
The process of acquiring this technology is thus more complicated than it needs to be, especially in this age of proliferating devices and platforms. Service providers that are interested in using PlayReady to protect licensed content don’t get much help from Microsoft in guiding them through this maze of products and services; partners are left to do all the marketing. (Microsoft itself hasn’t put out a press release on PlayReady in over a year, despite its traction in the market.) In effect, Microsoft has let the market sort itself out through the relatively slow and cumbersome processes of partnerships, OEM deals, multiple-vendor arrangements, and — in the case of BuyDRM and Inisoft — mergers/acquisitions.
Having said that, Inisoft’s acquisition of BuyDRM should help bring some much-needed clarity to service providers. It is a positive development for the market for multi-device video services with studio content.
Webinar on Studios’ Content Security Policies April 24, 2012Posted by Bill Rosenblatt in Conditional Access, DRM, Events, Video, Watermarking.
add a comment
For those who couldn’t attend the breakfast event at the NAB trade show last week, I will be doing a webinar on Content Security Requirements for Multi-Screen Video Services, on Thursday April 26 at noon US east coast time/1700 GMT. I’ll be presenting a synopsis of the whitepaper I published last December on the topic. I will be joined by Petr Peterka, CTO of Verimatrix, sponsor of the webinar. Click here to register.
UltraViolet Gets Two Lifelines January 12, 2012Posted by Bill Rosenblatt in Economics, Fingerprinting, Services, Standards, Video.
add a comment
A panel at this week’s CES show in Las Vegas yielded two pieces of positive news for the DECE/UltraViolet standard, after a launch several months ago with Warner Bros. and its Flixster subsidiary that could charitably be called “premature.” Of the two news items, one is a nice to have, but the other is a game-changer.
Let’s get to the game-changer first: Amazon announced that a major Hollywood studio is licensing its content for UltraViolet distribution through the online retail giant. The Amazon executive didn’t name the studio, though many assume it’s Warner Bros. Even if it’s a single studio, the importance of this announcement to the likelihood of UltraViolet’s success in the market cannot be overstated.
Leaving aside UltraViolet’s initial technical glitches and shortage of available titles, the problem with UltraViolet from a market perspective had always been a lukewarm interest from online retailers. As I’ll explain, this hasn’t been a surprise, but Amazon’s new interest in UltraViolet could make all the difference.
UltraViolet is the “brand name” of a standard from a group called the Digital Entertainment Content Ecosystem (DECE), headed by Sony Pictures executive Mitch Singer. It implements a so-called rights locker for digital movies and other video content. Users can establish UltraViolet accounts for themselves and family members. Then they can obtain movies in one format (say, Blu-ray) and be entitled to get it in other formats for other devices (say, Windows Media file download for PCs). They can also stream the content to a web browser anywhere. The rights locker, managed by Neustar Inc., tracks each user’s purchases.
In other words, UltraViolet promises users format independence and a hedge against format obsolescence, while providing some protection for the content by requiring it to be packaged in several approved DRM and stream encryption schemes. It includes a few limitations on the number of devices and family members that can be associated with a single UltraViolet account, but in general UltraViolet is designed to make video content more portable and interoperable than, say, DVDs or iTunes downloads.
Five of the six major Hollywood studios (all but Disney*), plus the “major indie” Lionsgate, are participating in UltraViolet.
One of the design goals of UltraViolet was to ensure that no single retailer could attain a market share large enough to be able to control downstream economics — in other words, to avoid a replay of Apple’s dominance of digital music downloads (and possibly Amazon’s dominance of e-books). To do this, the DECE studios pushed for ways to thwart consumer lock-in by online retailers that would sell UltraViolet content.
The most important example of this is rights locker portability: users can access their rights lockers from any participating retailer. UltraViolet retailers must compete with each other through value-added features.
Amazon’s Kindle e-book scheme offers a good illustration of platform lock-in and how it differs from other features that a retailer can build or offer. If you buy an e-book on Amazon, you can download and read it on a wide variety of devices: not just Kindle e-readers but also iPads, iPhones, Android devices, BlackBerrys, PCs, and Macs — in other words, pretty much everything but other e-reader devices. You get e-book portability — it will even remember where you last left off if you resume reading an e-book on another device — but you are still tied to Amazon as a retailer. If you want to read the same e-book on a Nook, for example, you have to buy it separately from Barnes & Noble (and then you can read that e-book on your PC, Mac, iPhone, Android, etc.).
This lock-in gives Amazon power in the market as a retailer; it had 58% market share as of February 2011 (by comparison, Apple has over 70% of the music download market). UltraViolet wants to make it as difficult as possible for a single digital video retailer to assert such market power.
The downside of that policy has been a lack of enthusiasm among retailers to sell UltraViolet-licensed content — which entails significant development investment and operational expenses. A good shorthand way to evaluate the potential impact of a standards initiative is to look at the list of participants: what points in the value chain are represented, how many of the top companies in each category, and so on. In DECE’s case, members have included most of the major movie studios, plenty of consumer device makers, lots of DRM and conditional access technology vendors, and so on, but few big-name retailers… one of which (Best Buy) already had a different system for delivering digital video content via Sonic Solutions.
Warner Bros. tried to jump-start the UltraViolet ecosystem by acquiring Flixster, a movie-oriented social networking startup, adding digital video e-commerce capability, and using it as an UltraViolet retailer for a handful of Warner titles. This has been little more than a proof-of-concept test, which was plagued by some technical glitches and suboptimal user experience — all of which, according to Singer, have been fixed.
It would be unworkable for Hollywood to pin its hopes for its next big digital format on a small unknown retailer owned by one of the studios. It has been vitally necessary to attract a big-name retailer to both validate the concept and provide the necessary marketing and infrastructure footprints. There had been talk of Wal-Mart entering the UltraViolet ecosystem, although it already has its own video delivery scheme through VUDU. But otherwise, the membership list had been short on major retailers.
Of course, Amazon is the major-est online retailer of them all. And it so happens that Amazon’s digital video strategy is a good fit to UltraViolet in two ways. First, Amazon currently runs a streaming service (Amazon Instant Video), whereas UltraViolet is primarily focused on downloads, a/k/a Electronic Sell Through (EST): the idea of UltraViolet is to buy a download and only then be able to view it via streaming.
Second, Amazon Instant Video does not look particularly successful. Of course, Amazon does not reveal user numbers, but it is telling that Amazon included Instant Video Unlimited as a perk in its US $79/year Amazon Prime program… and that when people extol the virtues of Amazon Prime, they tend to emphasize the free overnight shipping but rarely the streaming video.
The biggest winner thus far in the paid online video sweepstakes is Netflix, with about 24 million subscribers as of mid-2011. Netflix’s subscription-on-demand model is most likely far more popular than Amazon Instant Video’s pay-per-view (except for Amazon Prime members) model. Thus Amazon may be looking for ways to improve its market position in video without having to hack away at the Netflix streaming juggernaut.
The video download market is in comparative infancy. It has no runaway market leader a la Netflix, or Apple in music. If this situation persists long enough, and if Amazon’s trial run with UltraViolet is successful, then other retailers might see UltraViolet as a viable format as well… precisely because it will make them better able to compete with the Online Retailing Gorilla.
Yet the other dimension of UltraViolet that is currently lacking is availability of titles. And that’s where the other CES announcement comes in. Samsung announced a “Disc to Digital” feature that it will incorporate into new Blu-ray players later this year. With this feature, users can slide in their Blu-ray discs or DVDs, and if the content is “eligible,” they can choose to have that content available in their UltraViolet rights lockers for delivery in any UltraViolet-compliant format.
The Disc to Digital feature is a collaboration between Flixster (i.e. Warner Bros.) as online retailer and Rovi as technology supplier. It works in a manner that is analogous to “scan and match” services for music such as Apple iTunes Match: it scans your DVD or Blu-ray disc, identifies the movie, and if the movie is available in the UltraViolet library of licensed content, gives you an UltraViolet rights locker entry for that movie. Rovi’s content identification technology and metadata library are undoubtedly at the heart of this scheme.
There are two catches: first, users will have to pay a “nominal” fee per disc for this service, which is even larger (and as yet unspecified) if they want it in high definition; second, it is limited to “eligible” content, and no one has offered a definition of “eligible” yet (beyond the fact that the content must come from one of the DECE participating studios). But surely the “eligible” catalog will exceed the current list (19 titles) by orders of magnitude, or the service will not be worth launching.
Nevertheless, these developments are very positive news for DECE/UltraViolet after months of embarrassments and bad press. DECE still has lots of work to do to make UltraViolet successful enough to be the major studios’ designated successor to Blu-ray, but at last it’s on track.
*Yes, I’m aware of the irony of using a tag line from “Who Wants to Be a Millionare” in the title of this article: Disney owns the home entertainment distribution rights to that hit TV game show.
add a comment
I have released a new white paper on content security requirements for video services that distribute content to multiple devices. This white paper discusses copyright owners’ requirements for security in today’s world of proliferating devices and delivery channels.
So-called managed networks (cable, satellite, and telco TV) are under increasing pressure to compete with “over the top” (OTT) video services that can run on any IP-based (unmanaged) network to a variety of devices — services like Netflix and Hulu. In the US, in fact, total subscriberships of OTT services are fast approaching the total subscriberships of cable, satellite, and telco TV.
Therefore pay-TV operators have to respond by making their content available on a similar variety of devices and even through unmanaged networks. While some major pay-TV providers like Comcast and Time Warner Cable are launching “TV Everywhere” services, many more pay-TV operators are trying to keep up by building their own service extensions onto mobile phones, tablets, and home devices other than traditional set-top boxes (STBs).
Content security is one of the many requirements that operators have to meet in order to license content from studios, TV networks, sports leagues, and other major content sources. Life for pay-TV operators used to be relatively simple: adopt a conditional access (CA) technology that was equally effective in thwarting signal theft as it was in thwarting content piracy. Economic and security goals were aligned between operators and copyright owners. Now life is considerably more complicated, as operators have to support home networks and branch out into mobile services. Content security requirements are more complicated as well.
This white paper gathers security requirements from major content owners and describes them in a single document. The intent is to help pay-TV operators and other video service providers that are looking to launch multi-screen video services, so that they know what to expect and avoid any unpleasant surprises with regard to security requirements when licensing content to offer through their services.
I spoke to representatives from most of the major Hollywood studios to get their requirements. Although it is not possible to build a gigantic table that an operator can use to look up DRM or conditional access requirements for any given delivery modality and client device — among other things, such a table would become obsolete very quickly — I was able to create a set of guidelines that should be useful for operators.
Content security guidelines do depend on certain factors, including release windows (how long after a film’s theatrical release or a TV show’s first airing), display quality, and the usage rules granted to users and their devices. In the white paper, I map these factors to certain specific content security requirements, such as roots of trust, watermarks, software hardening, and DRM robustness rules. Security guidelines also depend on external market factors that the white paper also describes.
Irdeto Acquires BayTSP October 24, 2011Posted by Bill Rosenblatt in Fingerprinting, Publishing, Services, Video.
Irdeto announced on Monday that it is acquiring the antipiracy services company BayTSP. Terms were not disclosed, but this is the culmination of a “strategic alternatives exploration” process that BayTSP had been engaging in for some time.
BayTSP monitors P2P networks, file-sharing services, and other places where unauthorized content might lurk and generates evidence that content owners can use to support legal action against infringers. It uses a range of technologies, including sophisticated network traffic analysis and fingerprinting. It has been one of a shrinking number of providers of such services as the industry has consolidated.
This is a good strategic fit for Irdeto in various ways. First, BayTSP will boost Irdeto’s existing antipiracy services; this will strengthen the company’s competitive positioning particularly against NDS, which is known to have robust antipiracy services to complement its content protection technologies. Second, BayTSP has made some recent forays into e-book antipiracy services, which will complement Irdeto’s own new content protection technology for the e-publishing market.
Yet the consolidation of antipiracy services within a major content protection company has interesting implications for the economics of content protection. Typically, copyright owners pay for antipiracy services such as those of BayTSP, Peer Media, and Attributor, but downstream entities such as network operators, online retailers, and device makers pay for content protection technologies such as conditional access and DRM. At the same time, pay TV operators are starting to launch services in which the content can go beyond the customer’s set top box, possibly onto their tablets, mobile handsets, and PCs. The question is: do pay TV operators believe it’s their responsibility to protect the content beyond the STB?
Irdeto will have to decide the answer to this question. Specifically: will it continue to charge content owners for BayTSP’s antipiracy services, or will it attempt to add to the fees it charges its operator customers? To put it more cynically, have Hollywood studios encouraged Irdeto to acquire BayTSP (as they encouraged Irdeto to buy BD+ Blu-ray content protection technology from Rovi just three months ago) so that they no longer have to pay for it?
Seen in this light, Irdeto’s acquisition of BayTSP becomes part of the company’s overall strategy to offer more comprehensive and higher-grade content protection services to pay TV operators, on the theory that they will pay more to get better protection. This is a risky strategy, but given the growing footprint that Irdeto has in the overall content protection market, it’s a risk that Irdeto can probably afford to take.
add a comment
The 28-page paper describes the current state of the art of techniques for protecting video content delivered over pay television networks such as cable and satellite. The two primary theses of the white paper are:
- Pay TV often leads in content protection innovation over other media types and delivery modalities. That is because, among other reasons, it is a fairly rare case where the economic interests of content owners and service providers are aligned: content owners don’t want their content used without authorization, and pay-TV operators don’t want their signals stolen. Therefore pay-TV operators have incentives to implement strong and innovative content security solutions.
- Before today, many content security schemes could be described as hack-it-and-it’s-broken (such as CSS for DVDs) or a cycle of hack-patch-hack-patch-etc. (such as AACS for Blu-ray or FairPlay for iTunes). Now technologies are available that break the hack-patch-hack-patch cycle, thereby decreasing long-term costs (TCO) and complexity.
The white paper starts with a brief history of content protection technologies for digital pay TV, starting with the adoption of the Digital Video Broadcasting (DVB) standard in 1994. Then it describes various newer technologies, including building blocks like ECC (elliptical curve cryptography), flash memory, and secure silicon; and it describes new techniques such as individualization, renewability, diversity, and whitebox cryptography. It ties these techniques together into the concept of security lifecycle services, which include breach response and monitoring.
The final section of the paper discusses fingerprinting and watermarking as two techniques that complement encryption as ways of finding unauthorized content “in the wild.”
My thanks to Irdeto for sponsoring this paper.