For many intellectual property owners, the perceived potential for piracy and loss in Web- and disc-based content distribution dramatically outweighs the profit. Much of that may change as copy protection schemes grow more sophisticated, and content owners learn how to make the Web work for them. But what options are available now for keeping content safe?
October 2002|Copy protection has taken on many forms since Hollywood studios began fighting the villainous VCR back in the 1970s. While few will argue that content providers shouldn't be fairly compensated for their efforts, defining what's "fair" has perhaps become the biggest challenge. Copying an audio CD and handing it off to a friend to check it out is okay. Doing the same with a CD-ROM is not okay. Doing it with a DVD is worse, and retrieving anything copy-protected off the Internet without permission makes you not only criminal, but contemptible. And how many of us who use the Internet frequently can honestly say we're unimpeachably above such contempt?
Of course, the Internet isn't entirely a loss leader for would-be protectors of copyrighted content, but for many intellectual property owners, the potential for profit is dramatically outweighed by the perceived loss. Much of that may change in the coming years as the Internet becomes more sophisticated and content companies learn how to make it work for them. But what options are available now for keeping content safe on disc and Web?
Even today's most highly publicized copy protection triumphs are arguably hollow victories. Consider the two biggest headline-grabbers in the piracy/fair use wars of the last half decade: Napster and DeCSS. While Napster, for all practical purposes, disappeared almost two years ago, its founders cashed in big in the Bertelsmann buyout, and even as their successors, such as AudioGalaxy, are slowly, painstakingly silenced, new, peer-to-peer sites sharing the same files quickly rise to take their place.
Meanwhile, in a surprising move announced mid-summer, Eric Corely—notorious publisher of the DVD-cracking DeCSS code—announced that he would not appeal the rulings by the New York District Court and the 2nd Circuit Court of Appeals that put his 2600 Magazine Web site out of business. The ruling says he violated the 1998 Digital Millennium Copyright Act when he posted links to code that unlocked digital copyright protections on DVDs. The code, written by a Norwegian teenager who said he wanted to be able to write a software DVD player for the open-source Linux operating system, remains widely available in various guises that users can quickly download. And unfettered peer-to-peer video sharing accomplishes much the same sort of unlicensed distribution that DeCSS was attacked for enabling. And the protection of DVD content isn't even foremost in the minds of the entertainment industry these days, as they look ahead to digital television and broadband, and the evolving structure of the post-DVD world of high-definition content distribution, and seek to future-proof—via restrictions on future recording devices—their copy protection capabilities.
It's hard to say definitively which way the tide is turning, but the law seems to be on the side of content providers here, even though the waters remain murky. Freedom of speech is still something few want to challenge. But obviously, the Internet is changing our definitions of freedom of expression and fair use, and will continue to do so as technology further outpaces our means of intellectual property protection.
Whatever their (mis)fortunes on the Web, technology companies have enjoyed some success in fighting disc copy protection in the streets: March 2002 saw the first-ever publicized bust of DVD-R pirates in the Bronx, New York, and the LAPD nabbed a similar piracy ring in Long Beach in July. While these busts brought down relatively small operations, they appear for now to be proportional to the problem in the U.S. Piracy overseas, however, particularly in Asia, continues to run rampant. While there is a thirst for American culture, there is also a distaste for perceived American greed, so until these attitudes change, would-be protectors of copyrighted content will continue to wage an uphill battle.
Statistics
Software piracy grew from 37 percent in 2000 to 40 percent in 2001 around the world, according to the Business Software Alliance's (BSA) seventh annual survey on global software piracy. "In the seven years that we have conducted this study, this is the first time piracy has increased two years in a row. This is particularly disturbing in light of the fact that more and more software companies are moving their distribution systems to the Internet," says BSA president and CEO Robert Holleyman. Vietnam, China, and Indonesia topped the piracy charts although in the last year we've seen minor percentage declines there. North America continued to be the region with the lowest piracy rate at 26 percent, up one percentage point from 25 percent in 2000. However, North America accounted for the third-highest piracy dollar losses, totaling $1.9 billion, down from $2.9 billion in 2000. That decline can be deceiving. BSA attributes it to the strong U.S. dollar relative to local currencies and to lower software prices.
The Recording Industry Association (RIAA) says they were more successful in busting up illegal operations in 2001 than they were in 2000. Raids on more than 230 distribution operations and more than 145 manufacturing operations led to the seizure of 2.8 million unauthorized CD-Rs. Raids aside, the RIAA says the music industry loses more than $1 billion per year from the illegal activities conducted in the world's four leading pirate marketplaces: Brazil, China, Russia, and Mexico. Not including losses resulting from Internet piracy, the sale of pirate recordings exceeds $4.2 billion worldwide.
The Game Industry
Ric Hirsch, senior vice president for intellectual property enforcement at the Interactive Digital Software Association (IDSA), says the new game platforms and software boast more rigorous copy protection than their predecessors. "That being said, part of the curse of creating a successful platform, is that it increases the incentive to crack copy protection," Hirsch says. "Playstation2 has already been cracked, and it appears to be happening for Xbox. Organized groups make it their business to cut through copy protection systems and put them up on the Internet on the first day of release of any new game software. While most people are stymied by the copy protection, real professionals will figure out the copy protection nine times out of ten."
As for piracy outside the United States, Hirsch says, the criminal justice systems in other countries don't work as well as in the U.S, but they also have problems that rank higher on their priority lists, like chronic unemployment.
What about the Internet and peer-to-peer sharing? "The Internet creates a worldwide street corner for people to offer pirate versions of games or anything else," Hirsch says. "As for peer-to-peer sharing, that is not much of a problem for the game industry as yet. Game files are much larger than music files. There are efforts to compress these files and make them smaller by stripping out certain elements, but that begins to degrade the games. However, I know we'll have to address P2P at some point."
The Technologies
So many problems plague copy protection schemes…none the perfect answer. By introducing watermarking and encryption solutions that supposedly degrade sound on copied discs (but also create unintended compatibility issues for the original discs because they're written out of spec), technology companies are trying to stand up to the challenges.
For example, during the winter of 2002, there was the Midbar Cactus Data Shield debate. Island/Def Jam released More Fast & Furious on CD with Midbar's protection. Retailers had expected at least a ten percent return rate on the disc as a result of compatibility issues with certain CD players. While our unofficial survey revealed those concerns to be unfounded, the potential problem was there.
The beat goes on. In June, it was reported that CDs protected by the Cactus Data Shield as well as Sony's key2audio could be defeated with a felt-tip marker. While Midbar says that it was never considered to be a universal hack, it's still proof that technology companies need to stay one step ahead of hackers. Midbar is holding true to its word and has introduced CDS-200.4.0. This new version of their technology enables protected playback on the Mac. Among others, this version also includes a feature whereby recording labels now have the option to add "extra" multimedia content to the disc. CDS-200.4.0. also includes a feature that eliminates the remote potential to hack in such a way.
Sony DADC's SecuROM is a copy protection solution that applies an electronic keycode to each disc to differentiate an authentic CD-ROM from a fraudulent one. Software developers are provided with an online encryption toolkit. The publisher can encrypt his or her title on the Internet. The replicator needs to get software from Sony, and will have to figure out which keycode to put on the master during glass mastering. With the keycode in place, the replicator can use standard testing tools.
Two security features have been added to Sony DADC's SecuROM offering. The first is an enhanced disc encryption signature. At present, SecuROM is the only solution currently available that cannot be defeated by popular raw data copying tools such as DiscJuggler or Clone CD, as well as by any generic cracks or emulators, according to Johannes Stegfellner, director of SecuROM Licensing. Drive compatibility, he says, is 99.9 percent.
Another new feature of SecuROM is Trigger Functions which allow the developer to program multiple and fully customizable authentication checks throughout the entire application, providing what is said to be a much stronger copy control than systems with only one check at program start. The Trigger Function toolset enables the publisher/developer to customize a unique security code for each title to prevent even title-specific cracks and Internet piracy.
TTR Technologies has been working since the late 1990s to perfect a copy protection technology that will satisfy the music industry. According to CEO Sam Brill, they have found a way to offer six options within their SafeAudio applications, which are marketed by Macrovision. Their technology is put on to the disc during the replication process. Virtually all encoder and test equipment manufacturers have adopted SafeAudio and integrated it into their encoders. For disc-distributed software, the company has introduced DiscGuard DVD which is a non-reproducible electronic signature applied during mastering. This signature is used to decrypt the content on the disc. If the signature is not present that means it is an unauthorized copy and the content cannot be decrypted and the copy is useless. The signature does not require any modifications to existing DVD encoders.
As with DiscGuard and SecuROM, Smarte Solutions Inc.'s recent agreement with DCA Inc. lets the replicator continue to be part of the copy protection solution. DCA will enable their encoding equipment to support SmarteCD's protection technology during the signal processing of optical disc masters. The result, according to Smarte Solutions, is a fail-safe mechanism for eliminating vulnerabilities within the mastering process by altering the media and preventing it from being duplicated or digitally reproduced, rendering a pirated copy useless. "Pricing on Smarte Solutions will depend on volume and other criteria," a company spokesman says.
StarForce Technologies has introduced the newest product in its suite of software protection solutions. Called StarForce CD-R, these discs are produced through a one-of-a kind manufacturing process and are intended to use on ordinary CD-ROM drives. According to the company, no one can tell the StarForce discs apart from regular gold or silver CD-Rs. They are made by a special technology that while the disc is in the drive, the StarForce system determines if it's the original disc or an illegal copy. If it's a copy, it won't run. If the disc is original, the program will work as intended; the user is never aware of the protection.
"What's interesting is that the disc will appear to copy exactly with the help of CloneCD, BlindWrite, and similar tools, but the application will not run. In addition, trying to use drive emulators such as VirtualCD to get the copied program to run will fail to work," they say.
StarForce also provides a technical solution for legal backup copying issues for users who wish to make a backup copy of their purchased software. The StarForce Backup System distinguishes between a legal and an illegal user and can provide the legal user with an opportunity to make a backup copy of software that has been copy-protected. The system was designed to provide backup capability for applications protected by StarForce Professional and CD-R copy protection systems. It ties an application to a user's computer and allows the user to run a protected application without the original protected CD identification procedure. A user does not have to use the original protected CD to run the application, only a copy of the CD in the CD drive. But if a motherboard or CPU is replaced, a user will have to use the original protected CD to run the application again.
Another company added to the mix is Israel-based Doc-Witness, which expects to release a new technology in Q4 2002. Called OpSecure, the technology looks exactly like a CD-ROM, but requires a Smart Card that ships with the CD to open content on the disc. On the regular optical surface of the CD you have the software and the locks. The keys are kept in the Smart Card. "If someone tries to copy the CD, he will copy the software and the locks, but copies will not have the key because they are not physically contained on the optical surface of the CD. Unlike with a static key, there is no type of encryption on the information," says Doc-Witness's vice president of marketing Gal Inbar.
OpSecure also deals with the problem of sharing. The first time a user installs a CD, the Smart Card looks at the motherboard's number and stores it on the smart card memory. That number is compared each time the same disc is installed. The system will tell the user when the licensing agreement is exceeded. This sole identity concept can be carried online as well, according to Inbar. "Passwords are generated by the Smart Card," he says. "The user won't know what the password is and won't be able to share it with other people. Smart Card will check the password after the login." The technology is costly, and not suited to movies or music, but rather to expensive software programs. Inbar estimates cost to be about $2/unit. The first application, expected to be ready this quarter, will be for Playstation2. By first quarter 2003, the company hopes to offer mass production capacity with a system that will be fully compatible with existing replication lines.
Elicense is another technology vying for software piracy prevention business. Developed by ViaTech Technologies of Natick, Massachusetts, Elicense was used originally in the music industry on a Snoop Dogg title, but the company has since switched its focus to software. This technology puts a key within the registry when a title with the protection is installed. When that title is run in the future, the system will check for that key in the registry. That key will also check certain physical serial numbers within the computer itself. Elicense will cost about 10 cents per disc for physical media. If the content is sold via a download, the company will get a percentage of sales, so it's a sliding scale, according to spokesman Eric Schwertzel. A couple of game publishers are said to be currently using the technology.
Peer-To-Peer
Peer-to-peer networking is not necessarily the enemy of the content creator. While there is bad blood between the music industry and Napster and KaZaA, there are ways to legitimize P2P, but it is going to take time and tolerance.
Altnet is one company that currently offers technology designed to help P2P go legit. With its TopSearch product, the company delivers copy-protected content to its users through KaZaA. That sounds like a contradiction in terms, but here's how it works. When Altnet members do a search, they get a list of copy-protected content. Unfortunately, they also get a list of unsecured content from KaZaA. Altnet says, however, that once they have a viable consumer base, it will work as a standalone product.
Altnet develops an index file, and when someone installs the latest version of KaZaA that index is part of it. Companies purchase keyword terms. If a user enters a term that matches, the Altnet index file then knows to return the results. All TopSearch results are secured with Microsoft DRM. "The content owner gets to control usage rights associated with it, or if they want to charge for the files, the content owner maintains the control," says an Altnet spokesman. "Altnet is saying to content owners there are 80 million people around the world that are content hungry and want to download your stuff. Give it to them in a manner that is secure and give them a way to pay for it easily. There has never been a way to pay for P2P."
A company spokesman gives an example of how a company can make money from Altnet's product. "One older video game that hasn't been available for years is now on TopSearch. They're now getting $2000 a week in revenue. That's just a trial period. That's one title after one month. The potential is there to have this work."
Sidebar: The DTV Debacle
Another copy protection nightmare-in-the-making is DTV. In mid-July, W.J. Tauzin, Chairman of the House Committee on Energy and Commerce, and John D. Dingell, Ranking Member of the House Committee on Energy and Commerce, sent FCC Chairman Michael Powell a letter urging him to issue copy protection standards that would help speed the transition to digital television. Ernest F. Hollings, Chairman of the Senate Committee on Commerce, Science, and Transportation, sent a similar letter.
These lawmakers have threatened to step in and draft legislation on their own. "Due to the exigency in removing remaining obstacles to the DTV transition, we believe it is now time for the government to assert its jurisdiction in these matters," Tauzin and Dingell say. "Accordingly, this week we announced our intention to draft legislation that will address the remaining key issues: over-the-air DTV tuners; DTV cable carriage limitations; DTV set-top box-compatibility; pass-through of high-definition programming by broadcast network affiliates; and content protections for digital video programming." Their solutions are likely to aggravate all industries involved, but according to Jim Burger, partner at the Washington, D.C.-based law firm of Dowlohnes and Albertson, that may be the only way to solve problems and move DTV along. Content providers, he says, have been trying to convince Tauzin that they will not go ahead with DTV because they are afraid digital copies of The Lion King, for example, will be distributed over the Internet once it is broadcast on DTV. Hardware manufacturers don't want too many restrictions on their devices either. Everyone has an issue, so DTV is stalled.
Representative letters are now before the FCC. "While the FCC does have the authority to make a decision, it has to do it very carefully. It doesn't have a specific grant of authority. They have to get a lot of consensus or the DC Circuit will overturn the FCC. This is very difficult technically, plus they're starting off with a flawed patient. If you don't encrypt at the source, you have a big, big vulnerability. In this case, so big you can drive a truck through it," Burger says. Every DTV receiver being made today is unprotected. There may be millions of unprotected receivers in homes before the copy protection issue is sorted out.
The Tauzin/Dingell letter further states, "As the Commission implements the broadcast flag solution, it is essential that the views of all interested parties, including high-tech and consumer groups, be afforded careful review and consideration. Any solution must strike an appropriate balance between the need to protect digital content from piracy while, at the same time, continuing to stimulate technological innovation and maintain reasonable consumer expectations."
Companies Mentioned in this Article
Altnet www.altnet.com
Business Software Alliance (BSA) www.bsa.org
Doc-Witness, Ltd. www.doc-witness.com
Macrovision Corporation www.macrovision.com
Midbar Technologies Ltd. www.midbartech.com
Smarte Solutions, Inc. www.smartesolutions.com
Sony DADC www.sonydadc.com
StarForce Technologies, Ltd. www.star-force.com
TTR Technologies, Inc. www.ttrtech.com
ViaTech Technologies, Inc. www.elicense.com