net.wars: Protection management, copy control

by Wendy M Grossman | posted on 04 March 2005

Are 30 monks in a monastery a household?

Wendy M Grossman

This week, in Dublin, the Digital Video Broadcasting Project held its annual meeting to discuss progress on its latest set of specifications for digital television. Much of its work has to do with technical details such as codecs and data formats, but a key section called Content Protection/Copy Management (CPCM) is about controlling how high-definition digital broadcasts may be recorded, copied, or redistributed.

Since the DVB's standards are typically adopted by broadcasters worldwide, how they finally design CPCM is likely to dictate whether you, in your home, will be able to record, pause, re-watch, store, or copy not just TV programs but tomorrow's high-definition DVDs and other commercial content.

You get the strong impression that most of the pressure for CPCM is coming from rightsholders - folks like the MPAA, Disney, and the Home Box Office, all of whom were here. It was a week of culture clashes. My favourite was when one of the Disney people asked two Flemish public TV broadcasters whether having their content redistributed online wasn't a problem for them. Most surreal was the man from the MPAA talking about "social justice" with respect to pay TV subscriptions.

So, CPCM. The problem: this Internet villain thing. Broadcasters are getting ready to move to digital, high-definition television. Perfect, high-quality copies! All over the Internet!

CPCM is intended to create a trusted system analogous to Microsoft's trusted computing platform - now known as Next Generation Secure Computing Base. Commercial content is acquired from a broadcast, data stream, or shrink-wrapped medium. It comes wrapped in metadata known as USI (for Usage State Information) that specifies how the content may be used: for example, how many times it might be viewed, how long it can be kept available, whether it can be copied, how it may be output, and so on. Knowing that increasingly people will have many networked devices from which they want to access "their" content, CPCM creates an Authorised Domain - loosely, a household - that recognize these restrictions and within which the content is allowed to flow freely. So what about those 30 monks? Are they a household for the purpose of watching last week's Desperate Housewives

The effort to create CPCM goes into such scenarios. There are, in the draft, according to Mark Jeffrey from Microsoft, provisions for merging domains (marriage), splitting domains (divorce), frequent arrivals and departures (business travellers or kids of divorced parents), and many others.

Simply, whenever you turn on a CPCM-compliant device, it looks around for a domain. If none exists, it creates one with a unique ID number; if it finds one, it joins after negotiating a series of tests that are meant to be "transparent" to the user. These devices are all peers, so that if the first one is not present the domain continues to operate just the same. The system is intended to cover only commercial content from trusted sources; personally generated content remains outside it.

Even so, CPCM systems will likely behave differently from what we're used to.  For example, the European Broadcasting Union's Phil Laven explained that tomorrow's HDTV set top boxes will stream only to protected devices. Within USI, according to the presentation by Chris Hibbert, who works at Disney and chairs the DVB copy protection effort, will be ways of signalling if content is restricted to a particular geographical area or the location where it's received, and whether it may be exported to non-CPCM systems such as the many proprietary systems currently in use. He mentioned specifically older analog protection systems which may be authorised, but it seems clear from what he said that one effect will be to plug the analog hole. Of course: an analog copy of protected content could be revivified without its copy protection and redistributed.

This sounds an awful lot like what's known as "selectable output control".  SOC, along with the down-resolution of broadcast pictures, has already been explicitly rejected in the US by the  Federal Communications Commission (DOC) to " ensure that consumer expectations regarding the functionality of their digital cable ready televisions and products are met."

Copyright law has traditionally been defined by national legislatures and enforced by copyright and patent offices who are publicly accountable, with a view to balancing the public interest in access to ideas against compensating artists and creators. CPCM is being designed in closed meetings, open only to members who have paid the fees, and once released as a standard will be available for voluntary adoption by the consumer electronics manufacturers, broadcasters, and movie studios who designed it. The Electronic Frontier Foundation has paid the fee and is participating in the meetings -  but can't tell us anything about what goes on because all members are subject to non-disclosure agreements. How do consumers protest if all devices are compliant?

It may of course be true that, as several folks at DVB World claimed, the purpose is to allow content to flow freely within households where now it cannot, giving us capabilities we do not now have. But it's still not a democratic way of proceeding.
More on this next week.

Democracy and stolen content... - You can discuss this article on our discussion board.

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, follow on Twitter or send email to netwars(at) skeptic.demon.co.uk (but please turn off HTML).