International Content Standards Effort Seen As Risky For Digital Rights

By Monika Ermert for Intellectual Property Watch

The Digital Video Broadcasting Project (DVB), a Geneva-based body working on international digital television standards, is seeking to reach agreement by mid-2006 on standards for the management of digital content in the broadcasting and Internet arenas.

The 270 broadcasters, manufacturers, network operators, software developers and regulatory bodies who make up DVB’s membership work on global standards for the delivery of digital television and data services.

Discussions on finalising standardisation work on DVB’s content protection and copyright management system (CPCM) are proceeding and it is difficult to be precise on timelines, Peter MacAvock of the DVB Geneva bureau told Intellectual Property Watch after a session of the DVB copyright protection technical working group (CPTWG) last week in Geneva. But the project, whose member list reads like a who’s who in digital content production and delivery, software and hardware, is hoping to present the last parts of the standards suite next summer, he said.

A preliminary look into the three draft documents recently published as a “bluebook” (available to registered users) shows that the authors of the DVB CPCM system aim at creating an all encompassing digital rights management (DRM) architecture for all digital media.

The plans sent shock waves through DRM sceptics. The Electronic Frontier Foundation (EFF), for example, declared the CPCM a more restrictive European version of the much-debated US broadcast flag, which would have required flagged programmes to be copyright-protected. The European version of the flag, according to EFF, would “restrict use on a programme-by-programme basis, so that with each show, a different set of restrictions would come into play.”

With little notice, the DVB working group has published on its website the first drafts of the suite of technology protocols: a draft of the CPCM reference model (SP 1496 DVB), a draft on CPCM usage state information (SB 1497 DVB), and a draft document on terminology (SB 1498 DVB). Still in the making are the standards documents for the CPCM authorised domain management, the CPCM security tools and application and an additional document on implementation guidelines.

According to the reference model, CPCM is “a system for content protection and copy management of commercial digital content delivered to consumer products and home networks.” CPCM would manage content usage from acquisition into the CPCM until final “consumption” or “export from the CPCM system.”

The system is intended to protect of all types of content, audio, video and associated applications of data. It would apply to all possible sources of commercial digital content, including cable, satellite or terrestrial broadcast, Internet-based services, packaged media, and mobile services, among others, as the reference model document describes.

“In the DVB project, we are aware of the fact that many content protection systems exist around the world already that are performing very well,” said MacAvock. “It is not our intention to generate another set of competing content protection systems. We are anxious to ensure that we have a common technical framework in which the existing systems can interoperate as far as possible. Our hope is that the final set of DVB solutions would address the requirements of all sectors of the industry, while ensuring ease of access to authorised content.”

Impact On Users Unclear

The idea of the authorised domain, says Stefan Bechtold, a DRM expert at Max Planck Institute for Research on Collective Goods in Bonn, currently is high on the agenda of DRM development efforts everywhere. Authorised domains are essentially all user devices of one household that are allowed to draw content from the various sources according to the rights acquired. To check on these usage rules for the respective household CPCM usage state information (USI) data are coded into the devices, which all have to understand the CPCM language.

“Can you do this? Yes. Will it work? That’s a different question,” says Nils Rumpp, a DRM expert with UK Rightscom Limited. “The question is if and how you can force the companies to conformity and robustness, in order to avoid that they will not become the weakest part of the chain.” Rumpp said there were examples like software company Macromedia’s licensing policy. Licensing in this case ensures that all devices comply, Rumpp said.

With regard to interoperability, Rumpp expects some difficulty in how content providers can “flag” user rights in a way that would not violate the provider’s own contractual obligations while allowing exhaustive exploitation. The most critical question, however, will arise from “trust management,” he said. Content providers and users that want to export the content must both “trust” that they will not lose rights or access when the content is exported.

“That’s the snag,” said Rumpp, “we still don’t have real cross-system trust-management.” While it would be possible to reformat the content during delivery in order to adapt it to the system of the user’s provider, this would disable ‘end-to-end’ usage. Users then always would have to go over a third provider for reformatting the content and not just access content from the original source.

System Could Block Free and Open Source Software

Cory Doctorow, who is attending the CPTWG sessions for EFF, said: “This isn’t a specification that is safe for use, period. For starters, it bans open source and free software, and does not make any attempt to model the public’s side of the copyright bargain.”

CPCM’s robustness requirement would make it impossible to implement CPCM in free and open source software (FOSS) and hence FOSS programmes would necessarily be precluded from the market if CPCM is mandated into national law, EFF told the British Department of Culture, Media and Sport Committee in September hearings on analogue switch-off.

From the user’s point of view, it would be “impossible to know, a priori, whether a CPCM device will allow you to use it in the way you intend on using it,” EFF said. “Even if a CPCM device does work ‘out of the box,’ its functionality can be constrained at a later date by disabling its features or activating USI in programming that limits a desired feature.”

EFF views CPCM as a “stealth attack on European digital rights” that is dominated by executives from US entertainment companies and trade groups, like Disney and Time-Warner. “The risk of CPCM undermining competition, speech, fair dealing, criticism, scientific inquiry, and education,” fear the EFF activists, “is very real.”