Transcript Document

Digital Right Management
Chung Yip (Eric)
CS 996 Information Security Management
April 27, 2005
Overview






Motivation
History
legislation
Fair Use
Two approaches
Examples
Concept



What you just bought?
The right to use the content!
Not the content itself!
Motivation


Digital Rights Management (DRM) systems
restrict the use of digital files in order to
protect the interests of copyright holders.
DRM technologies can control file access
(number of views, length of views), altering,
sharing, copying, printing, and saving
Markets Targeted
Textbook Publishers
Providers of music, games,
and other
electronic entertainment
Law Firms
Corporate Operations
Departments
Financial Organizations
Combat piracy
Control access to information and
ensure
that the secure content reaches
those
parties who are accountable for its
application or implementation.
History


VCR case
DVD case
VCR 1/3




In 1979 Universal City Studios, Inc. v. Sony
Corporation of America Inc. (often called "The
Betamax Case"),
Hollywood claimed that inexpensive consumer VCRs
would undermine its core business of making
movies.
resulted in a ruling that affirmed the First Sale
Doctrine.
This meant that Beta and VHS tapes could be
purchased by video rental stores, and then rented
out to the public, without permission from the
copyright holders.
VCR 2/3



The first-sale doctrine is an exception to
copyright codified in the US Copyright Act,
section 109.
1983 the Consumer Video Sales/Rental
Amendment of 1983 (1993, H.R. 1029/S. 33)
tries to require anyone who wanted to rent
out videotapes to obtain prior permission
from the copyright owner.
But this was defeated.
VCR 3/3 (The first-sale doctrine)




This allows the purchaser to transfer (i.e. sell, rent,
or give away) a particular, legally acquired copy of
protected work without permission once it has been
obtained.
That means the distribution rights of a copyright
holder end on that particular copy once the copy is
sold.
The doctrine of first sale does not include renting
and leasing recorded music and computer software,
non-profit archives and libraries are allowed to lend
these copyrighted items
DVD





Region Coding
Restricts the ability to buy DVDs in one country and
play them in another.
It restricts fair use and first purchaser rights, such as
the creation of compilations or full quality
reproductions for the use of children or in cars
CSS vs. DeCSS
Legal Requirement




Copyright Law
Digital Millennium Copyright Act
Fair Use
Privacy
DCMA (overview)






Copyright can regulate duplication of works to protect
content owners
DMCA can interfere with a user's ability to access content.
The DMCA is a 1998 law designed to increase copyright
holders' rights.
The DMCA created civil and criminal penalties for the
creation or distribution of DRM circumvention tools.
As a result, a user attempting to circumvent copyright
protection, even for legitimate reasons, may violate
federal law.
The DMCA was the American version of implementing
legislation for a World Intellectual Property Organization
treaty.
DMCA
Anti-Circumvention


Ban on the circumvention of copy prevention
systems
Required that all analogue video recorders
have copy prevention built in
DMCA
Online Copyright Infringement Liability Limitation Act


creates a safe harbor for online service
providers against copyright liability
if they block access after received a
notification from a copyright holder.
DMCA
Computer programs


Use of computer software
Making of Additional Copy or Adaptation by Owner of
Copy.
The Fair Use 1/2




Statutory and Common Law interpretations of
copyright law afford individuals "Fair Use" rights.
The public is entitled, without having to ask
permission, to use copyrighted works so long as
these uses do not unduly interfere with the copyright
owner’s market for a work.
Fair uses include personal, noncommercial uses,
such as using a VCR to record a television program
for later viewing.
Fair Use allows individuals to interact with content to
promote cultural production, learning, innovation,
and equity between content owners and consumers.
The Fair Use 2/2




Fair Use includes libraries' and educators' rights to
provide content to users,
The right to resell physical copies of certain content
that one acquires lawfully (the "First Sale" doctrine),
and the ability to make a backup copy of software
and music
Fair Use provides a defense to individuals who
engage in an unauthorized use of protected content.
It is hard for DRM systems to incorporate Fair Use
principles because they are difficult to define, and
evolve over time
Requirement of DRM (user friendly)




DRM cannot offer less than current systems
anonymous access to content
Free disposal of protected content (e.g. sale, gift,
loan)
Portability: the use of a digital content should not be
attached to a single device (e.g. to listen a music on
hi-fi system, car radio or walkman of a given
individual)
Off-line use of a protected content
Two Approaches of DRM System
1.
2.
containment
marking
Marking

the practice of placing a watermark, flag, or a
tag on content as a signal to a device that the
media is copy protected
Containment

The content is encrypted in a shell so that it
can only be accessed by authorized users
DRM system




require the user to reveal his or her identity
rights to access protected content
prevent the anonymous consumption of
content
copy control / copy prevention
Preventing anonymity in access



assigning an identifier to content or to the
content player
attaching personal information to the
identifier
stop a user from transferring an to other
computers.
Roles


DRM must be implement in both the content
and the content player.
For content developer
–
–

Encrypted content
Key distribution
For content player manufacturer
–
Enforcement
Emerging Standards



Extensible Rights Markup Language (XrML)
(Xerox and Microsoft)
MPEG Rights Expression Language
(http://www.cselt.it/mpeg)
Electronic Book Exchange (EBX) Working
Group ( Adobe)
Case Studies


iTune
Cable/Satellite TV
Apple’s Fairplay scheme 1/3



Fairplay the DRM mechanism used in iTune.
The protected track may be copied to any
number of iPod portable music players.
The protected track may be played on up to
five (originally three) authorized computers.
Apple’s Fairplay scheme 2/3


The protected track may be copied to a standard CD
audio track any number of times. (The resulting CD
has no DRM and may be re-converted to MP3, but
this will aggravate the sound artifacts of encoding,
since the resulting sound file will have been encoded
twice.)
Circumventing the Fairplay protection scheme in this
fashion may be a violation of the Digital Millennium
Copyright Act and therefore illegal and subject to
criminal penalties in the United States.
Apple’s Fairplay scheme 3/3
Vulnerability


The PyMusique software, created by a trio of
independent programmers online.
But after Apple closed the hole, the group
posted new code that it said will reopen the
backdoor to Linux users the next day.
Cable/Satellite TV 1/3






Broadcast flag
FCC insist that all HDTV demodulators must listen
for the flag (The Demodulator Compliance
Requirements )
Flagged content must be output only to "protected
outputs" or in degraded form:
analog outputs, or
digital outputs with visual resolution of 720x480
pixels, or
less than 1/4 of HDTV's capability.
Cable/Satellite TV 2/3


In order to prevent users from gaining access
to the full digital signal
Devices must be "robust" against user
access or modifications that permit access to
the full digital stream
Challenges




Tamper-proof ?
Cost!
Legal challenges
Fair use
Consideration 1/2





1) Content types to be controlled
2) The value of the content (to both the provider and
recipients) against the cost of content protection
3) Life cycle of the content types to be controlled
4) Rights to be controlled (the particular set of rights
for each type of content may vary)
5) The level of trust that that can be assumed on the
part of recipients
Consideration 2/2


6) Identification of technology limitations in
distributor and consumer hardware and
software that may impact ability of the DRM
solution to function on playback devices
7) Solution transparency (the more
transparent the solution, the less likely it is
that illegal use or copying will take place and
the less likely that the consumer will become
discouraged and abandon the transaction)
Marketing concern 1/2


Microsoft had exactly this in mind when they
made a big push to get their products
translated into Chinese and distributed
across that country.
They knew they would be pirated; they new
that they would make less than one sale for
every ten copies used.
Marketing concern 2/2


Microsoft’s Steve Ballmer has been quoted as saying:
“If you’re going to get pirated, you want them to
pirate your stuff, not your competitors’ stuff. In
developing countries, it is important to have a high
share of the piracy software.”
When China enters the free world, they will already
be Microsoft compatible. Until then, Microsoft isn’t
losing anything. It’s a perceptive business strategy.
Ending of VCR case


Hollywood now entered a new market.
They today reaps more revenues from video
sales than from first-run movies.
Reference




http://www.epic.org/privacy/drm/default.html
http://www.consumersearch.com/www/electronics/mp3_players/full
story.html
http://en.wikipedia.org (DRM, DCMA)
DIGITAL RIGHTS MANAGEMENT OVERVIEW, Austin Russ,
Security Essentials v1.2e,July, 2001