IDATE Multiclient Study on DRM - 2005

The European way to think the Digital World www.idate.org Film Music Software Video Video games Digital Rights Management (DRM) DRM and virtual content distribution Laurent Michaud Mathieu Massot Alain Puissochet M26705 - August 2005 IDATE – BP4167 – 34092 Montpellier cedex 5 – Tel : +33(0)467 144 444 – Fax : +33(0)467 144 400 – info@idate.org Executive Summary DRM and virtual content distribution • IT and consumer electronics players often seem to be in conflict with rights holders. • The music sector, presented as the first victim of peer-to-peer exchange networks, is now a pioneer in virtual content distribution. • DRM cannot solve the problems that legislators have yet to clarify, such as the right to private copying. • DRM interoperability remains a difficult objective to achieve except, perhaps in the world of mobile telecommunications. Digital distribution and protection from unauthorised copying There are now several digital distribution channels: - Virtual distribution that includes: • Paying distribution with controlled access similar to that of digital pay TV via cable, satellite and ADSL set-top boxes, PVRs, games consoles, MP3 players, internet access, video cameras, HiFi stereos etc.) is creating anxiety on the part of content providers and broadcasters. DRM (Digital Right Management) DRM concerns the management of copies of virtual goods. It goes far beyond simple anticopying protection, but can notably make it • Paying distribution via the internet possible to identify a work, rights holders and that uses a DRM system authorised uses, as well as making it • Free distribution without content possible to describe related rights such as protection and without rights simple and multiple playing, recording, holders’ approval via peer-to-peer simple and multiple copying, copying limited networks. to selected pieces of equipment etc. It - Physical distribution that mainly concerns enables rights distribution and the collection CDs, SACD, DVDs, Audio DVDs and future of corresponding data (a function that it supports such as HD DVDs and Blu-Ray, shares with access control). DRM can also protected by technical and usually anti- be linked to access control. It can also be combined with a technical protection copying measures measure. Technical protection measures for virtual In view of the various technical solutions on offer, as well as their implications for users, and physical goods choices are far from fixed. A growing number Technical protection measures (TPMs) of industry consortia between technology consist of encoding contents with the help of producers (Thomson, Philips, HP, NDS and encryption algorithms and secret and/or many others) are offering solutions to public keys. TPMs are related to access different aspects of DRM, or taking part in protection techniques (conditional access to various alliances. television, CDs and DVDs) and content protection via the intrication of a tattoo or Unlike the organisations that aim to define watermark . Most contents can be encrypted protection systems, the Personal Technology including television programmes via set-top Freedom Coalition unites most of the boxes and/or chip cards, optical supports technology companies and public bodies, (CDs, DVDs, and now SACDs, Audio DVDs and notably aims to question the most etc.) or virtual distribution via streaming or restrictive measures. downloading. TPMs, access management and tattooing tools do not ensure rights DRM offerings management, but offer a necessary The DRM market is going to be confronted framework that rights management tools can with players adopting highly diverse be incorporated into. strategies. Microsoft has a very full DRM offering (management of recording, transfer to Access control This usually involves a set-top box portable devices, validity duration, level of incorporating a system that makes it possible audio protection etc.) that is almost to transmit rights (bouquets of channels to exclusively software based. This offering is which a subscription has been taken out, for mainly free, and may help to give Microsoft a example) and to invoice eventual uses on a monopoly in the DRM offering. It is helping to pay-per-view and video-on-demand basis. consolidate the place of Windows Media in Initially video sequences could only be the audiovisual industry and notably of the displayed on television sets or recorded proprietary encryption system developed by using a video recorder. The growing Microsoft that is now in the process of being possibility of interconnecting entertainment standardised under the name VC-1. equipment (TV sets, PCs, mobile telephones, 2005 Edition © IDATE 3 Executive Summary DRM and virtual content distribution Apple, on the other hand, is primarily targeting a music downloading service linked to a device. Its proprietary DRM system "Fairplay" if for iTunes and iPod, and does not aim to be systematically open to other distributors without a prior agreement. Sony would seem to have opted for a similar strategy with its “Connect” offering, its compatible devices and its DRM “OpenMG X”. RealNetworks is one of Microsoft’s major competitors in DRM provision. The company is present with its Helix platform (a DRM solution compatible with mobile telephones, electronic agendas, hybrid devices and personal computers). It is also dynamic in content distribution via its Rhapsody offering. Players in content distribution via mobile telephone have joined forces to form the OMA (Open Mobile Alliance), which has developed an interoperable DRM solution and now offers specifications for rights management on mobile telephones. The combination of a single DRM system for mobiles and the emergence of hard discs in this equipment could pose a major threat to iPod and have an impact on portable video players. The example of virtual music distribution The field of music was the first victim of the growth of peer-to-peer, as well as the implementation of new business models for online distribution. The success of Apple with its iTunes Music Store and iPod shows that there is solvent demand, despite strong competition from P2P services authorising content downloading without the approval of rights holders. The Apple service has nevertheless only been profitable to-date thanks to the sale of iPod devices. Its online shop may recently have become profit-making. Other players like Roxio, renamed Napster and its eponymous service that is now authorised, is also posting strong results. With its Connect offering that is linked to several playing devices, Sony could make itself a place alongside Apple in the months to come. The major role played by DRM DRM plays a major role in the development of the online music market. For content providers, it guarantees the development of a reliable market for virtual distribution. It is DRM that enables operators to obtain tracks to include in their distribution catalogues. The legal offering has also increased significantly since 2003. The legal online content distribution offering is now abundant, and there are effectively over 20 major services of international 4 2005 Edition © IDATE standing. Against this background, peer-to-peer software has been adopted by record companies (Universal, EMI, BMG…), which are signing agreements with solution vendors enabling music distribution on a P2P basis, but in return for payment and integrated DRM systems. EMI and BMG have thus already signed up with Wippit, a service provider based in the UK and Universal is in negotiations with Snocap. The market is just as dynamic in the "Business to Business" mode. ISPs, broadcasters, retailers and several categories of players that do not hold rights are turning to intermediaries to be present in this promising niche. In this market segment, OD2 (On Demand Distribution, acquired by Loudeye), which uses Microsoft’s DRM and provides MSN Music Club, is now the European leader in unnamed music for companies. Virtual film distribution There are few offerings of film distribution via the internet and in the end are not very interesting given, their very small catalogue. MovieLink in the USA has 400 titles in its catalogue. However, there is no doubt that these offerings will be deployed in the near future due to the “generalisation” of broadband connections and the marketing of several portable video devices equipped with a hard disk in 2005 and 2006. However, this generalisation faces several obstacles: • The fear of piracy, the most commonly cited reason • The difficulty of compiling a catalogue, which requires rights negotiations that are always complex. These negotiations are all the more difficult because the major studios have not given up on the idea of moving into the online distribution of their content themselves. • The insertion of this distribution in the chronology of films, which goes from the cinema to free television via video and pay-per-view. Regulatory and legal context “Authors’ rights” versus the right to make private copies The impact of DRM system on virtual film distribution is major. Film producers are making very tough demands and are key players in the acceptance and choice of DRM systems. The “author’s rights and the rights to make private copies or “fair use” lie at the heart of DRM problems. Their definition and the way in which they are applied have an DRM and virtual content distribution Executive Summary impact on technical protection measures and may even have implications for their deployment in the digital world. Yet DRM systems cannot compensate for the holes in the law dealing with the new situations that are arising or replace the law as producers and content vendors would like them to. The WIPO (World Intellectual Property Organisation) treaties passed in 1996 and effective as of 2002 and their transposition in the USA and in Europe would certainly seem to reinforce technical protection measures and DRM systems. However, the directive does not answer the question of whether a user that neutralises the protection of a physical support to make a private copy is breaking the law? The broadcast flag In November 2003 the FCC decided to make the ATSC flag or “broadcast flag” obligatory for all equipment capable of receiving digital terrestrial television as of July 2005. Its aim was to control the copying of digital works broadcast on freeto-air channels and therefore a priori not encrypted. Selected U.S. channels threatened to withdraw their contents from free channels to reserve them for paying and encrypted channels if there was no protection system, notably citing the risk of a loss of resources related to secondary distribution internationally, via the internet, on DVD etc. However, this decision was rejected by the U.S. Court of Appeals, which considered that such a decision had to stem from a law. The private domain A concept recently introduced is that of the private domain. It caters for the growth of domestic networks, as well as nomad usages (in cars and second homes). It then becomes a question of defining a type of free reproduction space. This concept, notably studied by the DVB, has been incorporated into various projects like Thompson’s SmartRight and Viaccess’ PurpleDRM. A solution like that of SmartRight aims to accept all access control systems, even to the extent of using specific protection of the private domain by defining import and export rules. Rights holders, however, remain hostile. Towards the coexistence of multiple models The continued presence of several models looks likely: • The horizontal model of the CD r DVD should continue with the high definition CD and DVD, with a copying control system, which should enable private copying (in a form that will depend both on the power relations between the various players and legal decisions). The AACS (Advanced Access Content System) has established a more elaborate protection system than existing products that notably enables content owners to choose their own protection rules for high definition DVD players. A vertical model linked to pay television, video and even music, whereby effective access control should also be linked to the possibility of copying to closed devices, partly or totally specified by the content distributor. We have seen that video players/recorders accommodate the existence of incompatible proprietary technologies. It is in this domain that new paying models could develop more easily. Moreover, a single model should probably continue to exist, namely that of MP3, and to a certain extent DIVX, which is not linked to any DRM. And another model will probably emerge, thanks to the OMA standard and facilitated by the possible identification of devices and their owners: a horizontal model linked to the mobile telephone. A universal system of products available to everyone, but which will be paying at the request of rights holders and will guarantee them usage-based compensation seems unlikely, at least in the short term. • 2005 Edition © IDATE 5 Executive Summary DRM and virtual content distribution Functions of the major DRM systems Streaming Downloading Recording on CD Transfer to portable player Service sharing Windows MediA DRM Streaming time management Management of Downloading Management of number of transfers to Access management management on number of compatible portable via another computer subscription recordings on CD players Management of Unlimited number number of of recordings downloads Management of Unlimited number number of of recordings downloads Management of Unlimited transfer number of to Sony products downloads Unlimited number of Access management transfers to iPod via another computer Management of unlimited number of transfers to compatible portable players Apple Fair Play Streaming time management RealNetworks DRM Streaming time management Access management via another computer Sony Open MG Streaming time management Unlimited transfer to Access management Sony products via another computer Source: IDATE Positioning of major DRM playersand their platforms Source : IDATE 6 2005 Edition © IDATE DRM and virtual content distribution Table of contents Introduction...........................................................................................................................................11 1. Technical protection and legal background.................................................................................13 1.1. Technology update................................................................................................................. 13 1.1.1. Technical protection measures (TPM)......................................................................... 13 Cryptosystems............................................................................................................. 13 Watermarking and tattooing ........................................................................................ 18 Medium access management: the disc ....................................................................... 19 1.1.2. Digital Rights Management.......................................................................................... 21 Programming language: an indispensable standard................................................... 21 Copyright integration ................................................................................................... 24 Application of rights and management of digital copying of artistic works .................. 29 1.2. Legal background................................................................................................................... 32 1.2.1. The protection of artists and their works...................................................................... 32 “Artists’ rights”.............................................................................................................. 32 Copyright ..................................................................................................................... 34 1.2.2. International legal frameworks..................................................................................... 36 WIPO (World Intellectual Property Organization) treaties........................................... 36 The Digital Millennium Copyright Act (DMCA) ............................................................ 37 The European Union Copyright Directive (EUCD) ...................................................... 38 2. DRM players.....................................................................................................................................41 2.1. Players present ...................................................................................................................... 41 2.1.1. Content providers......................................................................................................... 41 2.1.2. Technical protection measure (TPM) and DRM providers .......................................... 42 2.1.3. Rights aggregators or licence managers..................................................................... 42 2.1.4. Distributors................................................................................................................... 43 2.1.5. Consumer electronic manufacturers............................................................................ 43 2.1.6. IT manufacturers.......................................................................................................... 44 2.2. The value chain...................................................................................................................... 45 2.3. Monographs ........................................................................................................................... 48 2.3.1. Groups and consortia .................................................................................................. 48 Blu-Ray Disc Association ............................................................................................ 48 Content Reference Forum........................................................................................... 50 Coral ............................................................................................................................ 52 OMA DRM ................................................................................................................... 54 Trusted Computing Group........................................................................................... 56 2.3.2. Companies................................................................................................................... 58 Adobe Systems Incorporated ...................................................................................... 58 Beep Science .............................................................................................................. 61 End2End...................................................................................................................... 64 Info2clear..................................................................................................................... 66 InterTrust Technologies Corporation........................................................................... 69 Macrovision ................................................................................................................. 72 Microsoft ...................................................................................................................... 76 Edition 2005 © IDATE 7 DRM and virtual content distribution New Digital System (NDS) .......................................................................................... 80 Overdrive ..................................................................................................................... 83 Philips Electronics ....................................................................................................... 85 Real Networks ............................................................................................................. 88 RSA Security ............................................................................................................... 91 SealedMedia Inc.......................................................................................................... 94 SunnComm.................................................................................................................. 98 VeriSign ..................................................................................................................... 100 2.4. Overview .............................................................................................................................. 102 2.4.1. Industry players’ solutions ......................................................................................... 102 2.4.2. The activity of consortia ............................................................................................. 103 3. Analysis and outlook for content distribution .......................................................................... 105 3.1. Usages and the market ........................................................................................................ 105 3.1.1. New forms of cultural goods consumption................................................................. 105 The emergence of digital usages .............................................................................. 105 The age of nomadic usage and mobility ................................................................... 105 Digital entertainment and mobile devices ................................................................. 107 3.1.2. The case of the virtual music distribution market ...................................................... 110 Forms of market structure ......................................................................................... 110 Composition of the offering ....................................................................................... 110 The business model .................................................................................................. 111 Legal distribution on a peer-to-peer basis................................................................. 112 3.1.3. Other virtual distribution markets ............................................................................... 118 Virtual video games distribution: a slow take-off ....................................................... 118 Virtual distribution: the missing major........................................................................ 119 3.2. DRM and content distribution, a key coupling...................................................................... 122 3.2.1. Players’ strategy: service, DRM and codecs ............................................................. 122 DRM at the heart of virtual distribution strategies ..................................................... 122 DRM interoperability: industry incompatibility! .......................................................... 123 Are codecs and DRM indissociables?....................................................................... 125 Various rights............................................................................................................. 126 Functioning of the iTunes Music Store protection system ........................................ 128 3.2.2. The case of the mobile telephone.............................................................................. 128 3.2.3. Audiovisual programme protection and rights management ..................................... 129 Access control and domestic networks ..................................................................... 129 The broadcast flag..................................................................................................... 131 The protection technologies listed below had been registered with and approved by the FCC in August 2004: ........................................................................................... 132 3.3. Outlook and stakes .............................................................................................................. 133 3.3.1. Stakes for users ......................................................................................................... 133 Accepting DRM.......................................................................................................... 133 The end of private copying ........................................................................................ 133 Interoperability ........................................................................................................... 133 A regulatory body for new usages............................................................................. 134 3.3.2. The stakes for content providers ............................................................................... 134 Solvency of demand.................................................................................................. 134 Not abandoning content distribution.......................................................................... 134 Consolidating a favourable business model.............................................................. 134 8 2005 Edition © IDATE DRM and virtual content distribution Rethinking or transposing a commercial policy to fixed or mobile internet ............... 135 Rethinking or retaining media chronology................................................................. 135 3.3.3. Stakes for technology providers ................................................................................ 135 Proving the effectiveness of existing offerings .......................................................... 135 Developing a distribution activity ............................................................................... 135 Adapting DRM systems to new, nomadic usages..................................................... 135 3.3.4. Stakes for online retailers/distributors........................................................................ 136 Making existing offerings profitable ........................................................................... 136 Optical medium versus virtualisation......................................................................... 136 DRM interoperability .................................................................................................. 136 3.3.5. What are the stakes for consumer electronics? ........................................................ 136 Implications related to the incorporation of TPMs in equipment ............................... 136 Industry organisations ............................................................................................... 137 4. IDATE presentation ...................................................................................................................... 139 4.1. Studies and consulting: present in all of the sectors’ strategic developments..................... 139 4.2. Reports and publications...................................................................................................... 140 4.3. A Forum focusing on Europe’s Information and Communication Technologies.................. 140 4.4. Main clients .......................................................................................................................... 141 4.5. 2005 DigiWorld Catalogue ................................................................................................... 142 Edition 2005 © IDATE 9 DRM and virtual content distribution Table of illustrations Table 1: CSS ......................................................................................................................................... 17 Table 2: Examples of security system implementation ......................................................................... 29 Table 3: Comparison of two theoretical models .................................................................................... 35 Table 4: Online and offline hardware solutions ................................................................................... 102 Table 5: Software solutions ................................................................................................................. 102 Table 6: Destination of solutions ......................................................................................................... 103 Table 7: Summarising table on consortia ............................................................................................ 104 Table 8: Consortia and rights description languages .......................................................................... 104 Table 9: Example of revenue breakdown in France............................................................................ 111 Table 10: Major online music distribution offerings ............................................................................. 114 Table 11: Main online music distribution offerings in the major markets ............................................ 117 Table 12: Examples of video on demand services based on film scheduling..................................... 121 Table 13: Major audio codecs ............................................................................................................. 125 Table 14: Main services and their content management .................................................................... 126 Table 15: Microsoft system: rights related to file reading.................................................................... 126 Table 16: Microsoft system: expiry of licence to operating rights........................................................ 127 Table 17: Microsoft system: rights security ......................................................................................... 127 Table 18: Content protection technologies registered with the FCC................................................... 132 Table of figures Figure 1: Horizontal DRM ...................................................................................................................... 22 Figure 2: Vertical DRM .......................................................................................................................... 23 Figure 3: Smartright system architecture .............................................................................................. 31 Figure 4: OD2 distribution infrastructure ............................................................................................... 45 Figure 5: Evolution of the music value chain......................................................................................... 47 Figure 6: Examples of multimedia mobile telephones......................................................................... 108 Figure 7: Physical and digital disc distribution..................................................................................... 111 Figure 8: Wippit protection system ...................................................................................................... 112 Figure 9: Kryptomusic distribution system........................................................................................... 113 Figure 10: Media chronology in France............................................................................................... 120 Figure 11: Purple DRM architecture.................................................................................................... 130 Figure 12: Access control architecture ................................................................................................ 130 10 2005 Edition © IDATE DRM and virtual content distribution Introduction Introduction Digitisation became accessible to consumers with the birth of personal computing. This revolution, which started at the beginning of the 1980s, was given a new lease of life in the mid 1990s with the arrival of broadband internet in universities, companies and then households. Today internet users of all ages exchange all types of content including music, films, images, applications and texts. These exchanges are sometimes carried out in a legal environment, but often take place via outlawed peer-to-peer exchange networks, that is to say that content is exchanged without the approval of rights holders. Internet users acquire virtual content via the internet network, transfer it to a portable player, record it on a CD, copy, transform and decompress content. They also extract the contents of their optical media for the same purposes, namely copying, transferral and recording, decompression etc. In the space of a decade the way of acquiring, handling and consuming content has been completely transformed. Today exchange of content from the internet or derived from optical media escapes the complete and continuous control of producer vendors and rights holders. However, content and electronics players are trying to compensate for digital breaches for offering a legal alternative or by protecting access to content on optical media. On the internet, legal alternatives to peer-to-peer networks have emerged in the music sector, video games and in video. Moreover, optical media are increasingly subject to protection thanks to multi–support solutions. Nevertheless, changes in usage have outstripped advances in the field of technical protection measures (TPM) and digital rights management (DRM). Advances in protection are now very real and on the road to becoming effective. However, protection is a difficult and delicate task. It is difficult because the forms of protection adopted have to adapt to an open universe that has no standards, is constantly changing and benefits from the intervention of communities of developers, crackers and hackers all working in the name of liberty and free exchanges. The task of protection systems is delicate because they are governed by a vague legal framework that is sometimes ill-suited to the digital era. There are no laws dealing with peer-to-peer as such. Outlaw exchanges on peer-to-peer networks continue, despite the fact that the number of prosecutions is growing and that legal offerings are available. Content sharing via portable or fixed digital devices, authorising unrestricted copying, transfer and playing, have proved massively successful in the field of music. This success should be repeated with the advent and large-scale deployment of portable devices connected or not to the internet, incorporating a storage support, communicating with each other or not and dedicated to video. Mobile telephones, multi-functional games consoles, audiovisual programme players/recorders and nomadic devices are bringing consumer electronics into the portable digital age. Consumers seem to have (re) found a freedom of use of cultural goods by manipulating content without restrictions. For vendors, this freedom also means that content is free of charge, which does not favour fair economic development of the virtual content distribution sector. Outlaw peer-to-peer networks are consequently unpopular with vendors, but are not deemed illegal by the law. Similarly, several mobile and fixed devices do not manage the content rights that are stored on them, but are legal. Vendors prefer devices equipped with DRM systems to manage virtual content rights linked to TPMs. These solutions, if they could guarantee vendors total control, would certainly meet with the complete disapproval of consumers, who are not willing to buy devices that don’t offer unlimited access content and do not enable them to manage the devices as they please DRM systems and TMP consequently face an arduous task, namely to ensure fair rights management without infringing consumers’ freedom of use. 2005 Edition © IDATE 11 DRM and virtual content distribution Technical protection and legal background 1. Technical protection and legal background A technology update is required to distinguish between the various technical protective mechanisms and types of digital rights management. The latter relies on technical protection measures, which cover hardware and software and can be applied to all digital content. 1.1. Technology update 1.1.1. Technical protection measures (TPM) The technical protection of artistic works is carried out via encryption of the work, its tattooing or protection of access to it. Cryptosystems Cryptography or “encoding” refers to all techniques that make it possible to scramble a message without taking any specific action. In the case of a text this means turning the letters that make up the message into a succession of figures, and subsequently making calculations based on these figures in order to: • Change the figures to make them incomprehensible. The result of this change (the encoded message) is called a cryptogram, versus the initial version called the unscrambled message • To ensure that recipients will be able to decrypt them. The act of encrypting a message to make it secret is called encryption. The inverse method, which consists of finding the original message, is called decoding. Encoding is generally carried out using an encoding key, while decoding requires a decoding key. There are generally two types of keys: • • Symmetrical keys: these are keys used for both encoding and decoding. In such cases we refer to symmetrical keys or encoding with a secret key Asymmetrical keys: these are keys used in cases of asymmetrical encoding (also called public key encoding). In this instance, a different key is used for encoding and decoding. Major symmetrical algorithms Symmetrical encoding (also called private key encoding or secret key encoding) consists of using the same key for encoding as for decoding. The weakness of symmetrical encoding lies in the secure transmission of the key. Vigenère encryption Vigenère encryption consists of giving the letters of the alphabet a code and combining the unscrambled message with a word encrypted using this method. DES or secret key encryption On May 15th 1973, the NBS (National Bureau of Standards, now called the NIST - National Institute of Standards and Technology) called by tender in the Federal Register (the U.S. equivalent to the Official Journal in France) for the creation of an encryption algorithm that satisfied the following criteria: • • • • • A high level of security combined with a small sized key to be used for encryption and decoding Understandable Not necessarily depending on the confidentiality of the algorithm Adaptable and economic Efficient and exportable 2005 Edition © IDATE 13 Technical protection and legal background DRM and virtual content distribution At the end of 1974, IBM put forward Lucifer, which, thanks to the NSA (National Security Agency), was modified on November 23rd 1976 resulting in the DES (Data Encryption Standard). The DES was finally approved by the NBS in 1978. The DES was standardised by the ANSI (American National Standard Institute) under the name of ANSI X3.92, more widely known as the DEA (Data Encryption Algorithm). The algorithm consists of making combinations, substitutions and permutations between the text to be encrypted and the key, so that operations can be carried out in both directions (for decoding). At the beginning of 1999 100,000 networked PCs sharing a distributed calculation application, as well as a super calculator, the DES Cracker by the Electronic Frontier Foundation, cracked DES in almost 22 hours. However, DES is not obsolete if the key is regularly changed. TDES and AES TDES or triple DES consists of linking three DES encryptions using two 56 bit keys. TDES makes it possible to significantly increase the security of DES. However, it has the major disadvantage of also requiring more resources for encryption and decoding. The DES encoding system was updated every 5 years. In 2000, during the last revision, after an assessment process that lasted 3 years, the algorithm jointly conceived by two Belgian candidates, Vincent Rijmen and Joan Daemen, was chosen by the NIST as the new standard. This new algorithm, baptised RIJNDAEL by its inventors, will replace DES from now on. http://csrc.nist.gov/CryptoToolkit/tkencryption.html In 1997 the NIST called by tender for a project to elaborate on the AES (Advanced Encryption Standard), an encryption algorithm, to replace DES. Asymmetrical algorithm This algorithm functions with the help of two keys: a public and a private key. The principle of encryption by public/private key lies in the existence of a couple of keys for each interlocutor. These two keys are managed at the same time and linked. The private key is personal and should not be revealed. Inversely, the public key can be accessed by anyone, directly on the network for example. The principle of use is as follows: a message encoded with a public key can only be decrypted by the corresponding private key. Inversely, a message encrypted with a private key can only be decrypted using its public key. Problems related to the secure transmission of the decoding key are no longer an issue, as public keys alone are of no interest. On the other hand, it is worth ensuring that the recipient of the public key is the person for whom the message is destined. Asymmetrical encryption, which is far more secure than symmetrical encryption, requires a longer calculation time during the stages of encryption and decoding. Furthermore, the “digital envelope” system is used, namely the message is transmitted encrypted with a random symmetrical key “M” and the “M” key is sent encrypted with the recipient’s public key. Asymmetrical encryption algorithms are based on several users sharing a public key. Generally, this key is shared via an electronic directory or a web site. Public keys can thus be corrupted if intercepted by malevolent hackers. As a result, it is common practice to link the public key with a certificate. The latter establishes a link between the public key and an object or individual. The certificate is delivered by the certification authority. This authority is responsible for assigning a validity date and revoking keys if they seem corrupt. RSA algorithm (cf. monograph page 90) The public key algorithm was first developed by Rivest, Shamir and Adelman (RSA) in 1978. It is still widely used today. PGP (Pretty Good Privacy) or the hybrid algorithm PGP is an encryption system invented by IT expert Philip Zimmermann. The first version of this system was released in June 1991. It was produced using a technology patented by the RSA. 14 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background Principal and functioning PGP is a combination of public key and conventional encryption functions. When a user encrypts a text with PGP, the data are firstly compressed. This compression makes it possible to reduce the transmission time by modem, to save disk space and, above all, to strengthen encryption security. Encryption is carried out in two stages: 1. PGP randomly creates a secret IDEA key and encrypts the date with this key. 2. PGP encrypts the secret IDEA key and sends it using the recipient’s public RSA key. Decoding also takes place in two stages: 1. PGP decodes the IDEA secret key using the private RSA key. 2. PGP decodes the data with the previously obtained IDEA key. This method of encryption combines the user friendliness of public key encryption with the speed of conventional encryption. Conventional encryption is around 1,000 times more rapid than public key encryption. Public key encryption solves the problem of key distribution. Used together, these two methods improve key performance and management, without compromising security. PGP offers the following functions: • Electronic signature and verification of message integrity: function based on the simultaneous use of hashing1 (MD5) and the RSA system. MD5 hashes the message providing a result of 128 bits that is subsequently encrypted, thanks to RSA, by the sender’s private key. Local file encryption: function using IDEA. Public and private key creation: each user encrypts his/her messages using private IDEA keys. The transfer of electronic IDEA keys uses the RSA system. PGP thus offers mechanisms for creating keys adapted to this system. RSA keys are sized according to several different security levels: 512, 768, 1024 and 1280 bits. Key management: a function that facilitates distribution of the user’s public key to correspondents that wish to send him/her encrypted messages. Key certification: a function making it possible to add a digital seal guaranteeing the authenticity of public keys. This is an innovative feature of PGP, which bases its confidence on a notion of social proximity, rather than of a central certification authority. Revocation, deactivation, key registration: a function that makes it possible to produce revocation certificates. • • • • • PGP certification Certificates are small files that can be divided into two parts: • • The part containing the information The part containing the certification authority’s signature. The structure of certificates is standardised on the basis of the UIT’s X.509 standard (www.itu.int), which defines the information contained in the certificate, namely: • • • • • The name of the certification authority The name of the certificate owner The date of the certificate’s validity The encoding algorithm used The owner’s public key. 1 As the electronic signature uses asymmetrical algorithms that are fairly slow, the signature does not encrypt the entire message with its private key, but rather with a message “digest” obtained using a hashing function. To guarantee the integrity of the message attached to the condensed signature, it has to be very difficult to modify the original message without this leading to the calculation of a different digest. 2005 Edition © IDATE 15 Technical protection and legal background DRM and virtual content distribution To produce a X.509 certificate that complies with the ITU’s (International Telecommunication Union) standard, it is advisable to use a certification authority. In a PGP environment any user can act as a certification authority. This individual can therefore validate another PGP user’s public key certificate. However, such a certificate can only be considered valid by another user if a third party recognises the individual that has validated this certificate as a trustworthy correspondent. Only the certificate holder (the corresponding private key holder), or another user designated as the revocation authority by the certificate holder, is able to revoke a PGP certificate. When a certificate is revoked it is important to warn potential users. The usual way of informing users of PGP certificate revocation is to place this information on a certificate server. Key storage and management The creation of keys poses no particular problem with regard to the security of the content it is attached to. Its distribution, in the case of a public key, is not problematic either since the key is useless alone. The private key is generally created locally and there is no reason for it to be transmitted. The storage key, on the other hand, can be considered as a security breach by pirates. The key storage solutions proposed by consumer electronics industry players are usually incorporated into electronic components. This heavily restricts piracy, but does not make systems inviolable. In the pay television sector operators use a chip card. This enables: • • Users to create a key Keys to be renewed, making piracy more difficult. The storage of a key on a card or an electronic component nevertheless does not make it possible to detect pirate systems. As a result, a large number of pirate decoders, equipped or not with a chip requiring monthly updating, are in circulation. IT sector players advocate storing the keys in software solutions. This manner of key management seems more simple and efficient: • • • Updates are possible without modifying the electronic components It is less expensive to update software compared to a hardware update Updating is more rapid. Connecting devices to the internet or managing keys via a software solution open up new control options, but nevertheless introduce new weaknesses: • • Widespread and instant information in cases of a breach Community encryption analysis. Use of software makes key management more fragile. Software programs are generally analysed and cracked rapidly by virtual communities of hackers who are dangerously effective. Jon Lech Johansen, a 22 year-old Norwegian nicknamed “DVD Jon,” together with another anonymous German internet user, cracked the CSS protection for DVDs. Their aim was to play video DVDs on the Linux operating system. Up until their work, carried out exclusively via the internet, playing was impossible. They developed the DeCSS application that was subsequently massively distributed on the internet, making CSS redundant. DeCSS is now widespread in applications that make it possible to copy DVDs. The Oslo court of appeal recently found DVD Jon innocent of the accusations brought against him by the Hollywood film studios, which claimed that he had broken the law by publishing a program capable of unlocking CSS on the internet. Internet introduces the risk of breaches, but several solutions are now on offer, notably for electronic commerce, that account for these risks. Online solutions for “ephemeral” key management are now available. In effect, keys can only circulate during the transaction and the key is revoked once it has been completed. 16 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background Table 1: CSS The DVD video was created in 1996 at the initiative of the industry, which saw it as a new product likely to prove popular with the public and thus to generate new business. The film industry, on the other hand, was not in favour of distributing its films in a digital format without protection against copying. The creation of a new format was the ideal opportunity to create a new protection system. As the DVD was destined to be read both in consumer electronic devices and in computers, the security objective was to create a system suited for both of these environments. Protection in computers called for recourse to cryptography. The consumer electronics industry was unwilling to adopt this approach, believing that an encryption system would add to the complexity and overall cost of its systems. The CPTWG (Copy Protection Technical Working Group), founded for this purpose, defined the security objectives as follows: • • • • • The system should offer adequate technical and legal protection to help honest people stay that way (“keep honest people honest”), i.e. it should be difficult for the average user to circumvent. The system should offer adequate technical and legal protection against fatal piracy, namely against ways of bypassing protection. The system should be able to be embedded in consumer electronics devices and computers, without being expensive or overly complex to use. Licences should offer the system legal protection without being expensive. The system should be transparent when DVDs are played by consumers. The CSS (Content Scramble System) was the global response to the CPTWG’s security specifications. It was first produced by Matsushita and Toshiba, who proposed a specific and patented system that satisfied security objectives and was subsequently streamlined to cater for the needs of the IT industry sector that wanted to be able to compress MPEG-2 signals with a microprocessor. The main features of the CSS are as follows: • • • A hierarchical key system: data are encoded with variable sector keys, themselves encoded with a disc key, which, in turn, is encoded with a sub-set of 400 keys. A key length of 40 bits due to U.S. regulations restricting the export of encryption systems, with all encryptions carried out on the basis of the same algorithm Encrypted key transmission: the DVD player transmits its keys to the playing application in an encrypted tunnel with a session key. The CSS has been patented and licence management entrusted to the DVD CCA (DVD Copy Control Association). Licences are granted free of charge, provided that the playing devices conform with the following rights protection features: • A technical measure for controlling digital copying: CGMS (Copy Generation Management System) including two bits that can take 4 values: copy_never (no copy), copy_once (one copy), copy_no_more (no more copying), copy_free (free copying), on a digital or analogue basis. This is the video equivalent of the SCMS (Serial Copy Management System). A technical measure for controlling analogue copying and copy degradation, specifically of activation by a pbit system- alternative or cumulative – of protection developed by Macrovision: the APS (Analog Protection System), copy degradation by application of Colorstripe. A technical identification measure: each DVD is provided with a unique identifier to control eventual copying Management of geographical zoning. Source: Technical measures for the protection of artistic works and DRM – Ministry for Culture and Communication • • • 2005 Edition © IDATE 17 Technical protection and legal background DRM and virtual content distribution Watermarking and tattooing Watermarking consists of embedding an imperceptible mark inextricably linked to content in an audio, video, image or data file. This tattoo contains information on the nature of file usage, its origin and notably information on rights holders, as well as rights management. Fingerprinting is a watermarking technique that consists of creating a unique imprint on a file, an imprint attributed to a user and related to his/her rights, or to a form of data processing and usually to copying. Imprints and marks have to be encrypted. We apply encryption to watermarking and fingerprinting. Fingerprinting is a watermarking application. The functions of the two procedures are complementary: • • Fingerprinting enables tracking of artistic works, as well as distribution control via identification. Watermarking enables the administration of proofs regarding an artistic work’s integrity, its origin, its ownership, the fact that it belongs to the rights system, control over reproduction, checking of modifications to information and alterations to artistic works. Watermarking is not a technology that protects artistic works, yet the main applications initially developed pursued this objective. In spite of advances made in technical protection measures, watermarking continues to be used in combination with other protection measures, notably encryption. Operating principle Watermarking consists of adding a quantity of digital information to the digital signal (audio, video, image, text etc.) using an encryption algorithm called a "tattoo". These pieces of digital information are called digital watermarks. The digital watermarks should be able to withstand the various operations performed on video, audio, text and image films such as compression, decompression, stretching, rotation, addition of noise and re-sampling. Tattooing algorithms have undergone major changes to satisfy security objectives. The overall idea consists of introducing a bias in the statistical breakdown of the digital data of artistic works. This statistical bias serves to encrypt the information that is to be hidden almost invisibly. Methods for introducing statistical bias vary and notably depend on the nature of a work, namely whether it consists of images, audio or video flows. However, these developments are not enough to ensure technical protection of the medium itself. This is why watermarking techniques are also related to both technical measures stemming from encryption and the protection of secret key systems: • • A secret tattooing key, which enables the content vendor to embed the tattoo in the artistic work A reading key that makes it possible to decode the tattoo Use The tattooing technique is used to control recording, playing, identification of the rights system and rights use. Use of watermarking involves the deployment of a watermarking detector in audio, video, text and image recording and playing tools. These tools must themselves be particularly well protected because communities of hackers can easily get hold of such a system, “dissect” it and find a computer security counter measure through close analysis. Watermarking projects include: • • • Secure Digital Music Initiative (RIAA and 200 companies), Certimark (INA, Netimage, Thomson CSF, Eurecom and the SACD), TALISMAN -Tracing Authors’ rights by Labelling Image Services and Monitoring Access Network (Programme IST). Tattooing techniques make it possible to carry out digital rights management by describing the rights in the artistic work’s tattoo. Rights management via watermarking must nevertheless be linked to the technical solutions introduced in recording and playing devices. These solutions have to implement the recommendations of the management system (counting of the number of authorised copies, 18 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background prohibition of playing etc.). For media already in circulation whose playing devices are already widely deployed (audio CD players, DVD recorders/players), it would seem too late to implement tattooing. The protection and consumer electronics industry is certainly thinking of the next generations of media devices that will be able to incorporate tattoos and that may possibly be managed via the internet. Users may nevertheless prove reluctant to equip themselves with restrictive devices. Watermarking, in rights management, can also be used as digital evidence potentially linked with digital management and blocking or unblocking technical solutions. This digital evidence should authorise the work, date it, verify its integrity, count the number of times it is played, its recordings etc. Against this background, fingerprinting is an effective tracking tool. It consists of integrating a login identifying the work holder in the digital watermark. Once systematic, fingerprinting could make it possible to discover who authorises the distribution of a work without the agreement of the rights holders. Fingerprinting is easier to implement on closed players like television sets. Introduced at source and combined with an encryption system, it constitutes an ideal solution. In the framework of digital cinema in particular, fingerprinting should consist of embedding identification elements at each stage of the distribution chain. If fingerprinting were to be introduced from a private key uniquely linked to each device and secured so that it could not be circumvented, it would be likely to constitute evidence. Medium access management: the disc Faced with growth in the piracy of music CDs, giving rise to internet based exchanges via peer-to-peer sharing services, several companies have looked at technical solutions that prohibit playing an audio CD on a computer. If the content of a disc cannot be played on a computer, audio tracks cannot be saved and made available on the network. Similarly, if an audio CD cannot be played by a computer it is then impossible to make a copy using a CD burner, a very widespread piece of equipment on PCs and MacIntosh. Midbar (acquired by Macrovision), SunnComm and Key2Audio (a Sony subsidiary) have developed this kind of solution. The record majors equipped their discs with protection without taking the trouble of communicating this fact to consumers. The latter were caught off-guard in many cases and were not able to use their right to copy privately, or even play the CDs. Labels were subsequently stuck onto CDs as a warning to consumers. These practices have often proved unpopular and have further damaged the majors’ image that with their clients. Furthermore, several protection systems make it impossible to play a disc on certain devices, including car radios and home stereos. The impossibility of playing an audio CD on computer would have been very effective if: • A common standard had existed when the record majors committed to CD protection in 2001. None of the existing technologies has achieved dominance among the record majors or smaller independent labels. It had been implemented by all industry players (in the record industry, consumer electronics and IT), regardless of their territory. In the age of the internet, when we talk of implementing a technical anti-piracy solution, this must be applied on a global level. There had been no compatibility with certain car radios, DVD players compatible with audio CDs and even some home audio CD players. The robustness of certain solutions had not been tested so simply. To break the protective mechanisms of some discs, it was sufficient in some cases to make a felt tip mark or stick adhesive tape onto the easily identifiable protection area. • • • 2005 Edition © IDATE 19 Technical protection and legal background DRM and virtual content distribution Technically the protection of audio CDs and even of certain video games involves introducing errors that CD players in personal computers do not know how to correct. The PC, as an open platform, reads data, audio and hybrid CDs (audio and data) whose encryption is different. Furthermore, it manages a multi-session system that consists of recording contents in several sessions. At each recording a table of content (TOC) is inscribed by the recording software on the CD. The TOC provides players with information on the location of contents (beginning and end of the audio track, for example). Protection then consists of introducing errors in the TOC. The placing of tracks can thus be falsified, a solution selected by Midbar and Key2Audio, or the track format can seem false, a solution implemented by SunnComm. Other mechanisms consist of including errors in the audio encoding, which home players can correct by interpolation, but which generate errors or bugs in PCs.. Most PCs cannot correct these errors, regardless of their simplicity. However, software has been developed by the developer community to get around these protective measures. Thus a small application called Cloony XXL is responsible for detecting the type of protection on a CD and proposes to configure the recording software CloneCD. Moreover, some manufacturers of CD players for PCs are developing drivers for their equipment so that it can process errors and enable playing like home players. In Japan, audio CDs are protected by Copy Control CD. More than 10% of new CDs use this protection. In South Korea, producers have adopted a technical solution proposed by the company Settec. Nearly 30% of new audio CDs are now protected in South Korea. Korean companies wish to adopt non-Microsoft solutions. Many players are working on protection solutions: • Dreamintech Corporation (www.dreamintech.com), • Hanmaro Co. Ltd. (www.hanmaro.com), • DigiCaps Inc. (www.digicaps.co.kr), • Markany Inc. (www.markany.com), • Coretrust Inc. (www.coretrust.com), • Teruten Co. Ltd. (www.teruten.com). In China, video content on physical support is protected by EVD technology. The successors to the DVD Work has already started on a replacement for the DVD. This new support will offer a greater storage capacity, a longer life time and improved security. Two consortia are competing to try and set the future video standard. The first consortium is backing the HD DVD format, which is being developed by Toshiba, Nec and Sanyo. At the end of 2004, it received the backing of 4 U.S. film studios: Paramount Pictures (Viacom), Universal Pictures (General Electric), Warner Bros (Time Warner) and New Line Cinema (Time Warner). This group accounts for almost 45% of DVD sales in the USA. Although they support the initiative, this does not oblige these studios to adopt the new format. The second consortium is at the origin of the Blu-Ray format. Formed by Sony and 12 other industry players (Dell, Hewlett-Packard, Hitachi, LG Electronics, Matsushita Electric, (Panasonic, JVC), Mitsubishi Electric, Pioneer, Royal Philips Electronics, Samsung Electronics, Sharp, TDK and Thomson), the Blu-Ray Disc Association has 200 members. This format naturally enjoys the backing of Sony Pictures, as well as other content providers like Metro-Goldwyn-Mayer and Twentieth Century Fox (News Corp). The two founders of both consortia have attempted to form an alliance, but have not been successful to-date. In terms of anti-copying protection systems, players in production have high expectations of the Advanced Access Content System (AACS). This system aims to replace the CSS protection system cracked by the hacker DVD Jon. AACS seems to have won unanimous support. It is backed by IBM, Microsoft, Intel and Disney, as well as supporters of the HD DVD (Warner Bros and Toshiba) and BluRay (Sony and Panasonic). 20 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background 1.1.2. Digital Rights Management Programming language: an indispensable standard There are currently several DRM programming languages. They are mostly proprietary and each is trying to dominate as the standard. However, two languages based on XML eXtensible Markup Language), ODRL and XrML are seeing major developments and could mark two paths to standardisation, or at least the beginning of a turning point that will lead to standardisation. Objectives of the DRM programming language Functional objectives The programming language should make it possible: • • • • To identify the work To identify rights holders To identify users To describe rights. Strategic objectives The DRM programming language should be perennial. To achieve this, it must be accepted by all consumer electronics industry players, IT specialists, content vendors and distributors. As a result, it must arise from a consensus, which is likely to emerge in a consortium. To be accepted by all players, it has to be simple, transportable, easy to parameter and robust. To be perennial it has to be independent of the platform on which it operates, which does not prevent it from being able to develop. It will have to operate on different platforms or platforms will have to be made compatible with the programming language. Two languages seem to satisfy these conditions: ORDL and XrML. These two languages are based on XML. XML is a simple, open language. It uses the semantics of tags whose field remains largely extensible. XML is enriching itself. Tags make it possible to structure information and to ensure its conformity with predefined schemas. The markers of the XML language offer the option of tagging information while remaining comprehensible and clear. As a result ODRL and XrML directly enjoy the advantages of XML. These two meta-languages (language of expression of other languages) would seem bound to achieve dominance. ODRL (Open Digital Rights Language) ODRL 1.0 (http://odrl.net) was born of the fusion of the languages XMCL (eXtensible Media Commerce Language) by Real Networks and Nokia’s Mobile Rights Voucher (MRV). Its objective is clear: to offer a language compatible with existing DRM systems without a licence and free-of-charge by identifying objects and encryption. While it aims to bridge the interoperability gap between existing DRM systems, it may also be used in a specific DRM. It plans to achieve dominance by promoting its universality. Its role consists of ensuring universal understanding of commercial transactions. Its vision of DRM is described as horizontal. 2005 Edition © IDATE 21 Technical protection and legal background DRM and virtual content distribution Figure 1: Horizontal DRM Source: Rights representation language– ENST Paris ODRL is supported by Nokia (CE and mobile telephone manufacturer), Octalis, ViruosoMedia, Aegis DRM, Vienna University of Economics, Open IPMP, Metasoft, PurpleCast (content distribution), MarkTek (Watermarking), Arpasec (rights management), Simpsons Solicitors (legal service), Pipers (patents, copyright, authors’ rights) and OZAuthors (eBook contents). During the year 2003, ODRL was adopted by the OMA DRM and by DRM solution providers for mobile devices including BeepScience (Norway), End2End (Denmark) and Bertelsmann DWS (Germany). XrML (eXtensible Rights Markup Language) Presentation of XrML DPRL (Digital Property Rights Language), which has become XrML, was conceived by Mark Stefik in 1994. This engineer is the head of research at Xerox’s Palo Alto Research Center. The language developed by him makes it possible to define the restrictions attached to a digital file. It was the first significant initiative in the field of "Digital Rights Language", which gives DPRL the added advantage of being the first product on the market. In 2000, Xerox created the company ContentGuard, which took over responsibility for its engineers’ work on DRM. Microsoft, a ContentGUard shareholder, mainly uses XrML. The Redmond company, together with Thompson, ended up acquiring ContentGuard under the suspicious gaze of the European Commission. Like its competitor, XrML offers an extensible dictionary. On the other hand, XrML is not available free of charge. Technically, XrML is a universal method of specifying and managing rights, regardless of the digital resource. Unlike its competitor, it incorporates the possibility of recourse to an entrusted third party whose aim is to ensure that each fulfils party fulfils its obligations. That involves the implementation of a universal identification process of third parties authorised to intervene in commercial exchanges. XrML operates on a vertical DRM model. 22 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background Figure 2: Vertical DRM Source: Rights representation language– ENST Paris XrML was adopted as a component of the emerging standard MPEG 21, which gives it a clear advantage over its competitor. Other consortia, such as OASIS or the Content Reference Forum, are opting for these specifications. The list of XrML’s partners speaks for itself and includes Microsoft, Zinio Systems (eBook player), OverDrive (electronic publishing), Adobe Systems, Hewlett-Packard, Xerox, Dushkin McGraw-Hill (content aggregator), Barnes & Nobles, John Wiley & Sons, RoweCom. These partners support the XrML project and are using its results. They are in the operational phase. Functioning of XrML As far as the identification of persons and resources is concerned, XrML ensures that this is based: • • Mainly on public key mechanisms. This system means that language users set up key management infrastructures. The authentication of persons and resources. Authentication aims to verify that the identity given by an individual or a resource corresponds to reality. In the identification process the same types of procedures are used to ensure authentication. A public key is required for these individuals, a digest or a signature for digital resources. The signature and encoding are based on the W3C standards currently being developed: XMLENC for encoding and XML-SIG for the signature. By way of example, XrML incorporates the following options: • Management of playing, copying (including the generation of perfect sterile copies, a function available in the operations performed by Microsoft on its Windows Media Right Manager portal) and the printing of text documents. Management of pay-per-use and notably of Pay per View. • • 2005 Edition © IDATE 23 Technical protection and legal background DRM and virtual content distribution • Management of the loan of a work and, for example, of a book: after acquiring an electronic book a user can loan this book to a third party for a limited period of time. When this period expires, the user can automatically re-use the book, while the third party no longer has access to it. This function of e-book loaning (Adobe or e-book) is notably implanted using software implanted by the company Info2Clear. The company Medialive also has plans to extend the loaning of artistic works to films. Copyright integration Content integration In order to manage the rights related to a piece of content, it is worth identifying what the content is and, subsequently, who holds the rights to it. In the field of music, the company Gracenote has developed a tool for recognising music tracks based on notes. It is also developing a product in the field of video. Its vocation nevertheless remains recognition, not digital rights management: • • ISO numbers, like the ISBN (International Standard Book Number), an international standardised number that makes it possible to identify the title of a book or ISWC and ISAN numbers etc. The DOI (Digital Object Identifier), an international electronic document identification system developed by the AAP (Association of American Publishers) to protect copyright. The DOI is now oriented towards a single and permanent referencing system. The system for registering fixed digital images (photos, drawings, paintings, illustrations etc.). The number reveals the type of work in question, the country in which it was recorded according to ISA norms, the number of the registration authority and the sequence number of the file that the registration authority delivers. The number is inserted into the original file of digital content. Proprietary systems. Content vendors and distributors are free to use their own referencing system, in some cases jointly with the use of a standardised system facilitating exchanges. The MPEG standardisation committee is working on the description and identification of digital artistic works, notably via the MPEG-7 groups dealing with meta-data and MPEG 21 part 2, dealing with the declaration of digital resources. • • Embedding The registration number of a work should be inextricable from the work. In the framework of embedding the identifier is always accessible by the identifier’s player after the digital file has been processed (analogue conversion/digital re-conversion, compression/decompression: to print an image then to scan it, film with a digital camera a film projected on screen, to record a piece of music played on a stereo with a microphone connected to a PC, to edit extracts of an image, video image or sound). Two methods are used to embed identifiers in content: • Tattooing: this consists of tattooing the content with the identifier or tattooing an identifier reference on the content. The identifying player has the key to access the tattoo present on the content, to read it and go on to identify the work, in some cases by connecting to a reference data base. The signature: The rights holder calculates a signature for each work, purely from the information contained in the work. An identifier is attached to each signature. A modified piece of content does not generate the same signature as the original piece of content, but a signature that resembles this. The identifier player calculates the signature of the work, compares this signature with a base of signatures created upstream and looks for the signature that is the closest match, making it possible to subsequently access an identifier. Two categories of signature exist. The statistic signature is based on a mathematical approach to the analysis of the digital signature. The semantic signature is calculated by taking content components as a basis (the number or timbre of instruments, the tempo, the melody for music, the corner position of objects in a video etc.) • Embedding by signature would seem to be a more robust solution than embedding by tattoo. A wellinformed pirate can effectively eliminate a tattoo regardless of how difficult this may be. Pirating a signature, on the other hand, is equivalent to modifying the very nature of the content, of altering it, which finally makes the act pointless. 24 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background Should all content be made available digitally, identifiers could constitute significant catalogues that may prove difficult to manage in terms of access to and identification of protected content. As a result, the bigger the catalogue of artistic works and the longer identification, the greater the incentive for rights managers to reduce the signature’s size to the detriment of the system’s robustness. The same applies to identification by tattoo technology, which is also subject to catalogue size, but nevertheless requires less calculation. The signature has one key advantage over tattooing technology. All artistic works can be subject to a calculation of ex-post signature with the attribution of an ex post identifier. To tattoo a work, on the other hand, it is necessary to tamper with it before attributing an identifier. Content encryption Distribution, and notably distribution via the internet, of artistic works requiring DRM involves distributing two components. The first is the work and the second is composed of information on the rights related to the work to which the decoding key is attached. In general, the content itself is illegible or partly legible for commercial marketing reasons. The main point of this separation is that should rights be updated, it is not necessary for the distributor to resend the work a second time. For the process to be efficient, the work must be encoded efficiently based on the hypothesis that no solution is completely reliable. Today’s trend consists of mechanically and randomly combining encoding possibilities with symmetrical and asymmetrical keys. Delivery conditions Delivery of concessions to the consumer in return for payment is generally centralised at the level of a rights server. This is owned by the rights holder or the distributor by delegation. The server receives all of the licences defined from the rights holders, with a language to describe the rights, in a generic manner for each work. It receives requests for concessions from users, accompanied by a payment in some cases. It communicates the number of requests for concessions for each work and the total of the corresponding sums collected to rights holders and concession users. In the case of deliveries of artistic works, the problem of personal data management arises. PRM (Privacy Rights Management) and DRM have to converge to find common ground as is already the case in the e-commerce sector. However, the digital distribution of artistic works, and notably of video content, comes under the category of audiovisual communication by law and involves respecting the privacy of individual’s choices. In this respect it could be difficult to distribute content without guaranteeing the anonymity of clients. The concession management system must meet this requirement. It may be wise to call upon an independent authority that can certify the level of protection of personal data coming from a rights server and linked to the client data base of a rights holder. Technically we can distinguish between three modes of personal data management in DRM: • Decentralised systems: they do not possess a user data base and therefore preclude all risk of creation of file naming users. As with the Smartright system (www.smartright.org), personal data can be collected, but not passed onto the rights holder. They can be partially passed on, as recommended in the TCPA project. Partially centralised systems: they consolidate information related to purchases at an intermediate level or at the level of the end consumer. For example, VOD services by cable or satellite consolidate decoder data on the chip card. . Centralised systems: these systems are incarnated by the Janus technology or Microsoft’s Palladium project, renamed Next Generation Secure Computing Base. The NGSCB is a physical system. If this system should be integrated with forthcoming computers and Microsoft operating systems, an independent body should intervene to guarantee the conditions of use of personal data. Consumer associations should look unfavourably on the world’s office software and operating systems leader positioning itself at the heart of the centralised management system of data on business and usage by individuals. • • 2005 Edition © IDATE 25 Technical protection and legal background DRM and virtual content distribution Artistic works and rights distribution Providers of DRM solutions are faced with a network and/or support problem. Contents are now distributed on several networks and optical supports. Two types of telecommunications network exist, closed networks (cable networks, satellite, terrestrial, fixed and mobile networks) and open telecommunications networks incarnated by the internet. Distribution via networks Closed networks seem to break all the rules as far as the categories of players involved are concerned. These categories include bouquet operators, television channels, telecommunications operators and more broadly, content providers, aggregators, vendors, distributors etc. The work is sent via a non secured network on a closed device. The existence of a closed device authorises the incorporation of technical access measures in the device, which take the form of an electronic component and/or a chip card. Industry players link this technical access measure with technical protection measures and mainly with anti-copying measures. The encryption of measures caters for this double requirement. Depending on the network, the devices are as follows: • • • TV in the framework of a free television offering via the terrestrial network The decoder integrated or not in the case of a paying audiovisual offering (bouquet or channel) via cable network, satellite or terrestrial Mobile telephones and hybrid devices for GSM, GPRS and UMTS networks. Audiovisual distribution The players involved, of which some are present at different stages of the value chain in different business sectors, have a vested interest in opting for an interoperable solution given the convergence and nomadic nature of content. Furthermore, significant cost savings could be made in the production of electronic chips. Video distribution is primarily concerned because it is present on all devices mentioned above and is enjoying strong growth due to its attractiveness to the public. On cable and satellite digital networks, programme security is ensured by a decoder and a chip card. Programmes are encrypted using the DVB algorithm. This key is itself encoded with an asymmetrical key. The chip card decodes the message containing the symmetrical key that represents the user’s rights to programmes. The system offered by Medialive consists of cutting a piece of audiovisual content into two separate parts. The first part contains 90% of the content, but is illegible without the second. The second part of the content is not delivered unless the acquirer has made a payment. The player device compatible with Medialive verifies the validity if the Internet distribution The internet network is an open network whose major access device, the personal computer, is an open platform. This freedom enjoyed by internet users constitutes the richness of the network, but still prohibits the set up of a unique hardware protection and access system common to all players present. As a result, rights are procured via software solutions. In the music sector it is particularly difficult to impose rights management upon users. Thanks to free tools that are easily available, these users can manipulate audio files as they wish and without any restriction linked to rights management. The possibility of exporting files via identical copies, legally (MP3 players, recording on CD) or illegally (peer-to-peer exchange networks) from a personal computer (online exchange, recording, transfer) adds to the complexity of the problem. The solution consists of trying to close a system designed to be open. As far as the PC is concerned, that is compromised because each closed, restrictive and paying solution corresponds to an open and free solution developed by a freeware community. However, these free solutions do not always respect rights holders and their users are aware of this. Content distributors have to double their efforts to divert internet users from such illegal uses. That is not impossible as shown by the economically efficient offers that are emerging. These are closed commercial offerings in an open 26 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background system. The Windows Media Player by Microsoft is an excellent example of a closed system that is fighting its way through a jungle of open systems (cf. Microsoft monograph page 75). Distribution on mobile telecommunications networks With the advent of GPRS, EDGE and UMTS telecommunications networks, digital content distributors are going to have new business opportunities. Issues of content protection are going to arise when online content acquisition offerings emerge and already plague the distribution of ring tones, images and logos. Like decoders, mobile telephones have a chip card. Content distribution and the rights management for this content on mobile telephones may well follow the example of the solutions implemented on the audiovisual distribution network. In the case of a purely software solution, the operator is neutral in terms of the protection system. Standardising work on this topic is being carried out by the Open Mobile Alliance. Distribution on optical media The optical media in question are those that host music (Audio CDs), video (DVDs) and software (CDROMs). The case of music The audio CD, created by Sony and Philips, has no innate protective mechanisms. It can consequently be endlessly copied without any technical restrictions and without the authorisation of rights holders. The audio standard came from the "Red book", which notably stipulates that its usable capacity is 750 Mb. Definition in the standard of this useable capacity limits industry players’ margin for manoeuvre to protect their disc. They are sometime forced to go beyond the standard to insert a technical protection measure. This is the abusive practice that leads to the incompatibilities seen on certain devices. The SACD (Super Audio Compact Disc), created by Sony and Philips, is trying to achieve dominance and replace the audio CD. The advantage of this optical support lies in 3 points: • • • • Thanks to the Direct Stream Digital (DSD) technology, it reconstitutes a high definition sound It has 6 recording channels equivalent to the sound bands of a DVD It has a storage capacity of 4.7 Gb It is protected. The data inscribed on a SACD are encrypted. Contents cannot be interpreted unless the user has a decryption key. This key includes a part common to all SACD disc and a part appropriate to each track. The common part is found in the SACD players, physically inscribed in the player chip. The part specific to the track is inscribed on the disc in the form of a digital watermark with encrypted header data. These data that are necessary to play the disc indicate the number of tracks present, their duration and their position on the disc. SACDs are only compatible with licensed SACD players. A SACD cannot be copied with a classic burner, as the latter is nit capable of inscribing imprints on a blank support. There are SACD burners, but no plans to sell them to the public. Lastly, in all events, audio data remain encoded. As a result, without the key inscribed partly on the SACD’s digital watermark and partly in the decoding chip of the player, the audio data are illegible. The Audio DVD (DVD-A) is a standard published by the DVD Forum in 1999. It was deliberately made incompatible with video DVD players. The advantage for DVD-A player manufacturers was that households would have to purchase new devices. To interest consumers in this device, incompatibility was finally lifted at the same time as its protection mode. The effect was immediate and DVD-A sales took off. DVD-As are innately protected by CPPM technology (Content Protection for Prerecorded Media) developed by the consortium “4C entity.” It replaces the CSS2 technology that was initially planned for audio DVDs before CSS was cracked. 2005 Edition © IDATE 27 Technical protection and legal background DRM and virtual content distribution Video games It is possible to combine an optical support and a DRM. Although it already exists in the music sector, it can be adapted to other types of content such as video games. The developer Valve Software created the game Half-Life. The second opus of this game, very popular with hardcore gamers, was recently released worldwide. Produced by Vivendi Universal Games, the game has a draconian protection system conceived by Valve. The development studio has improvised as a secure content distribution solution publisher. It conceived a procedure called Steam. Steam is an application that is installed on the hard disc of the PC that will host the game. It manages distribution of the game via the internet, its installation and launch. An internet connection is required to install the game. It is even preferable to play on a computer that is continuously connected to the internet, because Steam checks the validity of the product, the player’s identity and rights each time the game is launched. Players can play on an unconnected computer, but this procedure is laborious and fastidious. Steam operates on an asymmetric key system. On installation of the game, players have to register with a rights procurement server. This communicates an identifier, a password and the key delivered with the game. The server identifies the content, authenticates the user, calculates his/her rights and communicates the key that decodes the game and enables its launch. If the registration phase is repeated by mistake, it automatically leads blocking of the key and prohibits access to the game. Unblocking requires the creation of a new key by the Steam team. In the music sector, MTP and DRM are also offered simultaneously. For example the rap group IAM has sold a disc that gave access to an additional track available on the internet. Rights authentication Authentication can be carried out thanks to hardware, the chip card, integrated circuits or software. Card-based authentication systems are widespread in pay television and mobile telephony. The advantage of the chip card versus circuits incorporated in a device not connected to the internet lies in the possibility of modifying its content. Hardware solutions provide more robust protection from the average pirate because they are more complex to thwart. Breaking hardware protection involves accessing the imprinted circuit and intervening in the latter. This calls for expert knowledge and specific equipment. To penetrate a software programme, on the other hand, it is easy to use a decompiler and carry out reverse community engineering. Once the rights server has authenticated the user, it has to communicate the representation of the rights acquired by the user. The process of sending and storing the representation of rights is subject to the same restrictions as user authentication. As a result, proxy encoding can take place via hardware or software. It can also be incorporated into the authentication procedure. Authentication and the secure transmission of rights representation lie at the core of security. The following variants have been observed. 28 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background Table 2: Examples of security system implementation Distribution on optical supports Hardware implementation at the core of security Software implementation at the core of security Home DVD player Home SACD or DVD-A player DVD player installed on a PC Distribution on closed telecommunications networks Television decoder by cable or satellite equipped with a chip card Selected multimedia mobile telephones Distribution via internet Player installed on a PC equipped with TCPA and Palladium Player installed on a PC, generally the case Source: Work protection measures – Ministry for Culture and Education Application of rights and management of digital copying of artistic works Rights procuration Once the phases of content identification, user authentication and transmission of rights and/or of the work, the DRM system should enable the purchaser to apply his/her rights. That mainly consists of interpreting the rights acquired by the user and transforming them into playing instructions (decryption of the artistic work), copying (number of copies authorised), transfer and/or recording (recording right) etc. It is the decoder that interprets and transcribers rights into instructions. It can be hardware or software. In the case of an optical support, the decoder consists of a technical protection measure. It manages access to content depending on the player device, as well as the copy. A decoder receives and compares the representation of a user’s rights stored in its memory or in a data base on a rights server with an action that the user intends to carry out (playing, copying or transferring). If the action matches the representation, the action is validated and the decryption module decodes the artistic work. The connection of devices to a network would seem to suggest real-time rights management and multiple procuration, depending on use, the time of usage, the number of usages and the nature of playing and the player. Rights procuration via equipment interoperability The digitisation of equipment leads to their interconnection and therefore to the possibility of carrying out identical copies of content. It involves the interconnection of consumer electronic equipment and the interconnection of IT equipment with consumer electronics equipment. The classic TV/video recorder combination is shattering and combinations are now multiple and fluid depending on the nature of the content (video/television programmes, games, music and software): • • • • • • • • TV/Home stereo PC/TV Camera/TV Decoder/Personal Video Recorder/TV Portable audio player/or video/PC/TV Mobile telephone /PC Home console /PC/TV PC/TV/ Stereo system etc. 2005 Edition © IDATE 29 Technical protection and legal background DRM and virtual content distribution The PC plays a central role in these associations. As an open platform, it is potentially capable of connecting to all existing digital devices. It constitutes an open gate for content exchange thanks to its connection to the internet network and to content sharing software. The PC and internet network incarnate the risk for rights holders. Interoperability, which for some companies including Sony constitutes at least a commercial argument if not a strong strategic positioning, makes it possible to set up a domestic equipment network. There are several connection standards that enable branded devices to connect. The USB and especially IEE 1394 connectors, which formed the basis of the Fire Wire broadband transfer technology, authorises data transfer from one digital device to another for playing, storage, recording storage or burning. In this scenario, all types of combination must be anticipated and potentially secured. Each new gateway presents the risk of a new breach. Effective management of rights to content can be ensured via the control of protocol transfers. To achieve this, the CE and IT worlds need to voluntarily and concertedly move towards implementing standards. In fact, only one device or piece of software needs to be insecure or compatible with other secure devices to cause a security breach in the network. Moreover, it is futile to want to block the route that leads towards the compatibility of digital equipment, a sign of technical progress. Audio and video formats are paving the way for such compatibility. MP3 is achieving dominance, despite the initial lack of interest on the part of record producers in the Frauenhofer Institut’s code. Sony has now decided to make its equipment compatible with MP3, despite the fact that it has an in-house code. Similarly, the Divx and Xvid formats are becoming widely used and consumer electronics manufacturers are adapting to these usages born of IT. Protetcting the content in a domestic network means incorporating the means (hardware or software) of identifying content, authenticating users, instructing rights, renewing and even updating rights in each piece of equipment. This calls for: • • • The introduction of a communication standard between equipment coming from different industries (CE or IT) in some cases Connection of one of the pieces of equipment to a network via which the representation of right is administrated A DRM system that is understood and accepted by all players. A system accepted by all pieces of equipment. The Smartright case SmartRight is based on the idea that the content protection chain is not broken at any time. To this end, content is always encrypted on the domestic network (while it is stored or transferred from one device to another), until it is watched to heard by the consumer on a “restitution device” (such as a television set). Decoding is enabled by a removable security module, such as a chip card inserted in the restitution device. We call this an end-to-end protection system, from content entering the digital home network to its restitution, via its possible storage. The SmartRight system creates a secure environment. It makes it possible to record encrypted content, but prohibits playing if the content is not legal. Illegal content is a copy that is not authorised by the holder of the rights to this content. Smartright is neutral with regard to conditional access systems or digital rights management and accepts content distributed free-of-charge. It respects U.S., European and Japanese standards. It defines a common syntax for SmartRight content in order to ensure interoperability and defines an applications interface (API- Application on Program Interface) with today’s major conditional access and digital rights management systems. There are several digital interfaces, available as standards for interconnection between standards. The SmartRight system can be used with any bi-directional interface, in the present or the future. The SmartRight system can co-exist and interoperate with all current content protection systems: “import” and “export” are defined between SmartRight and the other content protection systems that co-exist with Smartright on the same digital domestic network in order to respect rules of use related to content. These rules are defined by the content owners and distributors. For example, in the case of content distributed free-of-charge terrestrially, the operator can decide that its contents will be designated as “impossible to copy” content once it leaves the SmartRight domain, or that it will not be 30 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background able to leave this domain at all. Furthermore, all watermarking systems can be used as a complement to the SmartRight system. Devices can be equipped with removable modules, such as chip cards, that conform to international standards. Given that any content protection system can be pirated in time and with sufficient resources, renewal of the module is particularly apt and preferable to other alternative using secrets directly incorporated into devices and which thus involve the revocation of onerous devices in cases of piracy. The diagram below represents a basic SmartRight architecture. There are 2 main fields of protection: • In the first domain contents are protected by a private conditional access system or digital rights management, while they are distributed to consumers. In this context, pre-recorded encrypted media (such as DVDs) are considered as a source of conditional access. In the second domain the SmartRight system protects content once it is on the domestic digital network via the intermediary of an “access device” (such as a decoder or DVD player, for example). Figure 3: Smartright system architecture • Source: www.smartright.org All SmartRight content that is not free is associated with a given domestic network and, as a result, can only be used on this network. However, a domestic SmartRight network can also include external mobile devices related to this network, such as a portable music player or a device in a car, as well as devices in a second home that belong to the initial network owner. In other words, the SmartRight system protects the content used in a second home, as well as the mobile devices (such as a MP3 2005 Edition © IDATE 31 Technical protection and legal background DRM and virtual content distribution player) that have been connected at least once to the reference network. It is not necessary to have a permanent connection. All of these devices that share the same secret constitute a private domestic network on which content is available for private use, but only according to the rights attributed. A SmartRight device can only belong to one private home network at any given time. The 5C entity consortium has developed the DTCP standard (www.dtcp.com). 1.2. Legal background This chapter aims to offer a concise overview of the various legal concepts often associated with DRM issues, piracy, content distribution etc. We will primarily cover “artists’ rights” and copyright. These are the two most common systems of protecting artists and their works. We will subsequently present the various treaties, laws and directives related to the protection of artistic works in the information society that are already in effect or in the course of being passed. This introduction is vital in the framework of a study on DRM and technical protection measures. “Artists’ rights” lie at the heart of DRM issues. Their variable nature according to circumstances, as well as the way in which the copyright concept is applied, impacts the nature of DRM, technical protection measures and thus their deployment in the digital world. The loopholes and/or irregularities in the law in terms of accounting for wild and massive exchanges on the internet, notably via peer-to-peer software, does not promote consumers’ acceptance of DRM. DRM cannot compensate for the shortfalls of the law and replace the law as content producers and vendors would like it to. The legislator therefore plans to modify laws governing artistic works, their publication, performance and reproduction in the digital world, without necessarily calling into question consumers’ existing rights, while protecting authors and rights holders. However, the treaties of the OMPI, their transposition in the USA and Europe, seem to want to legitimise technical protection measures and DRM as insurmountable obstacles that take precedence over any exceptions to the rules. 1.2.1. The protection of artists and their works The protection of a work differs from one nation to another. We can nevertheless identify common international principles based on the Bern convention (1886). This convention lays the foundation for the protection of artistic works that leads to the construction of the WIPO (World Intellectual Property Organisation). It offers a protective framework for literary and artistic works including writing and literary works, architectural works, graphic and applied arts. In the end Anglo-Saxon law privileges the notion of copyright, whereas other including France privilege the notion of “artists’ rights.” “Artists’ rights” In France, the Intellectual property code2 defines artists’ rights. This legislation conforms with the Directive 2001/29/CE that harmonises the protection of artists’ rights in the European Union. Definition • • • • • Artists’ rights refer to all laws for creators governing their literary and artistic output. Artistic works protected by “artists’ rights” include: Books, brochures and other literary, artistic and scientific writing Dramatic works or musical dramas; Choreographies, circus acts and tours and pantomimes whose enactment is set out in writing or otherwise The intellectual property code is a French legal document created by law Nr. 92-597 of July 1 1992 related to the intellectual rd property code published in the Official Journal of July 3 1992. It covers most of the old laws governing the two branches of intellectual property, which constitute industrial property and literary and artistic property. It is regularly updated by the French parliament. http://www.legifrance.gouv.fr/WAspad/VisuArticleCode?commun=&code=&h0=CPROINTL.rcv&h1=1&h3=8 2 st 32 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background • • • • • • • Musical compositions with or without words Films and other works consisting of animated sequences of images, with sound or silent, collectively referred to as audiovisual works Drawings, paintings, architectural projects, sculptures, engravings and lithography Graphic and typographic works Photographs and works carried out using techniques similar to photography Applied arts Software, including preparatory design work. Moral and patrimonial rights Artists possess two types of rights, moral and patrimonial rights. Moral rights Moral rights protect the artist’s “personality” as well as his/her work. • • • The right to disclosure: this recognises the artist’s right to decide when s/he wishes to disclose his/her work to the public The right to authorship: the artist has the right to claim authorship of his/her work. The work’s right to integrity: the artist can oppose any modification, deformation or changes to his/her work • The artist’s right to oppose any stain on his/her honour or reputation. The moral right to an artistic work belongs to its author and cannot be bought or sold. It can nevertheless be bequeathed to a benefactor. Moral rights are subject to no time limits. Patrimonial rights Patrimonial rights concern the commercial use of an artistic work. The “artists’ rights” belonging to the artist include the rights to performance and reproduction. Performance consists of the communication of the work to the public by any means and especially: • • By public recital, poetry reading, dramatic performance, public presentation, public screening and transmission of an artistic work broadcast in a public place By broadcasting, including all telecommunication processes involving sounds, images, documents, data and messages of all types including the emission of an artistic work to a satellite. Reproduction involves the material fixing of the artistic work by all procedures making it possible to communicate the work to the public indirectly. This can notably be carried out by printing, drawing, engraving, photography, moulding and any graphic or plastic arts procedure, mechanical recording either on film or record. Any complete or partial performance or reproduction of an artistic work without the consent of its author, rights holders or assignees is illegal. The same applies to the translation, adaptation, transformation, arrangement or reproduction using an artistic medium or any type of procedure. Performance and reproduction rights can be sold free-of-charge or subject to payment. The sale of performance rights does not override that of reproduction rights. The sale of reproductions rights does not override that of performance rights. When a contract includes the full sale of one of the two rights referred to in this article of the law, its scope is limited to the modes of distribution specified in the contract. Patrimonial rights last for 70 years after the artist’s death. In the case of an audiovisual work, a collaborative work, the same rule applies but collaborators are individually named: the script writer, the author of the words, the author of musical compositions and the main director. 2005 Edition © IDATE 33 Technical protection and legal background DRM and virtual content distribution In the case of recordings (such as songs), the expiry date is only 50 years after recording. Exceptions to “artist’s rights” The law provides for a certain number of exceptions to the principles of “artists’ rights” including: • • Private and free performances made in a family context only. Copies or reproductions strictly reserved for the copier’s private use and not destined for collective use, with the exception of copies of works of art destined to be used for ends identical to those of the original work and copies of software other than the back-up copy established in the conditions specified by article L 122-6-1, as well copies or reproductions from an electronic data base. Provided that the artist’s name and source are clearly acknowledged: • • • Analyses and short quotations justified by the critical, polemical, educational, scientific or informative nature of the work in which they are incorporated. Current affairs magazines The distribution, even in their entirety, of public speeches given at political, administrative, judicial and academic gatherings, as well public meetings of a political nature and official ceremonies via the press or broadcasting with a view to informing the public of current affairs. Entire or partial reproductions of graphic or plastic art works to figure in the catalogue of a sale by order of the court in France for examples made available to the public prior to the sale with the sole aim of describing the works of art for sale. Parody, pastiche and caricature within the rules of the genre. Actions necessary to access content from an electronic data base for the needs and within the limits of usage specified by contract. • • • Neighbouring rights Since the law of July 3rd 1985, literary and artistic property has been extended to activities related to “artists’ rights.” So-called neighbouring rights for performers, producers and audiovisual communication companies have been recognised. These are autonomous that can be exercised without impacting “artists’ rights.” The duration of the protection granted is 50 years as of January 1st of the calendar year following the first communication of the work to the public. Copyright Definition and nature of protection Legislation on U.S. copyright comes from the Copyright Act (http://www.copyright.gov/title17/). In Anglo-Saxon countries the notion of copyright replaces the concept of “artists’ rights.” It protects the authors of original literary, dramatic, musical and artistic works. Copyright applies to artistic works captured on a material medium, a legacy of the Berne convention. Copyright legislation recognises the artist’s paternity as creator of a work, but does not consider other moral rights as presented in French law on “artists’ rights.” As far as distribution of an artistic work is concerned, copyright gives rights holders the exclusive right to exercise and authorise third parties to carry out the following acts: • • • • Reproduce the work Prepare projects based on the original work Distribute copies of the artistic work to the public (sale, rental, loan) in any form Perform the work in public. 34 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background Exceptions to exclusive rights from copyright "Fair use" Use of an artistic work in the form of reproduction by copying or a recording cannot be considered illegal in the following cases: • • • • Criticism Commentary Journalistic information Teaching (including multiple copies for a class) • University studies and research. The list below is not exhaustive. Furthermore, it is not enough to use an artistic work in one of these contexts for this usage to be classed as "fair use". Table 3: Comparison of two theoretical models Naturalist laws (royalties) Natural property Moral justification Primacy of the artist’s private interests Assumed conformity with public interest Justice of automatic protection Rights of creator (physical individual) - Limitation of protected works - Subjective originality - Personality and creativity Moral and economic prerogatives Legal monopoly Economic justification Pre-eminence of public interest Conflict with public interest Security of formalities Rights of the entrepreneur (moral individual) - Large range of works - Objective originality - Work and skill Exclusively economic prerogatives Positivist laws (copyright) Long duration of protection calculated on the basis of the Short duration of protection calculated from the creator’s death publication of the work - Exclusive rights - Absence of involuntary licence - Right to compensation - Several involuntary licences Source: CEPV Four criteria are used to validate the proper use of a work: • • • The aim and nature of the usage: a commercial usage can more easily be judged as a violation of copyright law. An educational use can more easily be considered as loyal usage. The nature of the artistic work protected: this involves appreciating the proportion of creativity in a work. The greater the proportion of creativity, the more the work has to be protected. The quantity and the importance of this proportion versus the entirety of the work: a quotation from a text may be deemed loyal, as may a clip from a film. As far as audio recording is concerned, the authorisation of rights holders is required regardless of the duration of the copy. Lastly, a poor quality copy of an image can be deemed loyal. The consequences of this usage on the potential market and on the value of the work of art protected. This involves estimating the direct and indirect impact of the use of copying on the economic and financial resources of rights holders. • There are other exceptions to and restrictions on exclusive rights involving libraries and not for profit public archives, the reproduction of an artistic work in a new form for a handicapped public and the visible architectural reproduction of a public place. 2005 Edition © IDATE 35 Technical protection and legal background DRM and virtual content distribution 1.2.2. International legal frameworks WIPO (World Intellectual Property Organization) treaties On December 20th 1996, the World Intellectual Property Organisation drew up 2 texts: • • The WCT (http://www.wipo.int/treaties/fr/ip/wct/index.html) And the WPPT (http://www.wipo.int/treaties/fr/ip/wppt/index.html). 51 countries have ratified the WCT and 49 the WPPT to-date. The former concerns the protection of artists and their works, while the latter covers the protection of performers and producers. The treaties include suitable international standards both for “artists’ rights” and the protection of performers and phonogram producers. They meet the challenges created by the use of new technologies and networks. "The treaties do not take precedence over national laws, but require the countries that sign up to them to accord a minimum of certain specific rights on a non-discriminatory basis." The two treaties came into power in 2002 after 30 countries had ratified them. The WIPO Copyright Treaty In order to ensure uniformity and efficient protection of artists, the WIPO suggests international rules that take into account the major changes occurring in the information society and telecommunications regarding the use of literary and artistic works. . The WCT is a special settlement based on the Bern convention for the protection of literary and artistic works. Two of its articles state the need, and the obligation, to implement tools to fight the neutralisation of technical measures to protect artistic works, the distribution of works without the agreement of the rights holders and the modification of information related to the rights system pertaining to an artistic work in a digital format. Article 11 Obligations related to technical measures: "The contracting parties must make provision for suitable and effective legal sanctions against any person that commits one of the following acts in the knowledge, or as far as civil sanctions are concerned, having good reason to believe that this act will lead to, enable, facilitate or hide the impeachment of a law set down by this treaty or the Bern Convention." Article 12 Obligations related to information on the legal system: 1) The contracting parties must make provision for suitable and effective legal sanctions against any person that commits one of the following acts in the knowledge, or as far as civil sanctions are concerned, having good reason to believe that this act will lead to, enable, facilitate or hide the impeachment of a law set down by this treaty or the Bern Convention: i) To delete or modify any information relating to the rights system presented in an electronic format without authorisation ii) To distribute, import with a view to distribute, broadcast or communicate to the public works of art or examples of these works without authorisation and in the knowledge that information related to the rights system presented in an electronic form have been deleted or changed without authorisation. 2) In this article, the expression “information on the rights system” means information enabling identification of the artistic work, its author, the rights holder to the work or information on the terms and conditions of use of the work and any number or code representing such information, when any of these pieces of information is attached to an example of the work or appears in relation to the communication of a work to the public. 9 A declaration by all member states of the WIPO in the WCT confirms that the storage of a protected work on an electronic medium is a reproduction. 36 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background "The right to reproduction stated in article 9 of the Bern Convention and the exceptions to which it may be subject are fully applicable in a digital environment, especially to the use of works in a digital format. It is understood that the storage of a protected work in a digital form on an electronic medium constitutes a reproduction in the sense of article 9 of the Bern Convention." WIPO treaty on performances and phonograms or the WPPT (WIPO Performances and Phonograms Treaty) The WPPT is based on the Rome Convention (1961) on the protection of performers, phonogram producers and broadcasting organisations. Two articles of the WPPT deal with technical measures and their circumvention. Article 18 Obligations related to technical measures: “The contracting parties must make provision for suitable and effective legal sanctions against the neutralisation of the effective technical measures implemented by performers or phonogram producers in the context of them exercising their rights accorded by this treaty and which restrict the committal of acts pertaining to their performances or phonograms that are not authorised by the performers or phonogram producers in question or permitted by the law.” Article 19 Obligations related to information On the rights system 1) The contracting parties must make provision for suitable and effective legal sanctions against any person that commits one of the following acts in the knowledge, or as far as civil sanctions are concerned, having good reason to believe that this act will lead to, enable, facilitate or hide the impeachment of a law set down by this treaty i) To delete or modify any information relating to the rights system presented in an electronic format without authorisation ii) To distribute, import with a view to distribute, broadcast or communicate to the public works of art or examples of these works without authorisation and in the knowledge that information related to the rights system presented in an electronic form have been deleted or changed without authorisation. 2) In this article, the expression “information on the rights system” extends to information making it possible to identify the performer, the performance, the phonogram producer, the phonogram, the rights holder for the performance or phonogram and any number or code representing such information when one or any of these elements is attached to the copy of a performance or an example of a phonogram or appears in relation to communication to the public or the making public a performance or a phonogram. 16 The Digital Millennium Copyright Act (DMCA) http://www.copyright.gov/legislation/dmca.pdf The DMCA is a federal law. It was passed on October 28th 1998. The DCMA amended the Copyright Act and adapted it to meet the challenges of new technologies and the obligations imposed by the treaties of the WIPO adopted by the diplomatic conference on certain “artists’ rights” and neighbouring rights issues on December 20th 1996. The DMCA protects the technical and technological means of “artists’ rights” management by: • • • Sanctioning of all neutralisation of technical measures implemented by artists in order to ensure the protection of their works Sanctioning of the deletion or modification of mentions related to the ownership of rights to the work Prohibition of the manufacture of certain products enabling the circumvention of digital protection.. 2005 Edition © IDATE 37 Technical protection and legal background DRM and virtual content distribution These aspects of the DMCA contradict with the exceptions to copyright, namely “fair use.” Furthermore, the DMCA’s provisions concerning the neutralisation of the technical measures implemented to protect digital content make this exception obsolete due to the simple presence of a technical protection measure. The scientific community has opposed these provisions, which are likely to have a negative impact on its activities. Thus the circumvention of this protection in the context of the “fair use” exception or the distribution of information or products enabling the circumvention of an artistic work would constitute violations of the DMCA’s provisions on the “neutralisation” of technical means of protection of digital works. The European Union Copyright Directive (EUCD) http://europa.eu.int/eur-lex/pri/fr/oj/dat/2001/l_167/l_16720010622fr00100019.pdf Directive 2001/29/CE of the European Parliament and of the Council of May 22nd 2001 on the harmonisation of certain aspects of “artists’ rights” and neighbouring rights in the information society. Exceptions to exclusive rights Community law is a little restrictive for EU member states as far as exceptions to the field of “artists’ rights” are concerned. This field is nevertheless limited to the following cases, described in articles 5.2 and 5.3 of the Directive. a) Paper copying (reprography and photography) b) Private usage (with fair compensation or a legal licence) c) "in cases of specific acts of reproduction carried out by libraries accessible to the public, educational establishments or museums and archives that are not looking for any direct or indirect commercial or economic advantage" d) The archives of broadcasting organisations e) Not-for-profit social institutions such as hospitals and prisons (with fair remuneration). Other exceptions of a non-commercial nature are made possible and involve the right to reproduction and that of communication to the public that does not involve any material capture of the work made available: a) Illustration in the context of teaching or scientific research b) Use for the benefit of handicapped persons c) Information and news d) Quotation of artistic works e) Public security, administrative, parliamentary and judiciary procedures g) Religious and official ceremonies h) Usage of artistic works such as architectural projects or sculptures completed to be placed permanently in public places i) Chance inclusion in another product. … n) The three stage rule While the Directive 2001/29CE opens the field up wide open to exceptions, it limits their scope. In fact, exceptions “are only applicable in certain special cases that do not affect the normal distribution of the work or any other object protected, or cause any unjustified damage to legitimate interests.” This indication, aimed at enlightening the judge, refers explicitly to the three stage test (WCT, 1996, art. 10, WPPT, 1996 art.16) which makes it possible to gauge that the limits of loyal use or the exception to exclusive rights depending on the economic impact on rights holders. 38 2005 Edition © IDATE DRM and virtual content distribution Technical protection and legal background The exceptions must cumulatively: 1. Be restricted to certain cases 2. Not affect the normal distribution of the artistic work 3. Not cause any unjustified damage to the legitimate interests of rights holders. Protection of technical measures and information on “artists’ rights” The European Directive transposes the articles related to the protection of technical measures of the WIPO treaties via its articles 6 and 7. Article 6 concerns obligations related to technical measures, the latter defined at the same time in the eyes of the Directive and thus legitimated by European law. Member states are obliged to make provisions for suitable legal protection against the circumvention of all effective technical measures carried out by an individual in the knowledge that, or with good grounds to believe that s/he is pursuing this objective. Article 7 deals with obligations related to information on the rights system. Member states have to provide suitable legal protection against any individual that consciously deletes or modifies any information related to the rights system presented in an electronic format without authorisation. Those who distribute, import with a view to distribute, broadcast, communicate to the public or make protected artistic works available to the public are also offenders. The European Directive is in the process of being transposed into national law. The primacy given to the protection of technical measures and “artists’ rights” information in terms of the exceptions to exclusive rights is not covered by the Directive. In other words, the Directive does not answer the question: is a user that consciously neutralises the protection of a physical medium to make a private copy breaking the law? The reply to this question is left to the discretion of the judge according to the transposition of the Directive into national law. 2005 Edition © IDATE 39 DRM and virtual content distribution DRM players 2. DRM players 2.1. Players present The groups of players involved in digital content protection and rights management are as follows: • • • • • • • Content providers Technical protection solution providers DRM solution providers Rights aggregators and licence managers Distributors Consumer electronics manufacturers IT manufacturers 2.1.1. Content providers This category consists of players involved in content activities that are now digital or can be digitised. Their content can thus be physically distributed via optical media (DVDs, CDs, mini-discs, cassettes etc.) and virtually distributed via networks. This category consequently includes players from the music sector and primarily record producers, vendors and distributors. They are represented by the majors Universal Music group (a subsidiary of the Vivendi Universal group), EMI Music, Warner Music Group and Sony BMG (which are one entity in publishing). The record majors, who have been active, and very active in some cases, in the field of music distribution via the internet for a long time, are now concentrating on their competencies. BMG (Bertelsmann Music Group) largely financed the D&R activity of Napster, wishing to capitalise on the dawn of peer-to-peer to move into virtual music distribution. BMG was heavily criticised by other record companies. Vivendi Universal tried to develop their own coder/decoder without success compared to Sony and its ATRAC3 audio decoding format. In response to the P2P phenomenon, the record companies have joined forces and created two online music distribution platforms: PressPlay (Sony, Universal and Microsoft) and MusicNet (Warner Music, BMG, EMI, Real Networks). The two platforms have not yet met with the success that they anticipated. PressPlay’s assets have been sold to Roxio, which has also bought Napster’s shares to form a single company renamed Napster. The record companies have also invested in the DRM sector. Via their subsidiary Fidelio Acquisition Company, Sony and Philips Electronic is acquiring the promising U.S. company Intertrust. Sony is protecting its audio CDs via the intermediary of its subsidiary Key2audio. The majors are nevertheless more used to turning to third parties to provide protection solutions. In June 2005, Sony BMG announced the marketing of audio CDs protected with the extended Copy Protection (XCP) solution produced by the British company First4Internet. This technical protection measure is a system that prevents second generation copies. During the first copy, files are converted to Microsoft’s WWA format. They remain playable on a computer or audio player, but Microsoft’s DRM is incorporated into the files, thus preventing a copy of a copy. This is referred to as “Sterile Burning.” Moreover, First4Internet’s solution makes it possible to manage the number of copies of the original that is authorised via a procedure of “Controlled Burning.” The majors seem to be opting for 3 or 4 copies that are required by private copying or fair use. Although unanimously adopted by record companies, XCP is nevertheless incompatible with Apple’s iPod. Today the record companies do not seem to be abandoning their investment in music distribution via the internet. To achieve this, they are forming alliances with peer-to-peer solution providers. Their form of investment is no longer direct, but is carried out via partnerships that consist of calling on specialists in each field of activity. As a result, music distribution via the internet is now the business of distributors and companies that are positioning themselves accordingly. In this context, record companies are seeing their sales activity develop significantly. 2005 Edition © IDATE 41 DRM players DRM and virtual content distribution The independent labels have never been in a position to invest like their 4 competitors. They are nevertheless more attuned to changes in usage and more reactive to them. Thus, TVT Records (www.tvtrecords.com), a U.S. label, digitised its entire catalogue and made it available on the internet free-of-charge in 1999. 2.1.2. Technical protection measure (TPM) and DRM providers TPM providers and DRM solution suppliers are two different categories of company. Although these two market segments are complementary, it is rare to find two companies that cover both areas at the same time. These companies include Microsoft and Macrovision, although the former is more specialised in DRM and the latter in technical protection measures. Similarly, companies that evolve in different content sectors are also rare. Text protection seems to have to be a different competency from that of music and video games protection. Some companies are active or trying to gain a foothold in several segments of the content market. Microsoft’s solutions consequently have the same core for video and audio. The same can be said of RealNetworks’ solutions. The protection of television contents is a different sector entirely and its players do not seem to be extending the scope of their activities to other fields. As a result, Nagravision, Canal+ Technologies and Thomson remain specialists in the various encryption systems for audiovisual programmes. TPM players include: • • • • • • • • • Digimarc Macrovision NDS Nextamp Philips Electronics RSA Security SealedMedia SunnComm Verisign DRM players include: • • • • • • • • Apple BeepScience End2End Info2Clear Intertrust Microsoft Overdrive RealNetworks 2.1.3. Rights aggregators or licence managers Like the company ORCHARD in the music sector, the field of activity of rights aggregators is the composition of catalogues of content that require no licence for use on the internet. Part of this market legitimately belongs to vendors, which are not depriving themselves of this fantastic opportunity, notably to explore emerging markets such as that of polyphonic telephone ring tones. Vendors are selling distributors and distribution platform providers like Musiwave the rights to exploit their top tracks on mobile telephones as ring tones. Another part of this rights market is more fragmented. It emanates from the independent production market. Music distribution on the internet is down to distributors. The latter have everything to gain from joining forces with an aggregator to achieve as widespread distribution as possible. 42 2005 Edition © IDATE DRM and virtual content distribution DRM players Recently aggregators of musical content for artists without a record company have been emerging. Wild Palms Music is one such aggregator, as is Believe.fr 2.1.4. Distributors This sector of activities, long since coveted by the majors, is now dominated by specialist players including: Napster, BuyMusic, OD2, WalMart, Fnac Music… The record companies are nevertheless present via MusicNet and eCompil owned by the Universal Music Group. However, this market, which has a promising future, remains largely open to very different companies such as Microsoft, Tiscali, Sony, EasyMusic etc. Retailers are trying to break into virtual music distribution. Walmart in the USA and FNAC in France are two interesting initiatives since they represent a real turnaround in the retail business. From mere distributors, they become distributors. The two businesses are not all that different, since distribution in the internet age can be directly carried out to the client without any intermediary. Nevertheless, the retailer distributor has to take responsibility for negotiating rights on the internet if it wants to maximise its revenues. Competition is fierce, despite a business model that generates very little or no profits in terms of the volume of tracks sold. Today Apple still remains the most surprising experience to-date and the most exemplary in terms of music distribution on the internet. Apple shows that, despite unfair competition, a solvent demand exists if a form of acquisition and consumption of music is offered that falls into line with new usages. There can be no doubt that this model is going to be transposed to other sectors in years to come. Video games have been the subject of a few secret attempts. In the video sector, the agreement between Archos, a provider of portable video devices, and Echo Star, a satellite television channel operator, would seem to support this hypothesis. To compile an attractive catalogue, distributors have to assure content providers that their works will be protected. They are therefore turning to DRM systems that have proven effective. 2.1.5. Consumer electronic manufacturers There are two categories of companies. On the one hand, there are the consumer electronics giants long since present in the market investing in a product portfolio that ranges from television screens to walkmans via video cassette recorders and Personal Video Recorders. This category includes Sony, Philips, Thomson, Matsushita, Samsung, LG, Hitachi etc. These companies did not initially want to market devices likely to read content of dubious origin and that could damage their partnerships with content providers. On the other hand are new companies that are medium-sized and/or have one product only, which are anxious to find their niche by marketing innovative products that are uncertainly and sometimes improbably positioned. As opportunists, these companies showed no hesitation in marketing the first DivX players without DRMs and mainly originating in outlaw peer-to-peer exchange networks like Bit Torrent without any provision made for compensation to rights holders. Consumer electronics giants than put aside their concerns and launched their own DivX players. Today Thomson, Philips, Sony, Samsung, Pioneer, LG, Kenwood, JVC and Continental Edison sell DivX players. The positioning of consumer electronics manufacturers is sometimes difficult for them to come to terms with as it contradicts that of rights holders that are also partners and sometimes members of the same group via subsidiaries. The positioning of a consumer electronics manufacturer can therefore contradict another of the group’s activities. For example, the provision of an audio CD protection system can be deemed incompatibles with the marketing of blank CDs. Similarly, providing devices for playing films and audio tracks in a format with no DRM or found on exchange networks can be deemed incompatible with films and music by artists. Content owners have long since shown their anxiety regarding the existence of means of illegal copying and distributing their works. Moreover, there has always been a right to limited copying: notably “Fair Use” in the USA, and the right to private copying in France. 2005 Edition © IDATE 43 DRM players DRM and virtual content distribution It was in the 1980s with the emergence of the video cassette recorder that the first conflicts arose between content owners and CE producers. It is worth remembering that the “Betamax decision” made by the U.S. Supreme Court in 1984 concluded that the sale of video cassette recorders was legal because such recorders enabled a substantial number of legal uses ("capable of substantial noninfringing uses"). The growth in digital content enabling a perfect copy of the original and the multiplication of digital broadband networks put this question back on the agenda. The increasing ease of transferring content obtained from the internet to consumer electronics equipment via a PC and vice versa is a major factor in the aggravation of conflicts. There is a real risk that there will be fewer usage possibilities with digital systems than with existing analogue systems. A new law called the “Induce Act” that could call into question this decision was being studied by several senators in mid-2004. It prohibits all equipment that can be used for piracy, thus calling into question the Betamax decision. Another bill, the “Digital Media Consumers Rights Act” or HR 107 takes the diametrically opposite position. The situation in the USA is therefore far from clear, although it is very significant, given the importance of U.S. cinema (and television) in the world market. Against this background, relations between content producers, equipment manufacturers and consumer associations that try to influence the legislator are often conflicting. The main position of the Consumer Electronics Association is given below. It notable defends the following principles: • • • • Maintaining the right to sell products “enabling a substantial volume of legal uses." Maintaining ”Fair use", namely the possibility of copying works protected by copyright, notably for personal use Authorisation of home recording of the artistic works distributed. A restricted interpretation of the DMCA (Digital Millenium Copyright Act), which prohibits the development of tools that making it possible to get round a copyright protection system. All of this is carried out in the name of free access to information, entertainment and education. It is worth noting that these demands overlap with those of associations defending consumers and citizens’ rights. 2.1.6. IT manufacturers Sometimes heavily involved in content protection like IBM in watermarking and Intel in the TCPA imitative, IT manufacturers are also seeing small-sized, free particles in their ranks on the look out for a technological breach, a source of profit. Several companies have marketed products that are mid-way between IT and consumer electronics. Sometimes geographically remote, such as South Korea (Dvico, iRiver, GamePark), these companies market their products on the internet. Barely involved in partnerships with content providers, these IT manufacturers, which are not in the majority, generally have no scruples about marketing products that could damage rights holders. As a result, CD burners and then DVD burners have hit the market. Relationships between record companies and IT manufacturers are consequently turbulent. At the beginning of 2003 the powerful association that represents record companies, the RIAA (Recording Industry Association of America), the BSA (Business Software Association) headed by Microsoft and the Computer System Policy Project (including Dell, Hewlett-Packard and Intel) signed an agreement. One of its principles, for computer manufacturers, consists of incorporating TPMs into their equipment to limit counterfeiting. At the time, the scope of this agreement was limited by the spokesperson of the Computer & Communications Industry Association including Sun Microsystems, Yahoo!, AOL, Fujitsu and Nokia. In 2005 this agreement does not seem to be borne out by the reality of the situation given the contradictory nature of the stakes of its signatories. On the one hand, marketing computers that prevent copying is not very marketable. On the other, the IT signatories were not imitated by their competitors. 44 2005 Edition © IDATE DRM and virtual content distribution DRM players Contradictions in positioning are not the only inconsistencies among consumer electronics players. Toshiba was one of the companies at the root of the DVD protection system CSS, notably with Matsushita. Toshiba markets DivX players, a format used to compress films that have been taken from a DVD whose protection has been breached and therefore whose CSS protection has been destroyed! 2.2. The value chain In content sectors the traditional value chain broadly includes a creation stage, a publishing stage and a marketing stage (see following page). In a theoretical framework, the digitisation of contents and their distribution just lead to the disappearance of stages that have been traditional to-date. In reality, physical distribution cohabits with virtual distribution and that will last for several years to come. The disappearance of intermediaries is consequently far from being total and definitive. Furthermore, the presence or not of intermediaries varies according to the strategic choices of operators. In all events, it is worth noting a salient point, which consists of seeing the distributor and the retailer merge. In a lighter version of the value chain, TPMs and DRMs may be integrated at all levels. The creator, publisher, aggregator, technology provider and distributor/retailer are all likely to intervene directly or via an intermediary in the integration of DRM. That depends on the player’s closeness to the customer. In cases where an artist wishes to distribute, s/he will have to whether or not to incorporate a DRM system. In the music sector, the most advanced sector in terms of virtual distribution, TPM and DRM systems are integrated by a provider of technical solutions and all-in-one distribution solutions. This is notably the case with OD2, European leader in unbranded virtual music distribution. The virtual content distribution phase via On Demand Distribution is as follows: Figure 4: OD2 distribution infrastructure Source: OD2 2005 Edition © IDATE 45 DRM players DRM and virtual content distribution As for Apple, it is present at all stages of the new value chain, including the design of playing devices. It is conceivable that this model evolves in the years to come with the recent arrival in this market of Microsoft, which for the moment uses OD2’s solution, Coca-cola which is doing the same thing, MTV, Sony and integrated solutions. Two models seem to be opposing one another, the closed end-to-end solution and the open intermediary solution whereby the technology provider takes a primary position. In the framework of the first solution, TPMs and DRM are proprietary and the problems are mainly of a commercial nature. The operator is the content and service provider. In the framework of the second solution, TPMs and DRM systems can become a completely separate stage in the value chain. They are not only tools, but also a product as such that distributors/retailers have to include in their cost margins. The virtual distribution sector is still in an emergence phase and it is still impossible to say which model will dominate. In broad terms, which player will win: Apple, Sony or Macrovision, Microsoft or OD2, Tiscali, MTV or Coca-cola (unless the winning ticket is a mix of genres such as Apple/Macrovision/Microsoft…)? • Creators: they occupy a central position in the former value chain which constitutes a commercial, community opportunity in the new internet versions that few players have been able to capitalise on. Despite the financial solvency of internet users, the deployment of broadband, protection solutions and copyright management have not gone down the road of freeing themselves from their vendor. Vendors: seen for a while as the major benefactors of the turnaround in virtual distribution, vendors, film studios and record companies seem to have abandoned plans to invest heavily in online distribution. They prefer to leave this to companies whose core competency is online distribution. This does not mean that they are not seeing changes to their competencies. In the music sector, vendors are getting involved in the sale of catalogues to be exploited on new media. Manufacturing/storage/distribution: this is the link in the value chain that has been upset by the internet. Nevertheless, consumers’ attachment to the physical support leaves them a respite that these players are capitalising on to renew their growth strategy. Players like MPO have already begun a transformation towards virtual distribution. Retailers: retailing is changing shape. It is switching from a physical environment to a virtual environment. The players are not generally the same. Virtual distribution is the business of the new economy, IT and internet pioneers. Traditional retailers often haven’t innovated in virtual distribution. They got involved when the market showed signs of growth, but virtual distribution players were already in place by then. Retailers, on the other hand, know their customers better than anyone and this asset is now broadly exploited. Technology providers/ distribution platform providers: these are the technicians of the value chain. Technology providers are the newcomers in the value chain of content distribution. They are at the root of the distribution architecture; they encrypt files, implement online payment, protection and content management systems. Their technical skills also enable them to distribute no-name contents themselves. Virtual content aggregators: also newcomers in the value chain, content aggregators are responsible for compiling catalogues. The composition of a catalogue involves buying contents from vendors by negotiating the exploitation rights on the internet. It is in this framework that rights to copy and transfer content enjoyed by consumers can be negotiated. Aggregators can compile catalogues for themselves if they are also retailers like iTunes. They can also compile catalogues that they sell to technology providers/distribution platform providers/retailers like The Orchard does. • • • • • 46 2005 Edition © IDATE DRM and virtual content distribution DRM players Figure 5: Evolution of the music value chain 1) Physical distribution Retailing Developers artists, creators Studios Vendors of Video games, record, films and videos Manufacturing Storage Distribution Consumers TV, radio and internet promotion 2) Virtual distribution Developers artists, creators Studios Technology providers Content aggregators Distributors /retailers Consumers Source: IDATE based on Vitaminic 2005 Edition © IDATE 47 DRM players DRM and virtual content distribution 2.3. Monographs 2.3.1. Groups and consortia Blu-Ray Disc Association The Blu-Ray Disc Association is a consortium whose activities consist of developing and promoting an optical disc format enabling the recording, re-writing and reading of high definition video. Web site www.blu-ray.com Description Date founded: President: Number of member companies: Start of 2002 n/a + 100 member companies: IT manufacturers, consumer electronics manufacturers, content producers and audiovisual companies. Founding members 13 founding members: LG, Hitachi, Matsushita, Mitsubishi, Pioneer, Philips, Samsung, Sharp, Sony, TDK, Thomson Multimedia, Dell and HP Recent events/ Key points 2002 Development of technical specifications V1.0 by Blu-Ray Disc. 2003 Development and marketing of Blu-Ray format by the “Blu-Ray Disc Founders,” made up of 11 initial members. Sony markets the first DVD player based on Blu-Ray technology in Japan. 2004 In January HP and Dell join the consortium now called “Blu-Ray Disc Association.” Sony Pictures, Columbia, MGM, 20th Century Fox adopt the BluRay format. At the end of 2004, Walt Disney Company and Buena Vista Home Entertainment support the Blu-Ray format and join the consortium. 2005 Apple joins the “Blu-Ray Disc Association.” Apple will thus bring its expertise in terms of DVD creation and will also take part in promoting and marketing Blu-Ray. Objectives Development and commercialisation of a standard With the support notably of the Hollywood studios, the Blu-Ray Disc Association alliance aims to develop, commercialise and establish the Blu-Ray format as a standard in the optical disk storage industry. This format could also become a standard for PC data storage in the long-term. Technical specifications Blu-Ray Disc Specification V1 The Blu-Ray V1.0 specifications adopted concern the read only version of DVDs, not the rewritable version (Rewritable Blu-Ray). The first BD-ROM players (thus integrating Blu-Ray V1.0 specifications) should be commercialised at the beginning of 2006. The next games console PlayStation 3 should be equipped with this technology. The next stage will be to specify the compressor/decompressor selected to inscribe the data on a Blu-Ray DVD (the current versions of DVD use MPEG 2 for video). 48 2005 Edition © IDATE DRM and virtual content distribution DRM players Blu-Ray Disc Specification V1 Blu-Ray has the advantage of offering a far larger storage capacity than that currently offered by DVD: A maximum of 50 Go versus 30 Go for HD-DVD or 8.5 Go for rewritable DVDs A capacity of 25GB corresponds to the possibility of storing 2 hours of HDTV programmes or 13 hours of SDTV programmes. Blu-Ray also requires a protective housing around this media (which increases its weight and bulkiness), which is not necessary on HD-DVD (see below). The alliance formed with TDK at the beginning of the year 2004 (TDK has just implemented an anti-glitch technology on this optical support), should make it possible to partly resolve this problem. Competition HD-DVD Forum The HD-DVD Forum, mainly supported by Toshiba, NEC and Sanyo, proposes the HD-DVD format as a DVD standard. A standardised HDDVD product can be developed at lower costs than its Blu-Ray equivalent and only requires a few changes in terms of DVD recorder/player manufacturers’ production lines. 2005 Edition © IDATE 49 DRM players DRM and virtual content distribution UK Content Reference Forum Group of industry players that aim to create an intelligent file likely to be distributed by all file exchange networks and making it possible to fight piracy effectively. Web site www.crforum.org Description Date founded: President: Number of member companies: December 2003 Albhy Galuten 7 Founding members Microsoft Content Guard Verisign Macrovision Universal Music ARM NTT Key points of development 2003 Set up of first technical specifications of the concept at the end of December. 2004 No new announcement regarding progress with the project. Objectives Interoperability and security in file exchange via the internet The initial objective of the CRF remains the set up of a type of file enabling the distribution of paying and secure content, via web-based exchange platforms. It is consequently necessary to have a data and process description standard that enables the various technologies present to interoperate regardless of their physical support. In order to impose its file format, the CRF is primarily counting on growth in the number of its members (annual fee of USD 9,500 to become a main member of the consortium). Technical specifications Creation and use of CRF file The CRF file will enclose the information necessary for automatic downloading in a suitable format and for purchase via an automatic payment system, modifiable by the content distributor. The file will therefore contain a payment and DRM module enabling it to be distributed via P2P networks without any cause for concern. The new exchange format will not include audio or video files, but a link making it possible to download a legal version of the protected content and apt the terminal use. The CRF file will recognise the exchange platform and will adapt to the mode of reading regardless of the physical terminal. 50 2005 Edition © IDATE DRM and virtual content distribution DRM players Response to an existing problem The CRF thus intends to respond to the problem of the multiplication of digital content formats (MP3, WMA, AAC, Real etc. for audio; MPEG2, DivX, AVI, MOV etc. for video) while reassuring content producers with regard to the risk of piracy. Files stamped CRF include an online payment interface that can be used by all exchange networks on the internet. The distribution of audio and video files is carried out by the internet themselves, which are thus directly involved at the heart of the content distribution process. Producers can thus envisage a reduction in distribution and marketing costs. This direct relation with internet users effectively makes it possible to bypass the traditional distribution network and to generate additional profits. Development of a commercial interest for internet users and producers 2005 Edition © IDATE 51 DRM players DRM and virtual content distribution USA Coral Coral is a North American industrial alliance aimed at ensuring the compatibility of various DRM systems and to thus enable consumers to benefit from the content available on the internet, regardless of their physical support, while ensuring the protection of copyright. Web site www.coral-interop.org Description Date founded: President: Number of member companies: October 2004 Jack Lacy 18 members (equipment manufacturers, content publishers, technical solution providers) in March 2005 Founding members HP Sony Samsung Panasonic (Matsushita) Twentieth Century Fox Intertrust Philips Key points in development 2004 Set up of Coral consortium in the month of October Refusal of membership to Apple, Microsoft and Real. 2005 The first technical specifications are approved on March 1st 2005. 11 new members join the founding members (including NBC Universal, Sony BMG, Universal Music Group and IFPI). Objectives Interoperability between DRM formats Faced with the diversity of the proprietary DRM systems used by online music sites, the Coral consortium’s objective is to develop a common standard to make the files downloaded and player devices compatible with each other. Technical specifications Integration of a DRM translation software Coral’s ambition is to create several technical specifications that will enable various forms of protection against copying to be transformed and legible on all existing players. The consortium envisages the following solution: the integration of DRM instruction translation software on the player device level based on the NEMO (Networked Environment for Media Orchestration) developed by Intertrust. 52 2005 Edition © IDATE DRM and virtual content distribution DRM players Approach to implementation Development of specifications for the beginning of 2005 Coral envisages the existence of a body that will probably issue a certificate in order to authorise translation, automatically and transparently, from one DRM system to another, while retaining the state of the rights attached to the content and the nature of the digital file. This translation would take place between different types of equipment. The first implementation of this new technology is forecast for the first quarter of 2005. Members are currently collecting information in order to determine the rules and mechanisms used by current systems. Based on this concept, a proposal for the architecture and technical specifications will be published. These specifications will be available under licence. The nature of the licence (open source or not) has not yet been decided. The technical specifications were announced at the beginning of March 2005 directly on the consortium’s web site and are only available to its members. The annual subscription fee to become a main member is USD 50,000. Coral will act as a forum for exchange and discussion for the various players with a view to defining the economic models related to the set up of these technologies and to understand the rules of use in content distribution. Coral will analyse requirements in terms of the client user of these DRM systems so as to redefine and improve, if necessary, all of the technical parameters related to interoperability. Le consortium will enforce compliance with advanced technical specifications in order to ensure the security and reliability of the Coral environment. Publication of specifications Rules of use and business models Analysis of client needs Assessment of compliance 2005 Edition © IDATE 53 DRM players DRM and virtual content distribution USA OMA DRM The Open Mobile Alliance unites most mobile telephony players. This consortium now develops technological specifications to make the various DRM systems used to distribute contents in mobile environments interoperable. Web site www.openmobilealliance.org Description Date founded: General Manager: Number of member companies: June 2002 Seth Newberry 200+ members (mobile operators, network operators, technology providers, service and content vendors) Founding members N/a Key points in development 2002 The OMA lays down the first guidelines for the DRM technical specifications. 2004 Approval of the OMA’s DRM 1.0 specifications in June. Elaboration of the OMA’s DRM 2.0 specification in July. Widevine Technologies, specialising in IT security, is the last company to date to have adopted the OMA’s DRM 2.0 standard for the whole of its product range (November) Objectives Content protection in a mobile environment The main aim of the OMA’s DRM is to ensure the protection of audio and video content from the illegal exchange of files on wireless networks. The main advantage of the OMA’s DRM model is that, unlike other existing solutions, it covers the concept of protecting the user’s identity. The OMA aims to establish several levels of protection according to the value of the content to be distributed. The priority of OMA members is to succeed in developing a system that is both fast to implement and easy to integrate. Technical specifications OMA DRM 1.0 The technical specifications named OMA DRM define standards aimed at making the various systems used by manufacturers and content distributors in a mobile environment compatible. The main technical specifications of the first version of OMA DRM are based on a set of documents that define: • • • • The language used to express digital rights (XML/ODRL) used to describe the permissions and restrictions related to the use of media objects affected by these rights The format of content for the media devices using this standard The IT architecture required The restrictions related to use of the OMA DRM system. 54 2005 Edition © IDATE DRM and virtual content distribution DRM players We can summarise these technical specifications with the following three characteristics: • “Forward Lock”: to limit and regulate the distribution of lower value content on P2P networks. Forward Lock is typically aimed at subscription based services (news or sports services, for example). The content is inserted into a DRM message distributed to the device. • “Combined Delivery”: specifications for content use on authorised periphery devices This method improves the Forward Lock by enabling control over content use. The DRM message includes content on the one hand and user rights on the other. • “Separate Delivery”: data encryption This method aims to protect high value-added content. It enables “superdistribution” which involves enabling content transfer, but without usage rights. Content is encrypted in DRM Content Format (DCF), using symmetrical encryption. The DCF provided content accompanied by a description of the type of content and notably the encryption algorithm. Data encryption Source: OMA OMA DRM 2.0 Compared to OMA DRM 1.0 specifications, OMA DRM 2.0 specifications, an open standard, improve the yield of audio and video content streams and ensure a secure, end-to-end solution (secure content distribution and device authentication). The technical specifications OMA DRM 2.0 mainly define the format and semantics of the cryptography protocol, messages and processing instructions, as well as the profiles of certificates of use, including ROAP (Rights Object Acquisition Protocol) messages. The transport processes used by the ROAP protocol are also described and the rights related to the user’s identity. Implementation approach Consortium’s action plan • • • Announcement of technical specifications. Participation in the definition of a legal business plan. Elaboration of various content protection models and technical solutions with respect to the specifications established. 2005 Edition © IDATE 55 DRM players DRM and virtual content distribution USA Trusted Computing Group The project initially developed by Intel, TCPA (Trust Computing Platform Alliance), and now called TCG (Trusted Computing Group) is a U.S. industrial alliance offering a set of material and software specifications with a view to creating an entirely secure PC environment. Web site www.trustedcomputinggroup.org Description Date founded: President: Number of member companies: October 1999 N/a + 200 software and hardware industry players (including AMD, Sony and Sun Microsystems) Founding members HP Compaq IBM Microsoft Intel Latest developments/ Key points 2000 Publication of first technical specifications. 2002 Commercialisation of the first PCs (IBM Thinkpad) incorporating a chip conforming to the TCPA standard based on the TCPA 1.1 technical specifications. 2003 The ex-consortium TCPA changes its name and becomes TCG (Trusted Computing Group) in April. 2004 Microsoft and IBM announce the 2005 launch of the new “LaGrande” chip. Objectives Hardware and software interoperability The objective posted by the TCPA consortium is to make software equipment and network protocol work together with a view to implementing a platform on which the flow of data is controlled. This platform will only operate with a certified operating system, which will execute certified applications. The cost of an annual subscription depends on the status of the member company: USD 50,000 for ”promoters” of the TCG (5 founding companies), USD 15,000 for “contributors” (a dozen companies) and USD 7, 500 for other companies (limited rights for the latter). Technical specifications TCPA chip TCPA provides a surveillance and alert component to insert in future PCs (set up of a chip card or a chip incorporated into the computer’s motherboard). The chip checks that the hardware and software components are on a “TCPA approved” list. The PC consequently functions in a hardware and software configuration that has been duly approved. The authority is then transferred to the surveillance software of the operating system (the Palladium software in the case of Windows). The chip then makes it possible to certify that the PC terminal uses authorised software (the existence of an authentication protocol with content vendors). 56 2005 Edition © IDATE DRM and virtual content distribution DRM players Conditions of access The technical TCPA specifications defining the set up of more restrictive access conditions for confidential documents (use by the army, for example). The big companies will also be able to have the same facilities, to make any denunciation of illicit practices more difficult. Hardware or software stamped with TCPA (now TCG) can also be aimed at securing electronic payment systems. Secure payments 2005 Edition © IDATE 57 DRM players DRM and virtual content distribution 2.3.2. Companies USA Adobe Systems Incorporated Adobe mainly targets the publishing sector, with its widespread Acrobat Reader software that is distributed free of charge. Its Content Server is a complete system for security and electronic book selling in the PDF Adobe format. Web site www.adobe.com Description Date founded: Employees: President and CEO: Founders and copresidents: 1982 Around 3,700 Bruce Chizen Dr. John E. Warnock Dr. Charles M. Geschke Major shareholders Institutional Senior executives 83% 2% Recent events/ Key points 1983 1993 1994 1995 1999 2001 2002 2004 First contract with an equipment manufacturer (OEM). Launch Adobe Acrobat. Acquisition of Aldus. Acquisition of Frame Technology. Acquisition of GoLive. Acquisition of Fotivia. Acquisition of Accelio. Partnership with GeoTrust to develop a document certification solution Acquisition of the French company OKYZ, specialising in 3D. NASDAQ ADBE Financial data Turnover Trend in turnover between 2001 and 2003 In billions of USD Turnover 2001 1.230 2002 1.165 2003 1.295 In the first three quarters of 2004, Adobe posted a turnover of USD 1.237 billion. Net profits/losses Trends in net profits between 2001 and 2003 In millions of USD Net profits 2001 205.644 2002 191.399 2003 266.344 In the first three quarters of 2004, Adobe posted a net result of USD 336.897 million. 58 2005 Edition © IDATE DRM and virtual content distribution DRM players Group’s business activities Software for electronic document exchange The intelligent document platform Adobe enables staff, clients and partners of companies to access information via the Adobe PDF format, a real standard as far as the secure exchange of electronic documents is concerned. The broad range of Acrobat products makes it possible to manipulate and simplify the exchange and creation of documents. Adobe server products make it possible to develop and accelerate main company activities, with everything from electronic forms to the creation and distribution of personalised documents. Adobe offers an extended range of tools aimed at facilitating the creation and publication of web content, a complete creation tool for web publishing, a web page design tool, a tool for creating virtual 3D worlds for the web, a tool for reading eBooks on the PC: a digital publishing solution for the protection, management and distribution of documents and electronic books etc. Adobe provides imaging and digital video products, including the omnipresent Photoshop software for touching up images. Via a professional platform complete with digital video, Adobe enables its clients to retouch, manage and share images and videos. Adobe offers a diverse range of digital video software, which notably make it possible to create graphic animations, DVDs, edit videos etc. Adobe has developed a certain number of technologies including: Corporate software Software for the design and publication of electronic documents Imaging and digital video software Technologies • • • • • Adobe Extreme: the most advanced implementation of the printing technology Adobe ; Adobe Portable Document Format (PDF): the de facto standard for the electronic distribution of documents Adobe PostCript: the standard in terms of printing technology Adobe printing drivers: access to PostScript from the desk top Adobe SVG Viewer 3.0: open standard for scalable vector graphics (SVG). Technologies developed Document manipulation Objective: to ensure the confidentiality of a document. Description: tool making it possible to manage access and the use of electronic documents. The main functions offered are as follows: Encryption of documents via a private or shared password, a PKI certification or keys based on authentication files attributing individual private access rights. Attribution of permission defining the uses allowed (reading, modification, printing, copying or sending). Management of access to and use of documents within a company. Auditing all the recipients of a protected document so that a record is made of each time that the document is read, copied, modified etc. Target: mainly companies Type of content: mainly text Terminal targeted: PC Soft (integrated or not in a company server) Online and Offline 2005 Edition © IDATE 59 DRM players DRM and virtual content distribution Electronic signature Objective: to ensure the integrity of content, its authenticity and its nonrepudiation. Description: tool making it possible to validate the identity of the person sending a document and to ensure that no one has altered the document after the former’s signature. The main functions are as follows: Signature of a document by its author or recipients. Validation of signatures via the use of digital certificates from specialist companies (ActivCard, Entrust, Verisign, etc.). Manipulation of the use of an electronic document thanks to certified signatures specifying the changes permitted to it. Automatic procedures of digital signatures and watermarks within a company. Target: mainly companies Type of content: mainly text Terminal targeted: PC Soft (integrated or not with a company server) Online and Offline Objective: protect, manage and distribute the publication of eBooks and electronic documents. Description: the digital publishing system Adobe Content Server 3.0 enables the publication and distribution of eBooks : Protection of copyright via 128-bit encryption. Use of the DRM EBX system. Attribution of rights for a certain period of time. Flexibility of rights that can be modified after a certain period of time. Target: mainly the publishing sector (libraries, publishers and vendors) Type of content: mainly text Terminal targeted: PC, eBook terminals Soft Online and Offline Secure electronic publication Strategic positioning Positioning in development Partnerships R&D, joint-development Adobe has formed several partnerships in the framework of its electronic signature solution, companies providing identity authentication solutions and document protection solutions compatible with Adobe Acrobat 6.0 products, including: ActivCard, Aladdin Knowledge Systems, Arcot, Aries Systems, Ascertia, Authentica, Betrusted, CIC, CoreStreet, Entrust, ERUCES, FileOpen Systems, GeoTrust, IBM, Identrus, ipsCA, Kontiki, Kyberpass, nCipher, RSA Security, Rainbow Technologies, SealedMedia, Silanis Technology, Valyd and VeriSign. 60 2005 Edition © IDATE DRM and virtual content distribution DRM players Norway Beep Science Beep Science is one of the main providers of DRM Mobile software servers and DRM Mobile client software. Web site www.beepscience.com Description Date founded: Employees: CEO: 2000 30 (November 2004) Jan Hule Hetle Major shareholders Private 100 % Recent events/ Key points 2001 Beep Science launches its first DRM product, a MMS content protection solution (“Fingerprinting” and “Watermarking” technologies). 2002 Beep Science launches its DRM solution “Content Policy System” with Norwegian and Italian operators. 2003 Beep Science joins the OMA consortium (Open Mobile Alliance) in June. Launch of the product OMA DRM Server in the month of July. The company joins forces with Netsize and offers a pan-European Mobile DRM solution in October. Netsize is to ensure the payment for rights thanks to its SMS Premium network. 2004 Beep Science joins the MEF (Mobile Entertainment Forum). A new product for managing rights for mobile telephony games is marketed in the month of October. Protection is based on the OMA DRM 2.0 standard. 2005 Beep Science and Certicom Corp. Join forces to offer a secure DRM solution. Certicom will be able to integrate it in its products and resell Beep Science’s software solution. This solution is based on 4 main components 4 (the product complies with DRM V1.0 and OMA DRM V2.0 specifications) : OMA DRM Server • • • • Content packaging Security management Licence management Licence distribution OMA DRM Server solution overview Source: Beep Science The OMA DRM Server solution enables operators (network operators, service and content providers) to set up various different business models in the commercial operation of mobile services (content protection and distribution, definition of rules of use and content sharing). 2005 Edition © IDATE 61 DRM players DRM and virtual content distribution OMA DRM client The client software (pre-installed or downloaded) operates on a fairly large number of terminals (telephone, PDA, set-top box, games consoles, portable terminals) equipped with Symbian, Linux, Palm OS or Windows Mobile operating systems. This offering is mainly aimed at equipment manufacturers and distribution platform providers. OMA DRM Client solution overview Source: Beep Science This technical solution is based on the OMA DRM V2.0 specifications (OMA V2 ROAP for licence acquisition and content distribution, OMA V2 REL for the reinforcement of licence use rules, OMA V2 DCF for content protection, OMA V2 DRM for sharing and exchanging content between terminals). Rich Media DRM Solution The combination of server/client software makes it possible to offer a secure end-to-end solution for music and video services on mobile telephones. Solution overview Source: Beep Science DRM for Mobile Games Latest offering to date made by Beep Science (October 2004): product of rights management for games for mobile telephones (based on OMA DRM V2.0 specifications). Solution overview Source: Beep Science 62 2005 Edition © IDATE DRM and virtual content distribution DRM players Strategic positioning Objective The Beep Science offering can be integrated regardless of the physical support in question (mobile telephone or PDA), regardless of the player used, the operating system chosen or the content distribution platform set up. The offering is independent of the very nature of the content distributed. Three types of partnership have been established by Beep Science so as to offer a complete, end to end secure solution: - Mobile DRM solution providers - Technology providers, - Integrators. Beep Science is a member of the OMA (Open Mobile Alliance), of the MEF (Mobile Entertainment Forum) and the DLNA (Digital Living Network Alliance). The DLNA, former name of the Digital Home Working Group founded in June 2003, aims to set up an interoperability standard between the various network equipment networks. The aim is to set up a standard both for sending and organising data (Digital Media Servers), as well as for data reception and processing (Digital Media Renders). The consortium now has 150 corporate members (including HP, Intel, Microsoft, Sony, Nokia, Samsung and Panasonic). Partnerships Consortium 2005 Edition © IDATE 63 DRM players DRM and virtual content distribution Denmark End2End End2End is a provider of service and content management solutions for mobile devices. Web site www.end2endmobile.com Description Date founded: Employees: CEO: Founder and president: 2000 N/a Soren Ravn Peter Langkilde Main shareholders Private (Draper Fisher Jurvetson ePlanet Ventures, HP and DB Capital Partners) 100% Latest developments / Key points 2000 DB Capital Partners invests USD 24 millions in End2End. 2002 End2end provides its server applications solution to Sonofon and Tele Denmark (primary clients). Second round: DB Capital Partners and HP Partners inject USD 24 million of capital into End2End. 2003 End2end adopts ODLR technology (OMA DRM standard). 2004 Sony Network Services launches Streaman, a new music downloading service for mobile in partnership with End2end. 2005 At the beginning of January End2end acquires 100% of shares in the company Migway. Group activities Mobile services solutions End2End offers a broad range of services related to connectivity (SMS, MMS), value-added services, content aggregation and service hosting. End2End also offers professional services: system integration, hosting management and content management. Range of services Source: End2End 64 2005 Edition © IDATE DRM and virtual content distribution DRM players Technology developed DRM solution The DRM solution is based on technical specifications OMA DRM V1.0 (Limitation and regulation of content distribution, rules of use, data encryption) supported by all mobile equipment manufacturers. The DRM technology developed by End2End enables mobile operators and content owners to integrally control content distribution on mobile devices. It supports all types of content (images, ring tones, java games and video clips). Strategic positioning Diversity of the solutions offering End2End offers a wide range of mobile services solutions to cater for the needs of service operators, mobile portals, audiovisual groups, content providers and other companies that are looking to launch content and data services for mobile devices. End2End currently deals with around 55 mobile service operators in over 20 countries. Europe is End2End’s main market. End2End is heavily present in Northern Europe (headquarters based in Denmark). The company also has offices in Germany and the UK. Mobile operators are End2End’s main clients: Orange Switzerland (Mobile PIM solution) Proximus (Content Delivery Solution) Sonofon Denmark (Content Delivery Solution, MMS Composer & Content Library, SMS Games & Alerts, Mblog) Swisscom Mobile (Content Delivery Solution) Telia (SMS Games) Vodafone Egypt (Content Delivery Solution) Vodafone UK (Content Management) End2End also acts on behalf of mobile portals, content producers, audiovisual groups, equipment manufacturers and technology providers. Business partners End2End defines and implements the architecture of mobile service solutions in collaboration with Hewlett Packard. The infrastructure set up is based on technology partnerships. In 2005, End2End acquired the company Migway (previously owned by TDC Mobile and LogicaCMG). Migway is a Danish virtual mobile operator that operates its own SMSC (Short Message Service Center). In its definition of technology architectures, End2End uses components from companies like BEA, Cisco Systems, Microsoft, SAS, Oracle, First Hop and Openwave. End2End is a member of the Open Mobile Alliance (OMA). Geographical presence Main clients Technology partners Consortium 2005 Edition © IDATE 65 DRM players DRM and virtual content distribution Belgium Info2clear Info2clear is a Belgian company based in the Netherlands, in the UK, in France and in Spain. It offers its clients, mainly in the media, support with the digital distribution of their contents (texts - articles, magazines and booksimages, music and videos). It offers them solutions based on technologies developed internally or by one of its partners, which include Streamcase. Web site www.info2clear.com Description Date founded: Employees: Vice-President: CEO Technical development: April 1998 N.a. Roland LOUSKI Anthony BELPAIRE Jan SPOOREN Major shareholders ABN AMRO Capital Belgacom CD Technicom Bruficom 65% 35% Recent developments / Key points 2002 In April the SecureAttachment solution was marketed. It is a solution for sending documents securely. In June Canal Z forms a partnership with Info2clear and Streamcase to provide a secure solution in the framework of content syndication. 2003 In December the Info2clear group simplifies its structure and reorganises its various activities within a single operational subsidiary, in this case the new company stock company Info2clear-SecureAttachment. 2004 In October, Certipost (joint-venture between La Poste and Belgacom), a provider of solutions securing electronic communications, acquires Info2Clear’s business activities. Group business activities EditorialSuite Commercialisation of a pay-per-view system and set-up of infrastructures to manage copying rights. Target: online periodical publishers Type of content: text Target device: PC, Mac and the internet DRM/TMP Online Digital Management of reproduction and of its billing. Automated management of copyright, conversion and digitisation of texts, encryption of content and digital right management and relations with online resellers. Target: eBook publishers Type of content: text Target device: DRM/TMP Online Digital Get-a-Copy eBookSuite 66 2005 Edition © IDATE DRM and virtual content distribution DRM players Secure Attachment Securing of confidential documents sent by email via a proprietary system called Secure Document Distribution (SDD). Target: companies Type of content: Target device: PC, Mac and internet DRM/TMP Online Digital Secure distribution of content for the music industry and distributors of online music. This application includes a service of secure content delivery, access to a data base of musical content for online resellers (CatalogueSource), technical support for promotions including download offerings. Target: music distributors Type of content: audio files Target device: PC, Mac and internet DRM Online Digital Online recording of works and management of reproduction rights. Target: authors and rights management companies Type of content: Target device: PC, Mac, Internet DRM Online Digital Get-a-Song Get-a-Seal Technology developed Get-a-Copy Get-a-copy is an internet infrastructure developed by Info2clear for the online sale of reproduction rights for all digital content – whether it be a newspaper article or a TV programme clip. Readers can obtain permission to reproduce a newspaper article on their web sites, in an email or in a corporate magazine, pay the copyrights due by credit card and receive the article. A specially adapted version of get-a-copy can also be used by content aggregators. Info2clear can integrate Get-a-copy in three ways: via an FTP server, a proxy server or a web service. Get-a-View offers a DRM solution aimed at content vendors, distributors and retailers. This technology is devoted to the distribution of books in an electronic form. DRM technology developed by Info2clear runs on different formats, of which PDF, LIT (Microsoft Reader), FUD (Franklin eBook Reader) are the most widespread. The vendor sends Info2Clear an unprotected "master". The Belgian company converts the file to the format desired and introduces its DRM. The retailer is notified by Info2Clear of the availability of the title and can sell the product. The retailer sells the products and receives payment for them. The retailer is invoiced by Info2clear according to the number of titles sold. Info2Clear provides the vendor with a sales report and the vendor invoices Info2Clear. Get-a-View 2005 Edition © IDATE 67 DRM players DRM and virtual content distribution Get-a-view payment process Source: Info2clear Strategic positioning Positioning in development Positioning in publishing Positioning in distribution Standardisation Interoperability Open source Partnerships Technology developer Software vendor Distributes itself and uses third party distributors. Benelux: Uitgeversbedrijf TIJD, Roularta Media Group, De Standaard, SOFAM, V.U.M. nv, Best of Publishing, Planet Internet, VNU Business Magazines, Lannoo, Globe Books, Generale Maatschappij, Concentra, Deloitte & Touche, World Online/Tiscali, Emerce, Allen Overy, Wegener Group, Bird & Bird, De Morgen, Mediargus, KanaalZ, EEBIC - Erasmus European Business and Innovation Center, Deloitte & Touche, Bird & Bird. France: Lavoisier, Numilog, Albin Michel, Flammarion, Bayard Presse, Presses Universitaires, Editions Coprur, J’ai Lu, E-theque/PNT, Les Echos, Le Seuil, Edition Du Sud Ouest, Actes Sud, Editions Bartillat, Musées Belghazi, Calligram, CID, Delagrave, Editions Delcourt, Editions Desclée de Browar, Editions Didier, La documentation Française, the Ecole des Hautes Etudes en Sciences Sociales, -Les éditions duFORUM, GIE Livre Diffusion, Harlequin (Hachette), Editions Hatier, Imprimerie Nationale, Interforum, JB Bailliere Sante, Les Belles Lettres, Libella, Editions Magnard-Vuibert, Editions de la Martinière (Groupe Latingy), Odile Jacob, Les éditions P.O.L., Réunion des Musées Nationaux, Editions Technip (French petroleum institute), Union Distribution, Indigo Publications and MédiasActu. Germany: Tagesspiegel, Rainer Hampp Verlag. United Kingdom: Forme Communications, Bird & Bird, Irish Examiner Scandinavia: The Copenhagen Post. Brazil: Valor, Agência O Globo. Singapore: Arthurs Books. USA: Adobe Microsoft, Adobe, UnifiedPost Franklin, Mobipocket, Overdrive, Streamcase, Partnerships Technological partnerships Participation in a consortium 68 2005 Edition © IDATE DRM and virtual content distribution DRM players USA InterTrust Technologies Corporation InterTrust does not sell its DRM technology to end users directly, but via a system of licences (commercial, business applications and equipment services) awarded to partners that offer commerce applications and services (content providers, applications producers, service providers etc.). InterTrust’s revenues come from the sale of licences and technical support. Its intellectual properties cover DRM and DPM (Digital Policy Management) as well as secure calculation. The firm holds 31 U.S. patents including 26 that are directly linked to DRM and over 100 world patents pending application. Web site www.intertrust.com Description Date founded: Employees: Vice President and CTO: Vice President: CEO: 1990 35 David P. Maher Michael MacKay Tala G. Shamoon Major shareholders Institutional Executives % % Recent events / Key points 2001 In April InterTrust (Sunnyvale – California) files charges for the first time against Microsoft (the second round of charges will be filed a year later), which it accuses of stealing 4 of its licences (then 11 in the second charge) to develop a DRM solution integrated in most of its products. 2002 In May Sony acquires the right to use its products from InterTrust, as well as some of its past, present and future licences. 2003 Fidelio Acquisition Company, in which Royal Philips Electronics and Sony Corporation of America own shares, acquires InterTrust for a total of USD 453 million. 2004 In April, after three years of legal proceedings, Microsoft and InterTrust reach an agreement. The software giant agrees to pay InterTrust USD 440 million to drop the legal charges against it. Furthermore, the agreement also enables Microsoft clients to use Microsoft products and services as normal, without acquiring an InterTrust licence. 2005 Intertrust is at the root of the “Marlin Joint Development Association” in partnership with Philips, Matsushita/Panasonic, Sony and Samsung, whose aim is to establish an open-source DRM system. NASDAQ ITRU Financial data The company’s turnover in 2001 totalled USD 8.4 million. Group business activities Management of internet services Protection of software integrity References and signature of pilots It is a question of protecting and managing digital applications and content, regardless of their location, use and movements. InterTrust offers a solution that authenticates software and their integrity. It authorises their use or non use and defines the rules of use. InterTrust sets up a solution that enables an operating system to authenticate the integrity of executable files as the pilots of peripheral devices. 2005 Edition © IDATE 69 DRM players DRM and virtual content distribution Online management of supply channels This activity is targeted at companies. It involves integrating and/or imposing rules of access and use on information distributed via a network. The company can define new rules on content sharing and, for example, condition and secure a peer-to-peer service. It is a question of enabling companies, and notably content vendors to implement and impose rules of use, regardless of the content, the type of information or the application in an environment with a firewall or a virtual private network. It is a question of automating transactions between companies such as authorisation management, purchases, verification requests, reporting of order cancellation and stock levels. This regards the set up of automatic verification and reporting with regard to operations or the use of data bases according to pre-established rules of compliance. This involves managing access authorisation and/or content transport for a user. For example, a company manages access to corporate information by its employees located at different geographical sites via a portal. InterTrust has a team of engineers and scientists that work on DRM technologies and secure calculations. InterTrust is active in standardisation. Manage media content and company information Operations between companies Compliance Portability of rules R&D Technologies developed InterTrust applications DRM Commerce Platform: InterTrust Commerce Edition includes software systems, development tools and the applications necessary to build, deploy and manage digital commerce applications. This offering also includes a system for corporate information. Commerce Applications: PowerChord enables artists and distributors to set up rules of commerce and offer the security conditions necessary for music distribution. Trusted Publishing offers a commerce system for “eeditors.” Rights/System: Rights/System software targets devices other than the PC. InterTrust Rights/PD is a DRM platform for portable devices, decoders and the Win CE operating system. This software enables the secure distribution of music. Inter Rights/Phone offers the same type of service for mobile telephony systems. All of the applications mentioned are available on the DRM commerce platform. Technological bases • • • • • • • • • Methods and systems for encoding and protecting data using digital signature and watermarking techniques. Obfuscation techniques for enhancing software security. Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management. Systems and methods for secure transaction management and electronic rights protection. Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels. Systems and methods using cryptography to protect secure computing environments. Trusted and secure techniques, systems and methods for item delivery and execution. Techniques for defining, using and manipulating rights management data structures. Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information. 70 2005 Edition © IDATE DRM and virtual content distribution DRM players Technology bases Target: U.S. film studios, independent video producers, music labels, cable and satellite network operators, set-top box and PC manufacturers, software vendors and distributors and companies. Type of content: all content. Device targeted: InterTrust solutions cover web-based content, wireless devices, distribution via cable and on hard copy supports. Strategic positioning Standardisation Partnership Participation in a consortium Active Microsoft Intertrust is a founding member of the Coral consortium created in October 2004. Intertrust has also been a member of the “Marlin Joint Development Association” since the beginning of 2005. The first technical specifications developed by the “Marlin JDA” (scheduled to appear in the second half of 2005) will be entirely compatible with those developed by the Coral consortium. 2005 Edition © IDATE 71 DRM players DRM and virtual content distribution USA Macrovision Macrovision has a large portfolio of patents in the domain of DRM. Its solutions are targeted at all professionals, mainly from the music, video and software industries, that want to protect their content from fraudulent usage. Macrovision provides them with the means to commercialise, distribute, manage and protect their video, audio and software content: solutions for content protection, electronic software licences and DRM. Web site www.macrovision.com Description Date founded: Employees: CEO: President: CFO: 1983 350 William Krepick John Ryan Ian Halifax Major shareholders Institutional Senior executives 86% 14% Recent events / Key points 2001 Acquisition of major patents of the company AudioSoft International, a developer of protection technologies aimed at the music industry. Acquisition of key patents, linked to content security and software, of the MediaDNA company, a new entrant in the DRM market. 2002 Attribution of a patent in the USA for a method of protection for CD copying. Creation of a unit for technologies for the music industry. Acquisition of Midbar Ltd. For USD 25 million, an Israeli company developing technologies for controlling copies for the music industry. Its technology (Cactus Data Shield) was adopted by BMG, Universal, Virgin, EMI etc. It is present on 45 millions audio CD. 2003 Launch of its CDS-300 protection and DRM solution for music CDs. Reorganisation into 2 units: “Entertainment Technologies Group” mainly responsible for video and audio content technologies and “Software Technologies Group” mainly responsible for software protection technologies. Finalisation of the acquisition of the DRM and anti-copying facilities of the company TTR Technologies. Attribution of a patent to Japan for a method of CD copying protection. Launch of the 3.1 version of its SafeDisc solution aimed at protecting CDs and DVD from illegal copying. 2006 Macrovision launches RipGuard DVD, and autonomous system for the protection of DVD content. NASDAQ MVSN Financial data Turnover over 3 years Trends in turnover between 2001 and 2003 in millions of USD Turnover 2001 98.813 2002 102.262 2003 128.346 72 2005 Edition © IDATE DRM and virtual content distribution DRM players Net profits Trends in net profits between 2001 and 2003 in millions of USD Net profits 2001 19.185 2002 12.089 2003 29.696 Group business activities Protection of video content Provision of solutions aimed at preventing the unauthorised duplication or distribution of video and multimedia content protected by copyright: video content stored on DVD and VHS cassettes or distributed via a VOD service or PPV. Main market segments: film studios, cable and satellite TV platform operators and manufacturers of consumer devices and PCs. Supply of DRM solutions and the control of copying. Major market segments: music labels. Supply of an integrated suite of tools enabling protection, distribution and the promotion of video games in a secure environment. Main market segments: software and video game developers and vendors. Management platform for software licences commercialisation and distribution of software. Main market segments: software distributors. facilitating the Protection of musical content Protection of video games Software protection Technologies developed CDS technology (flagship) Objective: this DRM solution aims to prevent the duplication of music CDs whose content is protected by copyright. Description: the CDS module is installed between the module for data processing and the laser recording system. The CDS processor protects the content of a CD that is subject to copyright while preserving its audio quality. Based on several technology patents, CDS technology prevents the copying of CDs. It is integrated in the disk on manufacturing and does not require any special changes prior to the master phase. It can therefore apply to a catalogue in the process of being made up or already constituted. Three different technology levels are available: CDS-100, CDS-200 and CDS-300. • CDS-100 technology enables a playing of CDs on standard audio players, but restricts their playing on PCs, as well as their copying and digital compression in other formats (like MP3 type files, for example). This solution is especially well-adapted for distributing musical tracks to journalists or the testing phase prior to marketing an album. CDS-200 technology enables the music CDs to be played on standard audio players as well as PCs, while enabling rights holders to protect their content from unauthorised copying onto a PC and/ or the recording of CDs and swapping of music files on the internet. Thanks to this technology, music files are protected and compressed to secure playing on PCs: the files can only be read from an initial CD via a special secure player and cannot be the object of a copy on the hard disk. It also makes it possible to limit the digital compression of these files in other formats (of the MP3 variety) and their digital copying onto CD players. This technology is integrated during the fabrication of the master. • 2005 Edition © IDATE 73 DRM players DRM and virtual content distribution CDS technology (flagship) • The most advance version of this technology is CDS-300, which enables the compatibility of music files with thousands of different players. This new version notably incorporates Microsoft Windows Media DRM for PCs and compatible portable terminals. It enables several levels of security by forbidding piracy and the sharing of music files on the internet, while authorising users to make a limited number of copies for their own PC. Target: U.S. film studios, independent video producers, music labels, cable and satellite network operators, manufacturers of set-top box and PCs, software vendors and distributors and companies. Type of content: audio Device targeted: PC and CD players DRM/TMP Soft Online and Offline Analogue/Digital SafeDisc technology Objective: the protection technology SafeDisc aims to prevent the illegal copying of CDs and DVDs. Description: SafeDisc is an encryption and digital signature tool for CDs and DVDs to prevent unauthorised copies. Content is initially encrypted by the vendor with SafeDisc technology. When the master is recorded an electronic signature associated to the content is added. The content of the CD or DVD replicas of the master for consumers is thus encrypted and is subject to an electronic signature. When one of these CDs or DVDs is going to be launched on a PC, the authentication process will identify the electronic signature and read the disc if it is the original, but will not be able to read it if the disc is a copy. Target: video games developers and vendors, music labels, films studios and cable TV and satellite platform operators. Devices targeted: PCs, stereos, portable devices and DVD players/recorders. DRM/TMP Soft Offline Analogue/Digital Objective: now a real de facto standard, this solution makes it possible to maximise all the post-development phases of a piece of software such as packaging, installation, licence attribution and improvements. Description: FLEXnet products enable software distributors to manage the electronic licence attribution process related to software use. For user companies they enable optimisation of expenditure on software, a drop in the cost of administrating licences and a reduction in the risks of non conformity with software. The FLEXnet Publisher product offers the following functions: FLEXnet Publisher technology • • The software protection system obliges users to register before first using the product (this registration can be managed internally within the company or externally by the software vendor). Additional levels of security are available such as machine authorisation, encryption and anti-piracy technologies. The terms and conditions for software users can be easily changed and electronically reinforced: the same file can thus be used for a demonstration, an evaluation, a standard or premium version of the software. 74 2005 Edition © IDATE DRM and virtual content distribution DRM players FLEXnet Publisher technology • • • Digital distribution of secure products and independent of the media used, which enables a reduction in costs. A wide range of modes of flexible, sophisticated and configurable licences (subscription, rental, demonstration, improvements etc.). Automation of typical licence management activities. It is accompanied by the FLEXnet Manager module that notably enables the administration of licences and their real time manipulation. It also includes software management tools for companies. Targets: software and PC distributors and their client companies. Target devices: PC DRM/TMP Soft Online and Offline Digital. Watermarking Objective: establish a digital video copyright protection including bilateral watermarking solutions set up partly on an IT equipment level for consumers and partly on a digital video content level. Description: Macrovision, Digimarc, Hitachi, NEC, Philips, Pioneer and Sony have joined forces to offer a common global watermarking solution: these companies form Video Watermarking (VWM) Companies. This watermarking technology is designed to protect video content on DVDs, video cassettes, cable or satellite transmissions and internet, illicit copies that can be recorded on DVD, DVHS, PVR or multimedia PCs. Targets: U.S. film studios, independent video producers, music labels, cable and satellite network operators. Target devices: PC, PVR, DVD players/recorders DRM/TMP Soft and Hard Online and Offline Analogue and digital. Macrovision produces a solution for analogue content protection. RipGuard DVD is a solution for controlling digital copies of DVD videos. This solution is directly integrated in the DVD and requires no addition of software or equipment to PCs, DVD players or burners. This arrangement is supposed to prevent any copying of the DVD on a computer, by neutralising duplication software. The combination of ACP and RipGuard DVD provides full protection of DVDs against piracy (analogue and digital). RipGuard DVD was launched in March 2005 and should be available worldwide by the end of 2005. Macrovision must be paid for a licence to RipGuard. ACP technology RipGuard DVD and ACP Strategic positioning Positioning in development Partnership R&D, joint-development. Macrovision is based on partnership with rights owners, providers of technology, services and device manufacturers. The partnership strategy is particularly important for FLEXnet products. Partners integrate FLEXnet in their products and provide their services in the framework of the Macrovision licence management platform to provide clients with a global solution. They mainly belong to the following business sectors: publishing infrastructure providers, corporate solution providers, consulting service providers and the implementation of solutions for companies. 2005 Edition © IDATE 75 DRM players DRM and virtual content distribution USA Microsoft Microsoft incorporates the DRM issue into the majority of its products from Windows to Office, via .NET, Windows Media Player, the development tools and architecture of the future secure PC (NGSCB project and exPalladium). Web site www.microsoft.com Description Date founded: Employees: President: CEO: 1975 57,000 (June 2004), including 37,000 in the USA Bill Gates Steven Ballmer Major shareholders Institutional Senior executives 14 % 55 % Recent events/ Key points 2002 The Californian company Liquid Audio, specialising in DRM products, sells its patents to Microsoft for an estimated total of USD 7 million. Microsoft incorporates XrML as the technical infrastructure of its new DRM tool Windows Rights Management Services. 2003 Start of the trial that opposes Intertrust and Microsoft. The former accuses Microsoft of illegally using 11 of its patents regarding DRM technology, which are present in several of the latter’s software programs. Microsoft unveils the first technical specifications of its IT security technology “Palladium,” developed since 1998 in its laboratories. This technology should not be incorporated into Windows before 2005. 2004 The European Commission conducts an inquiry into the plan for a joint takeover bid by Microsoft and Time Warner of the U.S. company ContentGuard, specialising in the development and granting of licences to intellectual property rights for the digital support. Brussels guesses that Microsoft’s position could become dominant in the DRM solutions market. Microsoft launches its online music portal MSN Music in the U.S. market in September. Launch of the latest version of Windows Media Player 10 in September, incorporating the Windows Media DRM 10 technology (christened “Janus”). The competition department in Brussels suspends the inquiry into plans by Microsoft and Time Warner to acquire ContentGuard, in spite of the announcement of Thompson’s acquisition of a third of ContentGuard’s shares. 2006 ContentGuard files charges against its two shareholders Microsoft and Time Warner, accusing them of licensing its DRM patents to third parties without paying it the royalties due. NASDAQ MSFT 76 2005 Edition © IDATE DRM and virtual content distribution DRM players Financial data Turnover over three years Trends in turnover between June 2002 and June 2004 In millions of USD Turnover 2002 28 365 2003 32 187 2004 36 835 Net profits over three years Trends in net profits between June 2002 and June 2004 In millions of USD Net profits 2002 5 355 2003 7 531 2004 8 168 Group business activities Microsoft’s DRM activities Microsoft is developing new DRM technologies internally (such as “Janus”) or uses existing technologies (Content Guard’s XRML), which it subsequently incorporates in some of its software products. Technologies developed Windows Media DRM 10 Objective: the technology platform Windows Media DRM 10 is a system for the encryption of digital data and audio/video content. This content protection technology, called “Janus”, is directly incorporated into the multimedia player developed by Microsoft, the Windows Media Player (latest version to date Windows Media Player 10). Description: content must obligatorily be compressed into Microsoft’s proprietary format (Windows Media Audio or Windows Media Video) in order to be played by the multimedia players Windows Media Player. Once the content has been compressed by content vendors, the file is subsequently encrypted with a 128 bit encryption key and also given an internet server address. When an internet-user downloads this encrypted file, s/he simultaneously acquires a user licence defining his/her rights to use the file. These rights are set by the rights owners (production companies, record majors), or by the content distributors themselves (online downloading service. The system therefore makes it possible to define the duration of listening or viewing and the use of the file (number of possibilities of reading the file). The licence acquired by the internet user can thus be broken down as: A “root” part that defines general access rights to files A “sheet” part that specifies the individual rights for each type of file. There are as many “file” licences as files downloaded, but all are linked to the same “root” licence. The end user must acquire the licence to authorise decryption of the file. “Janus” primarily makes it possible to manipulate the use of content downloaded via the internet. In fact, “Janus” integrates the synchronisation technology “Auto Sync” that enables the multimedia player Windows Media Player to communicate with mobile devices such as MP3 and video players. This DRM technology makes it possible to manage “temporary” rights on any mobile device (with a limited lifetime) downloaded in the framework of online music services by subscription. Users that subscribe can download as many tracks as they like, with a validity that has a limited lifetime. The advantage offered is access to all music files without being connected to the service online. 2005 Edition © IDATE 77 DRM players DRM and virtual content distribution Analysis of 4 possible scenarios of using digital contents incorporating Windows Media DRM 10 technology: • File downloading via the internet The files downloaded are encrypted and can not be directly consulted (licence of use specifying rights: the number of consultations authorised, the expiry date etc.) • Consultation on a computer Each time it is used, the Windows Media Player links the licence to the document before authorising or refusing to open it. • File swapping on the internet When transferred to the internet, the file is encrypted. Once the file arrives at its destination, the recipient computer connects to the licence management server to authorise or refuse playing of the file. • File transfer to mobile devices The computer initially checks the possibility of transferring a file to a mobile device against the licences on the management server, and subsequently transfers them to the mobile device. Primary targets: audio/video content vendors, audio/video player manufacturers, mobile device and walkman manufacturers (with the exception of Apple, of course), online music services by subscription Type of content: audio and video Target device: PC and digital walkman NGSCB project (ex-Palladium) The Microsoft initiative, initially called Palladium, and now called NGSCD (Next Generation Secure Computing Base), is aimed at protecting content transiting on computers with a specific chip, via validation with servers that have a control key, associated with licences purchased by the user. This chip contains digital encryption keys and data that make it possible to identify the devices. A software module that could be incorporated into future versions of the Windows operating system, will ensure the certification of this software. The DRM implementation is located at a BIOS level (Basic Input Output System), software embedded in the mother card, which enables the various components of the computer to communicate between themselves. NGSCB should be implemented in the future version of Windows, Longhorn. NGSCB is therefore a software, and above all material architecture. NGSCB should come into effect with the future version of Windows, which is called “Longhorn” for the moment. The launch date for “Longhorn” is scheduled for 2006 (it was initially announced for the end of 2004/beginning of 2005). There is even talk of a 2008 launch. Nothing has been fixed for certain yet. ContentGuard, a start-up created by Xerox, is a U.S. company that has a number of patents based on DRM principles, and notably the XrML standard (www.xrml.org). The implementation of DRM rights on audio and video files is carried out by an XML type language. The rights to a file are consequently included in the metadata of this file. XrML (eXtensible Rule Markup Language) a has notably been adopted by the MPEG (Moving Pictures Experts Group) as the reference infrastructure for its own DRM system, adapted to the digital compression that bears the same name. Other consortia such as OASIS or Content Reference Forum are also interested in the XrML proprietary standard. ContentGuard has sold a large number of its patents to other companies including Microsoft and Sony under licence. Microsoft has incorporated XrML into its DRM Windows Rights Management Services. ContentGuard and XrML 78 2005 Edition © IDATE DRM and virtual content distribution DRM players Windows Rights Management Services Microsoft applies a DRM system (Windows Rights Management Services) in files produced by the latest version of its Office 2003 suite. This new version of the office software suite has functions making it possible to lock certain documents, for example. If they wish, users can specify who can open or modify a Word text or Excel table. It is also in a position to prevent the copying or printing of a document, and to give it an expiry date. In order to function, this Microsoft DRM software system needs the server software Windows Rights Management Services, which is only free for Windows Server 2003 users. Strategic positioning R&D positioning Among Microsoft’s 57,000 employees, 24,000 are involved in research and development activities (or over 40% of the company’s total staff). Microsoft is working on a certain number of patents internally, but is primarily looking to acquire existing patents from specialist companies. By acquiring Liquid Audio in 2002, Microsoft became the owner of its DRM technologies, but also of its secure distribution technologies for content protected by intellectual property rights. Microsoft’s DRM model is notably based on the principal of cascading licences. A content provider can effectively establish a global licence (“root” licence, as well as finer licences (“sheet” licences) for different types of files. This model makes it possible to multiply the options for commercialising and distributing content. This DRM system finally offers effective management of subscriptions. Microsoft is opting for a marketing strategy that offers users the opportunity to download a limited number of files that can be freely copied onto CDs or portable devices, in exchange for the payment of a monthly, renewable subscription. With the new version of Windows Media Player including Windows Media DRM 10, Microsoft is responding to its rival Apple and the success of its online paying music platform iTunes. To give itself the best chance possible, Microsoft has enlisted the support of various players from the online music and video markets in order to impose its own formats (Walt Disney, AOL, the manufacturers DELL, HP, Sony, Samsung, Toshiba and some online distribution platforms such as Movielink, CinemaNow, Napster and MusicNow). So that “Janus” can be potentially used on all market devices, Microsoft has chosen to sell manufacturers its player software Media Player, by detaching it from the Windows operating system. The next version of the Windows Mobile software should be equipped with Windows Media DRM 10. Microsoft will propose that third party software vendors embed its DRM technology in order to ensure that it is carried by the Symbian and Palm operating systems and to thus enable smartphone devices to acquire the rights to an audio/video file without recourse to a PC. Microsoft’s complete solution has the disadvantage of requiring the whole of the content protection chain (digitisation, encryption, playing) to be entirely conducted using Microsoft software (100% proprietary solution).* With this project Microsoft is going even further. Current DRM techniques are based purely on the software functions whereas this project is designed for an environment in which equipment will be recognised, identified and secured (the BIOS should be based on the CSS, Core System Software, by the company Phoenix). Acquisition of existing patents and technologies Model for “cascading” licences 100% proprietary solution Ambition of NGSCB project 2005 Edition © IDATE 79 DRM players DRM and virtual content distribution UK New Digital System (NDS) A 100% subsidiary of the audiovisual group News Corp, the British company NDS (News Digital Systems) is a provider of access control systems (VideoGuard) and digital solutions. NDS notably develops mobile DRM solutions. Its applications software and interactive TV solutions will not be dealt with in this case study. Web site www.nds.com Description Date founded: Employees: CEO: 1999 1773 (September 2004) Abe Peled Main shareholders Institutional Senior executives 14 % 78 % Latest developments/ Key points 1999 Creation of the entity NDS Group. 2003 NDS Group acquires the interactive software “MediaHighway” from Thomson Multimedia. 2004 In February, NDS announces the incorporation of OMA DRM 2.0 specifications into the mVideoGuard product. Presentation of the “SVP” alliance at the IBC trade fair uniting NDS, STMicroelectronics and Thomson and aiming to develop a standard for content protection. 2005 NDS integrates the technical specifications OMA DRM 2.0 with TrustZone software by ARM (API) to provide a mobile DRM solution. NDS offers a solution that protects content on DVB-H networks (digital terrestrial distribution networks for mobile and portable devices) using mVideoGuard technology. NDS signs an agreement with Intel to incorporate its processors in the mVideoGuard solution. NASDAQ NNDS Financial information Turnover over three years Trends in turnover between 2002 and 2004 (on June 30th) In millions of GBP Turnover 2002 240.7 2003 237.2 2004 220.5 NDS is mainly present in the USA, the UK, Israel and the Asia-Pacific region. Net profits/losses over three years Trends in net profits/losses between 2002 and 2004 (on June 30th) in millions of GBP Net profits 2002 30.6 2003 26.0 2004 18.4 80 2005 Edition © IDATE DRM and virtual content distribution DRM players Group activities Conditional access system The primary activity of the NDS group is the provision of conditional access systems under the brand name of VideoGuard. NDS has a minor presence in providing interactivity software with its software NDS Core. The conditional access system VideoGuard targets all TV platforms (cable, satellite and terrestrial), as well as all fixed and mobile telecommunications networks. VideoGuard is currently deployed in over 44 million set-top boxes. Synamedia is a secure broadband architecture, a real platform facilitating the management of all IP triple play services. The Synmedia architecture incorporates the interactivity driver VideoGuard. Synamedia offers complete content protection and a DRM solution for the IP world (digital TV, Video On Demand, Electronic Program Guides, Personal Video Recordings, user authentication, Pay Per View). The mobile DRM solution “mVideoGuard” incorporates the OMA DRM 1.0 and OMA DRM 2.0 standards. This end-to-end secure solution protects all type of contents (music, video, MMS, ring tones, games, applications) that can be distributed in different ways (downloading, streaming, multicasting, broadcasting etc.). It notably uses all key NDS technologies in content protection, data encryption, DRM and content customisation. Security/broadband solution Mobile DRM Technologies developed VideoGuard The conditional access system VideoGuard incorporates various components: • • • Secure Video Processor (SVP) A software module directly installed on special servers for the TV platform. This module notably controls the management of the TV platform and the invoicing system. A component incorporated within the set-top box system enables the reading of the TV signal. A chip enabling user authentication. The “SVP” alliance aims to transform the development of SVP that has been conducted internally for many years by NDS, STMicroelectronics and Thomson into a standard for content protection. SVP is an end-toend system aimed at enabling content protection on all pieces of consumer equipment. The core of the technology is a blockade of electronic gates that can be easily built into all of the integrated circuits for signal processing used by the various devices. Each block will be individually identified by a unique certificate (with the exception of network certificates that will have a special status since the same device can be used to access several networks or services). The access and content control parts (DRM) will be separate, making it possible to use several types of DRM via a single access control. SVP is an open specification available to all under non-discriminatory conditions. The U.S. satellite platform DirecTV is the first to use this technology. 2005 Edition © IDATE 81 DRM players DRM and virtual content distribution Strategic positioning Positioning in development The NDS group’s employees include 900 staff working on R&D (mainly in China, Israel, Denmark, France, India, South Korea and the UK). NDS is primarily a vendor of IT services solutions. NDS is active in the field of MHP, as well as in OCAP developments in the USA. NDS solutions conform with the standards: Positioning in publishing Standardisation • Partnerships DOCSIS, DVB, MHP, OpenCable, OCAP. The conditional access system VideoGuard is incorporated into several pay TV platforms worldwide, with which NDS has formed partnerships, including : • BSKYB (UK), Cablevision (USA), DirecTV (USA), FOXTEL(Australia), Sky Italia (Italy), Viasat (Scandinavia), SkyLife (South Korea). NDS is working closely with broadband technology providers on the integration of the secure system “Synamedia” : • IP Set-top boxes (Amino, Kreatel, Pace, Samsung), programme guides (Alcatel, Orca Interactive), VOD services (Alcatel, Concurrent, nCube, Kasenna, SGI). Participation in a consortium NDS is involved in several consortiums including the OMA (Open Mobile Alliance) and SVP. The latest consortium to-date, InspireD, is a chip card consortium founded in September 2004, led by Gemplus and financed by the European Commission. All aspects of the chip card will be studied, including the platform of the component in silicium, the encoding and protocols of authentication and security for data protection, the operating systems and the software application levels. 82 2005 Edition © IDATE DRM and virtual content distribution DRM players USA Overdrive Overdrive is a vendor of non-proprietary DRM solutions for the electronic publishing sector (management of electronic rights, management of content in all formats of electronic books). The U.S. company is also a leader in Open eBook (OEB) design and XML. Web site www.overdrive.com Description Date founded: Employees: CEO: 1986 N/a Steve Potash Main shareholders N/a Latest developments/ Key points 2000 Overdrive becomes an international deployment partner for the Digital Asset Server products of the Microsoft Corporation. 2001 Overdrive announces a partnership with the Scandinavian services company Autotext. Overdrive launches the Content Reserve service. 2003 After acquiring Reciprocal, Overdrive re-launches the activities of the latter via a subsidiary. Reciprocal’s DRM offering is mainly based on the Microsoft Windows Rights Management Services solution. 2004 Overdrive launches the OverDrive Audio Book solution. Activities DRM One of the main activities of Overdrive is vending tools and digital rights management services for the electronic publishing sector. The company also offers the secure hosting of electronic book shops and the management of digital rights in the framework of its range of personalised MIDAS services. Overdrive offers tools for creating electronic books: Service and utility free online and accessible directly via its internet site ReaderWorks Publisher, for the commercial design of electronic books ReaderWorks Software Developers Kit, for the automatic production and creation of electronic books based on web sites. Overdrive Content Reserve is a wholesale electronic book-selling service. Electronic book creation Overdrive Content Reserve Technologies developed Overdrive Midas Overdrive incorporates the Adobe Content Server solution into its DRM solution: packaging, protection and content security for the distribution of electronic books in a PDF format in an internet environment. 2005 Edition © IDATE 83 DRM players DRM and virtual content distribution Overdrive Audio Book This solution is a distribution and management platform for digital audio catalogues based on the Windows Media Player architecture by Microsoft. It enables users to download, listen to and manage audio digital content. The publishers, resellers and electronic book stores using this solution include Fictionwise.com, WHSmith Online, eFollett.com, King County Library System, Cleveland Public Library etc. The audio catalogue can be read on PC devices, copied onto CDs and transferred to portable devices (Pocket PC, Smartphone, MP3 players supporting the Windows Media format). Strategic positioning Digital publishing technology The digital publishing technology developed by Overdrive enables it to offer solutions to publishers, as well as offering web sites retailing electronic books the option of hosting these books securely and to re-sell these digital goods. Three key technology partnerships are: Microsoft, Adobe Systems and Mobipocket Overdrive grants licences for its technology and provides services for several companies Overdrive has effectively formed over 450 editorial partnerships, notably with AOL Time Warner, HarperCollins, Random House, McGraw-Hill, Scholastic, John Wiley, Planeta, iUniverse, Versaware. The main re-seller partnerships include: Autotext, Adobe Digital Media Store, Sony Clie, eBookExpress.com, OfficeMax, WHSmith, eFollet.com Autotext, for example, is an authorised distributor of Overdrive’s ReaderWorks software products in the Netherlands and Scandinavia. All of these partnerships enable Overdrive to be present worldwide. Overdrive is the main member of the Open eBook Forum. The Open eBook Forum initiative made it possible to prepare (without successfully imposing) a universal eBook format. A group of independent experts is now continuing to work on the Open eBook Forum. These experts are effectively looking to impose a new standard, called OpenReader (an open, non-proprietary format based on XML technology). OpenReader hopes to become an alternative to the proprietary PDF format that currently dominates the electronic book industry. Overdrive is also a member of the American Library Association (ALA) and the Audio Publishers Association (APA). Technology partnerships Publishing partnerships Re-seller partnerships Consortium 84 2005 Edition © IDATE DRM and virtual content distribution DRM players The Netherlands Philips Electronics Royal Philips Electronics is one of the oldest producers of consumer electronic products in the world. Since the end of the 1990s Philips has established itself as a world leader both in the field of production and of digital technologies. Web site www.philips.com Description Date founded: Employees: 1891 161 586 at the end of 2004 (including 35,116 for Philips Semiconductors) Gérard Kleisterlee President: Main shareholders N/a Latest developments / Key points 2002 Philips and Sony acquire Intertrust in November. Philips injects EUR 100 million to take a 49.5% share in Intertrust. 2005 At the beginning of January, Philips works with HP to create a new DRM technology called the Video Content Protection System (VCPS). At the same time Philips, in partnership with Sony, Samsung, Intertrust and Matsushita, announces the launch of an Opensource DRM solution (“Marlin JDA”). Philips Software and Safenet join forces to launch a secure DRM solution for mobile applications. Financial information Turnover over three years Trends in turnover between 2002 and 2004 in millions of EUR Turnover 2002 31.82 2003 29.03 2004 30.31 Net profits/losses over three years Trends in net profits/losses between 2002 and 2004 in millions of EUR Net profits/losses 2002 -3.20 2003 0.69 2004 2.83 DRM activities Philips Software Philips Software is an entity specialising in the creation of innovative multimedia solutions, connectivity and security solutions for mobile and portable equipment manufacturers. Philips Software is at the root of the Trust V2 DRM developed at the beginning of 2005. Philips Digital Networks is a department of Philips Consumer Electronics, one of the divisions of Royal Philips Electronics. Digital Networks plays a major role in the provision of digital content via the television and the internet. This entity is involved in the manufacture of decoders and the elaboration of digital television systems. Philips Digital Networks 2005 Edition © IDATE 85 DRM players DRM and virtual content distribution Digital Networks is also involved in the development of technologies such as media streaming in the MPEG-4 format, the supply of secure content, intermediary equipment and applications for digital TV. Digital Networks notably produces the solutions Cryptoworks and WaterCast (a watermarking solution developed by Philips). Technologies developed CryptoWorks DVB The conditional access system Cryptoworks is based on an open standard used in IP and DVB networks (available in a satellite, cable and telecoms environment). Two technical solutions are therefore available: CryptoWorks IP Conditional Access, CryptoWorks DVB. The Cryptoworks technology is based on a management system of public and asymmetric keys (most conditional access systems being based on a system of symmetric keys). Cryptoworks is currently used by over 60 operators worldwide. Trust V2 is a DRM agent that conforms entirely to the OMA DRM V2.0 standard, which ensures a high level of security and supports flexible models of use such as content sharing. Trust V2 has designed to enable the supply and secure management of content such as music and video in a mobile environment. Since the beginning of 2005 the Trust V2.1 solution has incorporated the security software SafeZone published by Safenet. The software SafeZone is a security platform for several types of applications (digital rights management, e-commerce, anti-copying solutions etc.). The entire platform enables the authentication, management of keys and secure decoding of the content protected. Trust V2 La plate-forme de protection Trust de Philips Source: Philips VCPS VCPS, Video Copy Protection System, is an anti-copying measure developed by Philips and Hewlett Packard, announced at the beginning of January 2005. VCPS is an encoding system incorporated into the digital video flow that completely prevents playing or recording without legal authorisation. It is absolutely necessary to have a VCPS compatible player or recorder. Recordable supports will also have to be adapted to the format. 86 2005 Edition © IDATE DRM and virtual content distribution DRM players Strategic positioning Standardisation of a DRM solution One of Philips’ strengths is its continuous investment in new technologies and the protection of its innovations. The company has a large portfolio of patents (over 95,000 at the end of 2004). Which DRM solution does the Philips group really support? Is its strategy to be present in the development of several types of DRM technologies in the end in order to define the best open standard with regard to content piracy? Philips is effectively participating with Sony in the Intertrust DRM project. Will the collaboration with HP announced at the beginning of 2005 to develop a new DRM technology (VCPS) and Philips’ participation in the Marlin Joint Development Association lead to a competing DRM solution or will these various initiatives link up with the initial Intertrust project? Philips tends to develop the largest number of technology partnerships possible: Technology providers: SkyStream Networks, Thalès Broadcast & Multimedia, Teleste, Tandberg Television, Scopus Network Technologies, Scientific Atlanta Set-top box manufacturers: Samsung Electronics, Telestar, eMTech, SCM Microsystems, Orbitech, Technisat, Vestel, Seodu Inchip, Humax Technical solutions providers: MagnaQuest, Pinesoft Computers The cooperation between Philips Software and Safenet, a provider of mobile security solutions, will enable the implementation of solutions for managing secure content mainly aimed at mobile equipment manufacturers. Safenet’s security solution is compatible with OMA DRM V2.0. This partnership thus complements Philip(s internal expertise with regard to DRM. Consortium Philips is one of the main leaders of the OMA, of the DVB Forum and the MPEG Forum. Philips is also a member of Coral. Moreover, Philips is at the origin of a new joint-venture, the Marlin Joint Development Association, created at the beginning of 2005, which aims to establish an open-source digital rights management system. This structure now unites Sony, Samsung, Matshushita/Panasonic and Intertrust. The 1.0 version of Marlin should be available in the course of 2005. Marlin DRM will probably be offered on an open-source licence. This form of DRM will be used by TCPA type chips that will communicate with domestic content servers of the Windows Media Center variety, which will in turn communicate with manufacturers’ authentication servers. Technology partnerships 2005 Edition © IDATE 87 DRM players DRM and virtual content distribution USA Real Networks The U.S. streaming specialist is marketing Helix DRM, a multimedia content distribution platform with a digital rights protection function. Web site www.realnetworks.com Description Date founded: Employees: CEO: President: 1994 Around 740 Robert Glaser Lawrence Jacobson Main shareholders Institutional Senior executives 52% 48% Latest developments/ Key points 1995 Development and launch of RealAudio. 1996 Commercialisation of RealPlayer Plus. 1997 Launch of the media streaming solution RealSystem including RealAudio and RealVideo. 1999 Launch of RealJukebox products. 2000 Launch of its 1er premium service RealPlayer GoldPass. 2001 Launch of paying service RealOne (including RealPlayer and RealJukebox) and of its games platform RealArcade. 2002 Development of the Helix technology. 2003 Acquisition of Listen.Com and its paying online music service Rhapsody. 2004 Acquisition of the developer and distributor of downloadable games, GameHouse. NASDAQ RNWK Financial information Turnover over three years Trends in turnover between 2001 and 2003 in millions of USD Turnover 2001 188.905 2002 182.679 2003 202.377 In the last three quarters of the year 2004 Real Networks posted a turnover of USD 125,863 million. Net profits/losses Trends in net losses between 2001 and 2003 in millions of USD Net losses 2001 -74.763 2002 -38.353 2003 -21.451 In the first three quarters of the year 2004 Real Networks posted a net loss of USD15,056 million. 88 2005 Edition © IDATE DRM and virtual content distribution DRM players Group activities Player The last version of its player RealPlayer 10 enables the distribution of all the main media formats, including DVDs, accelerated CD recording as well as advanced sound and image adjustment functions. This player facilitates searches for, acquisition and the management of audio and video content on the internet. A free version of this player is available, as well as a premium version offering additional functions. Following the acquisition of the company Listen in 2003, Real Networksnow now manages the platform for downloading music online, Rhapsody. This paying online music service is now at the heart of the company’s strategy in the field of music. This includes RealPlayer Music Store, its own platform for downloading music online in the USA. Real Networks also offers the service RadioPass giving access to over 3,200 radio stations and over 700 music mixes without advertising. In 2001, Real Networks launched RealArcade, its platform for downloading online games for PCs and mobile devices, all available freeof-charge on a trial basis for a limited period of time, and subsequently available by purchase or subscription. Music Games Technology developed Helix DRM Objective: to protect the digital rights of content in various formats (Mpeg4, MP3 and Real). Description: the Helix DRM platform (commercial name for Real Media 9) for audio-video content distribution incorporates a technology for managing digital rights. The main components of this platform are as follows: Helix DRM Packager: a technology and encryption algorithms making it possible to prevent the non-authorised use of content and prepare it to be distributed via streaming, downloading or other distribution methods. Helix DRM License Server: a server enabling distributors, internet music and video distribution service and companies to authorise and manage content-based transactions: verification and management of licence requests, authentication of client users and the provision of verified information facilitating payment. Helix DRM Client: a tool enabling the downloading or streaming of content in a secure format on the basis of rules of use specified by the content owner. Helix DRM Device Support: a tool enabling manufacturers to include a DRM function in their consumer mobile devices and to thus maintain content security beyond the PC. Target: audio and video content providers (studios and record companies), manufacturers of devices, home sound systems and MP3 players Type of content: audio and video Devices targeted: PC, mobile devices, HiFis and MP3 players DRM/TMP Soft Online/Offline Digital 2005 Edition © IDATE 89 DRM players DRM and virtual content distribution Strategic positioning Positioning in development In the course of the years 2001, 2002 and 2003, Real Networks spent 23%, 26% and 30% of its turnover respectively on research and development activities, developing new products and improving existing products and technologies. Real Networks positions itself as an interface between content vendors and telecommunications operators. It is a technical operator and a sales channel. In fact, it wishes to be capable of addressing all devices from the moment that they are able to use an IP layer. It is a vendor of technical solutions and software to encrypt, manage, distribute and secure content. It provides the entire management infrastructure. Real Networks is heavily involved in music distribution. This positioning was reinforced following the acquisition of Listen.com in April 2003 and its online music service Rhapsody (for USD 36 million); This service was renamed RealOne Rhapsody. Its strategy is to slash the prices of downloadable tracks: 79 cents per track (versus 99 cents on iTunes Music Store, Apple’s online music store for Mac users). It nevertheless relies on a subscription model of USD 9.95 per month for unlimited access to a catalogue of 330,000 music tracks released by the 5 majors and a hundred independent labels to listen to on a streaming basis. Only 200,000 of these tracks can be downloaded permanently and recorded on CD. This service also offers customised radio and compilation on demand services. The launch of RealOne Rhapsody marked Real Network’s official withdrawal from the MusicNet distribution service (in which it partnered EMI Warner and BMG). In July 2004 Real Networks presented its system Harmony, enabling a buyer of online music protected by Helix technology to convert the music into AAC (Apple’s format) or into WMA (Microsoft’s format), while retaining the rights and restrictions attached to the track purchased. Apple is nevertheless expected to try and block the Harmony system during the next update of its iTunes software. The open source Helix DNA initiative aims to male the source codes available to device developers (on www.helixcommunity.org). The latter are in a position to carry out their own developments based on these codes (Real Player, for example, has been implemented in Siemens mobile devices). They subsequently launch their own solutions and Real Networks is signing licensing agreements with them. This strategy enables Real Networks to target the largest number of devices, more quickly than if all of the developments were carried out internally, and to win market share in the long-term. Distribution agreements with mobile telephony operators: Ericsson (player software), Nokia (content programmes on a streaming basis), Vodaphone (integration of audio and video player software for the Vodaphone Live service). Last agreement to date (beginning of 2005) with Siemens Mobile (streaming platform). Licensing agreements with mobile device manufacturers that have implemented the Helix solution. Positioning in publishing Positioning in distribution Standardisation Interoperability Open source Partnerships 90 2005 Edition © IDATE DRM and virtual content distribution DRM players USA RSA Security RSA Security, created by Security Dynamics’ acquisition of the encryption algorithm RSA (created in 1977), is a vendor of authentication and internet access management solutions. The company offers a range of products based on the management of identities and access control. Web site www.rsasecurity.com Description Date founded: Employees: CEO: President: September 1999 1049 (September 2004) Art Coviello James Sims Main shareholders Institutional Senior executives 94 % 2% Latest developments / Key points 1999 Introduction of the new company RSA Security Inc, a product of RSA Data Security owned by Security Dynamics Technologies. 2002 RSA Security products operate using the OASIS. 2003 RSA enhances its authentication offering through digital fingerprinting and the automatic management of identities by application (“provisioning”). 2004 RSA Security launches a new solution SSO (Single Sign On) and authentication in June. RSA SecurID technology takes its first steps in the consumer market. AOL launches its service Passcode based on this technology in September. 2005 RSA Security offers a mobile DRM solution based on RSA BSAFE technology. NASDAQ RSAS Financial information Turnover over three years Trend in turnover between 2001 and 2003 in millions of USD Turnover 2001 282.7 2002 232.1 2003 259.9 In 2003 RSA Security made 60% of its turnover in North America, 31% in Europe and 9% in Asia. Net profits/losses Trends in net profits/losses between 2001 and 2003 in millions of USD Net profits/losses 2001 -2.5 2002 -96.8 2003 14.8 2005 Edition © IDATE 91 DRM players DRM and virtual content distribution Group activity Security solution vendor The main activities of the U.S. company in terms of authentication solutions are as follows: • • • • • Management of user identity Access control Mobile access security Mobile access security Transaction security The solutions offered by RSA Security cater for the need to check the identity of users regardless of their access to applications and data (access to wireless networks, either remote or internal). Consulting RSA Security offers support and consulting service to large corporations in order to satisfy their demands. RSA thus works closely with partner integrators and consulting firms. Technology developed Development of a range of authentication products RSA Security is developing a whole range of authentication products: • • • RSA SecurID, including a chip card and token USB. RSA Keon to manage authentication certificates. RSA ClearTrust: control of access in a web environment. This solution is based on market standards (Liberty Alliance, SAML), enabling a security policy that is easy to use in terms of access control. This solution offers data storage in a special directory and automatic attribution of user accounts according to application and profiles (provisioning). RSA BSAFE: development of secure applications RSA Intelliaccess: technology enabling users (on or off line) that have forgotten their password, to access a temporary password without calling the support centre. This technology makes it possible to deploy a Single-Sign-On (SSO Solution) that secures both physical and logical connections (access to multiple applications). • • Strategic positioning Positioning in development RSA Laboratory is the research centre dedicated to encryption and security technologies. RSA Security is primarily an authentication solutions vendor. RSA Security plays a key role in the standard development initiatives (Liberty Alliance, OASIS, IEFT, WS-Security). RSA Security sets up IT solutions based on existing industry standards that notably ensure interoperability. RSA Security forms a large number of technical partnerships in order to offer the most complete and coherent solution (+1,000 partnerships with telecommunications operators, equipment manufacturers, service providers etc.) Close relationships with consulting firms (Accenture) and industry players (Cisco, Microsoft, Juniper) so as to capitalise on the integration and use of RSA solutions. Positioning in publishing Standardisation Interoperability Partnerships 92 2005 Edition © IDATE DRM and virtual content distribution DRM players Network of national partners approved to sell authentication solutions (in France for example, partnerships have been signed with Nexus, Thalès and Arche). Development of strategic alliances based on the access control platform RSA ClearTrust (Comelis, Syntegra, Dimension Data and Axipe). Participation in a consortium RSA Security is present in several consortiums. It is worth noting ASP Industry consortium, WS-Security, OASIS, OMA DRM, TCG. 2005 Edition © IDATE 93 DRM players DRM and virtual content distribution USA SealedMedia Inc. SealedMedia Inc. is a provider of digital rights management solutions on the internet aimed at content vendors. SealedMedia provides companies with digital document security solutions and mails. Web site www.sealedmedia.com Description Date founded: Employees: CEO: Chairman: September 1996 n/a George Everhart Peter Van Cuylenburg Main shareholders Pond Venture Partners Crescendo Ventures 3i Latest developments / Key points 1999 The investment fund Pond Venture Partners is investing in the company, enabling it to develop. 2000 Launch of the first version of the software SealedMedia. Second round of fund raising to finance the company: 3i and Crescendo Ventures invest in SealedMedia. 2001 Pond Venture Partners, 3i and Crescendo Ventures invest USD 16.5 million. 2003 Pond Venture Partners and Crescendo invest another USD 4 million in SealedMedia Inc. to enable it to generate a positive cash flow in 2004. 2004 Citrix opts for the content security solution SealedMedia to protect its solution Citrix Certified Instructor. Citrix is the world leader in access infrastructures for company resources. 2005 In February 2005 SealMedia announces growth of 133% in its turnover for the financial year 2004 versus 2003. Group activities Technical solution development SealedMedia’s main activity remains selling document security solutions (in an internet environment) for companies and public/private organisations. SealedMedia also participates in consulting activities at several levels: Analysis of client needs (1 day) Development of a prototype program (up to 14 days) Project management (variable duration) Assistance with deployment (2 days) Technical support (1 year) Technical consulting and support Technologies developed SealedMedia Solution The SealedMedia solution is made up of 4 main elements: 3 software components: “Sealer” (Desktop application), “Licence Server” (software application) and “Unsealer” (plug-in that can be downloaded free-of-charge on the SealedMedia web site) 94 2005 Edition © IDATE DRM and virtual content distribution DRM players Format of content The solution supports the following document formats: Email (Microsoft Outlook and Lotus Notes), Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Adobe PDF and HTML. GIF, JPEG, PNG, MP3, QuickTime, MPEG1, MPEG4. The solution targets digital content vendors that wish to market their products on the internet. It makes it possible to protect several types of contents (text, image, audio and video). This mode of protection opens up new horizons such as the rental of works and free previews by providing an applications service for digital rights. Based on the web, this technology enables permanent protection of content independent of their support. The vendors control access to it: they can effectively choose and modify rights and the conditions of use awarded to end users. The solution offered by SealedMedia separates the content from its access rights. The content is perfectly protected. Vendors therefore control the use of the content directly (back-up, screen capture and print offs etc.) as well as the duration of its validity. With this technical solution digital content vendors independently control the cost and the conditions attached to data put online. They can consequently create their own business models (subscription, pay-peruse). SealedMedia Solution Source: SealedMedia The digital content vendor thus controls access to the content by creating an electronic licence (which encrypts the rights of access desired). Interaction with the “licence server” positioned in the network is carried out with identified passwords. When an end user wishes to access this content, authentication is necessary. The individual can then question the server to find out whether s/he has the rights to use the content (the individual uses the key contained in the licence requested). SealedMedia supports 3 types of authentication: its own authentication via a password, an NT authentication and a server authentication. The encryption algorithms used are AES 128 bit, RSA PKI and Tiger Hash message digest. 2005 Edition © IDATE 95 DRM players DRM and virtual content distribution Sealed eRoom Sealed eRoom Source: SealedMedia Sealed eRoom makes it possible to set up tools for secure team work, sharing confidential information within a company (via the intranet network) or between several companies (via the internet network). Sealed eRoom is based in the characteristics of the content protection solution SealedMedia. This solution is mostly incorporated into the security products that make up part of a company’s telecom architecture. Sealed Blackberry Sealed Blackberry Source: SealedMedia The Sealed Blackberry solution enabled files signed and protected by the SealedMedia solution to be transferable and readable on a mobile Blackberry device (the documents are then converted into the proprietary UCS format). 96 2005 Edition © IDATE DRM and virtual content distribution DRM players Strategic positioning Positioning SealMedia positions itself as a vendor of digital content management solutions to be used on the Intranet/Internet. SealMedia exclusively targets the corporate market. The main clients that have deployed a SealedMedia are: 3i, Xansa, XanEdu, Congressional Quarterly, Johnson Matthey, Harvard Business School Publishing and Citrix SealedMedia is currently targeting the North American and European market. The company has offices in the USA (Boston and Los Gastos)as well as in the UK (London). Technical partnerships: Adobe, Apple, Citrix, EMC Documentum, IBM, Microsoft, Oracle, RIM, Signum Technologies, Tridion and SignetX SealedMedia is forming partnerships with local players to penetrate various European markets (The Netherlands, France, Italy, Spain and the Netherlands). In Italy, SealedMedia has signed an agreement with the integrator Daman. Other partnerships set up (integrator and solution reseller): Armedia, BRT, BSG, Chapter26, Content Solutions Partners, Cortina, ForeFront Technologies, Informative Graphics, Joint Collaboration AS and Ness Technologies. Main competitors: Authentica Inc., eMeta Corporation, Alchemedia, Adobe Main clients Points of presence Key partnerships Competition 2005 Edition © IDATE 97 DRM players DRM and virtual content distribution USA SunnComm SunnComm is a company that develops a proprietary technology for the protection of digital content (audio and video) on a physical support and also markets digital content security solutions. Web site www.sunncomm.com Description Date founded: Employees: CEO: President: 2000 N/a Peter H Jacobs William Whitmore Main shareholders Private capital 100% Latest developments/ Key points 2001 Sunncomm Technologies markets the CDs of the U.S. artist Charley Pride. This is the first time that an audio CD has been marketed using the Media Max content protection technology developed by the U.S company. 2002 Development and introduction of the Media Max CD3 technology directly integrated incorporated into the Windows Media platform. 2003 Suncomm technologies is refusing to prosecute a U.S. student that found a foully in the anti-copying system of audio CDs using Media Max CD3 technology. The Media Max CD3 technology becomes available on Macintosh. Development and launch of the Media Max CD4 technology. 2004 Commercialisation in October of version 5 of Media Max technology. SunComm Technologies becomes SunnComm International. BMG Music, one of the five record majors, tests the new version of the anti-copying technology developed by SunnComm. Company quoted on the stock market SCMI.PK Group activities Protection of digital content SunnComm’s activities remain the development of technologies and software solutions related to the protection of digital content on a physical support. Technologies developed Media Max Media Max is a group of technologies for managing print-outs incorporated into a physical support (CD or DVD). This system makes it possible to protect copyright (StudioMAx technology) by preventing the unauthorised duplication of CD/DVDs and illegal distribution via the internet. The system uses two versions of tracks on the same CD/DVD: the first version can be read solely by classic CD players and the second only by computers. It is this latter version that limits distribution on the internet. In fact, when a CD/DVD incorporating Media Max is inserted in a PC, the second version opens, the protected version of the digital content then appears and a range of enriched content becomes available for the user (video clips, photos, artist biographies, song lyrics, web links etc). 98 2005 Edition © IDATE DRM and virtual content distribution DRM players Media Max 5.0 is an improved version of the previous releases of the Media Max platform. This version makes it possible to protect: • • • Mediaclop Content on a CD+G support (CD format for Karaoke) Downloading on demand of audio and video content on the internet Video DVDs Sunncomm offers a technology that limits copying of audio CDs. Mediaclop technology effectively makes it possible to make audio CDs readable on CD players, but not on a computer. In the latter case, playing is conditional to a visit to a web site. The site authenticates the disc then allows the user to download the tracks that it contains, which can only be copied once. Copying for private use this remains possible, not from a CD but by downloading, with the CD acting as an identification key. Solution offered LMT Security LMT (License Management Technology) Security is a secure software platform incorporating: • • • • authentication and verification of authorised duplication of the CD or DVD, identification and prohibition of the duplication of the CD or DVD, a DRM solution with content protection “Secure Burn”, which makes it possible to specify the number of copies authorised. This solution is independent of the operating system used on the PC terminal. Strategic positioning Competition SunnComm positions itself as a direct competitor to the content protection technologies developed by Macrovision (CDS technology). SunnComm wishes to impose the same restrictions on paying online music downloading services in terms of recording as on audio CDs. These “secure recording” functions could therefore be directly incorporated into services of the i-Tunes or Napster variety. SunComm is present in 11 countries via local subsidiaries (China, Israel, Germany, Australia, UK, Japan, Belgium, France, Denmark, Finland and Canada). SunnComm joins forces with various local partners to distribute all of its products. Record companies and film production companies. Imposing the same restrictions on paying services Partnerships Clients 2005 Edition © IDATE 99 DRM players DRM and virtual content distribution USA VeriSign Verisign is a U.S. company specialising in the provision of security services and in the registering and management of internet domain names. Web site www.verisign.com Description Date founded: Employees: CEO: 1995 2500 (September 2004) Stratton Sclavos Main shareholders Institutional Senior executives 85 % 3% Latest developments / Key points 2000 Acquisition of the company Network Solutions, specialising in the sale and management of domain names and internet addressing for a total of USD 21 billion. 2003 Verisign is selling its entity for the management of domain names to the investment fund Pivotal Private Equity for a total of USD 100 million. Verisign nevertheless retains a 15% share in Network Solutions. The regulator of the domain name system (ICANN) demands the closure of the “Site Finder” site produced by Verisign to which the internet traffic sent to non attributed domains is directed. 2004 Verisign is taken to court by ICANN in March 2004 for abuse of its dominant position. Verisign accuses ICANN of preventing it from implementing certain of these services. Availability of the EPC Starter technology developed by Verisign. Verisign launches its authentication offering aimed at companies. 2005 Verisign acquires the Californian company Lightsurf, specialising in mobile interoperability solutions. In partnership with IBM and Gemplus, Verisign implements a new mobile authentication solution. NASDAQ VRSN Financial information Turnover over three years Trends in turnover between 2001 and 2003 in millions of USD Turnover 2001 983.5 2002 1 221 .6 2003 1 054.7 Net losses over three years Trends in net losses between 2001 and 2003 in millions of USD Net losses 2001 -13 355.9 2002 -4961.3 2003 -259.8 100 2005 Edition © IDATE DRM and virtual content distribution DRM players Group activities Internet services The internet services offering is based on: • Security offerings for companies that include strengthened authentication services, managed security (SSL certificates). Verisign now offers companies the management of various forms of authentication (smart card, token USB, dynamic passwords etc.). Services for managing digital watermarks that unite domain name services, digital watermark surveillance, consultation of copyright and extension of global digital watermarks. • Communications services The communication services also unite two ranges of services: • • All of the network infrastructures and service applications for GSM providers (payment services, invoicing, implementation of network interoperability, CRM etc.) Managed telecommunication services (MTS), network services such as local number transferability (LNT), SS7 signalisation and compensation spaces for roaming services. Technologies developed EPC Starter Service VeriSign makes the “EPC Starter Service” enabling commercial partners to begin to use the EPCglobal Network to manage pilot projects based on event information requested by RFID technology (identification technology by wireless frequency). The “EPC Starter Service” notably enables access to a private piloting environment guaranteeing the security and continuity of data for multipartner pilots, to technical documentation and an after-sales service. Managed PKI for SSL is a web service developed by Verisign to enable companies to deploy and manage several SSL certificates within their organisation. This corporate solution capitalises on Verisign’s advanced and secure infrastructure. Managed PKI pour SSL Strategic positioning Positioning in the authentication market VeriSign, initially a specialist in domain names, is now delivering electronic certificates whose aim is to authenticate the emitter of a piece of information or software. By partially selling its domain name management business (“Naming and Directory Services “) in October 2003, Verisign is focusing strategically on its core competence which is to provide critical infrastructure services for internet and communications networks. With its new offering marketed in October 2004 Verisign confirms its position in the high authentication market (a true competitor to market leader RSA Security). Entrust Technologies, RSA Security, Symantec Group. Main competitors 2005 Edition © IDATE 101 DRM players DRM and virtual content distribution 2.4. Overview 2.4.1. Industry players’ solutions Table 4: Online and offline hardware solutions Companies Microsoft Intertrust Macrovision RealNetworks Overdrive End2End Philips SealedMedia NDS RSA BeepScience SunnComm Info2clear Apple Sony PC X X Telephone X TV X STB X Hard disc X X X X Audio optical medium Video optical medium X X X X X X X X X Source: IDATE Table 5: Software solutions Companies Microsoft Intertrust Macrovision RealNetworks Overdrive End2End Philips SealedMedia NDS RSA BeepScience SunnComm Info2clear Apple Sony X: offline Text X X X X X X X X X X Data X X X X X X X X X X Music X X X X X X X X X X X X X X X Video X X X X X X X X X X X X X Software (exc. games) X X X Games X X X X X X X X X X X: online and offline Source: IDATE X: online 102 2005 Edition © IDATE DRM and virtual content distribution DRM players Table 6: Destination of solutions Companies Microsoft Intertrust Macrovision RealNetworks Overdrive End2End Philips SealedMedia NDS RSA BeepScience SunnComm Info2clear Apple Sony Devices PCs, digital TVs, STB, mobiles, audio/video players, portable devices PCs PCs, audio/video players, CD, DVD PC, telephones, audio players PC, telephones, portable devices, audio players Mobiles devices PCs, digital TVs, STB, mobiles, audio/video players PCs, Blackberry devices Digital TV platforms, mobiles, PCs PCs, telephones Telephones, portable devices, PDAs, STB, consoles PCs, CD, DVD, audio/video players PCs PCs, portable devices, audio/video players PCs, portable devices, audio/video players Source: IDATE 2.4.2. The activity of consortia An attempt to join forces was made by the DVB consortium and the Motion Picture Association of America. Debate between the DVB and the MPAA apparently made it impossible to reach an agreement, after a solution based on watermarking put forward by the Europeans was considered insufficient to limit piracy alone. It is worth noting that within the DVB (Digital Video Broadcasting), the CP (Copy Protection) group was founded in 1999. Faced with major problems, the group nearly dissolved and had to be reformed in spring 2003. DVB CPCM (Content Protection & Content Management) now targets the horizontal market to provide end-to-end protection from transmission to consumption, taking into account domestic and storage networks. CPCM has to be able to be extended to proprietary DRM and conditional access systems. A key concept is that of the authorised domain. The authorised domain is defined as a group of CPCM compatible equipment that are owned, rented or controlled by the members of a single family. This equipment can be located anywhere: at home, in a secondary residence, in a vehicle or it can be mobile. The content legally provided in the domain can be freely consumed in this area via “CPCM compliant” equipment, but cannot be redistributed outside of the authorised domain without explicit permission. One restriction imposed is that the size of the domain authorised can be limited. CPCM specifications must include: • • A set of “interoperable” interfaces to enable exchanges between equipment manufactured by different producers The definition of a USI (Usage State Information) that contains control information. 2005 Edition © IDATE 103 DRM players DRM and virtual content distribution Table 7: Summarising table on consortia Consortium Content Reference Forum OMA Objective Creation of an intelligent file Mobile DRM interoperability solutions Ensuring compatibility between different DRM systems Development of an optical disc format Software/hardware interoperability Environment Online Target content Audio, video PC Destination of solutions Offline Audio, video Telephones, portable devices Coral Offline / Online Audio, video PCs, telephones, portable devices, audio/video players Blue-Ray Association TCG Offline / Online Offline Video Software Source: IDATE DVD supports, video players, games consoles PCs Table 8: Consortia and rights description languages XrML (standard) MPEG Content Reference Forum OASIS OMA Coral TCG Source: IDATE X X X X X X ODLR (standard) NEMO (proprietary) TCPA (proprietary) 104 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution 3. Analysis and outlook for content distribution 3.1. Usages and the market 3.1.1. New forms of cultural goods consumption The players that are moving into content distribution via the internet or outside networks are facing a revolution in usages that began with content digitisation. These fundamental changes highlight the question of rights management, but makes embedding rights in contents that are continually handled and transformed and rights managing in nomadic conditions more complex The emergence of digital usages The consumption of cultural goods is now digital. It takes the form of portable audio players with a hard disc or Flash memory, video players/recorders equipped with a hard disc connected to the television, DVD players/recorders, set-top boxes equipped with a hard disc, portable video games consoles or multi-functional home consoles, portable telephones with audio and/or video multimedia functions that can record television programmes and that will be able to receive television channels via the digital terrestrial network in the near future. These upheavals began with the appearance of personal computers, audio and video codecs and the steady advances in the latter in terms of compression rates for an equivalent quality of sound/image. These major changes intensified with the emergence of easy to use and cheap software programs, real digital tools for creating, managing and distributing content accessible to all. These changes continued with the miniaturisation of electronic components, the increased calculating power of processors, the rising power of visual display, the growth in storage capacities etc. Lastly, these changes spread and then dominated the uses of all internet users thanks to networks. The internet opened the distribution channels of all types of digital content. However, until very recently, the consumption of content obtained from the web was mainly carried out via computers. Now digital networks linked to a "plug & play" connector make it possible to transfer content to multiple devices or storage media quickly and easily. Music lovers value the ability to handle music in this way to listen to it however they please: via a MP3 player, on a MP3 CD, on an audio CD, on a PC, a portable or home games console or on a mobile telephone. In the near future, these forms of music consumption will be transposed to video by consumers and consumer electronics manufacturers. These new forms of consumption will be sources of inspiration for television broadcasters, content aggregators, and content vendors in the fields of video games, video and television alike. Industry players and notably consumer electronics players, as well as mobile telephone manufacturers, have already learnt their lessons from this revolution and are preparing to meet the needs expressed by consumers, or even to anticipate them and, in some cases, to create them. However, in order not to avoid making the same mistakes as in the past to which the music industry fell victim, industry players will not get involved in forms of distribution that are not secure. The age of nomadic usage and mobility Two words offer a fairly good summary of the changes in usage related to their digitisation: nomadic usage and mobility. 2005 Edition © IDATE 105 Analysis and outlook for content distribution DRM and virtual content distribution Nomadic usages Nomadic usage consists of accessing contents of accessing contents and consuming them completely freely, at any time, in any place and anywhere. The digitisation of contents seems to have given users control over their consumption. Consumers have rapidly become aware of the digital revolution and the services that it can offer them. They have been quick to latch onto the first signs of digitisation. Music was the first entertainment sector to see its contents digitised and the emergence of the internet. MP3 was deployed and became widely used without the support of any player in the music industry. The latter were, on the contrary, rather derogatory at the launch of the new format in 1993, according to the reports of the Fraunhofer Institut, inventor of the format with Thompson. This format catered for the needs of nomadic use: MP3 files can be recorded on data CDs, transferred to portable players, decompressed and recorded on audio CDs. If they combine MP3 files with a management, playing, sharing or handling software, music movers can use music in an endless variety of ways: for listening, to organise a track collection, to compile and share files, play lists, mixers etc. The internet has largely contributed to the revolution in usages: music distribution, sharing as well as discovering music, creation via mixing and sampling, the creation of communities, exchanges etc. The story could have ended there, but content digitisation automatically authorises its identical copying at the click of a mouse. The internet network makes it possible to send and receive digital data. It did not take long for several web sites run by individuals, and a little later by groups of counterfeiters to emerge offering the free download of MP3 files on a client/server basis. In 1998 Shawn Fanning developed a software program for his personal use that enabled him to exchange music files with a few friends. The final version of the software was called Napster. Made available to internet users worldwide, Napster spread like wildfire. Everyone that installs the program on their system can exchange MP3 files free of charge with the other members of the community. The more members a community has, the larger its track catalogue. The biggest record collection in the world was born and it was free. At its peak and just before its closure, Napster had 70 million members worldwide. The internet has finally turned consumers into massive downloaders who pay nothing to rights holders. Perhaps it would be more accurate to write “without the possibility of paying anything to rights holders,” because in 1998 there was no alternative offered by the music industry, digital rights management remained a concept, not a reality. The digitisation of contents related to the internet freed users for access restrictions to cultural goods and their uses, their handling and their consumption. This liberation was accompanied by the spread and subsequent generalisation of exchanges via P2P software outside of any regulatory and commercial framework and to the detriment of rights holders. Mobile content Prior to Napster, content was nomadic3 almost exclusively on the internet network. It can circulate on this network completely freely. This is already saying a lot, given the speed at which broadband offerings are spreading in the USA and Europe. Furthermore, once an audio track has been recorded in an audio (audio CD) or data (MP3 file) format or transferred to a portable player, its journey continues, passing from hand to hand like any optical medium. This form of nomadic use is only a fraction of what is expected when a large number of portable devices have become compatible with virtual digital content formats (MP3, DivX, WMA, WMV etc.). These devices will be able to receive content, play, store, transport, transfer and send content, and will certainly be able to change it soon regardless of the type of content ion question: audio, video, software, gales, images and texts. Content can now be acquired on a platform, transferred to another and sent to another platform to be read there. This implies that devices can be interoperable and formats standardised. This growing trend of transporting content from one device to another neighbouring piece of equipment will see major developments in digital homes. Selected models of MP3 players like Rio by the company of the same name are trying to achieve dominance in the marketplace. 3 106 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution These phenomena of nomadic usages and mobile content highlight the need for content protection, but also require it to cover the numerous digital breaches that occur in the phases of information collection, processing and restitution. To achieve this, and in the absence of a closed circuit content distribution system like the SmartRight solution, technical protection measures (TPM), and notably tattooing techniques, may grow in a networked and nomadic environment. Digital entertainment and mobile devices In the face of new usages, consumer electronic manufacturers are offering various responses in the different content sectors of music, games and video. TPMs for content and/or DRM systems are not automatically incorporated into devices or optical media that process content. When a device manufacturer is also a content provider or a premier partner of content provider, some protection is automatically integrated. In the field of video games, Nintendo chooses to protect content (which do not only belong to the company) by offering a proprietary medium, the cartridge, which is more difficult to counterfeit. Apple protects the contents that transferred to iPods thanks to a proprietary DRM system. Microsoft is trying to impose its DRM system in devices without making agreements between consumer electronics manufacturers and content providers necessary. Microsoft delivers development tools for DRM and operating systems that are compatible and available on portable multimedia platforms, mobile telephones, personal computers and electronic agendas. Consumer electronics manufacturers may look unfavourably on Microsoft’s initiative. On the one hand, they may view Microsoft as a dangerous additional intermediary. The intermediary may also legitimately aspire to be remunerated for its role in the value chain. In this respect, it is all the more dangerous if there a re few alternatives. In both the music and video sectors this is currently the case. Furthermore, Microsoft may be deemed dangerous by members of the CE sector because it could very well become a competitor in the long term, as it has become a competitor of Sony Computer Entertainment and Nintendo in games console manufacturing. For their part, content providers are increasingly trusting in DRM solutions that make it possible to manage and control their goods. Audio playing devices Music is the most effective product for attracting young consumers. It naturally lends itself to nomadic consumers. Thus, in the deployment of a mobile devices offering, it remains a pioneer. The number of mobile devices compatible with MP3 is growing. These devices are primarily dedicated to playing MP3 files and, by extension, to other audio files. This represents a broad category of devices that includes: • • • • Portable players with hard discs Portable players with memory cards Portable USB players Portable CD players. Moreover, the function of playing audio files is related to other functions that are just as attractive to young consumers or “early adopters.” As a result, at the end of 2003, Nokia commercialised a portable video game console with a mobile telephone and MP3 compatible. The other portable consoles commercialised in 2005 are all portable MP3 players. These devices are connectable to a PC via a USB port, Blue Tooth, IR etc. The personal computer remains the leading platform for files from online distributors. However, the PC is no longer the only device connected to the web and thus the only supplier of virtual content. WAP mobile telephones have opened a new breach in the distribution of digital content. Each of these mobile telecommunications portals must now offer downloads of polyphonic ring tones and video games. 2005 Edition © IDATE 107 Analysis and outlook for content distribution DRM and virtual content distribution Mobile ephone At the end of the year 2004 Samsung presented the first mobile telephone equipped with a miniature hard disc (1 inch, or 2.54 cm) with a 1.5 Giga storage capacity. In addition to storage and MP3 playing, this mobile telephone is also a camera and a video camera in the MPEG-4 format. In the month of May 2005 Nokia announced the forthcoming commercialisation of its telephone N91, which is likely to compete with Apple’s iPod. The launch of the hard disc in telephones and mobile internet access via these telephones confirms that the PC is not the only platform for online digital content. The first mobile telephones equipped with hard disc are now on the market. They are going to be able to handle content that requires a greater amount of memory. The growth in storage capacity will accompany the increase in bandwidth with the deployment of UMTS. While waiting for hard discs, which are heavy and high power consumers, external magnetic storage media such as SD Cards, MMCs, T-Flash, the proprietary solution Sony Memory Stick and USB Massive Storage keys should bridge the gap. Moreover, these external media should continue to be deployed given their obvious complementarity with optical media and hard discs. Today several models of mobile telephone possess a MP3 or Real Audio file playing function: Figure 6: Examples of multimedia mobile telephones Sony Ericsson’s P900 Siemens’ SX1 Sony Ericsson’s P910i Source: IDATE All of the digital entertainment sectors are involved in the revolution in usages described above. However, they are affected differently. At the heart of the revolution in usage, numerous references and feedback on experiences comes from the music sector. This is the digital entertainment sector that is most suited to nomadic uses. This phenomenon began at the beginning of the 1980s with the commercialisation of the first Sony walkmen. Over 20 years later, nomadic uses and the mobility of music have become natural; they have become part of consumer habits. 108 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Portable video games consoles The video games market is also a promising digital entertainment sector in this changing environment. Their portability dates from the end of the 1980s when Nintendo marketed the first portable GameBoy console. The GameBoy range has seen several models and has sold over 150 million units worldwide. Portable consoles for games or multifunctional have never been as numerous. They include: • • • • • • • GameBoy Advance SP by Nintendo N-Gage QD by Nokia Dual Screen (DS) by Nintendo PlayStation Portable (PSP) by Sony Gizmondo by Tiger Telematics Zodiac by Tapwave GP32 by GamePark. Video devices and portable TVs As far as video is concerned, we saw the emergence of the first portable devices in 2005. We do not have any usage reference in this case. Their future development nevertheless looks promising. Advances made in the miniaturisation of storage media (emergence of hard discs of 1.8 inches weighing around 50g), screen quality, autonomy, digital data transport and compression etc. are giving birth to a new generation of mobile consumer electronics devices. To-date this wave of innovation was largely driven by mobile telephone manufacturers, anxious to retain a new range of customers. However, the capacity to play and store audio and video content and games constitutes an entirely different product that is easy to separate from telephony. Several devices belong to this third branch of devices. Archos’ AV400 The AV400 is a portable video player marketed by the French company Archos. It weighs 280g and is fairly compact (127x82x21). It has a 3.5 inch screen, a resolution of 320x240 and can display 262,000 colours. It is equipped with a hard disc of 20 GB. As for sound, speakers are incorporated in the device. The device also has a connection for head phones. It is fed by a Lithium-Ion battery. It has an autonomy of 3.5 hours in video mode and 10 hours in music mode. It reads audio formats (MP3), video formats (DivX and Xvid), images in a JPEG format. It connects to television and can broadcast its contents on a television screen and can act as a Personal Video Recorder. It directly encrypts video in the Divx format. The AV400 can be connected to the PC via a USB 2.0 port. It is consequently possible to transfer contents from a computer and, in some cases, from the internet to the nomadic device. It also has a port for a Compact Flash memory card in order to transfer photos directly without going via a PC. Archos plans to market a 500 version that could be equipped with a 40 GB hard disc, a screen resolution of 704x480 and an Ethernet or Wi-Fi module. It could act as an electronic agenda and will be compatible with Java games. In April 2005 the U.S. satellite operator Echostar bought a share (of over 26%) in the French company. Echostar plans to incorporate a TV tuner into the Archos device. It will enable the device to act both as a remote control for the Echostar service and a broadcasting device. Other video devices have also recently emerged, including: • • • • The Zen Portable Media Center by Creative Labs MSI’s 5561 iRiver’s PMC-100 NHJ Ltd. should market a PMC comparable to Archos’ AV400. 2005 Edition © IDATE 109 Analysis and outlook for content distribution DRM and virtual content distribution The changes seen in uses and technology are giving consumers a renewed taste for liberty on content consumption. This freedom is hardly compatible with rights management, which is increasingly complex to implement given the significance of breaches. Industry players are working together or trying to work together to eradicate those breaches related to DRM interoperability. However, these commercial offerings show that there is solvent demand, despite unfair competition. However, the content sectors are not all at the same stage of development in terms of virtual distribution via the internet. 3.1.2. The case of the virtual music distribution market Forms of market structure Apple’s success with its iTunes Music Store and iPod pairing shows that there is solvent demand in the virtual content distribution sector, despite the unfair competition that takes the form of several P2P services authorising outlawed content downloads without the approval of rights holders. Apple’s service has been profitable to-date purely thanks to the sale of iPod devices. Observers have hinted that its online shop may be starting to become financially viable with over 300 million tracks sold. Other players like Roxio, renamed Napster, and its eponymous service that is now authorised, are also posting good results. With its Connect offering associated with several player devices, Sony could make itself a place in the coming months alongside Apple. The offering was deployed on a significant scale on 2003. Today the legal offering is abundant; there are over 20 major services of international standing. In "B2B" mode, the market is equally dynamic. ISPs, broadcasters, retailers and several categories of players that do not have rights, turn to intermediaries to achieve a presence in this promising sector. However, they have yet to post profits. In this market segment, OD2 (On Demand Distribution) is a deterrent. It has been present since 2000 and despite its acquisition by Loudeye, it now seems a key player that will be difficult to dislodge. Its main partners in this segment are: MSN Music Club, Tiscali Music Club, Packard Bell, MTV, M6, Coca-Cola, Viacom, Wanadoo, Karstadt and NineMSN. For its part Loudeye has formed partnerships with AOL, Apple, EMI, AT&T Wireless, Amazon.com, Borders, Barnes & Noble, Yahoo!, MSN and WindowsMedia.com. The company Orchard is one of the most important players in the redistribution of a catalogue of independents to services like MSN Music Club, and even OD2. Composition of the offering Two modes of subscription sometimes exist within a single offering (MSN Music Club). The first is based on a monthly subscription for no fixed period (MusicNow, Rhapsody). It gives subscribers the right to download a certain number of tracks and/or albums. The second is based on pay-per-use purchasing after inscription. Payment is generally made by credit card. New means of payment are being implemented such as the prepaid card, payment via SMS via an Audiotex service. The VirginMega and Vitaminic services in France are fairly dynamic in this field. The catalogue is a key component in the offering. Exchange systems on a P2P basis effectively comprise the largest catalogues ever compiled. Faced with this unfair competition, distribution platforms have made major efforts to negotiate with record companies to compile catalogues that are as vast as they are attractive. A catalogue of 300,000 tracks would seem to be a minimum to hope to attract a large public. It is worth noting that, following its acquisition by the U.S. company Loudeye, OD2 now has a catalogue of 1.3 million tracks from majors, independent labels and aggregators including ORCHARD (www.theorchard.com), which includes tracks from over 2,500 independent labels. Record companies have been able to take advantage of the need for online distributors to compile a catalogue. 110 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution The business model The business model, between an online distributor like Apple and the record companies, is based on revenue sharing. Out of the EUR 0.99 that Apple receives per track downloaded from its iTunes shop, 69 are repaid to the record companies, or 70% of revenues. After repayments to the SACEM, the online distributor’s share is around EUR 0.05. The distributor then has to cover transaction costs that are around EUR 0.005. The distributor is left with less than EUR 0.01 per track sold. Table 9: Example of revenue breakdown in France EUR cents Sale price of a track Of which VAT Prices exc. Tax Producer’s share SACEM Distributor’s share 99.00 16.22 82.78 69.00 7.92 5.86 Source: IDATE NB: SACEM: Société des Auteurs, Compositeurs et Editeurs de Musique % 100.00% 19.60% 83.61% 69.70% 8.00% 5.92% OD2 offers a comparative approach to the business models of physical and virtual distribution models Figure 7: Physical and digital disc distribution Physical disc distribution Physical distribution Digital disc distribution Digital distribution Rights holders 6,4% Rights holders 6,0% Manufacturers 9,0% VAT 19,6% VAT 19,6% Payment handlers 5,0% Retailers 10,4% Distributors 10,4% Record companies 26,0% Retailer 12,1% Record companies 48,3% Distributor 27,3% Source: OD2 Source: OD2 In the physical distribution mode, distribution can be taken over by a record company, which moreover plays the role of vendor, producer and manufacturers. It can hope to receive over 60% of the price of a record including VAT. In a digital environment, distribution and retailing can merge. It is in this manner that record companies can see distribution escaping their grasp and this is generally what is happening. Among providers of virtual music distribution services only a few shops belong to record companies, namely eCompil and Sony Connect. As a result, in the framework of virtual music distribution, record companies receive nothing from distribution or manufacturing, but rather from vending/producing. 2005 Edition © IDATE 111 Analysis and outlook for content distribution DRM and virtual content distribution In a virtual environment, several solutions can be envisaged with regard to the introduction of technical protection measures and digital rights management. From a commercial perspective, TPMs and DRM can be incorporated by the retailer/distributor. From a traceability and usage control point of view, these protection and rights management procedures may be implemented by vendors. Legal distribution on a peer-to-peer basis The ongoing war between record companies and vendors of content exchange solutions based on peer-to-peer may lead one to think that the technological advantages of peer-to-peer may have escaped them. This is not at all the case since there are a growing number of agreements between record companies and solution vendors. Universal Music group, a world leader in the sector, has signed an agreement with Snocap, founded by Shawn Fanning (the creator of Napster). This represents a catalogue of 150,000 tracks delivered by Universal. Similarly, Sony-BMG is supposed to be in discussions with Grokster. EMI and BMG have already signed up with Wippit (www.wippit.co.uk), a service provider based in the UK. Once users have registered, Wippit offers pay-as-you-go purchase for music tracks (for a minimum of EUR 0.32) via credit card or SMS (only in the UK), or a monthly subscription of EUR 19 or an annual subscription of EUR 75. Wippit has signed partnership agreements with 200 independent labels. The company is now selling its platform to other partners such as EasyMusic (www.easymusic.com) run by the Easy group (www.easy.com) and "This is London Music Download" (www.thisislondon.co.uk). Wippit uses Cantametrix MusicDNA technology (acquired by the company Gracenote – www.gracenote.com) which makes it possible to recognise tracks and identify the rights that are attached to them. If the files are "in order", they can be exchanged, otherwise their transfer is made impossible. Figure 8: Wippit protection system Source: Wippit In France the company Kryptomusic (www.kryptomusic.com) offers a legal service called E-geebiz (www.e-geebiz.com). Although its mission is virtual music distribution on a peer-to-peer basis for the moment, the French company may well get involved in video distribution, or even software distribution in the future. 112 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Figure 9: Kryptomusic distribution system Source: Kryptomusic Rights management takes place in the following way: 1. Imprints of hardware components of the user’s devices taken during registration with the site selling unbranded products. 2. Equipment manufacturer identifiers are stored on the KryptoMusic server. 3. A request is sent with a password, from the user to the e-Geebiz portal that displays the content offering. 4. The e-Geebiz server carries out an authentication request by the user with KryptoMusic. 5. The KryptoMusic server compares the user’s identifiers and hardware. 6. Once the identifiers have .been validated, the procedure of payment for the purchase begins. 7. Once payment has been made, the KryptoMusic server sends an access request to the media of the content provider’s server. 8. The audio or video content requested is transferred to the KryptoMusic server via a private secure network. 9. The audio or video files are encrypted and encapsulated with equipment manufacturer identifiers of the recipient device in the form of a JAVA software program that is secure, unique, auto-executable and multi-platform. 10. Delivery of the secure KryptoMusic or KryptoMovie software is made and the media content demanded can be read in a click. 2005 Edition © IDATE 113 Analysis and outlook for content distribution DRM and virtual content distribution Table 10: Major online music distribution offerings Name BuyMusic Results 6 million users in the USA 333,000 one-time visitors in France in December 2004 and 40,000 monthly downloads Shareholders Buy.com Date of launch 07/03 Tracks Catalogue available 457,000 Distributors Format WMA Zone USA Universal, Warner, Sony, BMG, BuyMusic EMI and independents E-Compil Universal France Dimensional Associates (capital risk fund) 11/01 Universal, Warner, Sony, BMG, Ecompil.fr, AOL, Club-Internet, Lycos, MSN, 40,000 Naïve, Scorpio, Airplay and Tiscali, Yahoo!, TF1, M6, RTL, NRJ, MTV other independents WMA France Emusic 284,000 one-time visitors in France in December 2004 4.2 million subscribers in March 2004 07/03 400,000 950 independent labels Emusic.com and affiliates MP3 World Fnacmusic.com FNAC 09/04 300,000 OD2 catalogue FNAC WMA France iTunes Music Store Jam Label Apple 04/03 Universal, Warner, Sony, BMG, 700,000 EMI and 200 independent Apple, AOL, HP labels 5,000 Jam Label Liquid.com, Amazon.com, Universal, Warner, Sony, BMG, TowerRecords.com, Musicrebellion.com, EMI and independents Fye.com AAC MP3 AAC WMA 9 WMA WMA stereo 1-pass CBR USA, Europe Liquid CLOSED Liquid Digital Media (shareholder: Geneva Media) 05/96 350,000 USA MSN Music Club MSN Music Club 08/04 1,000,000 OD2 catalogue MSN Music Club OD2 MusicMatch On Demand 50 million users Yahoo! following the acquisition from Thomson Multimedia of Intel Capital for USD 160 million Baker Capital since April 2005 09/03 500,000 Universal, Warner, Sony, BMG, Musicmatch.com EMI and 30 independent labels WMA USA MusicNet 500,000 subscribers 12/01 1,300,000 Universal, Warner, Sony, BMG, EMI, Ritmoteca, Zomba, AOL, Virgin Digital, HMV, Trans World Entertainment Santuary and other independents WMA Real Audio ACC USA 114 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Name Results Shareholders Full Audio (shareholders composed of capital risk funds) Date of launch Tracks Catalogue available Distributors Format Zone MusicNow 03/03 400,000 Musicnow.com, Charter Communications, Universal, Warner, Sony, BMG, Clear Channel Communications, Earthlink, EMI, Koch, Sanctuary Windows Media 9 WMA USA Napster 2.0 90,000 subscribers and 5 million downloads in February 2004; 270,000 subscribers at the end of December 2004 Roxio 10/03 1,000,000 Napster.com, Yahoo!, Sony Music Club, Universal, Warner, Sony, BMG, Gateaway Music Vault, Gateway Hearth EMI and independents System, Samsung OD2 : MSN Music Club, Tiscali Music Club, Packard Bell, MTV, M6, Coca-Cola, Viacom, Wanadoo, Karstadt, NineMSN, Loudeye : AOL, Apple, EMI, AT&T Wireless, Amazon.com, Borders, Barnes & Noble, Yahoo!, MSN, WindowsMedia.com WMA USA OD2 77,000 one-time visitors in France in December 2004, Loudeye 3 million downloads in 2003 05/00 Universal, Warner, Sony (UK, 1,300,000 F), BMG, EMI, Zomba, Telstar, Edel and other independents WMA Europe RealPlayer Music Store 450,000 subscribers in April 2004 RealNetworks 01/04 Universal, Warner, Sony, BMG, RealPlayer 10 Integrated sites, 400,000 EMI and 200 independent RollingStone.com labels Universal, Warner, Sony, BMG, Listen.com, RealNetworks, Lycos, Sony EMI, J Records, Ubiquity, 500,000 Dreamworks and other Musiclub independents 500,000 Universal, Warner, Sony, BMG, SonyConnect.com EMI and independents AAC USA Rhapsody 450,000 subscribers in April 2004 Listen.com (RealNetworks) Sony Corporation of America 12/01 WMA USA Sony Connect Spring 2004 ATRAC3 WMA stereo 1-pass CBR MP4 AAC USA, Europe Tiscali Music SonicSelector Uploud 350,000 OD2 catalogue Independent labels Universal, Warner, Sony, BMG, EMI, Wagram, Naïve, Ninja Tunes and other independents 300,000 VirginMega.fr (Wagram, Naïve, Ninja Tunes, Discograph, Scorpio, Dreyfus, Relax Beat, Pschent) VirginMega 773,000 one-time visitors in France in December 2004 Hachette Distribution Services 04/02 WMA France 2005 Edition © IDATE 115 Analysis and outlook for content distribution DRM and virtual content distribution Name Results Shareholders Date of launch March 2000 Dec. 2003 May 2005 Tracks Catalogue available Distributors Format WMA others on demand Zone Vitaminic Buongiorno Universal, Warner, Sony, BMG, Telecom Italia Mobile, la RAI, Peoplesound, 385,000 EMI in Italy + independants Vitaminic Universal, Warner, Sony, BMG, Walmart.com via Liquid Digital Media EMI and independants Universal, Warner, Sony, BMG, EMI, Ritmoteca, Zomba, Yahoo! Via MusicNet Santuary and other independents Europe, USA Wal-Mart Wal-Mart 300,000 WMA USA Yahoo! Music Unlimited Has a community of 300 million members Yahoo! 1,000,000 WMA USA Source: IDATE and IDATE based on Le Journal du Net 116 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Table 11: Main online music distribution offerings in the major markets Germany BuyMusic Chello Music eMusic iTunes MSN Music MTV MusicNet/AOL MusicMatch MusicNox MyCokeMusic MyMPO Napster Packard Bell PureTRacks Real and Rhapsody Sony Connect Tiscali Virgin WalMart Yahoo! Austria Belgium Canada Denmark Spain USA Finland France Greece Italy Ireland Norway Netherlands Portugal UK Sweden ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ Source: IDATE ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ 2005 Edition © IDATE 117 Analysis and outlook for content distribution DRM and virtual content distribution Online virtual music distribution to end users in major markets is a commercial battle that opposes Apple with its iTunes Music Store and iPod, MSN Music Club that uses OD2’s distribution solution, and Sony with its Connect service that will also be associated with a device. Tiscali, which also uses OD2’s solution, along with MTV, have just joined the fray too. Yahoo! Music Unlimited, with a potential community of 300 million internet users and offers compatibility with its instant messaging service, may also upset the picture in the next few months. In the Asia Pacific region, SoundBuzz (Singapore) accounts for the main body of the legal virtual music distribution offering. SoundBuzz is present in India, Australia, Hong Kong and Taiwan. In Australia, SoundBuzz competes with BigpondMusic, a portal launched by Telstra at the beginning of March 2004. In Japan, Label Gate, a virtual music distribution service, was launched in 2003. It was designed and set up with the agreement of 17 Japanese record companies. 3.1.3. Other virtual distribution markets Virtual video games distribution: a slow take-off Two major companies distribute video games in France, for sale or rental: Boonty (www.boonty.com) and Metaboli (www.metaboli.fr). Others, like Ocenix (www.ocenix.com), are trying to establish themselves in a market segment that remains dormant. The outlook is nevertheless promising if we look at the number of downloads registered by the RealNetworks service, Real Arcade in the USA and Europe. • RealNetworks The U.S. company RealNetworks markets a RealOne offering that incorporates a game downloading service, RealArcade, as well as a video on demand service. In the USA almost 950,000 individuals subscribed to RealOne at the end of 2003. Since its launch, RealArcade will have generated over 15 million game downloads. In July 2002 RealNetworks announced the launch of a new online games service in the framework of its RealOne Arcade offering: GamePass. For USD 6.95 per month based on a fixed 3 month contract, a GamePass subscriber can download one game for free every month and enjoy a USD 5 saving on each game that s/he would like to buy and download online. The games sold by RealNetworks cost between USD 9.99 and USD 19.99. Clients that already subscribe to the RealOne SuperPass service can access the GamePass service for USD 4.95 per month. The games catalogue marketed by RealNetworks includes 250 tracks. According to the U.S. company over 2 million games have been downloaded via its RealOne Arcade service since its launch in 2001. At the end of January 2004 RealNetworks acquired the company GameHouse, which develops, sells and distributes downloadable games for PCs. The deal was worth USD 35.6 million in total including USD 14.6 million in cash and 3.3 million RealNetworks shares. GameHouse is continuing its business activities. In two and a half years this company has sold over a million downloaded games. RealNetworks closed its financial year 2003 by posting a total turnover of USD 202.4 million. Its video games activity, via RealArcade, generated USD 12.2 million in turnover in 2003, versus USD 7.8 million during the previous year. • Trymedia Trymedia is a U.S. company. Based in San Francisco, it was founded in Intel Capital in 1999. Like CineticVision, Trymedia is present in a "business to business" niche of virtual video games distribution. Its service is called ActiveMARK. In 2001 Trymedia marketed its first game distributed online. At the end of 2002, the U.S. company had registered 10 million downloads of games in the form of a trial version (gamers test games before buying them). By the end of 2003 the number of downloads reached 30 million. Trymedia offers a catalogue of 300 games targeting occasional and hardcore gamers. Trymedia uses peer-to-peer technology to distribute these tracks. This enables it to make substantial savings in bandwidth capacity, in servers and .storage units. 118 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Trymedia’s secure platform has convinced vendors and developers: Activision (the world’s 2nd third party vendor), Brighter Child, Eidos and Wildtangent. • Softwrap Softwrap is a British company, a 100% subsidiary of Wrap Tech. The latter is evolving in the electronic software distribution sector (ESD – Electronic Software Delivery). WrapTech is present in Australia, the USA, South Africa, Asia and Israel. It has developed two solutions, Softwrap for video game distribution and Soundwrap for music distribution. These products are aimed at content developers/ producers, vendors and distributors that wish to sell their products to end consumers. The business model is based on revenue sharing after online payment. Consumers pay WrapTech for downloads (payment by credit card), which repays a percentage to its clients. Gamers can download games on a trial basis. At the end of the trial period, they are asked to buy these games via the internet or telephone. Softwrap’s offering is characterised by: • • • • • • Encrypted content Integrated DRM Automatic content updates Round-the-clock technical support Peer-to-Peer compatible distribution Purchasing in 7 clicks. In the end, growth in these services has proved fairly slow compared to that seen in the music sector. This can be explained by the fact that games are less easy to virtualise given their size (sometimes several giga octets) and especially their hardware, which is incompatible. In fact, Sony’s Playstation 2 is incompatible with Microsoft’s Xbox, Nintendo’s GameCube and PCs. As a result, demand is very diffuse. Furthermore, each games console is protected or prevents (unless the hardware is modified) users from playing a game recorded on a CD or a game transferred to the console’s hard disk from a computer when it is equipped with such a storage medium. Existing services consequently only offer game downloading for PCs, which is not, in the end, a platform accessible to all. Furthermore, downloading offerings are all proprietary, from their interface to rights management. Like games consoles or legal music downloading offerings, they are not compatible amongst themselves. This does not favour the development of this market. Lastly, their catalogue is compiled after negotiations video games vendors. The latter are hesitating over whether to sell the rights to exploit PC games to these distributors. Some do not seem convinced of the viability of such services. Others may be interested in investing in a virtual distribution service at a later date and thus wish to prevent a service provider from becoming overly important in this segment. Virtual distribution: the missing major Film distribution offerings via the interne are rare and often unattractive due to their small catalogue. Nevertheless, there is no doubt that they should be deployed in the near future due to the “generalisation” of broadband connections and the forthcoming release of portable video devices equipped with a hard disc. As an interim measure, companies offer to rent DVDs on subscription sent by post. An ingenious management system leads clients to forget that the broadband connection that they already have could easily replace the post. Rights holders do not wish to see the virtual distribution market for films grow without effective protective measures incorporated into distribution, distribution formats (streaming and downloading) and operating licences. However, content protection is not the only argument to explain the rarity of legal offerings. 2005 Edition © IDATE 119 Analysis and outlook for content distribution DRM and virtual content distribution In the first place, a distributor must be able to compile a catalogue that is as complete as possible. This phase is particularly complicated because it requires the negotiation of film rights that are sometimes involved in video production, a competing segment. In the case of old films whose exploitation on the internet was not anticipated, it is necessary to renegotiate rights with all rights holders and not only with the vendor. Obviously, the larger the target market, and/or the more the distributor plans to offer a large catalogue, the longer and more fastidious this phase becomes. Secondly, a window for virtual film distribution via the internet must be found on the one hand, and the parties present must agree to this window on the other. This is not yet the case. In fact the stakes in content protection are the same, whether it is a question of films, music or software. However, films have a chronology that leads them from cinema to free television via video and pay-per-view. Figure 10: Media chronology in France Source: IDATE In the USA media chronology is established on a case by case basis depending on agreements between distributors and rights holders. The order of broadcasting nevertheless remains the same as in Europe, namely cinema, video rental or sale, VOD (generally 45 days after cinema release), payper-views, paying television, free-to-air channels and "syndication.” The media chronology resulting from the European Directive Television without Frontiers, is problematic with regard to situating virtualised films. The latter can be compared to Video On Demand (VOD). The arrival in the market of broadband access providers broadcasting television channels via ADSL and wishing to market VOD services makes the debate even more complex. Audiovisual professionals wish to apply the model of pay television to VOD providers. As a result, a French film that has recorded less than a million box-office entries can be available via VOD 9 months after its release in cinemas. This period of time can be extended to 12 months if the film has exceeded a million entries at the box office. For their part, access providers would like VOD to be considered like rental. In these conditions, films could be available for VOD 6 months after their release in cinemas. 120 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Thirdly, the approval of producers and rights holders must be given. This condition is particularly difficult to fulfil to the extent that the major studios have never denied that they may join the battle to virtually distribute their contents. They are thus slowing the sale of rights or selling them at high prices. MovieLink Founded by Warner, Universal, MGM, Sony, and Paramount, MovieLink acts as a deterrent. It has also outstripped its competitor Intertainer, despite the fact that the latter was the first to move into VOD via PC. MovieLink limits itself to the VOD via PC market so as not to interfere with the VOD and NVOD market dominated by the powerful U.S. cable operators and satellite TV operators. Movielink corresponds to the studios’ desire not to miss out on virtual video distribution, as was the case with the video cassette market captured by Blockbuster, the leading player in video rental in the USA. To-date MovieLink may have over 200,000 regular customers that access downloaded films that can be viewed once per purchase over a period limited to 30 days. MovieLink has 400 films in its catalogue. MovieLink cannot be a direct competitor of Glow since it is only present in the USA. However, it could move into the European and French markets. Table 12: Examples of video on demand services based on film scheduling Offering Movielink Type of consumption Downloading for a duration of 30 days (rental for a duration of 24 hours) Business model Payment per film: price ranges from USD 1.99 to USD 4.99 according to the studio, the recentness of films and their success at the box office. Initial subscription of USD 7.99 /month (video entertainment programmes) Recent films at USD 3.99 per films and archived films for USD 2.99 per film. Source: IDATE Contents Content provided by the 5 studios present in the project on a nonexclusive basis. Each studio determines the availability date of its films. 170 films. Intertainer (business activities suspended in the USA) Streaming Service for films rental with unlimited viewing during 24 hours Catalogue of 70,000 hours of programmes. 70 content providers (Universal Pictures, Warner Bros, New line Cinema, Dreamworks, Warner Music group, ESPN, The Discovery Channel and A&E). CinemaNow CinemaNow was founded by players in the video sector in the USA including Trimark, Lions Gate and Blockbuster. Microsoft is also a shareholder. Initially specialising in distribution via streaming, it now also offers definitive downloading. CinemaNow has a catalogue of 1,700 films, mostly little known, but accessible to the entire world. Its results are modest compared to those of its U.S. rival, which is much better supplied with films. Movieflix The Movieflix catalogue is composed of independent films. The DRM systems used are those of Microsoft and RealNetworks. Movieflix does not authorise the copying of the films that it distributes RealNetworks. 2005 Edition © IDATE 121 Analysis and outlook for content distribution DRM and virtual content distribution 3.2. DRM and content distribution, a key coupling There is no unanimous consensus regarding the link between DRM and content. While some, like content vendors, see it as a good way to avert a crisis, or the natural way of developing new business opportunities, others denounce the abuse of control, the end of private copying and the risks of violation of privacy. Furthermore, it would seem that the formation of this pairing is not unnatural in business terms. It would seem clear that content distribution must be accompanied by DRM and TPMs to ensure supervised content use effective payment to rights holders. Today, as a solvent demand begins to emerge, this seems to be the condition sine qua non for the fair development of the virtual content distribution market. 3.2.1. Players’ strategy: service, DRM and codecs DRM at the heart of virtual distribution strategies In terms of DRM, observers agree that the battle mainly opposes two players, Microsoft and Apple. However, the latter are adopting a strategy that is completely different, although both are also virtual music distributors. In addition to its well-known traditional activities (multi-platform operating systems, office software, video game vending, home games console manufacturing etc.), Microsoft is a DRM system provider. To implement MSN Music Club, its virtual music distribution service on the internet, it turned to OD2. The Redmond-based company intends to promote these two activities to players in the music business, mainly vendors, as well as to consumers. Apple is primarily a music downloading service, iTunes Music Store, linked to an iPod device. Steve Jobs’ company mainly publicises its service and its portable devices that have sold over 10 million units worldwide to-date. Its internal DRM does not aim to be systematically open to other distributors without their prior agreement. "Fairplay" is only a proprietary tool for iTunes and iPod. In this respect, Apple is not working towards the universal interoperability that many observers and distributors are calling for so that the market can grow faster. In July 2004, while Sony launched its Connect service, Apple signed an agreement with the mobile telephone manufacturer Motorola. Its next devices will be able to read files downloaded on iTunes Music Store. RealNetworks, competes with Microsoft in DRM provision. Although very dynamic in this field with its Helix platform and also dynamic in content distribution, RealNetworks now seems to be falling behind the software giant. In fact, its DRM solution compatible with mobile telephones, electronic agenda, hybrid devices and personal computers, does not seem to be convincing content distributors as effectively as Microsoft. One of the only levers that it has for attacking or trying to join the two market leaders is its content offering. With its Rhapsody offering launched in 2005, RealNetworks offers a free downloading service of 25 tracks per month, different each month, to choose from in a catalogue of a million references and exchangeable between internet users. Through this legal offering of a new type, RealNetworks hopes to attract downloaders and convert part of them to purchasing tracks. The company also hopes top attract consumers that have to-date opted to use Apple’s offering. Sony is probably going to get involved in music distribution once its Connect service combined with devices equipped with a hard disk will have become popular among music lovers. It links its distribution service with its DRM OpenMG system. With a view to commercialising portable devices that can play music and films, Sony is developing a complementary technology: OpenMG X. Moreover, the Japanese company plans to use ADEAS (Advanced Data Extinguish Amenity System) technology for its PC-based film distribution service. Sony is opting for a proprietary DRM attached to its in-house codec ATRAC3. In September 2004, the Japanese company announced that its walkmen would be compatible with the MP3 format. The first MP3 compatible Sony walkman was marketed in October 2004 (the Network Walkman NW-HD1). However, the Japanese firm has no plans to make its devices with hard disks compatible with the Fraunhofer Institut’s codec for the moment. The same applies a fortiori to its Connect service. On the other hand, it is providing a software program, Sonic Stage, that makes it possible to convert MP3, WMA and WAV files to the MP3 format provided that they are not equipped with DRM systems. In 122 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution short, Sony plans to adopt Apple’s winning business model. In fact, the Japanese firm is not banking on interoperability either. As for OD2, it uses Microsoft’s DRM system, as does Yahoo!, a promising new market entrant whose software program Yahoo! Music Engine, associated with its service, is still in a beta test phase. DRM interoperability: industry incompatibility! "Interoperability is the capacity of two communication systems to communicate in an unambiguous way.4" Interoperability is not necessarily compatibility. Interoperability can consist of making systems compatible that are not designed to communicate with each other. Apple is therefore opting for a proprietary DRM system that it does not plan to open to other distributors without its approval, even if that could promote the interoperability of DRM systems and thus enlarge the digital music distribution market by making them compatible with it. Like a large number of virtual music distribution platforms, RealNetworks suffers from the lack of interoperability in the market. Like the services offered by FNAC and VirginMega in France, it would like tracks acquired via its service to be able to be played on iPods. To fight against the competition, RealNetworks has developed a technology called Harmony. Launched in summer 2004, this enables users to make tracks bought on Rhapsody compatible with iPod. Arguing the necessity of making DRM platforms interoperable, RealNetworks will take advantage of this to try to rally iPod owners to its service. Compatibility was ephemeral thanks to a modification in Fairplay. In April 2005 RealNetworks retorted by modifying Harmony again to make it compatible with iPod. Given its position as market leader, it would be astonishing if Apple were to change its position in the next few years. Furthermore, the French legal system ruled that Apple was right and overturned the charge that VirginMega had brought against Apple France for abuse of its dominant position. VirginMega, a virtual music distributor in France, uses Microsoft technology. However, WM DRM is not compatible with Apple’s iPod. VirginMega would have liked to protect its catalogue with Apple’s DRM so that its clients could have transferred their files to iPods. RealNetworks had already tried to obtain Apple’s agreement unsuccessfully some months previously in the USA. If Apple were to agree to communicate its DRM system to other online music distributors, it could see iPod sales increase further by allying subscribers to other downloading services. However, it could also see iTunes Music Store clients switch to the competition or may encounter greater difficulties in attracting new clients. However, it would seem more profitable to sell more iPods than to sell music online. Apple has nevertheless decided to keep Fairplay for itself. This decision can be considered to be based on a 3 point strategy: • Apple plans to position itself with a high end-of-the-range customer base that ensures the profitability of its business model. In this it risks cutting itself off from the mass market, a market that Microsoft is targeting, whose DRM solution dominates the other virtual music distribution offerings in volume. If Apple’s DRM were to be graciously transmitted to its competitors following Microsoft’s example, competition between the various virtual music distribution could be made even fiercer in terms of the price of devices and services. In the end Apple is using its DRM as a differentiating competitive advantage. Apple is actively publicising its competitive advantages. No mention is made of the two competing DRM without reference to the other elements of Apple and Microsoft’s strategy in the music sector. The former with a special shop and device, retains an advantage via an offering that can be described as "triple play": an online service, DRM and a device. • • Each is trying to impose its standard. In a duopolistic or oligopolistic environment, there is nothing to stop a universal standard from emerging without the intervention of a third party. Access to an existing or pre-fabricated monopoly is highly tempting to players present in a new sector such as DRM. It is generally industry consortiums that promote the emergence of standards or convergence towards compatibility. This is the mission of the CORAL consortium, formed in October 2004. Founded by Hewlett Packard, Intertrust Technologies, Koninklijke Philips Electronics, Matsushita Electric Industrial, NBC Universal., Samsung Electronics, Sony Corporation and Twentieth Century Fox Film, the Christophe ESPERN, founding member of the EUCD group.info, January 19th 2004, "Interoperability: does this really exist in DRM". 4 2005 Edition © IDATE 123 Analysis and outlook for content distribution DRM and virtual content distribution consortium seemed to be succeeding in gathering support for its idea. Apple, Microsoft and RealNetworks have refused to take part in the consortium to-date. The following companies are currently members of CORAL: • • • • • • • • • • Ardtully Technologies Cloakware Corporation Comcast New Media Development, Inc. DMDsecure EMI Music Enikos Pty. Ltd. IFPI Kenwood Corporation NDS Americas, Inc. Pioneer Corporation • • • • • • • • • • Seagate Technology, LLC. Sony BMG Starz Entertainment Group LLC STMicroelectronics, N.V. Sun Microsystems Time Warner Cable Universal Music Group ViDeOnline, Inc. Warner Bros. Technical Operations Inc. Warner Music Group In the audiovisual sector it is the DIF (Digital Interoperability Forum) that is working towards interoperability. The DIF gathers together European pioneers in terms of digital television and interactive television via satellite, cable or the terrestrial network. Its members include: • • • • • • • • • • Advanced Digital Broadcast BskyB Canal+ Flextech Liberate Microsoft Nagravision NDS NTL Numericâble • • • • • • • • • OpenTV PaceMicro Technology Premiere Sky Italia Telewest TPS TF1 UPC/Chellomedia Zetacast. The public authorities may also intervene if there is no agreement between the parties. However, such intervention is usually within a legal framework, rather than a direct initiative Karlheinz Brandenburg, Director of Electronic Media Technologies at the Fraunhofer Institut, the laboratory that invented MP3, is calling for interoperability. This would make it possible to increase the volume of virtual sales of tracks and portable playing devices. Healthy competition could result, influencing the quality of offerings. Without interoperability, music lovers may continue to prefer peerto-peer platforms whose contents are compatible since they are not subject to DRM. Interoperability could stem from rights description languages. If everyone describes rights with the same language, rights management tools should be able to communicate with each other more easily, given their shared basis. The XrML language seemed to have won general consensus until its inventor, ContentGuard, was bought by Microsoft, Time Warner and Thomson. The fact of seeing the software giant, itself accompanied by a content provider and a component manufacturer, did not enchant opponents to the monopolistic strategy adopted by the creator of Windows. Eyes have consequently turned to the competitor to XrML, ODL (Open Digital Rights Language), which is notably supported by the OMA (Open Mobile Alliance) and Nokia. 124 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Are codecs and DRM indissociables? In terms of DRM, most of the offerings have opted for the Microsoft solution. Unlike its competitors, version 10 of WM DRM makes it possible to manage (limit) the transfer of audio files to potable players and to conduct rights management with these devices. Only 5 service providers out of the 22 analysed did not offer compatibility with the WMA codec. These players are Apple, Sony, RealNetworks, eMusic and Uploud. The first three are Microsoft competitors in the provision of audio codecs and/or DRM solutions. Table 13: Major audio codecs Vendors Fraunhofer IIS, Advanced Audio Dolby Laboratories, Coding Sony Corporation, AT&T ATRAC3 MP3 Ogg Vorbis RealAudio WMA Sony Fraunhofer IIS, Thomson iCast RealNetworks Microsoft Internet address http://www.iis.fhg.de http://www.dolby.com http://www.sony.com http://www.att.com http://www.sony.com http://www.iis.fhg.de http://www.thomson.com http://www.vorbis.com http://www.realnetworks.com http://www.microsoft.com Source: IDATE The audio codec that dominates the internet and peer-to-peer networks nevertheless remains MP3. However, it is far from achieving the unanimous support of record companies and online distributors. This is because it does not incorporate DRM. Internet users, on the other hand, are delighted with MP3. It can be handled as desired, transferred without conditions and copied limitlessly. At the beginning of 2004 Thompson announced its intention to change directions and incorporate rights management tools into MP3. It consequently plans to compete with Microsoft, Apple and RealNetworks. This could be a very profitable deal for the MP3 licence owners, Thomson and the Fraunhofer Institute, but shouldn’t the two partners have done this earlier ? DivX is the most widely used video encryption on the internet. The format was developed in the framework of the Mayo project by a French student, Jerôme ROTA. It was largely made available to internet users. A good level of compression combined with a guaranteed quality of image made DivX a worldwide success. Beyond peer-to-peer usage, the video games development studios are among the first to use DivX for the films scenes that they incorporate into games. The DivX compression format is the equivalent of MP3 for video. This codec (compression/decompression algorithm) makes it possible to capture a film lasting around 2 hours on a CD-ROM (with 650 – 700 MB of space) at a quality close to that of DVD. In DVD quality the size of a film is around 2.5 GB. However, while several pieces of consumer electronics equipment have been able to read MP3 files, which owes their success to the PC, for a few years, DivX was only legible on computer until November 2002. The company DivX Networks was awarded the legal right to operate DivX, which gives the video format and its initiator a legitimacy that it was right to expect given its distribution, but which had previously been refused due to its use on the internet in peer-to-peer exchange systems. Home DVD players that accept the DivX format are now common. 2005 Edition © IDATE 125 Analysis and outlook for content distribution DRM and virtual content distribution Various rights DRM solutions manage content using 6 categories of rights: • • • • • Streaming management Downloading management Recording on optical media Transfer to portable devices Duplication of a service on another device. Management is based on the time or volume, or it can be conditioned by an event such as subscription cancellation. Table 14: Main services and their content management Codec Streaming Management of streaming time generally limited to 30 seconds free of charge according to the type of licence Management of streaming time limited to 30 seconds free of charge Management of limited or unlimited streaming time Downloading Recording on CD Management of limited number of recordings on a CD (usually 3-5 copies) or unlimited depending on the licence. Transfer to portable player Management of unlimited or unlimited number of transfers to compatible portable players (usually 3-5 times). Unlimited number of transfers to iPod Management of unlimited number of transfers to compatible portable players Management of limited number of transfers to compatible portable players Copying onto PC Offerings using Microsoft’s DRM Windows Media Audio (Microsoft) Definitive, temporary or limited downloading depending on the licence and subscription Management of number of copies on other computers Apple offering Advanced Audio Coding (MPEG/Dolby/ Fraunhofer/AT&T/ Sony/Nokia) Definitive downloading Unlimited number of recordings Management of sharing with 3 other computers Real Audio RealNetwor (RealNetworks) and ks offerings Windows Media Audi (Microsoft) Definitive downloading Unlimited number of copies Management of sharing with three other computers Sony offering Adaptive TRansform Acoustic Coding 3 (Sony) MP3 (MPEG/Fraunhofer Institut/Thomson) Management of streaming time limited to 30 seconds Definitive downloading Unlimited transfer to Sony products Management of number of copies on other computers Source: IDATE The Microsoft system is the most widespread. It offers the possibility of managing the following rights: Table 15: Microsoft system: rights related to file reading Rights Authorisation of playing Counting of plays Description Management of permission to play on a PC or a compatible mobile device Management of number of plays Source: IDATE 126 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Table 16: Microsoft system: expiry of licence to operating rights Rights Date of beginning of validity Control over computer clock Time of use Expiry date Expiry date on a specific device Period of grace Description Fixation of initial validity date linked to the licence. The licence is thus invalid before this date. DRM takes into account users’ ability to regulate the clock of their computers to extend their rights period. If this is the case, WM DRM can delete or deactivate rights according to the licence. Management of the time (in hours) of the validity of a licence acquired for a specific device. Establishment of the expiry date. Beyond this period the licence is no longer valid. Management of time (in hours) of the validity of a licence acquired for a specific device. Management of the number of hours of validity accorded to a device with a deficient clock. Source: IDATE Table 17: Microsoft system: rights security Rights Minimum protection level for a player Description Establishment of a minimum level of protection required by a reading device. Establishment of a minimum level of protection of a compressed digital video or audio flow that a protection measure can handle to enable playing. This may require a blocking mechanism at the digital output. Responsibility for the verification of the certificates delivered. Establishment of a minimum protection level of a decompressed video and audio flow that a protection mechanism can handle to enable playing. Establishment of a level of protection of an analogue video flow that a device can handle to enable playing. Source: IDATE Minimum protection level for a compressed video or audio flow Minimum protection level for a decompressed video flow Minimum protection level for an analogue video flow Microsoft has developed 5 levels of protection for audio content: • • • • • 100: audio content is not protected 200: audio content is protected with the help of Secure Audio Path technology, but the digital output is not controlled 300: content "encryption" is carried out at a low level. Audio content is protected and digital outputs are completely prohibited. 400: content "encryption" is carried out at a medium level. Audio content is protected and digital outputs are completely prohibited. 500: content "encryption" is carried out at a high level. Audio content is protected and digital outputs are completely prohibited. 2005 Edition © IDATE 127 Analysis and outlook for content distribution DRM and virtual content distribution Online distributors and record companies disagree on the levels of protection offered by WM DRM. The former would prefer to establish a fairly low level of protection, aware that protection on levels 300, 400 and 500 limits the user’s freedom of action. Protection at level 100 or 200, for example, enables a file holder to convert an audio format into the format desired, a format compatible with a portable player, for example. At one point record companies demanded that the security level be contractually fixed with the retailer/distributor. At the end of 2004 the FNAC protested against this process, as well as the level of protection desired by the majors, which was deemed incompatible with consumers’ usages, notably with that of transferring files to portable playing devices. The distributor of the PPR group considered that this reduced the attractiveness of a service. Functioning of the iTunes Music Store protection system Apple’s DRM uses two identifiers that link a piece of music to a user and a device. The Apple ID is a number that identifies a client of Apple’s online services (iTunes Music Store, Apple Store, technical support, Mac services etc.). It is given to a user in return for the following information: surname, first name, address, telephone number, email address, day and month of birth and credit card number. The Apple ID is combined with a second identifier: the MAC address (Media Access Control), which is a number attached to a computer. This is the identifier of the internet connection of each Ethernet card. When a track is downloaded, a central database is informed of its purchaser and the device that will receive the track acquired. If a user copies a track onto another computer, playing will only be authorised if the user provides iTunes Music Store with the information that will enable it to identify this device. The information that it communicates from another computer to iTunes Music Store will be compared to the information saved in the database on purchase. If this information matches up, playing will be authorised. Apple’s database thus has a set of commercial information on each use that enables it to better cater for the needs of its clients. Bodies responsible for questions of respecting individual’s privacy are concerned about the way in which platforms must handle personal data to apply DRM, as well as the exploitation of this information in the field of profiling. The CNIL (Commission Nationale de l'Informatique et des Libertés) and its European counterparts have formed a working group at the initiative of the European Commission (www.europa.eu.int/comm/privacy) to evoke the legitimacy of such usages. In the case of personal data management, anonymity is generally the rule. 3.2.2. The case of the mobile telephone Members of the content distribution via mobile telephones sector have learnt from the unhappy experiences of players in the music sector. To counteract the risks of piracy, counterfeiting and digital breaches, mobile telecommunications players have formed the OMA (Open Mobile Alliance). The objective of the consortium is to promote the development of an interoperable DRM solution. It now provides specifications on the management of rights on mobile telephones, OMA DRM 1.0 and 2.0, based on MPEG technology. Sponsors of the OMA include some of the most important mobile telecommunications operators and equipment manufacturers in the European, U.S. and Asian markets (Alcatel, Cingular Wireless, Ericsson, IBM, Infineon Technologies, Intel Corporation, Lucent Technologies, Microsoft, Motorola, NEC, Nokia, NTT DoCoMo, Openwave, Orange, Panasonic Mobile Communications, Philips, Qualcomm, Research In Motion, Samsung Electronics, Siemens, SK Telecom, STMicroelectronics, TMobile, Texas Instruments and Vodafone). In October 2003, BMG and Warner Music were the first record companies to experiment with the DRM developed by the Oslo based company, BeepScience. The first telephone manufacturers to integrate the OMA DRM in their telephones were: Nokia, Motorola, Sony Ericsson Mobile Communications and Siemens. To promote adoption of the nascent standard, Intel, mmO2, Panasonic, RealNetworks, Samsung and Warner Bros Studios created the Content Management Licence Administrator (CMLA). It is responsible for preparing interoperability agreements that content providers and operators will have to sign to obtain the encryption keys that make systems compatible. 128 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution The introduction of DRMs in mobile telephones is all the more important given that these devices are increasingly converging with the PC, an open platform that is risky for rights holders. Furthermore, mobile telephones can now receive a peer-to-peer core (similar to that that offered by the French company Ipracom), which, if not framed by a rights management system, could authorise content exchange with the approval of rights holders. In the end, the telecoms sector may succeed in establishing interoperability for content distribution, an interoperability that the music and film sectors do not seem to be able to achieve. However, there is still some way to go for telecoms and licence manager holders to go. In April 2005 the GSM Association called upon the MPEG LA consortium to modify the licensing conditions of its video compression technology. MPEG LA, whose members include Philips and Sony, are claiming USD 1 per device sold that uses its technology. Furthermore, MPEG LA demands complete compensation each time that content is sold using rights management technology, as OMA DRM uses MPEG patents. The GSM Association’s alternative is Microsoft or Apple. This would not be effective as far as achieving platform interoperability is concerned. Under pressure, MPEG LA agreed to drop the price of its royalties (from USD 1.00 to USD 0.65) and renounced payment for each piece of content sold protected by a DRM system and using its patents. However, each operator that uses its technology has to pay USD 0.25 per subscriber per year. At the beginning of June 2005, the GSM Association and MPEG LA had not yet reached an agreement. 3G services are entering a phase of active commercialisation. Audiovisual offerings are steadily emerging. Polyphonic ring tones are proving very popular with adolescents. Mobile telephones are now equipped with hard discs etc. The telecommunications sector has undoubtedly reached a turning point at which it seems to be moving in the direction of consumer electronics. Content distributors like Musiwave are aware of the stakes for all players in the value chain. Content providers have confidence in the OMA. A distributor that adopts this standard is giving itself a greater chance of forming partnerships with content providers and aggregators. The outlook for content distribution via portable telephone is very promising, all the more so if the OMA’s DRM is widely adopted. Equipped with a hard disc, mobile telephones would constitute a major threat to the iPod and, under certain conditions, to portable video players. 3.2.3. Audiovisual programme protection and rights management In pay television the channel is physically protected: it is the set-top box that ensures protection of access. The fight against piracy in this case is fought via increasingly sophisticated access control systems. It is no longer a question of making content inaccessible, except for subscribers or purchasers, but of controlling, limiting, prohibiting or demanding payment for copies. We are consequently moving from systems related to access control to DRM type systems, capable of controlling the use of copies. Access control and domestic networks Protection solutions for audiovisual content and the management of associated rights seem to be particularly effective, like SmartRight or the system offered by Viaccess. Viaccess, a subsidiary of France Telecom, offers a solution that is likely to protect content on various networks, including domestic networks, via its Purple DRM solution, whose architecture is shown in the diagram below. 2005 Edition © IDATE 129 Analysis and outlook for content distribution DRM and virtual content distribution Figure 11: Purple DRM architecture Source: VIACCESS It also offers access control solutions for pay TV. Figure 12: Access control architecture Source: VIACCESS Domestic networks, to-date empirical and arising from opportunities to connect devices, are beginning to take shape in the minds of consumer electronics manufacturers and those that are working towards content protection. A stereo can be used as an audio output for a television, to which a video games console can be connected. A PC can be connected to a television via a TV output designed for this purpose or via a gateway device. Decoders can manage the sending of video flows to several devices located in different rooms. Other devices, like Personal Video Recorders and IP set-top boxes, open up just as interesting and varied perspectives in the emerging phase of home networks. Connector technology enables a growing number of options that are practical and effective to varying degrees. The advent of television via ADSL offerings and VOD services in the near future are brightening the outlook for domestic networks and increasing the risk of piracy. In this respect, Widevine Technologies is one of the most important providers of security solutions for video content for the IP market. 130 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Lastly, domestic networks may be characterised by reception, storage, management and content management devices of all kinds: video, music, games and text. This device will also be responsible for content management and notably operating licences for content and its distribution on several playing devices in the home. The central device will be responsible for managing domains related to the individuals in the household. Each domain will be given rights to access other domains, and thus all or part of the content that is located there. Content distribution will be carried out using wireless or fixed technologies. In such an environment, content management will be complex, both in terms of protecting incoming content and rights management between family members. Sony envisages the formation of a domestic network via the Cocoon project and "Grid Computing" between the various devices in the home. Experiments show that we are moving steadily towards integrated domestic networks. In these conditions, it may prove useful, and even indispensable, to anticipate content protection and rights management problems. Protection can be undertaken by closing the domestic network in a specific environment, as proposed by SmartRight’s solution. Protection can also be introduced at source and destination, as proposed by the Broadcast Flag. In mid-May 2005 Philips and Microsoft announced a partnership that could be crucial for the development of the audiovisual content protection business of the Redmond based firm. WM DRM 10 will be integrated in Philips’ "Nexperia" audio/video decompression components. These components are present in several pieces of consumer electronics equipment: home turntables, audio/video walkmen, set-top boxes, mobile telephones, car radios and digital TV sets. This is a masterful stroke by Microsoft that has enabled it to compete with RealNetworks and DivX Networks, as well as providers specialising in audiovisual content protection for television. The broadcast flag In 2004 HP and Philips announced their alliance in the production of DRM solutions for television and DVD burners. They wish to develop a technology making it possible to limit programme recording to a single copy of digitally televised programmes. Similarly, this solution should manage the copying of burnt DVDs. This initiative falls into line with the "broadcast flag" initiative promoted by the highly influential Federal Communications Commission (FCC), which corresponds to the Regulatory Authority for Electronic Communications and Post in France (ARCEP). The "broadcast flag" is a piece of information transported with the digital signal of free channels that indicates copying authorisations. As of July 2005 it will be illegal to produce or import equipment that does not conform to this rule in the USA. In fact, a marked programme will only be able to be played on a device equipped with a tag reader. The challenge facing the "broadcast flag" is to control copies of digital works broadcast on free channels, which are a priori not encrypted. Some U.S. channels have threatened to withdraw their contents from free channels to keep them for paying and scrambled channels only, if there is no protection system in place, notably evoking the risk of resource losses related to secondary broadcasts internationally, via the internet, via DVDs etc. In November 2003 the FCC therefore decided to make the ATSC or broadcast flag compulsory for all equipment capable of receiving digital terrestrial television. However, the FCC postponed its decision on establishing a permanent mechanism for validating protection mechanisms, which raises several questions including: how can protection systems be validated? What will happen if one of these protection systems is broken: will devices using this system be deactivated? This implies the encryption of all programmes and therefore a decoding mechanism in consumer digital TV sets. The right to domestic copying must be protected, but how can this right be made operational? Furthermore, to be activated, the implementation of the "broadcast flag" calls for a complete renewal of all reception devices. Television viewers may not wish to re-equip themselves with devices that are restrictive and certainly more expensive than their predecessors. It goes without saying that although broadcasters are apparently in favour of this measure, equipment manufacturers and consumer groups are apprehensive. Various consumer rights associations are taking action against the broadcast flag, starting with the "Committee for Economic Development" (CED) and the "Electronic Frontier Foundation" (EFF). 2005 Edition © IDATE 131 Analysis and outlook for content distribution DRM and virtual content distribution The risk is that free television financed by advertising may shift from a free model to a conditional free model. The digitisation of TV reception equipment may theoretically make it possible to control the content broadcast. This control was impossible in an analogue environment. This technical restriction in the end constituted an acquis for television viewers, who remained free to record any free television programmes they wanted to. This acquis is called into question by broadcasters who see the broadcast flag as a potential way of increasing their revenues, or at least of reducing the broadcasting of free programmes. It is true that peer-to-peer exchange networks are seeing a growing number of television programmes, series, emissions and sporting events. Widespread distribution on peer-topeer networks could have a negative impact in the future of these programmes in video form (on DVD). In the end, the broadcast flag anticipates the lack of legislation on the status of programmes recorded from free television and made available on P2P exchange networks. In other words, would the law persecute an individual that had downloaded a programme that is broadcast on free television? For their part, device manufacturers see the broadcast flag as an obvious barrier to the distribution of their products, while the technical restrictions imposed by incorporating these specifications into their equipment could be expensive without generating any additional resources. Conditional free television could consist, for example, of authorising the recording of a programme, authorising a single copy on DVD or another optical medium and/or authorising on playing only. A second copy, or a second viewing, could simply be prohibited or conditional to payment to rights holders, or the viewing of additional advertising. At the end of January 2005 HP and Philips presented their technology solution, the VCPS (Video Copy Protection System), which falls into the "broadcast flag" category, at the Consumer Electronic Show. The system prohibits any playing or recording of a programme if the user does not have the necessary authorisation accorded by rights holders and the appropriate hardware. The broadcast flag raises the problem of interoperability. The FCC does not seem to want to encourage broadcast flag technology providers to produce interoperable solutions. In fact, a household, which is hypothetically doubly equipped, will have to own devices of the same brand. As a result, the device on which a programme is played will have to recognise, read and apply the rights of the device that recorded the said programme. In May 2005 a Washington Federal Court judged that the FCC had overstepped its prerogatives by wanting to make the broadcast flag compulsory. This suspending decision has delayed the compulsory introduction of the broadcast flag in equipment. Its reintroduction could be suspended pending a future ruling by the U.S. Supreme Court, unless the question is settled in the form of a law. The protection technologies listed below had been registered with and approved by the FCC in August 2004 Table 18: Content protection technologies registered with the FCC Company Microsoft Sony Thomson, Axalto, Micronas, Nagravision, Pioneer, SCM Microsystems, ST Microelectronics Philips and Hewlett-Packard Intel IBM, Intel, Matsushita and Toshiba TiVo Hitachi, Intel, Matsushita, Sony and Toshiba Real Networks JVC Technology name Windows Media Digital Rights Management Technology MagicGate (4 versions) SmartRight ViDi Recordable DVD protection System High Bandwidth Digital Content Protection (HDCP) Content Protection Recordable Media for Video Content (CPRM-Video) TiVo digital output protection technology Digital Transmission Content Protection Specification Helix DRM Trusted Recorder and Helix Device DRM D-VHS format Source: FCC filings/Electronic Business 132 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution 3.3. Outlook and stakes The music sector is often cited as an example to illustrate arguments and describe the outlook or stakes related to virtual distribution. This is the most advanced sector in the field of virtual distribution. It will continue to play the painful role of paving the way for usages when new generations of devices arrive on the market. Although virtual film distribution should prove popular with the public, internet offerings are still rare. They will increase when content security can be ensured. In the months to come Sony has made it clear that it could even transfer the Apple model to films. 3.3.1. Stakes for users Accepting DRM Virtual music and video fans are not used to downloading content equipped with DRM systems. They prefer to use downloading software on a peer-to-peer basis which gives them unrestricted access to content. The growth in the number of legal offerings suited to usages and the fear of the law are helping to slowly create solvent demand. The consumers at the base of this solvent demand know that legally, content protection is useful, necessary and equitable for all of the value chain. They will gradually accept DRM systems provided that their generalisation in virtual content is not a pretext for making them pay at every click of the mouse, at the slightest playing or handling of content. It would seem that internet users are disposed to pay for access to content if they retain control over their rights to copy, transfer or record it. DRM systems have to rise to the challenge of becoming part of content invisibly while remaining effective. Effectiveness consists of ensuring compliances with rights related to virtual content usage defined by producers. Effectiveness also involves catering to users’ needs as far as possible in terms of nomadic uses and content handling. The restrictions of rights management are obviously likely to contradict these usages. DRM systems are looking for an optimal solution, but their margin for manoeuvre is small. Uncertainty is increasing the time it will take for DRM to be definitively adopted by consumers. This adoption depends heavily on the alternatives on offer to downloaders and notably on free alternatives. While iTunes demonstrates that there is a market for virtual content distribution, nothing shows that every one of us will use it in 5, 10 or 20 years. Furthermore, it is impossible to say the peer-to-peer exchange systems will disappear, nor can we say that the MP3 file, that includes no DRM to-date, will finally be abandoned in favour of the Microsoft format. The end of private copying Industry players, and especially content vendors, would like private copying to be abolished or at least contextualised, but controlled in all events, regardless of the method used : TPMs, DRM or the law. It is difficult to imagine such a change, now that technological advances have made it possible to copy virtual content identically and for a fraction of the price. However, by introducing anti-copying measures and transposing WIPO treaties, the right to make private copies is denied. If protection systems were to become inviolable, there can be no doubt that some would try to end all private copying of digital content. Interoperability Interoperability is obviously interesting for consumers. • Technically it makes it possible to play content acquired on different platforms on any device. If interoperability is fairly compulsory in consumer electronics, the same cannot be said of several other segments of the content market. The video game is a striking and eloquent example of this. If a user has a PS2 console (Sony), s/he has to buy PS2 games. Games for the Xbox console (Microsoft) are not compatible with the PS2 console. In the end, gamers have come to terms with this variety of players with incompatible proprietary technologies. Why should that not happen in the internet based music and video sectors? With its Memory Sticks, a proprietary storage medium, Sony is trying to impose a format in the hope that it will become a standard. 2005 Edition © IDATE 133 Analysis and outlook for content distribution DRM and virtual content distribution • In financial terms, interoperability puts all offers on the same level. Competition between the offerings can apply to the catalogue, quality of service and prices. This healthy competition could contribute to the drop in the price of services and an improvement in quality of services. Interoperability is just as interesting for service providers and notably "follower" distributors. Interoperability is a means for them to position themselves to win market share. This is all the more so if the distributor cannot associate its service with content platforms like iPod. Lastly, in the heat of the conquest of the emerging virtual content distribution market, only aspiring leaders and the leader itself could only see interoperability as a risk that may expose it to enemy attacks. In a nascent market players’ positions are not yet established, and will remain fragile for a little while. A modest player one day, may become a major player the next. Industry players in the music sector cannot agree on a standard. The public authorities should be able to play a mediating role. A regulatory body for new usages Given the revolution in uses and technologies, it would be helpful if a regulatory body could emerge in the fixed and mobile internet sector like the CSA (Conseil Supérieur de l'Audiovisuel) in the audiovisual industry and the Arcep (Autorité de Régulation des Communications Electroniques et des Postes) in telecoms in France. This regulatory authority would be responsible for ensuring compliance with the regulation of a medium that is global, free and uncontrollable. This ambitious role would have to be homogenous to be effective. The WIPO has examined the protection of artistic works and their authors, but this international organisation has not gone any further than this, as it lacked the time and foresight to do so. In all events, a legal loophole exists as far as the status of downloading and uploading is concerned, as well as the status of peer-to-peer software etc. 3.3.2. The stakes for content providers Solvency of demand The main issue for content providers, and especially music providers, is the solvency of demand. This obviously depends on the success of legal fixed and mobile online content distribution offerings, which looks likely. Not abandoning content distribution After mostly failing in direct content distribution, content vendors/producers are turning to distributors that have proved their expertise in this field. However, in the music sector, agreements have been signed between record companies and providers of P2P based distribution solutions. We can consequently say that content providers have not completely abandoned the idea of establishing a direct link with end consumers as a result. At least record companies are planning to use P2P solutions to supply distributors that have purchased their catalogue. Consolidating a favourable business model An equally important issue for content providers is retaining their acquis in the business model of online content distribution. Record companies have largely negotiated the sharing of revenues from online sales to their advantage. On iTunes Music Store almost 70% of the VAT inclusive price of an audio file is paid to record companies. This leaves little margin to retailers. The concentration of the offering may push record companies to accept to reduce their share of revenues in response to threats by retailers that will not longer resell works on their networks. The concentration in the virtual music distribution market could also lead to the implementation of an exclusivity policy. 134 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Rethinking or transposing a commercial policy to fixed or mobile internet A distribution policy may emerge that is based on the negotiation of exclusive broadcasting of an artistic work on one network rather than another. This exists on pay TV channels, as well as in video gales that are only available on a single games console. Similarly, content providers could package their offering, constitute bouquets, applying a strategy that MTV pursues in the field of television. Rethinking or retaining media chronology DRM system could come to the rescue of media chronology. The latter guarantees continuation in film revenues, from video to pay-per-view, pay TV and free-to-air television etc. The internet and P2P exchange networks have upset this chronology. A film is sometimes available on exchange networks 4 to 5 months ahead of its release in a quality that is close to that of DVD. The worldwide upset in media chronology could have a significant impact on the revenues from some stages in the commercial life of a film. In a film’s lifecycle, video release is certainly the stage that will have to confront the phenomenon of outlawed P2P Films on cinema screens is a growth sector. Exchange networks seem to have had no impact on box office figures. Furthermore, cinema is a show resulting from a different approach to video. Viewing a film in the cinema, as well as the choice of going to the cinema, makes this more like going to a live show than video. The box office is a reference for video. If a film was a hit at the box office that would seem to bode well for video. Similarly, if a film does well at the box-office here is a good chance that it will be targeted by Bit Torrent downloader fans. Beyond media chronology, the studios are also going to have to rethink the commercial release of their films. A growing number of films are released in cinemas around the world almost simultaneously. This prevents a film that has been released in one country from being distributed on outlawed P2P networks in another country where the release is not scheduled at the same time. George Lucas ‘ Star Wars I film ‘The Phantom Menace’ was one of the first films to be premiered simultaneously worldwide to limit piracy and ensure that P2P networks did not affect box office entries. 3.3.3. Stakes for technology providers Proving the effectiveness of existing offerings Technical solution providers are trying to impose their technology. The issue consequently rests on the effectiveness of technologies. In the field of TPMs, Macrovision is trying to impose a solution that would enable it to receive royalties for each DVD sale, as well as each sale of a licence to device manufacturers. The latter are also sometimes at the root of protection solutions, which does not promote their acceptance by third parties. Developing a distribution activity Solution providers often adopt an all-in-one strategy that consists of encrypting, encapsulating and distributing on a B2B or B2C basis. This positioning is risky since a solution provider then positions itself as a competitor to its clients or a distributor of its clients’ products. Furthermore, vendors may want to keep the digitisation of their content, its encryption and possibly its protection under their control, although the latter aspect may be sub-contracted to a specialist. Adapting DRM systems to new, nomadic usages DRM and TPM systems must continually adapt to new usages. The nomadic nature of content and the mobile nature of devices are causing digital breaches that make copying possible. In this respect, rights intrication in content and their inviolability in spite of authorised handling is a major challenge. 2005 Edition © IDATE 135 Analysis and outlook for content distribution DRM and virtual content distribution 3.3.4. Stakes for online retailers/distributors Making existing offerings profitable The major focus of retailers is reaching the break even point. Market conditions seem difficult and more in favour of the record companies. The business models in place leave very little commercial margin for retailers. Out of the EUR 0.99 that every client of Apple’s iTunes Music Store is billed, almost EUR 0.70 is paid to the record companies. The service provider only receives EUR 0.01 in profit margins in the end, after paying EUR 0.005 per track in provision costs. Of course, not all retailers can be thrown into the same pot. Everything depends on the terms of negotiation between the record company and the retailer. These terms are financial and technical. On a financial level, they apply to revenue sharing. On a technical level they apply to the rights related to files: the number of copies, the number of transfers to a portable device, access to content purchased on another device and the number of recordings made. Optical medium versus virtualisation Another major challenge facing retailers/distributors consist of seeing the virtual format dominate the optical medium. The virtual content distribution market is enjoying significant growth with the multiplication of legal offerings and the persistence of P2P exchange networks. Their success is success that consumer electronics manufacturers envisage dual business models combining a downloading offering and a device (the iPod and Apple’s iTunes Music Store, Sony’s Connect and its portable players, Archos’ mobile PVR and the satellite TV service Echostar etc.). Dual offerings are certainly inspired by the strategy of telecommunications operators that broadcast services to their subscribers with partnering mobile telephone manufacturers. DRM interoperability If DRM interoperability should become a reality, it should enable retailers to see a discriminatory factor disappear and enable them to enlarge their potential customer base etc. Furthermore, competition between the offerings should have an impact on quality of service, catalogues, publishing policy etc. 3.3.5. What are the stakes for consumer electronics? Implications related to the incorporation of TPMs in equipment • A threat to innovative equipment producers, as shown by the company Replay Networks, which has developed PVRs capable of redistributing recorded programmes, and whose bankruptcy was at least facilitated by charges of copyright violation filed by several studios. A threat to consumer electronics equipment: in an age in which all products more or less have access to a network, video players, PVRs etc. could become illegal. Restrictions to content consumption by end users, if a music track of film legally purchased can only be played on a few pieces of equipment, or one piece only. The risk of the non interoperability of proprietary systems, which would probably halt the development of digital technologies. The risk of losing consumers in a maze of incompatible devices is a very real one. DRM deployment deemed restrictive by consumers, which could slow down the deployment of new devices or device renewal. In fact, why should consumers buy devices that limit content usage when they are likely to own a device that does not restrict such use. • • • • 136 2005 Edition © IDATE DRM and virtual content distribution Analysis and outlook for content distribution Industry organisations In the face of these debates and these developments, the number of alliances is growing with various consequences. Project Hudson is the name of consortium that was announced in January 2004 and whose members include Intel, Nokia, Samsung Toshiba and Matsushita. It aims to create a content protection system that mainly targets wireless transmission. Project Hudson would seem to be an opponent to the technologies of Microsoft, Sony/Philips, Apple and RealNetworks. Another consortium, called the Content Reference Forum, is supported by Microsoft, Nippon Telegraph and Telephone, Universal Music Group and VeriSign. In July 2004 the AACS (Advanced Access Content System), which had effectively been working for a year, that targets high definition products. This association includes Disney, Warner Bros, IBM, Intel, Panasonic, Sony, Toshiba and AOL Time Warner. It aims to define a more elaborate protection system than existing products, notably enabling content owners to choose their own protection rules. AACS uses several techniques including 128 bit encryption, a key system linked to a player and a DVD disc and authentication tools on the hard disk. The result should be available by the end of 2004 for high definition DVD players. AACS does not select the HD DVD standard and can therefore be adapted to both Blu-Ray and its competitor. An important group called the Personal Technology Freedom Coalition, which unites most of technology companies and public bodies, aims to challenge the most restrictive of the DMCA’s mechanisms. It unites many players including Intel, Sun, BellSouth, Gateway, Verizon, Philips, the Consumer Electronics Association, the Consumer Federation of America, the Consumers Union and the Electronic Frontier Foundation. The latter has launched the Digital Television Liberation Project, which aims to help users to develop personal PVRs, notably using their PCs. 2005 Edition © IDATE 137 DRM and virtual content distribution IDATE presentation 4. IDATE presentation Since 1977, IDATE has established itself over the years as one of the leading centres for exchange and analysis in Europe, specialising in the Telecommunications, Internet and Media sectors. • • • IDATE has raised the bar in leading a European forum which embraces debating ideas and exchanging experiences among the sector’s players. IDATE relies on specialised teams and continuous investment in our information and strategic monitoring system - DigiWorld - the observatory of the digital world. IDATE’s high-level consultants and analysts conduct a wide range of studies and consultancy missions on behalf of our clients. 4.1. Studies and consulting: present in all of the sectors’ strategic developments IDATE has established its credibility and independence in leading consultancy and study missions on behalf of its clients, for whom, its multi-disciplinary teams of economists and engineers are in a position to analyse the impact of market, regulatory and technological evolutions on their business and strategies. The intervention of IDATE’s consultants relies on their indepth knowledge of the markets and players, their extensive access to precise data as well as on their mastering of the specific methods of survey and analysis. 2005 Edition © IDATE 139 IDATE presentation DRM and virtual content distribution 4.2. Reports and publications A truly global Observatory on the Communications and Information Technology sectors IDATE relies on its specialised teams and continuous investment in its information and strategic monitoring system – Observatory of the digital world – in order to publish a thorough portfolio of sectorial and thematic reports which are regularly updated. 4.3. A Forum focusing on Europe’s Information and Communication Technologies IDATE has set in place a platform enabling an exchange between company heads, public policy makers and the academic world: • The "IDATE Foundation" was set-up with the impetus of driving open and independent reflection, associating the largest businesses involved in the sector. Today, it gathers more than 25 international groups (Telecommunications operators, TV channels, manufacturers, software services, banks and financial organisations, large corporations, …). Every month it brings together leading executives from its business members, in the form of the IDATE Club, along with organising top-flight seminars for its members and supporting the activities of the IDATE Forum such as IDATE’s International Conference or the publication of the DigiWorld Report. 140 2005 Edition © IDATE DRM and virtual content distribution IDATE presentation • IDATE’s International Conference has become established as an annual conference serving as a point of reference for those company heads, public policy makers and experts who come together to debate the issues at stake in the future of Information Technology. DigiWorld, the annual report published by IDATE, is presented in the form of an atlas on the strategies at play in the digital world. Supported by the research of IDATE’s analysts and consultants, DigiWorld aims to offer a database and analytical framework to all those who need to understand the developments in Information and Communication technology. IDATE also embraces the world of academic research. Notably through its economic Review COMMUNICATIONS & STRATEGIES, a quarterly research and analysis publication with the very best socio-economic analysis and covering the major issues facing businesses. • • 4.4. Main clients IDATE collaborates with Internet, telecommunication and media players in many countries worldwide, including : Peregrine Systems Equipment and Pirelli services Sagem* Anritsu Samsung Astrium Sony Alcatel* Siemens* Acome SK Telecom Ascom Thalis Atos origin* Unisys Business Objects Operators & service Capgemini* providers Cisco Systems* AOL Ericsson* AT&T Fujitsu 9 Telecom* Hewlett Packard Belgacom Hitachi Bouygues Telecom* IBM* BT* JDS Uniphase Cable and Wireless LG Cegetel Group* Lucent Technologies* Colt Microsoft* Deutsche Telekom* Mitsubishi Docomo Motorola* Easynet Nexans Eurosport Nokia Nortel Networks* (*) IDATE Foundation members Eutelsat France Telecom* Global Crossing Hutchison KPNQwest LD Com Monaco Telecom NTT Maroc Telecom* Orange* Portugal Telecom SANEF SFR* SPOT Image TDF Tiscali T-Online Telecom Italia Telefónica* Telespazio Telia Tunisie Telecom Vodafone Wanadoo* WorldCom Media groups Arte BBC BskyB British Film Institute Canal+* Canal Satellite Carlton UK Television France Télévisions* Infogrames Lagardère M6 Mediaset Noos Pathé RAI Retevision RTL SES Astra Sky TF1 TV Cabo Vivendi Universal Investment banks and financial organisations ABN Amro Amercan Express BEI BNP Paribas CDC* CCF Crédit Lyonnais Fortis Securities Goldman Sachs HSBC IRIS Capital* Morgan Stanley Société Générale Management consultancies AT Kearney Accenture Bain & Company Boston Consulting Group KPMG McKinsey Mercer Mars & co PricewaterhouseCoopers Regulators, government agencies and industry bodies, others ART ANIE ANRT ANVAR ARTEL CIAJ CNC CNES CSA DATAR EAO EBU EDF* EITO European Commission Local authorities MINEFI RATP* Sacem 2005 Edition © IDATE 141 IDATE presentation DRM and virtual content distribution 4.5. 2005 DigiWorld Catalogue “The World Observatory of the Information and Technology sectors”: in the framework of its DigiWorld catalogue, IDATE publishes over 20 international reports every year. World Telecom Service Market World Telecom Equipment Market World Internet Access & Broadband Market World Television Market FTTH – FTTx: the take off? Broadband Wireless Access Machine-to-Machine TV in Europe 2015 – Consumer trends Digital Rights Management Mobile Devices – the era of nomadic content WiMAX European Unbunding Mobile VoIP Videotelephony – consumer market outlooks Instant messaging IT Outsourcing Mobile TV / Portable TV: fad or mass market? Mobile office Substitution and Convergence High-Definition TV Service Strategies on DSL Business VoIP Market – opportunities & challenges Power Line Communications Consumer E-Payment Wi-Fi VoIP Markets Consumer Mobile Service Markets Consumer Service Bundles French SoHo Survey Use-IT European Telecom Service Market Video Games – NexGen gaming on its way Video & Multimedia Devices New mobile Services – 3G market dynamics ADSL, Cable, Satellite, DTT – and the winner is.. Internet Services – the keys to success Contact: Marshall Shrago - Tel : +33 467 144 488 - m.shrago@IDATE.org 142 2005 Edition © IDATE Copyright IDATE 2005, BP 4167, 34092 Montpellier Cedex 5, France Tous droits réservés – Toute reproduction, stockage ou diffusion, même partiel et par tous moyens, y compris électroniques, ne peut être effectué sans accord écrit préalable de l'IDATE. ISBN : 2-84822-066-X All rights reserved. None of the contents of this publication may be reproduced, stored in a retrieval system or transmitted in any form, including electronically, without the prior written permission of IDATE.