Rights Technologies for E-Publishing
Rights Technologies for E-Publishing November 8, 2012 Bill Rosenblatt GiantSteps Media Technology Strategies www.giantstepsmts.com [email protected] +1 212 956 1045 1 Outline
History of DRM DRM Technology DRM Economics Cloud Reading Comparison with other media types Forensic content protection technologies IDPF EPUB LCP project update
2 History of DRM
3 What Is DRM?
Original definition: any system used to manage or track rights to content. Popular definition: technologies that use encryption to protect digital content from unlicensed use on users’ devices.
4 Antecedents of DRM
1960s: digital encryption 1970s: physical media copy protection Early 1980s: dongles Late 1980s: software license management 1990s: CD-ROM copy protection Late 1993: conference Technological Strategies for Protecting Intellectual Property in the Networked Multimedia Environment, Washington DC 5 Historical Development
Late 1990s: documents, software Late 1990s: digital conditional access (CA) for cable TV Early 2000s: music Early 2000s: “Enterprise Rights Management” (corporate documents) Mid-2000s: mobile music Mid-late 2000s: video downloads Late 2000s: merging of DRM with CA for video
6 DRM Technology
7 DRM Reference Architecture
8 Typical Components
Content Server Client (user device) – Repository of encrypted – DRM Controller content (software/firmware) License Server – Receives encrypted – Takes requests for content usage licenses – Requests licenses – Authenticates identities – Grants rights to users (user, device, or both) – Issues licenses (small files) containing decryption keys
9 DRMs in E-Publishing
Major Minor MobiPocket DRM: Fictionwise Amazon Passhash: Nook Adobe Content Microsoft PlayReady: Server: Nook, Kobo, Blio Google Books, Sony Kobo Vox DRM: Kobo Reader, Numilog, Vox many others Marlin: Sony Reader FairPlay: Apple iOS Japan FileOpen: various publishers’ sites 10 DRM Economics
11 Economics of DRM Publishers demand it but (usually) don’t pay for it Retailers and device makers control designs Very few successful standalone DRM vendors Retailers and device maker use DRM for “lock-in” Interoperability and fair use suffer “Interoperable” DRM (Adobe Content Server)
not easy for users 12 The Rights Technologies R&D Index (GiantSteps research, 2010) Rights technologies research output per country – measured by number of articles in respected journals GERD (Gross Expenditure on Research & Development) – OECD statistic Rights Technologies R&D Index is ratio of RT research output to GERD Measure is independent of size or wealth of country 13 RT R&D Indexes Show: Economic Incentives Misaligned 450 70
400 60 350 50 300
250 40 GERD ($B) 200 30 RT Output 150 RT R&D Index 20 100
10 50
0 0
“Device” “Content” Countries Countries 14 R&D Survey Results
Reasons for Lack of R&D RIAA Lawsuit Threat Other 6% 12% Topic Distasteful 12% Moved On to Other Topics R&D Not 6% Published in Sci Journals No Grant 24% Money 12% Limited There’s no Commercializati Money in it on 40% Opportunities 28%
15 Cloud Reading
16 The Future?
Traditional
Content DRM File Downloads Server Connection Can Be Intermittent Offline Reading
Cloud Reading
Content XML, Page Images Server Connection Must Be Continuous
17 Content Protection for Cloud Reading XML Page Images Send a screen at a time “Screen shot DRM” (Safari Books Online, Send one page image at Google Books) a time Send a chapter at a time (Amazon “Look Inside”) (Amazon Kindle Cloud Pirates must OCR pages Reader) images and assemble Pirates must assemble them content from components
18 DRM for Other Content
19 DRM for Other Content: Music Permanent internet downloads went DRM- free in 2007 Permanent mobile downloads followed soon thereafter DRM for physical media (CDs) a failure On-demand streaming services (Spotify, Deezer) – Stream encryption: data encrypted in transit to client – “Offline listening mode”: DRM for locally cached
files 20 DRM for Other Content: Video
Downloads all use DRM – Whether purchase (permanent) or rental (temporary) Physical media uses DRM – CSS for DVDs – AACS and BD+ for Blu-ray Otherwise encrypted streaming – Derived from Conditional Access (CA) for cable & satellite Strongest content protection technologies found here – Alignment of economic incentives
21 DRM for Other Content: Games
DRM ranges from very strong to none – Gamers particularly adept at hacking – Conversely, “DRM Free” can be a selling point Motivations different from video – Just need to minimize illegal sharing for first few weeks – That’s where most of the revenue comes
22 Other Rights Technologies for E-Publishing
23 Forensic Rights Technologies (a/k/a Content Identification or Content Recognition) Watermarking and fingerprinting For network piracy monitoring schemes (HADOPI) Do not prevent unlicensed use Crawl Internet looking for copies of known content Provide evidence of unlicensed uploads and downloads Block or monetize user uploads (YouTube)
24 E-Book “Watermarking”
Embedding data in “noise” portions of images Adding unprintable chars to text content Inserting identifiers in e-book – Once, once per chapter, on every page – Could be transaction ID, user ID, user’s real name, email address, credit card number Idea: if your personal info is in the file, would you still share with your million best friends? Easy to circumvent Examples: Pottermore EPUB files, O’Reilly PDF downloads 25 E-Book “Fingerprinting”
Sophisticated pattern matching Crawls web, finds instances of known content Can look for context to see if use is licensed (e.g. news wire stories on newspapers’ websites) Examples: MarkMonitor/dTecNet, Attributor, Irdeto/BayTSP
26 Watermarking vs. Fingerprinting Tradeoffs Watermarking Fingerprinting Content Watermark must be None required, can be used Changes embedded with content “in the wild” Process Insert watermark in every Compute fingerprint once for file on server and/or each content item and consumer device; detect deposit in vendor’s master later database; re-compute later for lookup Hacking risk Not very robust, easy to Nothing to hack hack (unlike video/audio watermarking) Data Storage Can store any data, up to Cannot store any capacity limitations; files information; identical content with same content can have files compute identical different watermarks fingerprints Costs Spread throughout the27 Primarily fall on service digital content value chain providers IDPF EPUB LCP Project Update
28 IDPF EPUB LCP Project
Lightweight Content Protection standard for EPUB3 Address lack of interoperability in EPUB due to lack of DRM standards Attempt to create standard interoperable DRM that is attractive to retailers & device makers Trade off strong security for ease and low cost of implementation Take advantage of anticircumvention laws Process: issue RFP for technology contributions
29 EPUB LCP Project Status
RFP published in July Deadline extended to late September Six complete proposals received Evaluations to be presented to IDPF Board in early December
30 Complete Proposals Received
FileOpen – well-established US vendor Impervio – Canadian startup Kobo – new proposed open standard Marlin Developer Community (MDC) – Marlin-derived spec RHKS – Korean startup (from Random House Korea) Sony DADC – Marlin-based technology
31 Bill Rosenblatt GiantSteps Media Technology Strategies [email protected] +1 212 956 1045 www.giantstepsmts.com
32