A very pragmatic guide to protection of prerelase content

Posted on September 3, 2008 by wunderbarb

German GVU, Austrian VAP and Swiss SAFE recently edited a 16 page booklet with very pragmatic guidelines to protect prerelease content from piracy. Its title is: “Filmschutz vor und bei Kinostart”. You understood that it is in German (It seems I am in my German mood :Wink:, sorry for non-German speaking readers). It analyses the complete chain from production, delivery and actual performance and gives some advises. Some are extremely low tech but efficient, for instance:

Request to get back any screener you delivered
If using post mail, do only send screener from Monday to Thursday. Avoid the other days. The risk the parcel will be blocked during week-end is too high…

The appendix provides a list of companies offering solutions, ranging from anti camcording to guard companies. Of course, THOMSON STS is in the list!

The document can be found at Filmschutz vor und bei Kinostart (in German)

French CNC edited last year a document which provides also a set of guidelines. Its scope is larger. It is available in French and English. It si available at Fighting audiovisual piracy: a good practice guide for the industry

Security and Prospect Theory

Posted on August 6, 2008 by wunderbarb

Which choice would you take:

500€ sure gain or a 50% chance of winning 1.000€?

About 85% people will take the sure gain.

Which choice would you take:

500€ sure loss or a 50% chance of loosing 1.000€?

About 70% people will take the risky loss.

This is a result of the economic theory called Prospect Theory. In an article, Bruce Schneier applies it to the problem of selling security products. When faced to purchasing a security product, the customer is in the position of choosing between a sure loss of money (the price of your product) and the risky loss he/she may incur in case of an exploit. The theory shows where the purchase mood will go. He proposes two methods to bias this natural trend:

Increase the feeling of fear which give a feeling of higher probability of the risk
Package (hide ?) security with other features that provide a perceived gain.

I would add a third one: Educate your customer. Use real figures and facts. Avoid the fear strategy that is neither ethic neither trustful.

Definitively a must read article. It is available at CIO: How_to_Sell_Security

I have now to read the seminal work of Kahneman and Tversky on Prospect

Security Newsletter #10 is available

Posted on August 5, 2008 by wunderbarb

This quarter, our guest is Ton Kalker from the HP labs. Ton is well done in the content protection community and many topics such as watermark or interoperability of DRM.

Dekun explains how to retrieve redacted information on classified documents. Arnold and Uhlrich introduce the captchas. Olivier and Patrice describe an anonymous P2P: Freenet.

Enjoy the reading and do not hesitate to comment.

Fair use and video online

Posted on July 29, 2008 by wunderbarb

The US Center for Social Mediarecently published a report entitled Code of Best Practices in Fair Use for Online Video. Its aim is to help creators to interpret the copyright doctrine of fair use. Fair use is a set of exceptions defined by the DMCA. The document does not define the limits of fair use. When reading it, you quickly understand that these limits are extremely fuzzy. Everything is about balance and judgment.

The paper gives a good overview of fair use doctrine. It clearly states the two questions which are at the heart of fair use:

Did the unlicensed use “transform” the material taken from the copyrighted work by using it for a different purpose than that of the original, or did it just repeat the work for the same intent and value as the original?
Was the material taken appropriate in kind and amount, considering the nature of the copyrighted work and of the use?
Then, it provides some guidelines for 6 typical cases:

- Commenting on or critiquing of copyrighted material
- Using copyrighted material for illustration or example
- Capturing copyrighted material incidentally or accidentally
- Reproducing, reposting, or quoting in order to memorialize, preserve, or rescue an experience, an event, or a cultural phenomenon
- Copying reposting, and recirculating a work or part of a work for purposes of launching a discussion
- And quoting in order to recombine in elements to make a new work that depends for its meaning on (often unlikely) relationships between the elements

The funniest part of the document is the section about myths and truths of fair use. Some supposedly questions:

If I’m not making any money off it, it’s fair use.
If I’m making any money off it (or trying to), it’s not fair use.
Fair use can’t be entertaining
If I try to license material, I’ve given up my chance to use fair use.
I really need a lawyer to make the call on fair use.

If you ask yourself some questions about fair use, read it. Although its target is video, I am sure that it is easily extrapolated to other type of copyrighted materials.

Watermark and privacy

Posted on July 16, 2008 by wunderbarb

The Center for Democracy & Technology (CDT) issued an interesting paper titled “Privacy principles for digital watermarking“. CDT published similar principles of other technologies such as RFID or DRM.

The document proposes eight principles:
1. Privacy by design; Interestingly in this principle, CDT recommends that the digital watermark technology providers imposes, by contract binding, to the application designer to respect privacy issues. This is highly ethical but is it realistic in business environment?
2. Avoid embedding independently useful identifying information directly in watermark; in other words the payload should look random without access to relevant information
3. Provide notice to end-users; CDT provides an interesting rationale to inform end users if the watermark is used against copyright infringement. End user should secure his/her content to avoid theft by third parties; else they may suffer from legal actions.
4. Control access to reading capability
5. Respond appropriately when algorithms are compromised; Their recommendations is not to renew the algorithms as technologists would recommend. Rather, CDT recommends to publish a notice if the hack allows watermark forging. I am not sure that this will be loved by technology provider
6. Provide security and access control for back-end databases
7. Limit uses for secondary purposes
8. Provide reasonable access and correction procedures for personally identifiable information

The principles are sound and many of them apply to other security related techniques. Of course, in view of the goal of its editor, some recommendations are Utopian. This document is worth reading.

Should you invest in the long tail?

Posted on July 11, 2008 by wunderbarb

The long tail theory is one of the strong belief of opportunities in Internet. In a few words, dematerialization of goods offers more choice to consumers; The production cost are minimal. Furthermore, online distribution will change the curve of demand. in other words, people will look for rare treasures and this niches will be great. To simplify, if Internet can provide easy access to the long tail, then there will be a market (expected to be serious)

In the last issue of Harvard Business Review, Anita Elberse benchmarked this theory with real data. She analyzed the weekly sales of home videos from January 2000 to August 2005 on a random sample of 5,500 samples. She verified her results with 3,300 artists between January 2005 to April 2007. Her conclusions are surprising. The shape of demand evolved: The tail becomes longer and flatter.

According to her, the long tail theory does not hold. Among her many findings, some excerpts:

Consumers of the most obscure content also buy the hits.
Consumers who rent obscure movies are in general the heaviest users.
Hit products remain dominant, even among consumers who venture deep into the tail.
Hit products are also liked better than obscure products.

So the question is open: is the long tail one Internet Eldorado? read the paper and build your opinion.

Reference: ELBERSE A., Should you invest in the long tail?, in Harvard Business Review, Volume 86, Number 7/8, July/August 2008.

DRM and Individualized Pricing

Posted on July 3, 2008 by wunderbarb

Michael Lesk, from Rutgers University, attempted to answer why online music stores sell to each customer at the same price. Interestingly, every song is sold at the same price, regardless of its performer. The price of the corresponding CD varies depending on the artist’s fame. Online stores have good profiling of Alice. Thus, they could easily propose a personalized price slightly lower than the price she would be ready to pay. According to Lesk, it is not a privacy issue but a feeling of resentment that frightens the sellers.

One alternative that make price differentiation acceptable is versioning. People accept that a hard-bounded book is more expensive then a paper back. People may accept to pay more for a content they will be able to view several times, than for a content that they will view only once. This is the role of DRM. DRM may allow to decrease the average price by offering different versions. Unfortunately, today DRM is not used for that, probably because it is simpler and safer for merchants to offer one unique price.

Reference of the paper
LESK Michael, Digital Rights Management and Individualized Pricing, in IEEE Security & Privacy, May/June 2008

The blog of content protection

A site managed by Eric Diehl

Category Archives: Book/Paper