Today you're free to mail a friend a videotape of a TV show, but new digital defenses may stop you from e-mailing them
How many of you have fond memories of watching the original "Star Trek" serial during its premiere run on NBC between 1966 and 1969? Very few, probably. "Star Trek" is the classic—but by no means unique—example of a TV show that made far, far more money in syndication, long after its initial run on broadcast TV.
By earning a hit show as much as US $2 million per episode,this so-called off-network syndication is clearly the profit center for most shows. And that fact goes a long way toward explaining why the advent of high-quality digital TV (DTV) broadcasting has TV executives in such an uproar. If hit TV shows were digitally downloaded during their initial run and then easily available over the Internet, what TV stations would pay to rerun them?
Last August, the U.S. Federal Communications Commission (FCC) got involved. It issued a Notice of Proposed Rulemaking asking questions about protecting in-the-clear (unencrypted) digital broadcast content from unauthorized retransmission over the Internet.
The FCC notice was prompted by congressional hearings on the activity of a diversity of companies and associations known as the Broadcast Protection Discussion Group. After examining methods of protecting broadcast content, the group had ended its discussions inconclusively. It had not been able to select a particular approach, or agree on a set of objective criteria for choosing content protection technologies, or decide how any chosen method would be enforced. The group's deliberations raised a host of questions about the expectations of private persons over content usage, methods for selecting suitable content protection technologies, who would control and manage such technologies, and how to deal with the likely hacking of any protection technology. Also on the table was the fact that analog versions of the digital signals could not be readily protected, because their reception on legacy analog devices in consumers' homes was on occasion guaranteed by law. Note that the 1998 Digital Millennium Copyright Act stipulated that a broadcast protection system should not affect the consumer's ability to copy in-the-clear broadcasts for private, noncommercial use.
From air to Internet
In the United States, terrestrial broadcast signals have historically been transmitted without being encrypted. Protecting them from unauthorized transmission over the Internet, therefore, requires receiving devices to identify certain content and proceed to protect it before it can be misused.
Hence a set of bits known as the redistribution control (rc) descriptor (written as rc_descriptor) is included in the Advanced Television Systems Committee (ATSC) standard for DTV transmissions, commonly known as the Broadcast Flag. When active, the flag means that "technological control of consumer redistribution is signaled." This descriptor only provides a mechanism for identifying the digital content to be protected by equipment in the consumer's home—it does not trigger an encryption or other protection mechanism at the broadcast station.
For the receiver, one faction in the discussion group proposed that protection begin at the point of signal demodulation. This is the first point at which the rc_descriptor could be read, and if the descriptor were not active, no further action would be required.
If the rc_descriptor were active, however, a variety of protection mechanisms would be required. First, it should not be easy to tap the unencrypted digital signal within the receiving device. It happens that in a typical consumer electronics device, like a TV set, there are no standard data buses, no widely recognized connection points, and no readily modifiable software; in effect, the inherently closed consumer device physically protects the content from all but the most determined and skilled attackers. But a PC environment is quite different, so some PC companies have suggested there is only one way to protect the signal: encrypt identified DTV content on the DTV tuner card at the point of demodulation, maintain the encryption throughout the device, and decrypt the signal only after it is sent to a display. Conceptually, this sounds straightforward—unless the consumer elects to edit, color-correct, or process the signal, which would entail decrypting, decompressing, and re-encrypting the signal in a way that it never appears on any accessible bus in the clear.
Assuming that content within the receiving device is secure, protecting content transferred outside the device is the next hurdle. Theoretically, a PC that handles encrypted broadcast content, either from an internal DTV card or from another source, should not be able to pass that content to the Internet in a form that can be decoded on the receiving end. This prohibition could be enforced with a link authentication/encryption scheme that does not work in an Internet protocol (IP) environment. Unfortunately, denial of transmission over any IP path runs right up against the growing popularity of in-home IP networks over which, if anywhere, protected content should be able to flow. Additionally, consumers expect to pass such private content over the Internet to relatives, vacation homes, and the like, at least to some degree. Today this can be done by physical means (a VCR tape or recordable DVD disc), so why not by e-mail?
The commonest non-IP high-speed digital interconnects are the IEEE 1394, the universal serial bus (USB), and the digital video interface/high-definition multimedia interface (DVI/HDMI). One form of protection for these links, proposed by Philips, was to require an authentication handshake between the source and sink. By this "gesture," the sink indicates it's a compliant device, one that will not pass protected content to the Internet or to a noncompliant device. Following the handshake, the source would send the unencrypted content over the link along with an indication that it was to be protected. This setup would have eliminated the need for distributing and maintaining an encryption system, but the TV content industry feared the in-the-clear signal might be monitored by rogue devices.
A more secure alternative also required an authentication handshake, followed (if successful) by encryption of the flagged content and its transmission over the link along with the protection indication. This was the proposal of the 5C group of companies (Hitachi, Intel, Matsushita, Sony, and Toshiba), using an encryption scheme called digital transmission content protection (DTCP). While technically the suggestion seemed satisfactory, unpalatable requirements and restrictions lay embedded in the technology license. For instance, it disallowed the transfer of broadcast content to a device not protected by the 5C system or to any other system not approved by the licensing administrator, in effect giving that body oversight over any potentially competitive protection methods.
No solution affords protection from broad public redistribution while still allowing "e-mailing to grandma"
As for direct digital recording of flagged content, as on a DVD recorder, that presented another problem. The 5C group proposed encrypting such content on the disc using the content protection for recordable media (CPRM) system. The drawback was that the discs could be played back only by new CPRM-compliant DVD players—and not by the millions of consumer DVD players in private homes. It was suggested that recordings compatible with legacy devices could be made using the recorder's analog inputs, an arrangement that would avoid triggering encryption on the disc. True enough, but the various decompression, digital-to-analog and analog-to-digital conversion, and recompression stages prior to recording would degrade the picture.
The biggest blow came when the discussion group realized that the system being considered might be used to launder DVD content. Imagine a future prerecorded DVD, watermarked with "copy never," being "ripped" onto a PC hard drive. The PC could format the DVD's content into an ATSC-compliant MPEG2 transport stream, insert the rc_descriptor, and modulate the output using the ATSC technology employed by broadcasters. Then when a compliant recording device with an ATSC tuner/demodulator received the content and found the rc_descriptor, it would assume that the content was from broadcast, ignore the watermark, and allow unfettered copying (although not Internet retransmission). Accordingly, the discussion group proposed barring modulation devices from processing any content containing the rc_descriptor.
The analog hole
All the protection mechanisms deal only with broadcast content in its digital form. No analog outputs, whether standard or high resolution, are protected by this system. This results in the conundrum of extensive protection of digital content side by side with ready availability of analog versions of the same content, capable of being digitized and compressed by many modern PCs and then transmitted freely.
Closing this hole would be hampered by the need to support digital-to-analog converter devices for the quarter of a billion TV receivers already in people's homes. One idea has been watermark systems that hide copy-control information in the content, allowing old analog devices to work properly, but disallowing redigitization of the analog signal on future devices with watermark detectors. Of course, as it will take some years before unprotected analog-to-digital conversion devices are retired, this would be a long-term solution.
How long-term? A new multi-industry group has been established to look at technological approaches for dealing with the analog hole. But the Analog Reconversion Discussion Group has not yet set a timetable for completion, and there is no assurance that the outcome will have any more success than did the previous discussion group's activity.
Some of those who responded to the FCC's request for comments on this issue have questioned the practicality of retransmitting broadcast content over the Net, given the large amount of data involved and the relatively slow Internet connection speeds (HDTV content requires over 19 Mb/s). Even that rare, pristine, uninterrupted 1.5-Mb/s broadband connection would take more than a day to transfer a two-hour movie, making widespread retransmission unlikely. Content owners, though, point to the march of technology, which they believe will ultimately result in faster broadband connections and more efficient compression techniques.
No solution has been proposed and vetted that affords digital content robust protection from broad public redistribution while still permitting "e-mailing to grandma" and the direct digital home copying beloved by the consumer. Stir in the analog hole, the likelihood that any proposed system can ultimately be hacked, doubts as to whether a problem exists at all, and the recent upsurge in consumer purchases of DTV products, and the stage is set for an ever noisier debate.