3 March 2002. Thanks to SB.
Source: http://www.europa.eu.int/information_society/newsroom/documents/drm_workingdoc.pdf (180KB)


[43 pages.]

COMMISSION OF THE EUROPEAN COMMUNITIES

Brussels, 14.02.2002
SEC(2002) 197        

COMMISSION STAFF WORKING PAPER

DIGITAL RIGHTS

Background, Systems, Assessment


Please note that this paper is a working document of the services of the European Commission and has not been formally adopted by the Commission. It therefore does not propose any new Commission policies nor does it represent the position of the Commission as such. The paper is intended as a contribution to the current debate about digital rights management and provides a factual presentation of the current state of play and identifies some of the major policy issues surrounding the acceptability of DRMs.


SUMMARY

Digital Rights Management

The copyright environment consists of three main aspects: rights (what can be protected by copyright) and exceptions (e.g. copies for private use or for public libraries); enforcement of rights (sanctions for making illegal copies and for trading in circumvention devices); and management of rights (exploiting the rights). In the online world, management of rights may be facilitated by the use of technical systems called digital rights management (DRM) systems. The paper seeks to provide policy guidance on the use of technology at an important time. Directive 2001/29 on copyright and related rights in the Information Society (Copyright Directive) provides the legal framework in which DRMS will be administered. In particular, the Copyright Directive requires Member States to provide legal protection for technological measures which form the basis of DRMS. Member States are required to implement the Copyright Directive by the end of 2002. It is important therefore to promote the use of DRMS in order to better manage the rights in question.

DRMs consist broadly of 2 elements: the identification of intellectual property and the enforcement of usage restrictions. The identification consists in the attribution of a (standard) identifier (such as the ISBN numbers for books) and the marking of the property with a sign (such as a watermark). The enforcement works via encryption, by i.e. ensuring that the digital content is only used for purposes agreed by the rightholder

By way of example, conventional encryption and digital signatures operate effectively for the transmission to the consumer, but once he has received authorisation of use, as he necessarily must, it is very difficult to control to which uses he puts the content. Most techniques currently under way try to prevent illegal copying by inserting watermarks or other signs which signal to the hardware whether they are original. The hardware should then work only with legitimate copies, sometimes by itself, sometimes by verifying with a database of the right holder.

At present, DRMs have not yet proved widely acceptable to all players as not all the problems associated with technical protection measures and DRMs have been ironed out.

1. Firstly, encryption systems remain vulnerable to being cracked or are perceived as being vulnerable.

2. Secondly, DRM systems can significantly, reduce ease of use and hence demand for digital content, especially if there are many incompatible standards.

3. Thirdly, DRMs may go too far by preventing generally accepted uses, for example by allowing an eBook to be read only once. Finally, if based on online verification, DRMs may invade people's privacy by tracking personal data and transmitting them to DRM managers.

On the other hand, widespread use of viable DRM schemes could bring about:

-- reduced risk of illegal copying;

-- alternative methods of compensating rightholders for the risk of such copying;

-- use of new business models;

-- a move towards compatibility and interoperability of DRMs.

The Commission's policy in this area is defined by the Copyright Directive. In particular, the Copyright Directive requires Member States to provide for "fair compensation" for private copying (and certain other exceptions). Although, fair compensation is left to Member States to deten-nine, it should take into account the application or non-application of technical protection measures. It also provides legal protection against the circumvention of any effective technical protection measures. The Directive also encourages the compatibility and interoperability of different systems and considers it highly desirable that global systems be developed.

The Commission has also been co-financing research projects in this field for some 10 years. In the meantime, as the technology evolves, new business models are beginning to emerge.

The widespread deployment of effective DRM systems could provide an alternative to, for example, cop ight levies, as a mechanism to ensure "fair compensation" for rightholders. The Commission Services should continue to encourage all players to develop operational, open and interoperable DRM solutions and to deploy them rapidly. Clearly, this depends on the co-operation of the different industry stakeholders and requires if not standardised, at least compatible solutions, as well as an open discussion about the appropriate business models. The Commission could help to facilitate such a process by providing a platform for consensus-building among all interested parties, for example through a series of round table meetings.


TABLE OF CONTENTS

Introduction

1. How do digital rights management (DRM) systems work?

(a) The main functions of DRM Systems

(b) A model of a Digital Rights Management System

(c) EC contribution to the technical development of DRMs

2. Policy implications

3. Looking ahead

Annex I

(a) Examples of technologies which perform these functions

(b) Examples of DRM Schemes

Annex II


Introduction

Objectives of this paper

The aim of this discussion paper is to promote the use of "digital rights management systems" (DRM) for the legal distribution of digital content and to discuss what is necessary to make DRMs widely acceptable in full respect of the legal framework, notably Directive 2001/29 of 22 May 2001 on the harmonisation of copyright and related rights in the Information Society.

To that end, the Commission will also organise a workshop with representatives of all stakeholders on 28th February 2002 where issues raised in this paper will be discussed.

The copyright environment consists of three main aspects: rights and exceptions; enforcement of rights; and, management of rights. This paper assesses the policy options available to promote the use of technology in the management of rights. It outlines some of the principal practical and economic considerations relating to the use of DRMs as defined below. These options are addressed in the context of the legal framework established in the area of copyright and related rights. To that extent, it concerns protected works or other subject matter in the digital environment ortly.

The harmonisation of the rights and exceptions is fairly advanced as reflected in the 7 directives adopted in the area of copyright and related rights. The most recent measure is Directive 2001/29 , which is to be implemented by December 2002. The second aspect -- that of enforcement of rights, is addressed in the acquis communautaire in the relevant provisions concerning sanctions and remedies. The forthcoming proposal on counterfeiting and piracy and related initiatives will advance harmonisation in the field of enforcement.

The notion of "digital rights" refers to copyright and related rights in the digital environment. These rights do not differ in principle from the rights that persist in analogue works. However, the term DRM refers to the use of technology to describe and identify digital content protected by intellectual property rights, and which enforces usage rules set by rightholders or prescribed by law for digital content. It is important to advocate the use of DRMs in order to better manage the rights in question. In the coming 18 months, the Member States will implement Directive 2001/29. During that time, we are likely to see the emergence of many different private sector initiatives in the field of DRMs. The paper therefore seeks to raise some of the main policy issues surrounding the use of the technology in question at this point in time.

For the technology to succeed, it should be operational, of wide application and accepted by all players in the market i.e. content providers, commercial users and consumers. It may be possible to identify and target particular initiatives suitable for the funding of research. It is hoped that this paper will facilitate a dialogue, which can assist in identifying such initiatives.

In our consideration of DRMs, we should bear in mind the following:

The design and deployment of DRMs will need to take into account these important issues. In short, they will need to be sufficiently open and flexible: open to ensure interoperability and accessibility, and flexible to allow the use of different business models by content owners.

Background

Technological developments have historically always had implications for the regulatory framework for copyright and have been at the origin of the need for modification. The limitations of analogue and offline technologies and platforms in terrns of lower quality of reproduction and relatively high distribution costs have governed the traditional models of copyright management and the legal framework, which support them. On the one hand, digitisation has transformed this traditional environment and has given rise to a potentially huge market for content. lt is now possible for individuals to produce and/or make an unlimited number of perfect copies of digital data (e.g. personal identification data or copyrighted data) at little marginal cost, and to distribute them world-wide, similarly at practically no additional cost. At the same time, digitisation has also increased the risk of piracy with use of the same media to produce and/or make unlimited numbers of perfect copies.

Legal framework

The legal framework in which DRMs would be administered is that of Directive 2001/29. Directive 2001/29 establishes a framework which balances incentives to create and distribute content with mechanisms which ensure appropriate revenue through the exercise of intellectual property rights and at the same also serves the interest of the public (individual users) by requiring access to copyright works for certain types of use.

The Directive harmonises Member States' legislation around the three main rights granted to authors, performers, phonogram and film producers (Articles 2 to 4):

Of particular relevance to this discussion paper are the following provisions:

Management of Rights

The third element of copyright protection is the management of rights. Its scope encompasses the exploitation (on-line and offline) of rights including the commercial or transactional aspects pertaining to distribution, licensing, the relevant applicable law and forum and the conditions of administration of those rights be they by individual, central or collective management. At present, most of these issues are left to Member States'laws and are not yet harmonised. In the context of this discussion paper, focus is placed only on technological measures being developed today, which aim to control copyright material so that exploitation can be licensed, reported and paid for in the networked environment. These are generally called "Digital Rights Management" (DRM) Systems.

Effective management of digital rights depends both on the legal framework and the widespread availability of operational technology. The legal framework supports use of DRMs by protecting technical measures, and by requiring Member States to take into account the application or non-application of technological measures when providing for fair compensation in the context of the private use exception for which fair compensation is required, (Recital 35 and Article 5.2 (b)). Technological protection measures and control systems, can facilitate the effective management of rights and exceptions. Where technological measures are operational and effective, rightholders should be able to ensure appropriate exploitation and enforcement of their rights as well as adequate revenues by using DRMs. The legal framework provides for the possibility to avoid double compensation where copyright levies and DRMs would be used in parallel. This might have an effect in time on the existing arrangements for equitable remuneration such as the use of "copyright levies", (already applied in some Member States). The use of these levies varies but these may be or are already applied on any equipment which could potentially be used to make digital copies, including personal computers, CD-ROM or DVD burners, and even mobile phones.

Such technology needs to be robust, interoperable, open, applicable across different contenttypes, and acceptable to the consumer. Such technology needs to be agreed upon, developed and deployed by the private sector. These criteria should be determined by the market with the risk that possibly divergent or even incompatible standards will emerge.

The copyright directive 2001/29/EC contains a reference in Recital 54 that "compatibility and interoperability of different systems should be encouraged" (Recital 54). In addition, the directive provides that protection mechanisms should not "prevent the non-nal operation of electronic equipment and its technological development" (Recital 48). However, the directive is limited in such references and does not create any legal framework for standardisation at EU level.

In order to avoid that the emergence of incompatible standards hampers the achievement of this desired interoperability, dialogue and consensus-building at European level is worth exploring. The European standards bodies (CEN/ISSS) are willing to help evaluate the need for and possibilities for standardisation. They plan to investigate the available technologies and the extent to which their use is already standardised by industry consortia or may need to be standardised.

Digitisation is also transforming the ways content in its different forms is developed, distributed and exploited. New models of content distribution are emerging (e.g."open source"software, peer-to-peer computing, "pay as you go", flat rate subscriptions, time-limited, etc.).


1. HOW DO DIGITAL RIGHTS MANAGEMENT (DRM) SYSTEMS WORK?

This section will present:

(a) The main functions of DRM Systems

DRM systems generally provide two essential functions:

The management of digital rights

Identification of the content to which the rights are attached is a pre-requisite for the effective enforcement of digital rights. The International Standardisation Organisation (ISO) has overseen the development of a number standard identifiers for content, including ISBN for physical books, 1SWC for music compositions, ISRC for sound recordings, and ISAN for films. One private initiative in the United States has also developed the Digital Object Identifier (DOI), for the identification of digital content.

Once copyright material has been identified, it also needs to be described. Such information, which is usually referred to as metadata, includes information about ownership (e.g. author, date of publication, originating territory, etc.). Systems for the development of metadata are currently well advanced.

The identification and description of intellectual property is essential if rules are to be set to exercise digital rights. Today, such rule-setting is still fairly elementary. For instance, the rightholder in a piece of text might allow printing but not copying (possible with Mibrary.com: www.mibrary.com) . However, in the future, complex rules will be enabled by software like XrML (eXtensible rights mark-up language) from ContentGuard (www.contentguard.com). This computer-based language enables rightholders to set the parameters within which their intellectual property can be interacted with by users.

The digital management of rights

Once intellectual property has been uniquely identified, the metadata describing it elaborated and the rules for its usage set, it is necessary to find a way to ensure that the rules can be enforced. This can be achieved using encryption. Encryption is the process by which infori-nation is "scrambled" to make it unusable to non-authorised users. One particular system of encryption that is vital to DRM systems, is the so-called "Public-Private Key" system. Once encryption has been effected using the Public Key (which can quite safely be made known), decryption can only be done using the complementary Private Key, which is not made available to anyone except the owner.

Encryption processes are also required to provide certainty for consumers that the content they are acquiring is as described ("integrity") and from the source they expect ("authenticity"). This can be effected by the use of digital signatures using encryption technology. Watermarking is another technique that is useftil for authenticating content. Finally, in order that content traded in the networked environment can be transmitted securely, both content and the rules governing its use must be protected while in transit. Digital "wrappers", once more dependent on encryption technology, are used for this and most digital rights management systems rely on the use of such "wrappers".

It should be noted that the security level of the process chosen by the night owner can vary according to the type of content (e.g. its cost, price, sensitivity).

Example of technologies, which perform these ftinctions are provided in annex I.

(b) An example of a Digital Rights Management System

The process of Digital Rights Management involves various steps depending on the technology or system. An example is given below:

  • Step 1

A user makes a request for content via the merchant's website. The request involves determining the specific use that will be made of the content.

  • Step 2

A financial transaction, using a secure channel, is effected with a financial institution.

  • Step 3

Once the financial transaction is completed, the merchant requests the content to be secured by the DRM, together with the rules for its use, and then it is sent to the user.

  • Step 4

Information about the transaction is sent to a clearing house (e.g. a collecting society) for reconciliation with the fees from the transaction. The clearing house, having charged a commission for processing the transaction, passes the fees to the appropriate rights owners.

It should be noted that this example is not based on an "open" system in-so-far as the user can only access the content via the merchant website. Neither does this example take into account the possible re-use of the content after the transaction. Technologies are also being developed which allow rules to be embedded in the content itself irrespective of its source or support platform (i.e. Internet, CD, a copy, etc.). This means that the content will always "react" in the same av herever the user encounters it

(c) EC contribution to the development of DRMs

Through its various research programmes, notably the Information Society Technologies (IST) Programme, the Commission has been co-financing a range of projects, which aim to support the standard-setting process among industry consortia and ensure interoperability.

The first Community-funded projects began in 1990 under the ESPRIT programme and have continued through the 2nd to the 5th Framework Programmes and more recently in the INFO 2000 programme (multimedia rights clearing systems). Over C20 million has been spent by the Commission on a total of 22 projects in the DRM over that period.

A comprehensive inventory of these projects is provided in annex II.

These Community-fanded projects can be divided into four thematic groups:

There are important market incentives for the various industry players to develop these technologies and systems. The role of Community funded R&D programmes should take this into account when deciding to what extent it is appropriate to continue to provide support for the development of the various technology components.

R&D support at EU level could target issues such as system integration and pilots, the promotion of standardisation with the objective of establishing a global and open infrastructure for IPR management and open standards, and carrying out socio-economic impact analysis.


2. POLICY IMPLICATIONS

DRMs are currently neither widely deployed nor widely accepted. There are a number of issues, which need to be taken into account to ensure their wide acceptability and to overcome certain obstacles:

Technological protection systems, no matter how strong or sophisticated, will always be vulnerable to attack from hackers and pirates. But DRMs may be accepted by the market because they do not need to be 100% foolproof. Nonetheless, they will need to be sufficiently robust to be widely taken up by content owners

Legal safeguards are essential to support technological measures and protect them against unlawful circumvention and these are already in place.

However, the network dimension of the Internet means that any successful attempt to break through or circumvent technical protection measures can be distributed rapidly. The Internet also facilitates such practices as "peer-to-peer" computing, where networked computers can be transformed into a single supercomputer, which can potentiall be used to crack content protection measures even more rapidly.

Some organisations are issuing challenges to the technical community to test out the robustness of their systems. For example, on September 6, 2000, the Secure Digital Music Initiative (SDMI - see Annex I) issued "An Open Letter to the Digital Community," inviting people to attempt to crack certain technologies they are considering for use in their system: "the SDMI Challenge". They set up a web site where music samples and some other information could be downloaded to aid in analysing the technologies. The SDMI requested that participants send the results of their watermark removal tools along with technical details of how the watermarks were removed. Following this, the SDMI would then offer participants the chance to sign a non-disclosure agreement in return for receiving a fraction of the prize money. Students at Princeton University in the United States successfully cracked the SDMI technologies.

Indeed, most of the currently available systems have been cracked or will be soon. Examples include Macrovision, CSS, as well as SDMI. These initiatives illustrate the limitations of static technical protection. Once implemented, they cannot be modified. They lack recovery and defence mechanisms -- and a sponsor to deploy these techniques if the protection system comes under attack. Second generation copy protection and management systems draw inter alia on techniques developed for web-based and general e-commerce. They combine scrambling systems, encrypted cipher keys and watermarking techniques with management via communications networks. Several of the proposed systems are described in Annex 1.

DRM and broadcast conditional access systems (CAS) share some of these technologies. Recovery and renewability of protection are characteristics of conditional access systems (CAS), which need to withstand attacks from hackers. In general, CAS and DRMs have separate functions for now. CAS protects transport to the home and DRMs address usage in the home. One technical option being considered in Europe is to carry over the common scrambling algorithm used for scrambling in conditional access to DRMs. Five years into the future, the Commission services understand that CAS and DRM may be combined into a single, end-to-end protection system as this will be more efficient. Apparent "weaknesses" in first generation technologies need therefore to be put into perspective. More sophisticated DRMs under development may prove to be highly effective, drawing on e-commerce technologies and with conditional access functionality as appropriate.

Consumer groups and user organisations are voicing their concerns that DRMs will change the way individual users can use content. They fear that individual users will not be able to enjoy the use of digital content in the same way as they have done in the past.

For example, whereas it is possible to buy a book, read it as many times as one wishes, and lend it to one's friends or family, use of a DRM system might limit the number of times one could read, print out and pass on (i.e. lend) an "eBook".

There are many good reasons to protect the rights of rightholders, content providers and distributors of digital material. While DRMs are mainly concerned with preventing the illegal use of digital material, it is less clear how DRM solutions protect the lawful consumer. A concern that DRNI solutions need to address is to ensure that the intended user of the content is not subject to any constraint on their lawful use of this content.

As explained above, the fundamental purpose of technical protection measures is to preserve the economic and intellectual property rights of the rightholders as set out in law. However, in so far as DRMs may involve the collection and further processing of personal data in order to carry out the essential function of protecting the works, or in so far as they may also allow content owners to closely monitor and track the use of digital content, consumer organisations, privacy advocates, national supervisory authorities and the Commission are also concerned about DRMs affecting the fundamental rights to privacy and personal data as guaranteed by the EU Charter on fundamental rights and the EU data protection directives.

Indeed, the use of such technical means opens up another economic dimension because data about how the protected works are used is of additional economic value. Depending on the design of DRMs, they could identify the consumer and create individual profiles about the consumption patterns of protected works by individuals. At the same time, the lawful use of such data can be of benefit to those consumers who are interested in receiving a custornised service, for example.

In order to avoid these risks arising it is essential that, as in other areas, personal data is protected and privacy is guaranteed also within DRM systems as required in Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Furthen-nore, this specific issue has been identified in Recital 57 of Directive 2001/29/EC. It states that rights management information systems should incorporate privacy safeguards in accordance with Directive 95/46/EC.

According to Directive 95/46/EC personal data can only be collected and processed if this is necessary for a specific lawful purpose and based on legitimate grounds such as necessity for the performance of a contract with the data subject, compliance with legal obligation, the unambiguous consent of the data subject, necessity for the purposes of the legitimate interests pursued by the data controller where these are not overridden by the interests for fundamental rights of the data subject, etc. The individual must be informed about the purpose of the processing, the identity of the controller and all other elements to ensure that personal data are processes lawfully.

This means that if a DRM system does indeed need to process personal data, this need should be demonstrated and clearly explained as part of the application of the obligations laid down in Directive 95/46/EC.

Attention needs therefore to be drawn to the purposes of DRM systems (i.e. protection or other purposes) as well as the conditions and circumstances under which data is collected and processed by them. It should for example be avoided that providers of DRM solutions, which closely monitor the use of protected content by the individual user, could use or pass on the collected data for marketing or other purposes without their knowledge and against their will.

From the individual's perspective, the unlawful collection and processing of personal data for customer profiling and other uses by a DRM provider would constitute a threat to their privacy and could affect the willingness of consumers to accept DRMs.

An overview on the functioning of those DRM systems that involve the processing of personal data would be useftil in order to evaluate the questions raised above and find appropriate solutions.

Effective DRMS is becoming a a more urgent short-term requirement for digital television, as DTV evolves towards new functionality. New technologies already in the process of deployment require protection to be extended beyond transmission of content to the home -- i.e. conditional access -- to include consumption within the home. Personal video recorders based on computer hard disks enable storage of many gigabytes of encrypted and unencrypted content, whether this be conventional video programmes or application programmes like video games made available as part of an interactive TV service. In future, wireless home networks will increasingly link different appliances within the home. Content of different kinds will need to be protected and managed as it is transmitted around the home.

Content owners want to avoid a repeat of the Napster syndrome in respect of video content. They fear that the combination of digital broadcasting, digital video disk and uncontrolled digital copying could provide pirates with high quality digital master copies of programmes that could then be fed into the internet. Posting films on the web would damage the industry's economy, which relies both on territorial windows and media chronology windows in order to maximise returns. Currently, rightholders' concerns and the limited DRM capability of current equipment means that digital products like DVD players and DTV decoders do not have digital output sockets. They can only be connected to TV sets and displays using analogue links. This limits picture quality and recording capability. It prevents digital television both from replicating analogue recording functionality, and from achieving its full potential through new functionality. Implementation of DRMS will be important for maximising the appeal of digital television. This is a pre-condition for achieving digital switchover and the eventual extinction of analogue broadcasting. Only with effective DRMs can digital television achieve its full potential.

Rightholders also argue that DRM protection needs to cover digital versions of traditional consumer electronics equipment (television sets and monitors, decoders and recorders) and personal computers. Any limitation on PC functionality is likely to be controversial both with computer manufacturers and computer users.

Technical measures, such as DRM systems, may lead to complex technical solutions that users do not want. Users may be confronted with numerous different and possibly incompatible systems and software, which need to be downloaded each time they wish to access content. This can be a burden and give rise to additional costs for the user. Such a situation would be counterproductive and become an obstacle to the easy access and distribution of content on the Internet. Ensuring globally interoperable standards and flexible and open systems is therefore a key policy issue. Interoperable global management systems should be designed in such a way as to ensure technology integration.

Because of the current instability of technical measures and their low commercial availability in the marketplace, some EU Member States may choose to apply or have already applied levies to digital storage media (e.g. CD-Rs, DVD-Rs, MP3), digital recording devices, or IT equipment (e.g. PCs, printers, hard disks, etc.). These levies, already applied in 12 Member States to analogue equipment, are designed to compensate rightholders for the risk of private copying of their content. Industry circles have expressed serious concerns about the likely impact of imposing copyright levies on digital equipment and especially on personal

computers. For example, they are concerned about -the possibility of users being required to pay double compensation should the use of DRMs and application of copyright levies coincide. They have also pointed out that the fragmented application of copyright levies in the Member States could have implications for the Internal Market in cases where Member States may choose or have chosen to introduce them (e.g. Germany and France), whilst others may not (e.g. the UK).

Certain copyright levies may eventually be replaced by effective technical measures. Indeed, a growing use of technological measures should eventually lead to a natural, market driven phasing out of levies.

DRM systems should be sufficiently open and flexible to allow rightholders the freedom to - in accordance with the legal requirements -- enforce the rules they wish to apply for the lawful use of their content and so that they can be easily adapted to new business models.

In other words, DRM systems should enable rightholders to enjoy maximum flexibility, within legal boundaries, in setting the usage rules they wish to apply to their content, as well as enable them to adopt new business models, which open up new and alternative revenue streams for their content. Examples mentioned by some parties include bundling additional services with content (e.g. information, technical information/user manuals, "plug-ins" to adapt and update content, etc.), providing variations in quality of service, and advertising. Such models are being successfully applied in other fields such as software e.g. open source and free software and also by commercial vendors but not without controversy (e.g. eMusic, MP3). Whilst some such models may under certain circumstances provide revenue flows from alternative sources, they may bear no relation to the framework for the exercise and exploitation of intellectual property rights. Indeed, some of these models are strongly contested by certain rightholders and the economic viability of some of these models still needs to be tested in practice.

Ultimately, once solution could be to create an environment where content creators are able to choose whether they wish to protect their rights and receive remuneration or not on a voluntary basis. Technology provides for such flexibility and so does the notion of property, which of course includes the option to give it away, exploit it directly or find alternative means of exploitation.


3. LOOKING AHEAD

Against this background, we need to consider possible policy options which can be agreed between all those concerned (different industry groups, policy makers, users). In so doing, the following conclusions can be drawn:

****


ANNEX I

(a) Examples of systems which perform key QRM functions

The SCMS, which resulted from negotiations conducted during the 1980s between record companies and consumer electronics manufacturers, is used on CDs, primarily to protect music. It uses copy control "flags" embedded in the CD. These "flags" allow digital copies to be made from the "master" CD (that is, the CD bought by the consumer in a shop), but not from a copy of that master. Thus, "second-generation" copies are blocked -- if a copy of the original is used as the basis for a new copy, the control flags will be incorrect and the copying device (CD recorder) will fail to copy from it. Serial copying is prevented. Thus SCMS principally performs an identification function.

Macrovision is an analogue video copy protection system. It distorts the quality of analogue recordings, rendering the recordings useless from a commercial point of view. Macrovision works due to the differences in the way VCRs and televisions operate. The automatic gain control (AGC) circuits within a television are designed to respond slowly to change; those for a VCR are designed to respond quickly to change. The Macrovision technique attempts to take advantage of this by modifying the video signal so that a television will still display it properly, yet a VCR will not record a viewable picture.

____________________

1 www.macrovision.com/

This technology is relatively old and it is possible to purchase DVD or VHS video equipment with the MacroVision system disabled.

This system relies on a combination of content scrambling, key encryption and conditional access. DeCSS is an executable binary utility, written for Microsoft Windows. When you execute this program it displays a simple dialog box and two buttons. These buttons are labelled "Select Folder" and "Transfer". One button reads CSS-scrambled content from a DVD-ROM, and the other deposits unscrambled MPEG-2 video files to the user's hard drive.

____________________

2 http://www.wyvem.org/decss/dvd-discuss-faq.html

CSS uses a 40-bit key, which means that it is rather weak. Even if the scrambling algorithm is well-designed, the short key length means that a brute-force search will quickly find the key.

The CSS system is alleged to have been cracked for the first time in September 1999. In November 1999, an analysis of the "CSS decryption" source code and the underlying CSS algorithm revealed serious weaknesses which made it possible to defeat CSS without a player key.

Almost immediately after the CSS reverse engineering was complete, the DVD-CCA and the MPAA began sending threatening letters to the owners of websites offering CSS decryption programs for download. These letters successfully intimidated some web sites into removing the programs. Similar letters are still being sent today.

Watermarking is an identification technique, which can guarantee the integrity and authenticity of digital content. It allows the protection system to be incorporated for the first time into the "fabric" of the content, rather than being added on as separate information. If, for example, a DVD is copied, the watermark follows the copy, no matter how the copying occurred. Expert knowledge and considerable computer power are required to remove the watermark: it must be removed from each frame of the entire video. When the DVD player detects the watermark on the copy, it refuses to play it and ejects the disc. The player will recognise that the video is on a recordable DVD (which is illegal) because the watermark technology is reinforced with a "wobble". The wobble is a unique number pressed into the plastic of the DVD disc. It is coded to match the watermark. The system actually introduces a "tattoo" into the film and a "tattoo" into the disc. These "tattoos" have to match -- if they do not, or if one of them is absent, this means that an illegal copy has been made, which the player will reftise to play. The watermark/wobble system can be tailored to allow one generation private copies but block any copying from those copies.

These devices are at the user end, and provide the ability to interface with the tattooed information and manage it in view of ensuring lawful usage. Most of this ftinctional aspect still needs to be agreed and designed to ensure global interoperability and avoid the multiplication of proprietary systems.

(b) Examples of DRM Schemes3

There are numerous companies currently offering DRM processes to rightholders. Here is a non-exhaustive list of some of the more well-known schemes:

____________________

3 Elements of this survey have been drawn from a study conducted by Rightscom Ltd. on behalf of Hewlett Packard.

SDMI is a group whose goal is to "protect the playing, storing, and distributing of digital music". SDMI is attempting to curb piracy using technological means.

SDMI is developing specifications for a system, to be enforced by future music players/recorders, to hinder unauthorized copying by screening music. In a nutshell, music will be protected with various technologies (such as digital watermarking. Devices that play or record music will first screen it, and protected music clips will only be playable under certain conditions. For instance, with this system, you could buy a CD at a record store that contains protected music. You would be able to play the CD in an SDMI-compliant CD player. However, if you take a song from the CD, compress it into an MP3, and make it available on the Internet, those who download the MP3 will have trouble playing it on an SDMI-compliant device.

On September 6, 2000, SDMI issued "An Open Letter to the Digital Ccmmunity," inviting people to attempt to crack certain technologies they are considering for use in their system: "the SDMI Challenge". They set up a web site where music samples and some other information could be downloaded to aid in analyzing the technologies. The SDMI requested that participants send the results of their watermark removal tools along with technical details of how the watermarks were removed. Following this, the SDMI would then offer participants the chance to sign a non-disclosure agreement in return for receiving a fraction of the prize money.

____________________

4 http://www.cs.princeton.edu/sip/sdmi/faq.html#A1 and www.sdmi.org

The system (part of Microsoft's "eBooks initiative) is client server based, with one piece of software residing on the users computer, the other an Internet server at the merchant site. The client software is Microsoft reader, which enables the user to download books at various levels of security. By logging on to the merchant's site, users are able to purchase newly published books. Once the purchase has been made, users receive the books into their Microsoft Reader software. Publishers can set the usage rules. At the moment, rules can be set to prevent the user passing on the book to more than one other computer (this restriction enables the user to make a backup of the book, similar to the pennission granted by a software licence).

____________________

5 www.microsoft.com/reader/das/default.htm

The Electronic Media Management System (EMMS) from IBM is an e-commerce software solution for digital distribution of media. The suite of five software products builds a technical platform with tools and security features that enable content owners and market intermediaries to conduct e-commerce and deliver electronic media content over various types of digital transmission systems. EMMS technology is being widely adopted within the industry. Many companies active in the delivery of digital music have already adopted or are supporting the EMMS technology. They include Liquid Audio, Reciprocal, RealNetworks, BMG Entertainment and Sony Music Entertainment Japan.

____________________

6 www-4.ibm.com/software/is/emms/

InterTrust has developed a general purpose digital rights management system for providers of digital information, technology and commerce services.

The core element in the InterTrust system is the InterRights point. Each InterRights Point acts as a secure "virtual machine" on a PC or consumer device, with the ability to manage digital rights remotely. At each InterRights Point, a secure database is created which stores the user's rights, identities, transactions, budgets and encryption keys. The other part of the system is the Digibox, a secure container in which protected information is stored in an encrypted state. This ensures that the content of whatever media type can be secured from abuse. A Digibox can only be opened by an InterRights Point that satisfies the required rules as contained in the Digibox. Rules can be set by rightholders and include rules concerning payment, viewing and playing and copying and printing.

An interesting feature of the lnterTrust system is its ability to enable peer to peer distribution, such as the formerly infringing services such as Napster. InterTrust technology should now make it possible for content owners to enable legitimate peer to peer consumer activity without the risk of massive infringement.

A group of companies has already signed up with InterTrust, including Adobe, Magex, Mitsubushi, Reciprocal and Pricewaterl-louseCoopers. There is also an initiative with AOL for the secure downloading of music to its members.

____________________

7 www.intertrust.com

The Liquid software, which supports many digital music formats, including MP3, comprises two parts: the sound recording mastering software, called Liquifier Pro, and the download server, called the Liquid Server, which allows consumers to gain access to the tracks mastered in Liquifier Pro.

The owner of a sound recording wishing to encode material in the Liquid Audio system can use the Liquifier Pro software to encode the music in one of a number of formats. The Liquifier Pro embeds into the encoded file an inaudible digital watermark, which enables tracking of the music. Additional security is provided by encryption software that can tie a downloaded sound recording uniquely to a consumer's Liquid Audio Player. Once encoded by the Liquifier Pro software, the music is made available to consumers via the Liquid Server. If the consumer wishes to purchase, a transaction is undertaken, usually with a credit card via a merchant service, and the actual sound file is downloaded to the consumer device. It is also possible to set some usage rules, such as number of days a promotional track can be played and to allow or prevent CD burning.

Currently, some 66 record labels have signed up with Liquid Audio. The company is also an online partner for BMG Entertainment, part of the Bertelsmann Group.

____________________

8 www.liquidaudio.com

ContentGuard is 80% owned by Xerox and 20% by Microsoft. The ContentGuard system enables rightholders to specify rights, terms and conditions for use and then provides an encrypted envelope in which to store the content. One of the product offerings from ContentGuard is XrML (see above).

____________________

9 www.contentguard.com

This Belgian company has set up a DRM system, targeted initially at the newspaper industry. The company's DRM system is based on two sets of software processes. GetaSeal is a process by which clients can protect their intellectual property against infringement by the creation of a timestamp and trusted seal by registering the content on the Info2CIear web site. The use of a secured web interface, including a batch process enabling the registration of large quantities of material simultaneously, is based on Public Key Infrastructure (PKI) encryption technology to ensure total reliability and security.

Once a rights owner's content has been registerelon the Info2Clear site with GetaSeal, the content can then be made available for download through the GetaCopy service. A user visits the content owner's site, where a database of available material is located. Having selected the article or articles required and purchased the necessary copyright permissions (which will be based on the number of copies required), the user is taken to the Info2Clear site, which is cobranded with the content owner. Payment is effected through either an account based process or by credit card, and the required content is now available for download to the user's client in a variety of formats. The content is not heavily encrypted but is accompanied by an Info2Clear encrypted seal. This seal contains and encrypted signature which will always appear with the content. According to Info2Clear, it is not possible to remove the seal without damaging the content file itself This enables the acquirer of the content to display it without the end-user requiring any special reader software. However, should the acquirer pass on the content without permission, it would be clear, by searching the web, that the content has been passed on without permission.

____________________

10 www.info2clear.com

This global consortium is specifying technologies, standards and business models to support personal video recorders based on hard disk technologies. An essential part of its work is how to address the copyright implications of this new technology, which offers a "store and forward" approach to digital content within the home. It has published a call for technologies to fulfil rights management and protection (RMP) requirements defined by members. This covers (1) appropriate service and application APIs, capable of interacting either with TV Anytime's baseline RMP system or proprietary RMP systems, and independent of any proprietary API middleware platforms; and (2) a baseline RMP device interface, addressing the protection of different types of data: RMP information data, metadata, the content itself and the secure authenticated channel used to establish trust and transmit keys.

Per TV Anytime documentation, the basic premises for the proposed RMP system are:

to provide ownership information and usage rules

to persistently protect the integrity of such rights information and content and usage rules

to persistently enforce those usage rules.

The overall RMP system must respect:

The consumer's use rights (e.g no improper fees levied) according to applicable regulation

Basic consumer legal rights or interests (e.g personal copy privileges, privacy protection) according to applicable regulation

____________________

www.tv-anytime.org

The Digital Video Broadcasting Project (DVB) is an industry-led consortium of over 300 broadcasters, manufacturers, network operators, software developers, regulatory bodies and others in over 35 countries committed to designing global standards for the delivery of digital television and data services. In September 1999 the DVB established a new sub-group, DVBCP (Copy Protection) of its Commercial Module with a mandate to prepare a commercial requirements document for copy protection. The purpose of that document is to act as a basis for the production of technical specifications by the corresponding group of the DVB Technical Module (DVB-CPT).

The scope of the envisaged DVB Copy Protection and Content Management (CPCM) system is end-to-end protection for content in all processes from the point of initial distribution to the end user through to the point of viewing or listening by the end user. It is intended that the DVB-CPCM shall be applicable to the widest possible range of equipment and not just restricted to DVB-specified systems. This encompasses in-home digital networks and personal video recorder technologies and all digital delivery mechanisms including terrestrial, satellite, cable, and the Internet. The authorised usage of content protected by the DVB-CPCM system shall be described by "Usage State" information which is tightly bound to the content. It is also a requirement that the DVB-CPCM system shall support a means of indicating whether protected content may be moved for viewing/listening outside the "Authorised Domain". The latter means the devices, networks and interfaces which are used primarily by the authorised user both inside and outside the home and are owned/rented by that user. The DVB's commercial requirements for CPCM were finalised in March 2001 and passed to the DVB-CPT technical group as a basis for a call for proposals (CfP). The latter was issued in July 2001 with a deadline for submissions of 19 October 2001. Twenty four proposals were received in response to the CfP and these are currently being evaluated.

____________________

www.dvb.org

Further details of specific DRM technologies for digital television and video can be found at the following URLs.

5C - http://www.dctp.com/

HDCP - http//www.digital-cp.com/

CPTWG - http://www.cptwg.org/

DVD CCA - http://www.dvdcca.org/


ANNEX II

Inventory List

of Digital Rights Management projects financed by the Research
Programmes of DG Information Society

PART ONE: Overview

This list should give a complete overview ofprojects financed by the Research Programs of DG Information Society (respectively its predecessors) in the area of copyright protection in the digital environment. Projects in this area were supported within the Framework programs (FP2 to FP5) and in the context of INFO 2000. There are projects envisaged within the eContent programme and FP6, but they are not launched yet.

The aim of these projects starting already in 1990 was and is to find out whether cop3jight protection in the new digital environment couldbe facilitated and guaranteed by electronical or technical measures. There are 23 projects all together in the list. Most of the projects are finished all ready; only five projects in the context of FP5 are still running or about to be started.

41.134.593 Euro were spent on the 13 projects within the framework programs FP2 - FP5 (total costs) while the EU-contribution amounts to 24.169.941 Euro (funding). The INFO 2000 proiects on MultiMedia Rights Clearing Systems total cost was 5.5 million Euro, whereby 2.2 million Euro were contributed by the EU. The average funding per project was 250.000 Euro.

From the point of view of the content the projects can be subdivided in five groups:

(1) Projects with the aim to design a new management system to protect copyright in the digital era using technical measures in the context of a sophisticated methodology (9 "Management-Projects " + RITMO, which is to be stopped)

(2) Projects envisaging certain building blocks (e.g. watermarking, interoperability) of such a management system (3 "Detail-Projects ")

(3) Projects envisaging the creation of certain "centers" (e.g. databases, platforms, information systems, portals) to control the usage of content on the Internet (6 "Center-Projects ")

(4) Projects promoting the idea of digital rights management systems (2 "Promotion-Projects")

(5) Other projects (2)

1. "Management-Projects"

Starting off with the CITED project in 1990,

the aim was and is to create a generic model applicable to the different business domains using technical means to provide control, policing and remuneration, in respect of the use of cop3lighted material stored and transmitted in digital form.

COPYCAT (1993) continued this work trying to develop an "electronic copyright protection system".

In 1995 a new project called COPYARMS followed the idea by trying to develop a so-called "IPR ECMS" (Electronic Copyright Management Systems) by focussing on the standardisation of technical measures which is necessary to permit the interoperability of systems.

At the same time COPYSMART should help designing an industrial low-cost solution for implementing hardware and software building blocks for IPR management in multimedia applications.

Also in 1995 the IMPRIMATUR project was to establish a so-called Multimedia Rights Clearance in networks. The key issue was to agree, within a forum representing a wide range of information industry organisations, on an interface between IT, telecommunications and IPRs (standardisation) and to identi/y and develop a set of tools to address those problems in the business.

The ARGOS project in 1998 also followed the idea of developing a copyright management system around a so-called "ARGOS center" concentrating on the establishment of a standard Communication Protocol for the flow of information between the parties.

The E-Cluster project (1998) wanted to create a cluster of ESPRIT ACTS, TELEMATICS APPLICATIONS and other (national, US, Japanese ... ) projects concerned with E-Commerce and IPR management; at the same time the operation of interoperable systems (protection of the information against piracy, secure payment) and the promotion of IPR management systems was intended.

The CREA NET project (1999) aimed to create a collaborative and secure environment for authors and producers where they could collaborate in pre-development and development business stages, co-production and world-wide pre-sale regarding European titles offilms, TV programs and media-rich interactive works.

The OCCAM project (2000-2001) is the latest project in that context addressing the problem of open architectures and interfaces for on-line access to digital content with IPR protection and management. The activity concentrates on developing interoperable enabling tools and components for the controlled access, delivery and consumption (IPR) of multimedia information over networks (e.g. by prototype applications). Furthermore it wants to establish a number of commercially-driven applications utilising the aforementioned tools and to point out additional actions needed for subsequent full and successftil commercial exploitation.

To sum up, the idea of an effective management of the 1PR for all parties in the e-commerce field with secure ways of dissemination and marketing of copyright protected works in digital format was followed by 9 projects. The projects concentrated on the development of a technical infrastructure that can provide effective monitoring tools and assure a fair remuneration for the use of copyright protected works.

2. "Detail-Projects"

To support the "management projects" three projects were set up concentrating on the development of building blocks of a management system:

FILIGRANE (1998) checked the reliability in software components and in the off-shetf components (i.e. origin, integrity, rights to use) and also wanted to develop new fee collecting mechanisms. The idea behind it was to produce a framework from specifications to operational implementation.

CERTIMARK (2000) focussed on water-marking technologies (benchmarking, application scenarios) aiming to create a reference tool for technology suppliers and customers (limited to the protection of still pictures and low bit rate video over the Internet).

INDECS (INFO 2000) was to create interoperabilily of digital content identification systems and rights metadata within multimedia e-commerce.

3. "Centre-Projects"

Other projects try/ tried to establish certain "centers" (e.g. databases, platforms, information systems, portals) to control the usage of content on the Internet sector by sector.

RIGHTSWATCH (to be announced) wants to establish a firrancially secure institution which will facilitate a pan-European self-regulatory procedure for the removal of inftinging intellectual property (known as Notice and Take down). The practical focus of the project is to develop a website with a hotline that will allow rights-holders to identify infringement, notify that infringement and have the material removed.

VERDI (INFSO 2000) tried networking of existing collectively managed multimedia rights clearance systems in six Member States to develop an overall concept and platform for an integrated online licensing system.

EFRIS (INFSO 2000) managed to set up a sector specific multimedia rights clearance system for bookpublishing. The result is an all-year round web-based interactive rights information system enabling participants to update their own rights information and to contact other rightholders directly (in collaboration with the Frankfurt Book Fair).

TV Files (TTIM 2W) wanted to create a service centre that provides European TV programme buyers and multimedia producers with all the decision making data they need to evaluate international productions, including intellectual property rights (IPR) and programme information. The aim is to shorten substantially the research time needed to evaluate content, quality and ownership and giving rightholders, television producers and distributors access to hundreds of buyers.

PRISAM (INFO 2000) is an information system to speed and simplify negotiations between European producers and editors of multimedia products (audiovisual works) on the one hand and rightholders on the other. Copyright is administered by four participating organisations.

ORS (INFO 2000) is an internet portal providing fast access to the many different companies holding information on rightholders, management modules and music-related rightholder organisations throughout Europe. The portal has an interfaced standard database structure and management modules enable the user to make his searches according to a wide range of criteria .

4. "Promotion-Projects"

Two projects try explicitly to promote the idea of Electronic Copyright Management.

TRADEXs' (2000) aim is to assess solutions resulting fi-om recent research activities on digital object exchange and to deploy the results of European research in the field of electronic treatment of IPR. Assessment will give indicators of the technical perfon-nance and the business service impact.

COMPAS (INFO 2000) is a multi-lingual web-based information service for multimedia service companies, production agencies, training organisations, publishers and rightholders. It is designed to handle frequently encountered problems in rights clearance (e.g. copyright issues; it cedure an 4 erationii

5. Other Projects

b@ - before copyright (INFSO 2000) is a networked agency dedicated to multimedia con~ development for European co-productions. b(O provides a trusted environment to create new content: collaboration and rights trading, allowing different individuals to work together to develop multimedia, while protecting each intellectual contribution. NO technology is based on original software, known as the Notary System, combined with a set of exclusive tools for multimedia content development.

BONA FIDE (INFSO 2000) aims to develop a secure environment which enables rightholders to store and distribute multimedia content and allows usage to be monitored. A so-called broker architecture on a website should enable producers and end users to search for acquire and pay for suitable content. Using the website one is obliged to use model legal contracts, but at the same time it handles licensing and monitoring of the system content beginning with unique identification of each multimedia object.

PART TWO: Detailed Inventory of EC DRM Projects

The inventory below attempts to provide an exhaustive list of EC funded projects related to DRMs. The list provides a more detailed description of each project, the functioning of the technique, the costs, etc.

Table of contents

1. Projects In the context of FP 2 & 3 (ended programs)

1. 1. ESPRIT Project 5469 - Copyright in Transmitted Electronic Documents (CITED)/ start: 1990, duration: 40 months

1.2. ESPRIT Project 8195 - Copyright Ownership Protection in Computer Assisted Training (COPICAT)/ start: 1993, duration: 28 months

2. Projects In the Context of FP 4 (Ended Programs)

2.1. ESPRIT Project 20460 - Co-ordinating Project for Electronic Authors Right Management Systems (COPEARMS) /start: 1995,duration: 36 months

2.2. ESPRIT Project 20517 - CITED based multi-media IPR management on cost effective smart device (COPYSMART)/ start: 1995, duration: 24 months

2.3. ESPRIT Project 20676 - Intellectual Multimedia Property Rights Model and Terminology for Universal Reference (IMPRIMATUR)/ start: 1995, duration: 36 months

2.4. ESPRIT Project 26984 - ARGOS Centre Project for IPR Data Collection and Management (ARGOS)/ start: 1998, duration: 24 months

2.5. Esprit Project 28423 - Flexible IPR for software agent reliance (FILIGRANE)/ start: 1998, duration: 24 months

2.6. Esprit Project 29430 - Electronic Commerce Cluster (E-Ccluster) / start: 1998, duration: 12 months

3. Projects In the Context of FP 5

3.1. IST-1999-10639 - Rightswatch (RIGHTSWATCH) / start: to be announced, duration: 24 months

3.2. IST-1999-10871 - Creative's rights European agency network (CREA NET) / start: 1 January 2000, duration: 30 months

3.3. IST- 1999-10987 - Certification for watermarking techniques (CERTIMARK) / start: 1 May 2000, duration: 27 months

3.4. IST-1999-21031 - Trial Action for Digital Object Exchange (TRADEX) /start: 1 October 2000, duration: 16 months

3.5. OCCAM (Start Date: 2000-01-01 End Date: 2001-12-31)

4. IST-2000-26047 - Research on integrated trading model for Music on-line (RITMO) / start: January 2001/ duration: 18 months (is going to be stopped)

5. Projects In the Context of INFO 2000

5.1. VERDI (Very Extensive Rights Data Information)

5.2. INDECS (Interoperability of Data in E-Commerce Systems)

5.3. EFRIS ( Extended Frankfurt Rights Inforination )

5.4. TV Files - IPR Rights for TV Programmes

5.5. PRISAM (Producer Rights Information System for Audio-Visual and Multimedia)

5.6. ORS (Open Rights System)

5.7. BONA FIDE (Broker Based Network Architecture for Fail-safe IPR Clearance of Digital Content)

5.8. COMPAS (Copyright Management and Multimedia Rights Clearance Best Practices for Educational Multimedia)

5.9. b@ - Before Copyright

6. Other projects

__________________________________

1. Projects In the context of FP 2 & 3 (completed programmes)

1.1. ESPRIT Project 5469 - Copyright in Transmitted Electronic Documents (CITED)/ start: 1990, duration: 40 months

1.2 ESPRIT Project 8195 - Copyright Ownership Protection in Computer Assisted Training (COPICAT)/ start: 1993, duration: 28 months

2. Projects In the Context of FP 4 (Ended Programs)

2.1 ESPRIT Project 20460 - Co-ordinating Project for Electronic Authors Right Management Systems (COPEARMS) /start: 1 995,duration: 36 months

2.2 ESPRIT Project 20517 - CITED based multimedia IPR management on cost effective smart device (COPYSMART)/ start: 1995, duration: 24 months

2.3 ESPRIT Project 20676 - Intellectual Multimedia Property Rights Model and Terminology for Universal Reference (IMPRIMATUR)/ start: 1995, duration: 36 months

2.4 ESPRIT Project 26984 - ARGOS Centre Project for IPR Data Collection and Management (ARGOS)/ start: 1998, duration: 24 months

2.5 Esprit Project 28423 - Flexible IPR for software agent reliance (FILIGRANE)/ start: 1998, duration: 24 months

2.6 Esprit Project 29430 - Electronic Commerce Cluster (E-Cluster) / start: 1998, duration: 12 months

There is a further project in the context of FP4 called VIVA in cooperation with Philips (for further informations contact Philippe Lefebvre).

3. Projects In the Context of FP 5

3.1 IST-1999-10639 - Rightswatch (RIGHTSWATCH) / start: to be announced, duration: 24 months

3.2 IST-1999-10871 - Creative's rights European agency network (CREA NET) start: 1 January 2000, duration: 30 months

3.3 IST-1999-10987 - Certification for watermarking techniques (CERTIMARK) / start: 1 May 2000, duration: 27 months

3.4 IST-1999-21031 - Trial Action for Digital Object Exchange (TRADEX) /start: 1 October 2000, duration: 16 months

3.5 IST-1999-11443: OCCAM - Open Components for Controlled Access to Multimedia Material (Start Date: 2000-01-01 End Date: 2001-12-31)

4. IST-2000-26047 - RESEARCH ON INTEGRATED TRADING MODEL FOR MUSIC ON-LINE (RITMO) / start: January 2001/ duration: 18 months (is going to be stopped)

5. Projects In the Context of INFO 2000

Overview of INF02000 programme activities with regard to multimedia rights clearance systems "MMCRS " -- the process whereby multimedia producers seek to obtainftom rightholders the required permissions for reuse of text, sound, image, video, or other digital objects in a multimedia product or service. INFO 2000 was a multi-annual (1995-1999) Community programme to stimulate the development of a European multimedia content industry and to encourage the use of multimedia content in the emerging information society, http//:www.cordis.lu/econtent/mmrcs/home.html).

5.1 VERDI (Very Extensive Rights Data Information )

5.2 INDECS (Interoperability of Data in E-Commerce Systems)

5.3 EFRIS ( Extended Frankfurt Rights Information )

5.4 TV Files - IPR Rights for TV Programmes

5.5 PRISAM (Producer Rights Information System for Audio-Visual and Multimedia)

5.6 ORS (Open Rights System)

www.cordis.lu/econtent/mmrcs/ors.htm and www.open-rights-system [sic]
Description: ORS is an internet portal providing fast access to the many different companies holding infon-nation on rightliolders, management modules and musicrelated rightholder organisations throughout Europe. The system is designed to help users to either obtain rights clearance or make swift contact with the relevant rightholder and to reduce the time, inconvenience and expense associated with acquisition of copyright, giving a strong competitive advantage to European multimedia producers and content developers. Its practical design allows rightholders to join ORS without the need to change their own database structure.
Functioning: The ORS prototype software consists of three sections: (1) The web p2rtal allows the user to identify rightholder organisations and to either obtain tariffs, negotiate rights clearance directly or make immediate contact with the relevant individual via phone, fax or email. (2) An interfaced standard database structure allows ORS to interact with the many different database structures of the rightholder organisations. (3) Management modules enable the user to make his searches according to a wide range of criteria, follow these through to contract stage and receive progress reports on outstanding requests for rights clearance.
Results: SCPPs own database of a million CDs and 20,000 music videos has been on-line since December 1999, as part of the ORS project. The prototype now contains contact details for over ninety rightholder organisations; the project is set to continue, with the involvement of some new partners and with possible additional funding from the ECs new multi-annual programme, 'European Digital Content for the Global Networks'.

5.7 BONA FIDE (Broker Based Network Architecture for Fail-safe IPR Clearance of Digital Content)

www.cordis.lu/econtent/mmrcs/bonafide.htm and http://bonafide.archetypon.gr
Description: "broker architecture", developed to address major issues in multimedia rights clearance, such as the availability of information about processes andprocedures for locating and clearing rights, the use of model legal contracts and the availability of advanced multimedia storage and delivery mechanisms; designed to store and distribute multimedia content in a secure environment on behalf of nightholders and to allow usage to be monitored. Producers and end users can search for, acquire and pay for suitable content; provides handling of multimedia content registration by rightholders, support of different licensing schemes and automatic distribution of licensed content to producers; used to enhance the distribution of web-based educational products and industrial training, and for the development of advanced systems for use by web portals. The database currently contains several thousand photographs, paintings and other images from the Giunti multimedia catalogue (museums of Florence), but the system is equally suited to the storage of audio files, moving images and texts such as chapters of technical books.
Functioning: the "broker" consists of two sub-systems covering IPR and Storage and Delivery. The IPR Clearance Sub-system handles licensing and monitoring of the system content, beginning with unique identification of each multimedia object, using the International DOI Foundation's (IDF) Digital Object Identifier scheme. Each time an object is requested, the broker system informs the consumer of options allowable for acquiring it within the available licensing schemes of the rightholder. Following each successful transaction, information about the scheme selected by the end user is passed back to the rights owner; a monitorin,2 service detects whether multimedia content has undergone the BONA FIDE watermarking procedure or whether it is being used illegally. The system also includes mechanisms for electronic payMen . In addition, related services providing for the digital storage of data and their respective metadata information, delivery of content according to contract, secured preview and advanced retrieval services, both interactive and subscription based and enhanced indexing and searching capablilities to the benefit of users.
Results: The project has been presented to a wide range of audiences and has received publicity in Italian weekly newspapers; plans to incorporate the technology into the distribution of some other products, such as web-based education and electronic magazines.

5.8 COMPAS (Copyright Management and Multimedia Rights Clearance Best Practices for Educational Multimedia)

5.9 b@ - Before Copyright

6. Other Projects

Up to now, there is no project dealing with "digital rights" launched within the eContent programme. But there will be projects launched by October 2001 under the Action Line 3 "Increasing dynamism of the digital content market". The eContent programme is aimed at supporting the production, dissemination and use of European digital content and to promote linguistic diversity on the global networks and was adopted by the Council on the 22 December 2000 for a period covering the years 2001 to 2005.

There also is a new support measure selected by D2 under Call 6, the so-called «Interparty» project. Also EBLIDA, a grouping of national library associations has been active in connection with the copyright directive and have lots of information and contacts of their own (See: www.eblida.org)


Transcription and HTML by Cryptome.