ContentGuard talks DRM futures

Michael Miron in the chair

ContentGuard has followed the traditional development path of most intellectual property businesses. First it thought is was a product company with dreams of building a DRM monopoly on the back of technology leadership, then it found the going tough and the pickings too small and finally it dropped back to pushing intellectual property with a handful of key staff.

Today it is a 32-man operation encompassing two locations, selling IP and software tools, as well as standing behind the standard for a rights expression language called XrML, backed by both MPEG and ISO. The company is now owned by Microsoft, Time Warner and Thomson, the French CE manufacturer.

Michael Miron the CEO admits to not being one of the technology developers, but has been associated with the business since 1999 when Xerox asked him to build them an internet business.

Back then the DRM group was 150 people strong, and he grabbed together this and some other segments of Xerox that looked like an internet play and then he told them that he didn’t think it was going to work as an internet business.

About that time Microsoft made enquiries about a license and Miron suggested that instead it took a shareholding, and by Spring of 2000 ContentGuard was born as a separate entity.

If you changed the company name to Intertrust and instead of Microsoft and Time Warner, put Sony and Philips and changed a few dates, you would have virtually identical stories.

So it is no surprise that these two IP companies' technology is at the heart of this week’s move to offer a patent pool by the MPEG LA for DRM offerings such as OMA DRM.

Blunt talk

When Miron talked to Faultline this week it became clear pretty soon that he was blunt speaker about DRM and that he sounds not a bit like a Miscrosoft puppet, despite the software company’s influence: “Content owners don’t want to be constrained and neither to end users, but everyone in the middle wants DRM to be proprietary. And that’s one of the reasons that we don’t see a single trust model used for DRM," he began.

“Software vendors especially want to keep the trust chain and rendering proprietary.

“Many people confuse DRM with security and privacy, but when you end up with a lousy customer experience, end users vote with their wallets and their feet, and they leave.

“What DRM is really about is a combination of technology and a fair offer. It’s not there so that you can shut it down and stop people from copying content, DRM is there so that you can run a business containing the number of breaches with a combination of technology and a friendly experience.

“DRM must always be distinguished from perimeter security which is about letting no one get into a system. DRM is far more complex.

“The basic construct behind DRM is that there is a Source for some data, and he data is provided, along with a license, each delivered separately. The asset can come from one source, and the license from another and they may go to different destinations but they are bound together. The license contains authorizing information for the asset and that needs to be expressed using a Digital Rights Language, which describes what the destination can do with the asset and under what conditions.

“The reason that we say that there will never by a completely standardized trust model is because a PDF for instance, that contains a newspaper article, needs very different protection from a PDF that contains US military secrets.

“We believe that web services will define a lot of trust models, which is why we have tried to work alongside web services standards and get our Rights Expression Language adopted there. It is very hard to get vendor systems to trust one another, but a web service can manage interoperability for you and it can be made to do some quite complex workflows, which you can never completely work out in advance. As web services they can be changed.”

Miron adds that ContentGuard XrML has been proposed as part of the web services technology in the security token in the Web Services Security standard.

He then offered the concrete example of a Movielink-hosted film being downloaded to a home server: “Here the home hub is not the end user, but a distributor. Sometimes the data source, for instance a studio or Movielink, will never know who the eventual end user is.

"The system has to cater for a new license being issued by the Hub to a PC or a DVR or even a mobile phone or some future device we haven’t thought of."

Miron’s point is that DRM should produce a system where there is never any need for each of these devices to talk directly all the way back to Movielink. Miron and ContentGuard propose a model of DRM that relies on five things: formats, digital identifiers, meta data, rights expression and trust model. Under MPEG 21 this is a little more complicated with a transaction language and automatic content discovery added to this. But in the end Miron believes that we can agree on the standards for format, identifiers and meta data or freely translate between different choices, leaving the Rights Expression Language and the Trust Model the only two things that need to interoperate for DRM to become interoperable. And of course if everyone uses the ContentGuard REL, that leaves only the Trust model that needs gateways.

And given that Miron doesn’t think that there can be a universal trust model (although there might be a common one for one function like delivering movies) it is fairly obvious to see why he is so fanatical about ensuring there is only one Rights Expression Language and why he is so against the one chosen from IPR Systems in Australia for the OMA DRM reference model.

“The more of it you standardize, the easier it gets to do,” he says.

Trust model

In the end he wants to bring DRM interoperability down to one variation - the trust model - where each web service that runs a particular form of delivery, selecting its own appropriate trust model. For media, models such as Microsoft WM DRM, Intertrust, Apple’s Fairplay and Sony’s MagicGate and perhaps the DRM interoperability effort of Macrovision are the only ones that matter. Get their trust models to interoperate and you have the potential for global DRM.

“We think that Apple will have to re-architect Fairplay from being operating system based before it can have input from CDs and from other DRMs,” said Miron.

And he adds that his own XrML can do way more than simply express rights and he insists that it can be used as the main common architecture for DRM interoperability.

“We are working with the open Ebook standard, E-learning standards and even taking a look at DVB (Digital Video Broadcasting). We have suggested the notion that they look at this work and consider it for broadcasting. At the moment DVB has just got as far as broadcast flags, but they are in their information gathering phase. They could do so much more if they implemented a full REL.

“XrML can turn a DVR into a networking hub, and we are talking to the TV Anytime Forum about that. Here we have met two major philosophies. On the one have you have the US conditional access players that just want to enhance what they’ve got already and on the other you have the more enlightened Asian CE companies that want to do something more advanced here.

“We are coming out of technology that began in 2000, that was basically a set of proprietary DRMs, where one vendor supplied an end to end solution and their aim was entirely defensive to combat piracy.

“And we are headed in 2005 for interoperable standards built around componentized DRM, which facilitate new business models that are more offensive and less defensive.

“At business school I studied the Crisis Change Model, where an industry faces a new technology, moving from ignorance to denial to active combat and then sinks into defeat, resignation and disillusionment. Eventually new ideas are embraced and then leveraged. That’s where we are with DVDs, leveraging them.

“I would say we are at the combat part of the cycle right now on internet delivery, moving on towards defeat. Eventually someone shows the way like Steve Jobs and Apple did for online music distribution," Miron concludes.

Copyright © 2004, Faultline

Faultline is published by Rethink Research, a London-based publishing and consulting firm. This weekly newsletter is an assessment of the impact of the week's events in the world of digital media. Faultline is where media meets technology. Subscription details here.

Related stories

Mobile DRM levy hits operators where it hurts
Phone biz agrees on $1 DRM levy
Europe pauses Microsoft DRM probe
EC objects to MS - Time Warner ContentGuard takeover

Sponsored: Today’s most dangerous security threats