|
| |
Protecting Content in the Digital Age
From: Columbia University
| By:
Leonardo Chiariglione |
EDITOR'S INTRODUCTION |
Leonardo Chiariglione is perhaps the world's foremost authority on creating international standards for digital media.  He is the head of the multimedia division of C/SELT, the founding convenor of the Moving Pictures Experts Group (MPEG) and the founder of the Foundation for Intelligent Physical Agents (FIPA). In the following interview, which took place on January 18, 2000, John V. Pavlik, professor of journalism and executive director of the Center for New Media at Columbia University, talks with Chiariglione (right) about his latest initiatives, including the Secure Digital Music Initiative and MPEG-21. |
John Pavlik: I've been thinking about how important a secured digital "wrapper" is for any form of digital content. This is especially true with all the interesting changes happening at AOL, Time Warner and other areas. If you look at the future of music and the digital environment, so many exciting things are occurring. |
Leonardo Chiariglione: It's really exciting for me, as one of the people representing the technology world, to talk to a very important portion of that world. The content that you deal with--news--is very peculiar but extremely interesting.Let me try and frame the topic. To me, audio and video are extremely important, because they address the most important media that create the human mind. Before we started MPEG, some 10 years ago, we had audio signals and we had video signals. People did wonders with these signals in analog form, but they are so unwieldy. The idea was that we could do much more if audio and video could be converted to digital form. |
But we also had in mind a broader utilization by business so that the enabling technology, the compression technology, could really become a commodity. It could be something you would buy to make what you want so you could forget the fact that conversion of audio and video from analog to digital was a problem. That was the idea with MPEG.We created this group (MPEG) and called on industry, and they came with a lot of good work. MPEG-1 was great; MPEG-2 was great; MPEG-4 was great. But little by little we realized a problem: how to convert audio and video from analog and have industry supporting it so that technology no longer becomes a factor in the equation. |
Pavlik: But how will people use what is generated? |
Chiariglione: This is something that we came to realize with MPEG-2. We decided we needed to provide an infrastructure so that people could feed their audio and video programs to the system and be reasonably sure that this flow of information would go to the people who intend to use it, such as producing, distributing or watching or listening to video or audio. This was rather primitive, but nonetheless extremely effective, because the infrastructure designed in MPEG-2 was used by the operators in the United States and Direct TV in Europe. These operators use this infrastructure, which gives them a reason for putting their content in because they know the content goes to the people who would somehow subscribe to the services that are provided.
With MPEG-4, we went one step further. We said we have to provide some better-defined interfaces, because MPEG-2 was really converting the analog television paradigm into a digital television paradigm, which technically is not a big thing. But the impact on the business is incredible, because if you think of what is happening today with digital television in the United States you understand how important it is. |
So we had this problem. But also a great invention that became possible because this very powerful compression standard, which was called MPEG-1 audio layer three, became implementable in computers. That meant that the huge music files that are on a compact disk--say, 30 or 50 megabytes--could be compressed 10 or 20 times, and all of a sudden it could be moved across the Net.This is what changed the way people deal with music. The end to this process is nowhere to be seen, because every day something new is happening. Techniques are being developed whereby you have music files on your computer that can be shared with the universe of people online around the world, so really it would be possible to put it into a common storage system containing much of the world's music. |
This is one idealistic way of looking at the problem, but you now have to understand that music is a business. If I were an artist, I would love to produce music for the sake of producing music. That would be great, but from time to time my wife would say, "Hey, I have to pay this bill, I have to pay this other bill." You'd say, "All right, I have to find a way of making some good use of my music." That's why an artist has to be a businessperson, so that the music is promoted and provides revenue. This was the model in the early days of music and recording.The business right now is much more complex. Still, the problem exists that if everybody can get access to free music, what's the value of music? How can an artist make a living out of it? |
Pavlik: You can say that it's not the music that is important, but the way music is used that makes money. |
Chiariglione: Possibly. But other people would say, "No, the music itself is important." If I were an artist, I would say it's fine if somebody uses my music for promoting shoes from a manufacturing company, but I would love people to buy my music because they want my music that I have produced. |
Anyway, maybe first I'm not an artist and maybe I'm also not a businessman, so maybe I don't understand the real factors, but I would think that some of the things that they have said are true in some context. That's why the secure music initiative came in. The core of that initiative is really to define some standards so that music can be wrapped in some secure form so that if you get the right to use that music then you can play, you can record, you can do whatever you want. If not, it's like a closed door; you have the key and you can enter the house. If you don't have the key, you don't enter the house. That's life.This is really something that I believe is very important, because it carries what will be an important paradigm that becomes fundamental for coexistence of content--whatever it is. It can be music, it can be video, it can be a computer game, it can be a 3D space to navigate, it can be virtual museum, it can be anything that has a value itself. To preserve that value, you must "wrap" it somehow, just as today you go to a museum and you pay an admission ticket. If you go to a virtual museum you pay an admission ticket. If you go to a concert you pay the admission ticket--it's all the same in the virtual world. |
Does it have to be like that? No. If somebody says, "Please come to my place that has very interesting music that you can listen to," and there are some advertisements, that's very legitimate, that's very positive. But you must have the flexibility of managing your content. That may be very strict--$1 per song, for example--or it can be very loose in the sense that you can download as much as you want, but with the music you get some advertisement and while you listen to the music you also watch the advertisement. But in order to do that you need this kind of basic technology that allows you to manage content. So this is where we are in this MPEG-plus as SDMI (secure digital music initiative) history. |
Pavlik: How does this apply to journalism, which is a unique area of content, both a business and a public good? |
Chiariglione: News today follows a very traditional model, whether it be in the form of paper or radio, television, or even as news over the Web. But when every form of news will become digital, it will be represented in different media. You need a lot more protection than you have today because you need somebody guaranteeing that the news has not been manipulated. In order to do that you can't simply say, "OK, this is the part of the news that goes to the world," and somebody in between changes it for some reason. It might not be a legitimate reason to change it. So you need to have tools to manage the way this piece of news is distributed. |
Pavlik: Something happened to the US Library of Congress website, which is a place where records of the US Congress are put online. Hackers broke into that website, so it'll be quite some time before we know whether the content that we now access there is reliable. In fact, every form of content can use some form of protection. If I understand that correctly, that is what the secure digital initiative will produce: some sort of standards to protect content. Perhaps you could describe a little more what the actual technology would be like in terms of this form of wrapper. |
Chiariglione: I'd like to think of the Secure Digital Music Initiative as the forerunner of other similar initiatives that will one day appear. At the moment, we are in the very early phases of the Secure Digital Music Initiative. We have produced the specification of a technology that is a watermarking, which is embedded in the music itself. Normal ears or even, they would claim, golden ears do not perceive that the signal is there, but the machine understands, by looking at a certain place of the music, whether this music is marked or not. |
Once I have determined that the music is watermarked or not, what am I going to do with it? We are in the very early stages of this question, but indeed the idea is to create standards for managing content, a particular content that is called music. But the same is going to happen for video, because in this country and also in Europe and Japan ADSL [asynchronous digital subscriber line] is being deployed. It's not the kind of gigabit-per-second bandwidth that will come to everybody's homes in the future, but still, when you are talking of something that is in the order of one megabit per second, it becomes feasible to do with video or film the same thing that is happening today with music files, with MP3. So, similar issues will appear for video on the Net. |
We are in the early stages, but the idea is to specify AVIs [audio video interleaf, a digital movie file format] at some time in the future whereby I can access a website and I can make my transactions with the website in a secure form. That's what we are going to do with this new line of secure digital wrapper. |
Pavlik: Can you give me some sort of a sense of the time frame that we're looking at where one might expect to work in this environment in which you can manage your online music or other content? |
Chiariglione: When we started, in February 1999, we said we will produce a specification in four months--we did it--and by Christmas we expected devices and the kind of portable devices that carry music in a protected form. This hasn't happened yet. It may be just a matter of weeks, but if you want some hard date I would think that very soon you should be able to go to a shop and buy a portable device produced by Sony or by Matsushita or by Philips or by Thompson that will carry secure digital music. Will that be the ultimate solution? No, because this response is to a rather simple paradigm that says I go to a website, I buy a music file, I download it on my computer and from my computer I move it to this portable device and then I move around. I suspect that the world is much more complex than that, and what is happening to MP3 needs to be examined very carefully because it signals the complexity and the variety of ways digital music can be handled when you mix consumer devices, computers, the Net and the different delivery mechanisms that you have. You will see such a complexity of models that it will take a long, long time to cover them all by specifications that industry can think of. |
Pavlik: What are the challenges in getting these standards accepted on an international level with different recording organizations around the world? |
Chiariglione: There are five major recording organizations in the world and quite a few of the smaller different organizations, but I would think that they all share the same goal. Recording companies are intermediaries, the people who provide a service between the artist and the consumer. In a very general form that's what a recording company is. So far the rigidity of the technology implied that an artist sign a contract with the company, which provided a studio, a marketing team, printers and a distribution network. That was the service that record companies provided. But now, if you look at what is happening on the Net today, you see that you can have much more complex intermediation functions. It can very well be that the intermediation is no longer what I have said but simply a function that is capable of responding to the wishes of the consumer when he wants to have access to certain types of music. |
If you look at the types of music that exist today, you have thousands, tens of thousands of different titles. Because of the rigidity of the distribution system today, a normal person can very well overlook types of music that would be of interest. This is the way that intermediation will evolve over the years, and if you have this technology that allows you to manage content, then you can put in place all types of business models. You can put in place all types of offers, you can invent new ways of packaging music, new ways of responding to user needs, so it's really endless. And here we're talking just of music, but I would really like to see whether we can explore some ways your specific field can benefit from this kind of technology. |
Pavlik: Let's come to that in just a moment. Let me first ask you whether the Secure Digital Music Initiative would have standards and/or produce a wrapper that would protect streaming media as well as files once they are downloaded? |
Chiariglione: This is the intention. At the moment, we are concentrating on files because that's the natural extension of records. You buy a record and it's like downloading a file, but if you listen to music from a radio, that's the equivalent of streaming. We will get there. At the moment, we haven't done anything yet, but in the next meetings we are going to focus more on what is required for streaming media. |
Pavlik: You mentioned the issue of how this technology will affect journalism. I think that's an important question from the point of view of public interest, especially where, for the public, getting access to news and information that is authentic and certified as reliable is critically important to the citizen or the consumer. From a journalism point of view, what's critically important is having some sort of digital watermark that guarantees that the source of this is who you think it is and the content hasn't been tampered with between the time that they put it online and when you're receiving it. Why hasn't this happened earlier? Why is it only happening now? |
Chiariglione: Watermarking is a new technology. I know that the BBC has been watermarking its programs for quite some time, but that was for the purpose of protecting its assets, because if they discovered that somewhere a broadcaster in a small country is broadcasting something that has the watermark, then they can sue these people. |
So this has happened, but again it's a matter of rigidity of technology, isn't it? Today you're tuned to a station that you know, unless something has happened that is very bad, like a coup d'etat, and the station that you trusted all of a sudden becomes something different. If 88.8 is the station that you usually tune in to, you believe in that. But if you go somewhere on the Web, what kind of guarantee do you have that the piece of information that is there is reliable? If it says this has been taken from this source, who guarantees you that indeed it has been taken from the source? |
Consider the example that you said before. You go to the Library of Congress website and you think that content is what has been stored and is the actual reporting of what congressperson so-and-so said at that point in time, but some hacker takes pleasure in having them say the opposite and you have no way to know that. It's because of the evolution of the Net that this issue became important and cannot be procrastinated. |
I can tell you that we have a work item that we are finalizing right now in MPEG that is exactly that kind of watermarking technology. Some watermarks need not be standardized, such as the kind of watermark the BBC has. The BBC does what they want with their content, their programs. But for a user, if I wanted to be sure that this is something that I can trust, then some degree of standardization is needed. If not, you would not know who to trust. |
Pavlik: The logic of a trusted third party, or something you can look to that guarantees that, seems irresistible. This of course will serve the public interest, but my experience with journalists and journalism organizations is that anytime one talks about setting standards or doing something that somehow might be viewed as putting on constraints, there may be resistance. Might there be any basis to an organization saying, "Wait, this is a threat to freedom of expression, freedom of speech and somehow limiting what we can do?" If someone raised that question, what would your response be? |
Chiariglioni: The threat comes when the law comes in. Because when it says "Thou shalt do this" or "Thou shalt not do that"--yes, OK, I agree with "Thou shalt not kill"--but "Thou shalt encrypt" I would have trouble with. But to "Thou shalt have the freedom of encrypting" I would say OK, thank you very much, so I'll do it or I will not do it, depending on what my purpose is. So this is the first part. |
The second part of your question is the use of watermarking. The problem is complex, and I would really like to appreciate the involvement of your community in the kind of reflections that we are making on what kind of watermarking, what kind of functionality we should support. We are technologists, so we are using our brains the best way that we can, but I don't claim that we are doing the best, because we do not know what your needs are. If watermarking is something that is embedded in the content in the video, in the audio, in the text, in the pictures or in whatever, and this is somehow standardized so that all devices at the user's side know if the pattern of watermarking is as it should be, they will know that nobody has tampered with that content. |
You would have to bring me a case why this should be taken as a threat. I'd say it's a help for you, as the author of the news, to make sure that the thing that travels through the Net and gets to the people that can choose the news ensures that John Pavlik is the one who has written this, who has produced this, and therefore I make my decisions as a user depending on the fact that I trust or don't trust John Pavlik. Can you give me a case where this is a threat? I would like to hear it, because this is helpful to design the technology. |
Pavlik: Would the technology permit a news organization that wants to provide the encryption to charge a fee for a "key" to someone the same way it requires a certain fee to buy a newspaper today in the printed or analog world? Would you be able to also provide a free key to a library so they could open the file so that the public would have free access? |
Chiariglione: This is something that of course must be designed, but I think there are a couple solutions to this. There is one way that says you have a key, and there is the equivalent of two centimeters of iron around the box so that only if you have the key you can open and see the inside. This is one way. |
The other way is the usage rules. This is the equivalent of the contract that you and I make when I buy a piece of land from you. I can buy a piece of land from you and you say that the land is yours; however, because I have a house near to that land, you may not build a new house there. OK? So it's a free contract that the two parties enter into. The same should apply with protected content. The content is protected, and it can be that if John Pavlik needs to use this content for his course, John Pavlik gets a usage right that is for the duration of this semester--you may use it 10 times for free, for example. That is the contract that has been made. One thing is the technology that protects and the other thing is the description of the agreement that the two parties have made, so in that sense it must be part of the design of this new system. |
Pavlik: Would that second part be where the concept of fair use, which may be something of a unique American concern, enters in? |
Chiariglione: You said it's a peculiar thing, and indeed this country is peculiar. I would certainly not disagree with that, and it doesn't have to have a negative meaning. But isn't it that fair use was kind of a shortcut that had to be devised because of the rigidity of the technology? It may not be satisfactory to the people who own the rights to the content. Whether this is an extension of the concept of fair use or it is a radical new concept, I don't know. But in your country you have quite a few lawyers who I'm sure would love the challenge of interpreting this. |
Pavlik: What kind of issues does this raise for privacy? We've already seen on the Internet more and more instances where people have to provide certain information about themselves in order to get access to content. Will the privacy issue become more entangled? |
Chiariglione: I'm afraid yes. But this is not because of protection of technology. The privacy issue exists for every new gadget that is produced.
You know that if you have your cell phone, somebody--it could be Big Brother--knows exactly where you are. This problem of privacy is a curse that accompanies all this new technology. So yes, of course, if content is protected, and if between the author or the intermediary and the consumer there's a contract and every contract must have a signature, then privacy is threatened. |
A signature means that this one is exactly who he is and the other one is exactly who he is. In that case, I suspect that there will be enormous masses of data that will be gathered, that will be the equivalent of some public buildings where public contracts are stored. So the problem is not, I think, that we will have more attacks on privacy. I think the problem with this technology is not just protection, it's about accessing a website without protection. This gives people the possibility to amass a large number of data about people. |
Pavlik: Let's talk about the prospect of news organizations using this kind of technology. It seems the news media are often the last ones to use new technology. They rarely seem to be in the forefront of new technologies. Part of the perception may be how expensive will this be for news organizations? And will smaller news organizations find it more difficult, as a result, to implement this kind of technology? |
Chiariglione: This is a good question, a really good question. I think it's very much the core issue. I claim that protection technology will become one of the enablers. And therefore, first, we must avoid the formation of any monopoly of any kind. That's for sure. |
Therefore, it is important that there will be a large number of suppliers of this technology, and the challenge is to define the standard in such a way that will allow a multiplicity of suppliers of different technologies, all conforming to the standard. You know, it may seem a contradiction, but it is not. If the standard is designed in the appropriate way, this will not happen. If you achieve that then I would think that then the price will fall. |
Today, a traditional news organization must pay for the delivery of its news. It's the cost of doing business in journalism. Well, in the digital, online world they don't have that cost, because they can use the Net. But you will have other costs. And what are the costs? In order to deliver it over the Net you would have to protect your content, and so you will have to pay the supplier of this technology, of this protection technology. So the answer is twofold. They will cease to have certain expenses because they will not be needed anymore. They will have other expenses, namely protection, and we have to make sure that we do not create any monopoly here. |
Pavlik: How will government view encryption, the basis for protection? In the United States, you may have something of a peculiar situation for better or for worse where anything that involves encryption is very much a concern to the government, mostly, I think, from the point of view of law-enforcement concerns. They don't want criminals to have access to very strong encryption technology, and they view this as a security threat. So how will this be viewed by the government if it's a strong form of encryption? Is it likely to be a hurdle there that has to be faced? |
Chiariglione: This would become an issue that may very well be national in the sense that you're a security technology provider, you are a news company, you come to me and say, "Do you have any security technology for me?" I say, "Oh, yeah, sure, do you want protection A, B, C, D? A, B and C are good but not terribly strong. D is very strong. You know, if you want to use that you really must go to the government to get permission." So this is not something that is standard. It must be set. You know, it's something that must be left to the individual cases. |
But on the other hand, I would take the attitude that your government has become less insistent on this point, and I think that now security technology can be--I don't know if freely--but can be exported. Before, there were certain limits beyond which the technology could not be exported. But still, I would say in terms of a standard you don't have to say, "This is very strong, this is very weak." It's the application of something that may require a license or approval by law-enforcement authorities. |
Pavlik: You mentioned to me something about MPEG-21 once, a new coming together of digital media standards. Can you tell me a little bit about that and whether that's related to this broader work? |
Chiariglione: Absolutely, that's really the intention. I mentioned a certain number of technologies this morning: watermarking, encryption, usage rules, description languages. I haven't talked about agents--intelligent agents that allow computer programs to negotiate some terms with another computer program in an automatic fashion. So you have a number of different technologies that are being produced around the world. In order to create this world, which I believe will be a great improvement for society, you must make sure that all the different pieces fit one another well, and if they don't, we have to provide the glue so that they fit with one another. |
This is the purpose for MPEG-21. It will take the different technologies that exist, and if they don't exist we will produce them, and make sure that they fit with one another. So this is a task that is not small, but which does respond to the needs that are appearing and for which, I repeat once more, SDMI is the front-runner. |
|
| |
