All of the bickering over media piracy can be intensely frustrating because many of the issues have clear and somewhat obvious truths that are simply being ignored. For instance, it should be obvious by now that it is impossible for any media provider to completely prevent piracy of their product, especially digital piracy (A perfectly secure system is also a perfectly useless system). It should also be obvious that instituting increasingly draconian security measures only serve to exacerbate these problems as one of the main driving forces behind file sharing is ease of use and convenience.
The music industry, lead by iTunes and EMusic (certainly not perfect, but it’s a start), is finally coming to recognize some of the potential inherent in digital media. Rather than fight against the flow of technology, they’re beginning to embrace it and as they further commit themselves to this path, they will begin to see success. There is, after all, a lot to like about digital distribution of content, and if a reasonable price structure is set up, you could even make it more convenient to download from an approved source than from a file-sharing service like Kazaa. Of course, the music industry still has a lot of work to do if they truly want to establish a profitable digital content business model (they need to stop prosecuting file-sharers, for example), but they’re at least taking steps in the right direction.
The movie industry, on the other hand, seems content to repeat the mistakes of the music industry. With the introduction of low-cost/high-bandwidth internet connections and peer-to-peer file sharing networks, the movie industry is becoming increasingly concerned with digital piracy, which is understandable, and has responded by making (or, at least, trying to make) DVDs and other media more difficult to copy. Again, this solution does little to slow the tide of piracy, and in extreme cases it makes the experience of purchasing and using the media cumbersome and frustrating. Naturally, some degree of protection is needed, and none of the really invasive solutions have caught on (for obvious reasons), but the movie industry appears to have the same moronic policy of blaming the average consumer for piracy.
Recent research out of AT&T Labs appears to show that the movie industry should reexamine who the culprit really is.
We developed a data set of 312 popular movies and located one or more samples of 183 of these movies on file sharing networks, for a total of 285 movie samples. 77% of these samples appear to have been leaked by industry insiders. Most of our samples appeared on file sharing networks prior to their official consumer DVD release date. Indeed, of the movies that had been released on DVD as of the time of our study, only 5% first appeared after their DVD release date… [emphasis mine]
One of the first rules of security is that you need to know who your attacker is before you consider countermeasures. In this case, the movie industry has the threat wrong. The attackers aren’t DVD owners making illegal copies and putting them on file sharing networks. The attackers are industry insiders making illegal copies long before the DVD is ever on the market.
Obviously, piracy is a problem which can pose a significant financial threat to the movie industry, but it has become clear that piracy is here to stay, and that the best course of action for media industries is to restructure their business model to survive even in the face of piracy, rather than go to absurd and obtrusive lengths to prevent it. As it stands now, their close-minded policies are only exacerbating the situation, frustrating customers (and potential customers) without even adequately addressing the problem… [Thanks to ChicagoBoyz for the pointer to Bruce Schneier’s excellent newsletters]