Online Content Study: Changes in the distribution ... - Ofcom

Online Content Study: Changes in the distribution, discovery and consumption of lawful and unauthorised online content MC 359 (Lot 3 Label 9 and Label 13)

Appendix

For OFCOM

50090 – November 2015

IDATE Project Manager

Vincent BONNEAU +33 (0)4 67 14 44 53 [email protected] "

mailto:[email protected]

Copyright IDATE 2015, CS 94167, 34092 Montpellier Cedex 5, France All rights reserved. None of the contents of this publication may be reproduced, stored in a retrieval system or transmitted in any form, including electronically, without the prior written permission of IDATE. IDATE, DigiWorld, DigiWorld Institute and DigiWorld Yearbook are the international registered trademarks of IDATE.

About IDATE and DigiWorld Institute

Founded in 1977, IDATE has gained a reputation as a leader in tracking telecom, Internet and media markets, thanks to the skills of its teams of specialized analysts. Now, with the support of more than 40 member companies – which include many of the digital economy’s most influential players – the newly rebranded DigiWorld Institute has entered into a new stage of its development, structured around three main areas of activity: • IDATE Research, an offer of market intelligence publications • IDATE Consulting, time-tested analysis • DigiWorld Institute, a think tank on the digital economy.

Online Content Study: Changes in the distribution, discovery and consumption of lawful and unauthorised online content - Appendix

www.idate.org © IDATE 2015 3

Contents

1. Regulations against piracy ............................................................................................... 5 1.1. Example of policies in various countries ....................................................................................................... 5 1.2. Graduated responses schemes ....................................................................................................................... 5

2. Content delivery techniques ............................................................................................. 6 2.1. P2P solutions .................................................................................................................................................... 6 2.2. Facebook strengthening anti-piracy after complaints from rights holders ............................................... 11 2.3. Popcorn Time .................................................................................................................................................. 12 2.4. Periscope ......................................................................................................................................................... 12 2.5. UltraViolet ........................................................................................................................................................ 14 2.6. Licensed Digital Rights Cloud ....................................................................................................................... 18 2.7. Digital copy ..................................................................................................................................................... 20 2.8. Procedure to set up private game servers ................................................................................................... 21

3. Benchmark of lawful offerings ....................................................................................... 22 3.1. Content catalogue ........................................................................................................................................... 22 3.2. Technical limits ............................................................................................................................................... 30 3.3. Reasons for infringing .................................................................................................................................... 36

4. Unauthorised content techniques .................................................................................. 37 4.1. Detection solution providers ......................................................................................................................... 37 4.2. Case of wrong detections .............................................................................................................................. 38 4.3. List of major privacy techniques ................................................................................................................... 42 4.4. Blocking by legitimate services..................................................................................................................... 45 4.5. Freenet & F2F .................................................................................................................................................. 46 4.6. BGP blocking .................................................................................................................................................. 47 4.7. DPI techniques ................................................................................................................................................ 48 4.8. Hybrid blocking ............................................................................................................................................... 50

5. Estimates and forecasts of lawful and unauthorised content ...................................... 52 5.1. Main objectives ............................................................................................................................................... 52 5.2. First module: breakdown of files consumed per category of content ....................................................... 53 5.3. Breakdown of time spent per device ............................................................................................................. 54 5.4. Dataset ............................................................................................................................................................. 56



Tables & Figures Table 1: Main characteristics of antipiracy policies in Common Law and Civil Law countries ................................. 5 Table 2: Examples of graduated response implemented by selected countries ...................................................... 5 Table 3: Delivery modes and limitations for the different solutions ........................................................................ 35 Table 4: Storage options for the different solutions ................................................................................................ 35 Table 5: Assessment of the different detection solutions ....................................................................................... 37 Table 6: Analysis of cases ending up in detection errors ....................................................................................... 42 Table 7: Main add-on privacy techniques are the following: .................................................................................. 42 Table 8: Main “new” piracy systems include the following ..................................................................................... 44 Table 9: Categories of content and scope of products and services covered ........................................................ 52 Table 10: Sources, 1st module ................................................................................................................................. 53 Table 11: Sources, 2nd module ................................................................................................................................ 54 Table 12: Results of the 1st module: Volumes of content legally and illegally consumed par category of content ... 56 Table 13: Results of the 1st module: Volumes of content consumed through illegal distribution channels .............. 57 Table 14: Results of the 2nd module: Volumes of content consumed per device ..................................................... 57 Figure 1: Publishing the file with BitTorrent ............................................................................................................... 8 Figure 2: Receiving the file with BitTorrent ............................................................................................................... 8 Figure 3: Receiving the file after the source has left the swarm ................................................................................ 9 Figure 4: Integration of DHT, PEX and Magnet Links on a P2P and trackerless network ....................................... 10 Figure 5: Operating principles of Content ID ........................................................................................................... 12 Figure 6: Screenshot of a Periscope stream, from a TV set (Mayweather-Pacquiao fight, 3rd May 2015) .............. 13 Figure 7: UltraViolet offering ................................................................................................................................... 15 Figure 8: UltraViolet satisfaction ............................................................................................................................. 15 Figure 9: Upgrade of the DRL account by the user for digital content purchase ..................................................... 16 Figure 10: Disc to digital process .............................................................................................................................. 17 Figure 11: General scheme for the consumption of content from one device ........................................................... 18 Figure 12: The Disney Digital Copy service .............................................................................................................. 20 Figure 13: Reasons for infringing .............................................................................................................................. 36 Figure 14: Perception of content availability ............................................................................................................. 36 Figure 15: Man-in-the-middle attack ......................................................................................................................... 41 Figure 16: Operating principles of VPN ..................................................................................................................... 43 Figure 17: Operating principles of TOR .................................................................................................................... 43 Figure 18: Operating principles of seedboxes ........................................................................................................... 44 Figure 19: Anonymous P2P file transfer (with an Anti-Piracy peer) .......................................................................... 45 Figure 20: Applications identifications with DPI ........................................................................................................ 49 Figure 21: Deep Packet Inspection mechanism ........................................................................................................ 49 Figure 22: DPI and policy management market, 2015-2019 (million EUR) ............................................................... 50 Figure 23: Illustration of calculation principles of the 1st module ............................................................................... 54 Figure 24: Illustration of calculation principles of the 2nd module .............................................................................. 55



1. Regulations against piracy 1.1. Example of policies in various countries

Table 1: Main characteristics of antipiracy policies in Common Law and Civil Law countries

Common Law countries Civil Law countries

Regulation system • No specific law or minimal legal

framework ; • Strict appliance of copyright.

• Enactment of specific laws pointing OTT services.

Competent bodies • No specific organism ; • Civil and criminal courts.

• Creation of dedicated organization(s).

Initiative • Publishers / right-holders associations and/or federations.

• Public organizations; • Non-commercial organizations; • Publishers / right-holders associations

and/or federations.

Main objectives • Preventing illegal commercial uses; • Limiting personal illegal practices.

• Limiting personal illegal practices; • Providing legal support to right-holders.

Country sample • USA; • UK; • Canada;

• France; • Germany; • Netherlands

Source: IDATE, 2015

1.2. Graduated responses schemes The table below provides an example of various graduated response implemented by few countries.

Table 2: Examples of graduated response implemented by selected countries

Country Name of the law Aim of the law

Canada Copyright Modernization Act (2011)

The new law states that infringer will get notices from their ISP asking them to stop. Latter proceeding can be intended by right holders on the bases of the received mails.

France HADOPI law (2009) This law states the creation of a dedicated organization called HADOPI to track infringers and to implement the graduated response.

New Zealand Copyright Infringing File Sharing Amendment Act (2011)

In this Act, the copyright owner has to determine the fixed-line infringing the law through a file-sharing network, and to notify it to the ISP. The graduated response is then done by the ISP.

South Korea Korean Copyright Act (2009)

In South Korea, the ISP is in charge of the graduated response: it has to send a notification to both the infringer and the right holder for the copyright infringement.

Taiwan Copyright Act (2009) Taiwan graduated response is similar to the Korean one, as the ISP is in charge of it. The termination of Internet service for an infringer can occur in case of 3 infringements.

Source: IDATE, 2015

Another popular method against infringing individuals is fines, for example the German system based on immediate financial sanctions of 1 000 EUR per infringed item on average.



2. Content delivery techniques 2.1. P2P solutions

Napster With first P2P solutions like Napster, the discovery mechanism for peers and resources was based on a central index that would index all files (without having a copy of them) and associated peers with their IP addresses. Without the central index server, no peer would have been able to find a file. Any new file to be shared was then declared to the central server. Any Internet user wanting to get a specific file would look for it in the central server through a search engine and connect to the IP address of the peer that has the file. The download of the file itself occurred only between peers (and did not go through the central index). The central index server, hosted within the P2P architecture, was clearly seen as a major drawback of the solution when facing legal procedures and was abandoned by later P2P solutions. With Napster, the solution was also mono-source, which means that the content was downloaded from only one peer. This has been improved since then. It should also be noted that with Napster, peers that want to download do not need to upload any content or share any content.

Gnutella In Gnutella versions (up to version 0.4), there is no need for a central server. Each peer indexes its own files. To look for a file, each peer makes some request to its closest peers. Requests go then step by step through a tree-like approach and results are returned in the opposite way. Peers then exchange content directly.

Gnutella stopped this approach, which proved to be too inefficient to handle both connections from narrowband and broadband users. The data propagation (for requests) was slow due to the bottlenecks created by narrowband users.

eDonkey To solve the bottlenecks problem of Gnutella, eDonkey introduced an “intermediate mechanism” (in this case the eD2k servers), so that files could be searched independent of nodes. Servers are used to discover content, but they do not actually host it



Kad Network The Kad Network involves no servers, but each computer within the network communicates with each other acting like a mini server. An important concept here is “bootstrapping”: to join the Kad network, the user is required to know the IP address and port number of any other computer within the network.

BitTorrent BitTorrent is designed around the connection of peers and the exchange of resources for a specific content file. With BitTorrent, peers look first for specific content then connect to a non-generic tracker, in charge of that specific content, before exchanging with relevant peers.



First publication; A to “upload” the file

Figure 1: Publishing the file with BitTorrent

1. A either creates a new tracker, or uses an existing tracker run by various torrent communities. (The latter case

is much simpler for A and is the majority case, and thus this will be assumed for the diagram. But should A create its own tracker, then A acts as the tracker as well as the original seed)

2. A creates a torrent file, which includes metadata on the file and the tracker 3. A uploads the torrent file onto a web server, usually through the website of the tracker used (but the content file

stays on the computer A) 4. Using a BitTorrent client, A starts seeding (allowing for other peers to connect in order for the file to be

distributed) 5. The tracker is updated (to know that A is seeding)

Receiving the file part 1; how a peer receives parts of the file from the seed

Figure 2: Receiving the file with BitTorrent

6. B finds torrent file created by A inside the torrent website 7. B downloads the torrent file 8. B opens the torrent file with a BitTorrent client 9. B connects to the tracker specified in the client 10. B receives information on the seeds and peers currently present in the swarm (in this example, it is just the

original seed A) 11. B is registered as a peer by the tracker 12. B connects to A directly



13. B downloads a part of the desired file 14. B remains connected as a peer to receive further pieces of the file, either from A or other peers who may have

joined during the download in process 13.

The original seed A may disconnect, but file sharing can still be completed through file sharing of peers. Underlying operations are detailed in Appendix.

Receiving the file part 2; original seed A may disconnect, but file sharing can still be completed through file sharing of peers

Figure 3: Receiving the file after the source has left the swarm

15. A disconnects from the swarm (whilst A can remain in the swarm as long as it likes in order to continue

distributing parts of the file, once it has delivered all parts of the file to other machines, it no longer needs to remain in the swarm)

16. The tracker is updated to exclude A from the swarm 17. D finds, downloads and opens the torrent file (process 6 to 8) 18. D connects to the tracker specified in the client 19. D receives information on the seeds and peers currently present in the swarm; peers B and C are present who

have parts of the file 20. D is registered as a peer by the tracker 21. D connects to B and C directly, but not to A 22. D exchanges files with B and C (B and C may also be exchanging files with each other during the process of D

joining the swarm) 23. So long as B, C, and D are connected, they remain peers accessible by other peers and seeds for further file

exchange Notes: - For simplicity reasons, the diagram has only 4 computers, but in reality many more computers can take part

simultaneously, exchanging data between each other. - BitTorrent relies on the web (in the general sense) for the distribution of its torrents. Thus users search for torrents

via a search on the Internet, rather than within a specified website.



It should also be noted that the tracker may not be updated (operation 16) during a certain time. D would then connect to the tracker and would try to connect to A (without success) but would still be able to connect to B and C and exchanges files with them.

Interface On a more practical level, for a user to use BitTorrent, he or she must first download a client. A popular client is, for example, utorrent, easily downloadable from utorrent.com. Once the client is downloaded, then the next step is to look for the desired content (discovery). Once the desired .torrent file has been downloaded, by double-clicking it the utorrent client will open automatically, and the file can be downloaded through BitTorrent file sharing. It is worth noting that there are many guides available on the Internet, readily available, explaining how to use BitTorrent and download contents.

DHT, PEX and magnet links As explained in the main text, internal indexes typically use techniques such as DHT, PEX and magnet links. The figure below shows the integration of the 3 techniques in a P2P and trackerless network.

Figure 4: Integration of DHT, PEX and Magnet Links on a P2P and trackerless network

Source: IDATE

DHT – Distributed Hash Table The concept of DHT has been developed, in the P2P area, to avoid the use of centralized trackers (or user database) on P2P networks (and especially Torrent). Rather than having a database of all peers including the list of content provided by each peer centralized in a unique (or few) server, developers made a new kind of decentralized database. With DHT, the content of the whole database is spread on all peers. Each one owns a part of the global database (about 100 peers listed for 1 P2P client user). To avoid that a part of data disappears when a peer is disconnected, each part of the database is duplicated to other peers.



In the case of BitTorrent, a content index outside the network is still necessary. Indeed, with a trackerless system using DHT, the traditional torrent file is replaced by a Magnet Links (cf. description below). This link allows a peer to find other peers who own the specified content. In the case of P2P clients (such as eMule or the Kademlia network) that use an internal content search engine, there is no centralized content index anymore as they use a DHT to list content stored by peers. However, most of those clients can work with a DHT and with a centralized tracker. The aim of this idea may be to maximize the probability to find the content on a peer computer.

Magnet Links As explained in the main text, the magnet link is actually the next generation of the torrent file. A magnet link contains a “hash” that can be considered as an ID, unique to a content. It can also contain a tracker address if necessary. Magnet links are actually not “links” but rather a metadata containing at least the content ID. It is not a hyperlink or a link toward a webpage or a server. A magnet link looks like: magnet:?xt=urn:btih:f105dd901e63e3319c2b259b055fbb6e08a65ab5&dn=Star+Wars%3A+Episode+I++The+Phantom+Menace+%281999%29+1080p+BrRip+x26&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.istole.it%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80 However, these links are unique for specific file and not for a specific “content”. For instance, the movie Star Wars episode 1 in its original language may have multiple file versions even if the movie and the song are still the same.

PEX – Peer Exchange PEX is a technique allowing peers to exchange their data stored on their part of DHT, typically peers information. Without any central tracker or entity, peers have to communicate automatically in order for new peers to join the network. PEX then have an important role in the bootstrapping process of a “decentralized” P2P, but cannot be used alone in this process. The initial contact is usually done with the help of a server giving a part of the DHT (usually not up to date) and then a first peer to contact. If a tracker is still available, PEX allows reducing the tracker load, and allows peers to exchange information that they already get from the tracker with other peers. Such a system makes the exchange of information faster, as the tracker may take time to answer a request, in case of a heavy load of tracker.

2.2. Facebook strengthening anti-piracy after complaints from rights holders In May 2015, major TV stations in France (TF1, M6, Canal+ and France Télévisions) sent an official letter to both Facebook and Twitter requesting more measures be taken to fight piracy through social media. The complaint was that their programs were being illegally shared on the social media sites. In June Facebook responded by deploying Audible Magic, a system which uses audio fingerprinting technology to help identify and prevent unauthorized videos from being uploaded (a system whereby uploaded videos are matched against a database containing information on copyrighted contents, provided to Facebook by the rights holders). There are also tools whereby content owners can report to Facebook, upon which illegal videos can be removed by Facebook, and IP policies are in place so that serial offenders can be identified. The idea here is to combat not just TV programs but all “freebooting” activities, where third parties “steal” video content from elsewhere and upload it to Facebook, potentially gaining huge and unfair view counts. Then in August 2015, as explained in the main text, Facebook declared updates to their video management through its blog, enhancing the Audible Magic system and building new video matching technology that will evaluate millions of video uploads quickly and accurately, and when matches are surfaced, publishers will be able to report them to Facebook for removal. This is expected to be tested through a beta launch (as of August 2015). It is in fact similar to the process YouTube has gone through (which in itself could be considered as a social network), which applies a Content ID system scanning uploaded videos against a vast database of videos submitted by copyright holders.



Figure 5: Operating principles of Content ID

Source: Google/YouTube

2.3. Popcorn Time As detailed in the main text, Popcorn Time offers P2P streaming in an easy-to-use Netflix-style interface. Below is a description of the operating principle of Popcorn Time.

Operating principle As it is based on P2P, the movies are not hosted in any server and are streamed using the P2P Bit Torrent protocol. All movies are pulled in from the YIFY movie database. Depending on the content, the application uses different torrents, as for illustration: • Movies are uploaded by YTS. As of June 2015, YTS is the 2nd ranked torrent site, as ranked by

Alexa, subsidiary of Amazon Web Service. With a global ranking of 777 (at the time of writing) and India rank of 275, yts.to is one of the most popular torrent websites for movie and TV show addicts. The website is quite popular in India, the United States, Saudi Arabia, Egypt and Pakistan, to name a few.

• TV Show episodes from EZTV. TV-torrent distribution group EZTV was a niche site specializing in TV content only. Because of its narrow focus, EZTV’s traffic varies in line with the TV seasons. Despite posting only a few dozen torrents per week it attracts millions of visitors. Created in 2005, it was dissolved in April 2015, after a hostile takeover of their domains and brand by "EZCLOUD LIMITED". EZTV and its RSS website ezRSS are currently blocked by multiple ISPs in Italy and in the UK at the request of MPA and FACT

2.4. Periscope Periscope is a live video streaming application for iOS and Android systems. The service allows users to stream live video from their phones, by using the embedded camera. In March 2015, Twitter paid slightly less than 100 million USD to purchase the company. Periscope claims 10 million accounts, as of early August 2015. Periscope lists the current live broadcast with large, full-width images. During a live stream, the watcher can comment and the broadcaster sees the comments. However, as so few people watch each stream, broadcasters often respond directly on camera. Periscope does not pull in live Twitter responses during Periscope broadcast. Instead, all the comments are Periscope-only. Moreover, those who follow the Periscope link on the original Tweet will be able to watch and engage with the live video in the app (if they have it on their iOS device) or in a pop-up screen (for Desktop and Android users) where they'll still see comments and hearts, but not be able to add any of their own.



Different features are included: • Replay: When the broadcast is over, the broadcaster can make it available for replay so viewers can

watch later. Viewers can replay the broadcast with comments and hearts to relive the full experience. Replays currently last 24 hours. The broadcaster can delete the replay at any time.

• Private: If the broadcaster wants to broadcast to specific people, he needs to press the ‘Private’ option before going live and choose who he wants to invite to his broadcast.

• Twitter: the broadcaster can choose to share his Periscope broadcasts on Twitter by tapping the bird icon before he starts broadcasting. When he goes live, he’ll tweet a link so that his Twitter followers can watch on the web (or in the app). As a reminder, Twitter is the owner of the Periscope application.

• Manage notifications: Periscope will suggest people for the broadcaster to follow based on his Twitter network. He can always follow new people, or unfollow them if he doesn’t want to be notified when they go live. He can also adjust notification preferences in Periscope Settings.

Adapted to piracy, the service allows people who did pay for the content to use their smartphones (or tablets) to re-transmit it to users of Periscope. It could also be provided by a person who broadcasts a pirate stream from his TV set. For live events (sports or music concert), this could also be done even by an attendee of the show who has effectively paid his entrance ticket. The quality of the video usually, (very) far away from HD quality, even though the quality of the smartphone camera is improving. Nevertheless, it is free. Indeed, this wouldn't necessarily be acceptable video quality for a movie but for a short-term, highly expensive live event, it has proved workable for many fans. One of the peak consumption moments occurred during the very popular boxing fight in early May 2015, in Las Vegas, between Pacquiao and Mayweather.

The Mayweather-Pacquiao fight cost up to 100 USD to purchase in-home, with exponentially higher fees for bars showing the fight (people paid a 20 USD entrance fee to get into the bar to watch the fight). HBO and Showtime had been aggressive in chasing down sites illegally streaming the fight, filing lawsuits well before Saturday night. So Periscope was privileged by many internet users to circumvent traditional streaming websites.

Figure 6: Screenshot of a Periscope stream, from a TV set (Mayweather-Pacquiao fight, 3rd May 2015)

Source: Periscope

Even fight attendees became broadcasters for the Periscope audience.



2.5. UltraViolet

Description UltraViolet concept features are described in the table below. Updated information on the system are mainly provided from UltraViolet FAQ (UVDemystified.com/UVfaq.html ) written by Jim Taylor. Ultraviolet Details Availability Service launched commercially in the US in 2011

Available in the other following countries: Australia, Austria, Belgium, Canada, France, Germany, Ireland, Luxembourg, Netherlands, New Zealand, Switzerland and United Kingdom Phased launch: streaming commercially available, download available on UV players only. Common File Format (CFF) still waiting for approval was expected to be launched end of 2014.

Origin Initiative started in 2007 with a project called Open Market (from Mitch Singer from Sony) and went public in 2008 under the name Digital Entertainment Content Ecosystem (DECE) DECE is non-profit organization. [Not chartered as a non-profit for tax purposes, but set up as a cost-recovery organization to be self-funding, not to make a profit.] Backed more than 80 members of the DECE consortium including major movie studios, retailers, consumer electronics manufacturers, cable companies, ISPs, network hosting vendors and security vendors Promoted under the brand name UltraViolet in 2010 The Digital Entertainment Group1 (DEG) that promotes home entertainment products is also supporting UltraViolet

Main stakeholders • Studios/content providers including Sony Pictures, Universal, 20th Century Fox, Paramount Studios, DreamWorks, BBC

• Consumer electronics manufacturers: Philips, Sony, Panasonic, Samsung • Cable companies: Comcast • Technology providers: Rovi, Akamai • Retailers: Amazon, Flixster/Warner, Wal-Mart/Vudu, Barnes&Nobles/Nook, M-Go,

CinemaNow/Best Buy, Blinkbox, Target, Sainsbury’s, Nolim/Carrefour Characteristics Type of content Movies and TV shows from UV-enabled vendors (both online and physical retailers).

Some services like Flixster may focus on some types of videos (movies only) Only commercial video contents (no personal contents) Still some discussions to extend to music, ebooks, video games and smartphones apps in UV roadmap but with no clear development or plan yet2

Limitations regarding devices

• Up to 6 members within the household (per account) • Up to 12 devices for download as offline viewing or progressive download (requiring

registered account) Delivery modes • Streaming (up to 3 simultaneous access)

• Download (up to 3 simultaneous download files from the same selling retailer) Compatible devices • Windows

• Mac • iOS (iPhone and iPad, including AppleTV • Android (including Kindle Fire and Nook tablets) • PlayStation 3 and 4 • Xbox 360 and Xbox One • Roku • Chromecast • Google TV • Plus, connected Blu-ray players, connected TVs, and home media hubs

1 The DEG pushed the launch of DVD and Blu-ray. 2 Jim Taylor, DECE, 2015 “We’ve talked about adding support for music, ebooks, games, and anything else that gives consumers a better experience with UltraViolet’s open ‘digital library’ model.”



Ultraviolet Details Retro-compatibility The feature allowing consumer to add content previously acquired is now supported

An "upgrade" with disc-to-digital can be made available from a studio enabling the conversion of an existing purchase to UltraViolet. However, the number of upgradable movies is limited to the content catalogue of UltraViolet.

Content location Cloud, physical (DVD, Blu-Ray) and local storage DRM compatibility 5 DRM systems selected allowing restrictions management on a broad range of devices

• Google Widevine • Marlin • CMLA-OMA V2 • Microsoft PlayReady • Adobe Primetime DRM Only 2 DRMs were really operable with UltraViolet when it was launched commercially in 2011 It is still the case; Adobe Primetime and Marlin are waiting final approval.

Figure 7: UltraViolet offering

Source: Irdeto

Figure 8: UltraViolet satisfaction

Source: NPD survey on UltraViolet, February 2014



UltraViolet operating principles The operating principles encompass three main stages: 1. account registration and account/content linking 2. acquisition of rights of the content 3. consumption of content in streaming and/or download modes through a different provider and/or a

different device The first stage is the registration of the user (first member) basically made through an online registration, with a login and a password. This first member of the UltraViolet account can add other members with the same account (up to 6 members). The acquisition of rights of the content stage differs depending how the content title was purchased: physically (physical support, like DVD, Blu-rays) or digitally. This part distinguishes the DRL account upgrade for each case.

Figure 9: Upgrade of the DRL account by the user for digital content purchase

Source: IDATE

Hence, the phase (1) corresponds to the online content purchase of digital content. As illustrated on the figure below, partnered retailers (like Vudu here) allow the user to link their retail account with the Ultraviolet account. Once content is purchased, the Ultraviolet account is automatically upgraded (with the newly purchased title). During the phase (2), the retailer #1 records the transaction in the locker. The phase (3) refers to the registration of the consumer rights defining, for each piece of targeted content, the associated usage rights in terms of access (for instance subscription, video on demand, rental) and in terms of devices authorized (and type of DRM supported). Then the DRL code of the purchased title has been added to the Ultraviolet content library (corresponding to the user’s DRL account). Phases (4) and (5) are confirmation links. The other option is to manually upgrade directly the user’s account. When the user purchases its physical content (a DVD or a Blu-ray with the UV sticker), he upgrades its account by entering itself a code. The objective here is to upgrade purchased discs to the DRL (Disc to Digital). Users are also allowed to purchase the UltraViolet version of their existing physical disc for 2$ for standard definition and 5$ for HD.



Figure 10: Disc to digital process

Source: Vudu

The last stage of UltraViolet principle is the consumption of the content. Today, members are allowed to stream content purchased or downloaded it on UV players from any device and regardless of the content providers. There are five ways for the consumption: • Content consumption in streaming mode from the same device (detailed below) • Content consumption streaming mode using another device • Content consumption streaming mode through different providers • Content consumption in download mode • Additional copy already downloaded

In the first case illustrated below, the consumption of the content is purchased from retailer #1 on a first device (tablet on the figure). The operating principle is quite simple, very similar to usual cloud-based solutions. For the other ways, another device and another provider have been added. So, when streaming from the dame device, once the content is purchased on a retailer site and rights acquired in the UltraViolet account of the consumer, the content can be accessed. The phase (1) indicates the launch of a request to the retailer #1 by the device to play the content by streaming, embedding device specifications (screen’s size, resolution, throughput, etc). Actually at this point, the DRM client requests for a license using an URL that points to the DRL (UltraViolet) as shown in the phase (2). Phases (3) and (4) verify information regarding the account and associated rights. Once verified, the DRL requests the appropriate license to the DRM License Server in the phase (5) while confirming to the Retailer its request. In the same time, the Right Locker gives access of the whole customers' UV collection to the Retailer #1 though an overlay, hence this latter has updated information of the content of the user and associated rights (purchased or not at the given Retailer). The DRM License Server then authorizes content delivery and informs the Locker Access Service Provider to generate the license as well as to stream the content targeted by the user (Phase (7)). Once delivered, the DRM client validates the user and usage rights (descrambling if required). Then the content can be played. It should be noted that usually the Locker Access Service Provider role is done directly by the Retailer.



Figure 11: General scheme for the consumption of content from one device

Source: IDATE.

2.6. Licensed Digital Rights Cloud



Solution Main features Content accessibility CatchMedia Legally delivery of users' licensed content

across multiple devices from anywhere Features include the synchronization of home user library B2B service, CatchMedia is now available in UK via Carphone Warehouse, in the US via BestBuy and in India via Hungama Contents include: music, video, book digital games Compatible with PC, Android, Blackberry, iPhone, TV sets, cable & satellite receivers and in-car entertainment systems

Contents are scanned and matched with the Smart Cloud that includes: • A registry of users and their devices • A registry of the users’ content • Digital Service Providers to deliver

content to specific devices • The post-acquisition content

licences Physical to Digital option available

iTunesMatch/iCloud Music purchased from iTunes store (with rights) available on every devices Users' music collection stored in iCloud including music from CD or purchased elsewhere from iTunes 24.99$/year (no free option) Compatible devices: iPhone, iPad, iPod touch, Mac, PC, or Apple TV

Music collection stored in iCloud • up to 25000 songs

Amazon Cloud player premium

With the Amazon Cloud Player Plus plan (24.99$/year), users can “store” (scan & match process) (including music from CD or illegal MP3) in addition to Amazon MP3 files. Compatible devices: iPhone, iPad, iPod touch, Mac, PC, Kindle fire, and some connected audio/video devices (e.g. Roku)

Music is stored in the Amazon cloud player, accessible through the web, or mobile/dedicated application • Up to 250 000 songs

Google Play Music This service allows users to “store” with a scan & match process. Only music from a computer can be scanned. Free option, upgrade for free-ad option and offline mode for 9.99€ per month Contents can be streamed or downloaded from the web platform or through a mobile application. Content can also be shared with Google+ users. The service is only available through the web (PC and Mac) and using an Android App. Apple devices cannot access this service.

Music is stored in the Google Play Music cloud • Up to 50000 songs

Source: IDATE



2.7. Digital copy Figure 12: The Disney Digital Copy service

Source: Disney

Solution Main features Content accessibility Blinkbox Based on UltraViolet digital copies service

(2$ for standard definition and 5$ for HD) It requires the creation of UV account

The user can redeem an UV code from DVD or Blu-Ray

Vudu (Walmart) Based on UltraViolet digital copies service (2$ for standard definition and 5$ for HD) It requires the use of Vudu To Go application

The user needs to use Vudu To Go application application when converting DVD or Blu-Ray Users can also go into any Walmart stores with physical disc where digital copies are created and stored in the Vudu digital locker

Disney Disney allows its users to redeem a digital copy of some of its titles. The digital copy can only be downloaded on the user computer, but can be transferred then into multiple devices. The digital copy is a Windows Media file or an iTunes file (both with DRM). The service is only available in the USA. Video files are compatible with Apple devices and with Windows Media files player.

The user has to insert the DVD or BluRay Disc on his computer, and then enter the redemption code. The movie is then transferred on the computer.

Source: IDATE



2.8. Procedure to set up private game servers

Source: heroes-wow



3. Benchmark of lawful offerings 3.1. Content catalogue

Benchmark of online video services (October 2015)

Model Bundled SVOD Rental VOD & EST Rental VOD & EST Stand-alone SVOD Stand-alone SVOD OTT linear channels

Parent company Amazon.com, Inc. Tesco PLC Apple Inc. Netflix Inc. Sky PLC Country of origin USA UK USA USA UK Price range Amazon Prime Instant video

is bundled with Amazon's Prime membership Free trial for a month then three plans: • 5.99 GBP per month • 79 GBP per year • 39 GBP per year for

students

Rental: from 0.99 GBP to 3.49 GBP Buy: from 1.89 GBP to 10.99 GBP

Rental: from 0.99 GBP to 3.99 GBP Buy: from 5.99 GBP to 13.99 GBP

Free trial for a month then: • 5.99 GBP per month for

SD content on 1 screen • 7.49 GBP per month for

HD content on 2 screens • 8.99 GBP per month for

HD content on 4 screens

Entertainment pass: 1 GBP the first month then 5.99 GBP per month Movies pass: Free trial for a month then 9.99 GBP per month Sport pass: from 6.99 GBP to 9.99 GBP per day

Content volume 15 000+ movies & episodes of TV shows

15 000+ Movies (including premieres) and TV shows

45 000+ films (including premieres) and 190 000 episodes of TV shows

1 000+ movies and 400 TV series

Entertainment: 13 Pay-TV channels and 250TV series on demand Movies pass: 1 000+ movies (including up to 16 premieres per month + exclusivity on Sport pass: 24 hour Sky sport access



Availability PC, Mac Smartphones: Fire Phone, iPhone, Android phones Tablets: Kindle Fire, iPad, Android tablets Smart TV sets: Samsung, LG, Panasonic and Sony Game Consoles: Wii, Wii U, Xbox 360, Xbox One, PS3, PS4 OTT boxes: Fire TV, Fire TV Stick, Apple TV DVD players: Samsung, LG, Panasonic, Sony

PC, Mac Smartphones: iPhone, Android phones, Windows phone Tablets: iPad, Android tablets, Windows tablets Smart TV sets: Samsung, LG, Toshiba Game Consoles: Xbox 360, Xbox One, PS3 OTT boxes: Google Chromecast DVD players: Samsung, LG

PC, Mac Smartphones: iPhone Tablets: iPad OTT boxes: Apple TV

PC, Mac Managed Networks: Virgin Media Smartphones: Android phones, iPhone, Windows smartphones Tablets: Kindle Fire, iPad, Android tablets, Windows tablets Smart TV sets: Gründig, LG, Panasonic Philips, Samsung, Sharp, Sony, Toshiba Game Consoles: Wii, Wii U, Xbox 360, Xbox One, PS3, PS4 OTT boxes: Apple TV, Roku 3, Youview, Google Chromecast, Nexus Player DVD players: Panasonic, Samsung, Toshiba, Sony, LG.

PC, Mac Smartphones: iPhone, Android phones Tablets: iPad, Android tablets Smart TV sets: LG Game Consoles: Xbox 360, Xbox One, PS3, PS4 OTT boxes: Now TV box, Google Chromecast, Roku, Youview

IDATE according to service publishers



Benchmark of online music streaming services (October 2015)

Model Bundled subscription

streaming service

Media center + stand-alone audio streaming service linked to proprietary ecosystem

Media center + stand-alone audio streaming service linked to proprietary ecosystem

Stand-alone FTA and subscription audio streaming service

Stand-alone subscription audio streaming service

Parent company Amazon.com, Inc. Apple Inc. Google Inc. / Alphabet Inc. Spotify Ltd. Aspiro AB. Country of origin USA USA USA Sweden Norway Price range Amazon Prime Instant

video is bundled with Amazon's Prime membership Free trial for a month then three plans: • 5.99 GBP per month • 79 GBP per year • 39 GBP per year for

students

9.99 GBP/month per individual Family plan: 14.99 GBP/month for up to 6 people

9.99 GBP/month per individual Family plan: 14.99 GBP/month for up to 6 people

Free trial for a month, then 9.99 GBP/month 4.99 GBP for students

20 GBP/month

Content 1 million tracks 30 million tracks 18 million tracks 30 million tracks 30 million tracks Availability PC, Mac, Fire Phone,

iPhone, Android phones, Kindle Fire, iPad, Android tablets

Mac, PC, iOS Smartphones and tablets, WatchOS, Android devices (coming autumn 2015)

Mac, PC, Android phones, Android tablets, iPhone, iPad, iPod Touch.

PC, Mac, iPhone, iPad, Android Phones, Android tablets.

PC, Mac, iPhone, iPad, Android Phones, Android tablets.

IDATE according to service publishers. Extra source: Dailymail.co.uk3.

3 http://www.dailymail.co.uk/home/event/article-3119837/Apple-s-launching-new-music-streaming-service-does-stack-rest.html



Music: availability of best-selling artists, albums and songs on selected audio streaming services (September 2015)

UK all time best-selling artists UK all time best selling Albums UK 2015 best-selling Artists UK 2015 best-selling Songs 1 The Beatles Queen – Greatest Hits Sam Smith – In the lonely Hour Marc Ronson ft. Bruno Marts – Uptown Funk

Av.: None Av.: Av.: Av.:

2 Elvis Presley ABBA – Gold: Greatest Hits Ed Sheeran – X Hozier – Take me to Church

Av.: Av.: Av.: Av.:

3 Cliff Richard The Beatles – Sgt. Pepper's Lonely Hearts Club Band George Ezra – Wanted on Voyage OMI - Cheerleader

Av.: Av.: None Av.: Av.:

4 Madonna Adele – 21 Taylor Swift – 1989 Ellie Goulding – Love me like you do

Av.: Av.: Av.: Av.:

5 Michael Jackson Oasis – (What's the Story) Morning Glory? Hozier – Hozier Wiz Khalifa ft. Charlie Puth – See you again

Av.: Av.: Av.: Av.:

6 Rihanna Thriller – Michael Jackson James Bay – Chaos and the Calm James Bay – Hold Back the River

Av.: Av.: Av.: Av.:

7 Elton John Pink Floyd – The Dark Side of the Moon Noel Gallagher's High Flying – Chasing Yesterday Rihanna/Kanye West/Mc Cartney – Fourfive Seconds

Av.: Av.: Av.: Av.:

8 Queen Dire Straits – Brothers in Arms Meghan Trainor – Title Maroon 5 – Sugar

Av.: Av.: Av.: Av.:

9 ABBA Bad – Michael Jackson Paloma Faith – A perfect Contradiction Years & years – King

Av.: Av.: Av.: Av.:

10 David Bowie Queen – Greatest Hits 2 Mumford & Sons – Wilder Mind Ed Sheeran – Thinking Out Loud

Av.: Av.: Av.: Av.:

Officialcharts.com as of 09/21/2015. Services' websites.

Colour code: Amazon Prime; Apple Music; Google Music; Spotify; Tidal.



Benchmark of eBook subscription services (October 2015)

Model Subscription online library Reading app linked to online bookstore Subscription online library & online bookstore Parent company Amazon.com, Inc. Apple Inc. Oyster / Highland Capital Partners Country of origin USA USA USA Price range Free trial for a month,

then 7.99 GBP/month From 0.99 GBP Free trial for a month,

then 9.95 GBP/month Content 700 000 eBooks and Audiobooks 2.5 million eBooks 1+ million eBooks Availability Kindle, Kindle Fire Android, iOS, Windows

Phone and Blackberry Devices Mac, iPad, iPhone, iPod Touch. iPhone, iPad, Android, Kindle Fire, Nook HD, Mac,

PC IDATE according to service publishers



Books: availability of physical and online best-selling books on subscription services (October 2015)

Amazon UK bestselling books for 2015

The Guardian UK top 10 bestselling books of 2014

The Guardian UK top 100 bestselling books of all time

The Telegraph UK bestselling authors of the decade

1 Ella Woodward – Deliciously Ella: Awesome ingredients, incredible food that you and your body will love

Guinness World Records 2015 Dan Brown – The Da Vinci Code J.K. Rowling

Av.: × Av.: × × Av.: × × Av.:

2 Paula Hawkins – The Girl on the Train David Walliams – Awful Auntie J.K. Rowling – Harry Potter and the Deathly Hallows Roger Hargreaves

Av.: × × Av.: × Av.: Av.:

3 E.L. James – Fifty Shades of Grey Jeff Kinney – The Long Haul: Diary of a Wimpy Kid J.K. Rowling – Harry Potter and the Philosopher's Stone

Dan Brown

Av.: × × Av.: × Av.: Av.: ×

4 Amelia Freer – Eat. Nourish. Glow: 10 easy steps for losing weight, looking younger & feeling healthier

Lynda Bellingham – There’s Something I’ve Been Dying To Tell You

J.K. Rowling – Harry Potter and the Order of the Phoenix

Jacqueline Wilson

Av.: × × Av.: × × Av.: Av.: ×

5 Harper Lee – Go Set a Watchman Zoe Sugg – Girl Online E.L. James – Fifty Shades of Grey Terry Pratchett

Av.: × × Av.: × × Av.: × × Av.: ×

6 Mary Berry – Mary Berry's Absolute Favourites Gillian Flynn – Gone Girl J.K. Rowling – Harry Potter and the Goblet of Fire John Grisham

Av.: × Av.: × × Av.: Av.: × ×

7 Emma Healey – Elizabeth is Missing Jamie Oliver – Jamie’s Comfort Food J.K. Rowling – Harry Potter and the Chamber of Secret

Richard Parsons

Av.: × Av.: × × Av.: Av.: ×

8 Jasmine Hemsley – The Art of Eating Well Boris Johnson – Churchill Factor J.K. Rowling – Harry Potter and the Prisoner of Askaban

Danielle Steel

Av.: × Av.: × × Av.: Av.: × ×

9 Harper Lee – To Kill A Mockingbird Guy Martin – My Autobiography Dan Brown – Angels and Demons James Patterson

Av.: × × Av.: × Av.: × Av.: × ×

10 Jessie Burton – The Miniaturist Tom Kerridge – Best Ever Dishes J.K. Rowling – Harry Potter and the Half Blood Prince Enid Blyton

Av.: × × Av.: × Av.: Av.: × ×

UK bestselling books for 2015: http://www.amazon.co.uk/gp/bestsellers/2015/books/ref=zg_bsar_cal_ye ; excluding colouring books. UK top 10 bestselling books of 2014: http://www.theguardia n.com/books/2014/dec/23/readers-turn-over-new-leaf-celebrity-memoirs-slip-out-booksellers-top-10 UK top 100 bestselling books of all time: http://www.theguardian.com/news/datablog/2012/aug/09/best-selling-books-all-time-fifty-shades-grey-compare UK bestselling authors of the decade: http://www.telegraph.co.uk/culture/books/6866648/Bestselling-authors-of-the-decade.html

Colour code: Amazon Kindle Unlimited; × Amazon.com; Apple iBooks; × iTunes Store; Oysters Unlimited × Oysterbooks (sales); .



Video games: Top 25 video game distribution websites, based on number of visitors

Rank Name Primary target user

Rank Visitors' country of origin and % of total visitors Global USA

1 Steam Hardcore 265 235 USA, 34.0% Japan, 5.0% Russia, 5.0% 2 Battle.net Hardcore 345 282 USA, 35.5% Germany, 7.8% Russia, 6.6% 3 GameStop Hardcore 840 317 USA, 79.0% Mexico, 1.9% Netherlands,1.8% 4 Miniclip.com Casual 1 193 1 619 USA, 19.1% India, 13.8% UK, 7.7% 5 Humble Bundle Hardcore/Indy 1 345 880 USA, 45.7% S.Korea, 5.8% UK, 5.1% 6 Kongregate Indy 1 360 842 USA, 39.4% India, 5.3% Russia, 4.6% 7 Pogo.com Casual 1 713 573 USA, 68.3% Canada, 8.4% UK, 3.4% 8 EA Origin Hardcore 2 213 2 373 USA, 24.7% Russia, 6.7% S. Korea, 6.6% 9 GOG Hardcore 2 296 1 962 USA, 35.5% Russia, 6.9% UK, 6.1% 10 Big Fish Games Casual 2 842 1 623 USA, 38.8% UK, 7.9% Australia, 5.0% 11 Greenman Gaming Hardcore 4 931 3 178 USA, 43.5% UK, 7.7% Japan, 6.4% 12 Bundle Stars Hardcore 6 270 4 083 USA, 30.7% S.Korea, 8.2% Japan, 7.2% 13 IndieGala Indy 7 765 5 082 USA, 27.0% S.Korea, 14.3% Russia 6.7% 14 My Real Games Casual 11 100 n.a. India, 16.2% Pakistan, 12.6% Indonesia, 7.3% 15 Gamersgate Casual 11 967 9 128 USA, 29.6% S.Korea, 11.9% Japan, 10.7% 16 Shockwave.com Casual 12 466 5 546 USA, 42.8% UK, 5.9% Russia, 5.8% 17 Game House Casual 17 125 8 187 USA, 40.9% India, 6.7% Indonesia, 5.4% 18 Itch.io Indy 21 161 8 252 USA, 45.6% France, 4.5% UK, 3.9% 19 Nuuvem Hardcore 21 551 26 513 S.Korea, 24.3% Brazil, 21.7% USA, 19.1% 20 Desura Indy 24 936 15 375 USA, 32.9% Russia, 5.7% UK, 5.3% 21 GamesPlanet Hardcore 44 460 n.a. S.Korea, 28.2% France, 12.2% Germany, 11.9% 22 Direct 2 Drive Hardcore 74 635 38 918 USA, 62.1% UK, 10.8% Canada, 3.5% 23 IndieGameStand Hardcore 88 496 45 923 USA, 33.5% Singapore, 11.4% UK, 4.5% 24 Gamesrocket Hardcore 124 457 82 710 USA, 24.8% Germany, 20.5% Spain, 14.2% 25 GamesRepublic Hardcore 170 742 114 205 USA, 42.5% Germany, 4.9% n.a.

Source: IDATE, from Alexa.com, Video Games in the Cloud, June 2015



Video games: Top 10 game publishers on Facebook

Rank Publisher Best title ranked No. of applications of the editor 1 King Candy Crush Saga 19 2 Zynga Texas HoldEm Poker 122 3 Supercell Hay Day 2 4 Social Point Dragon City 29 5 Peak Games Spades Plus 36 6 Miniclip.com 8 Ball Pool 16 7 Etermax Trivia Crack 4 8 Pretty Simple Criminal Case 3 9 Kiloo Games Subway Surfers 1

10 SGN Cookie Jam 80 Source: Appdata, April 2015



3.2. Technical limits

Benchmark of restrictions of lawful offerings (October 2015)

Type of content

Service name

Paid service Compatible OS Compatible device

Number of devices

Delivery modes

Number of users/Sharing

Simultaneous usage

Storage options

DRM restricions

Other limitations

Video Netflix Yes, 3 paying packages: (Basic, Standard, Premium)

Mac OS, iOS, Android, smart TV, set-top box, media streamer, Blu-ray players, Game console, Home cinema system LG

Android devices, iPad, iPhone, MAC and PCs, Amazon Fire Phone, Apple TV, Windows Phone devices; YouView box; Roku, Western Digital streamer; Samsung, LG, Sony, Panasonic & Philips Blu-ray players; PS3, PS4, Xbox 360, Xbox One, Wii U, Wii, Xbox 360, Xbox One

Currently implicitly unlimited (as of September 2015); Limited to 6 registered devices per account until 2013

Streaming 1 account only, Including 5 individual profiles linked to a single Netflix account

Yes, 1 stream allowed for basic users, 2 or 4 streams for other packages

Cloud DRM-protected, Microsoft Silverlight

Video Amazon Instant Video

Yes, -Pay per consumption -One-year Prime package; -Digital rental+hard copy rental by LoveFilm by Post

Mac OS, iOS, Android, smart TV, set-top box, media streamer, Blu-ray players, Game console, Home cinema system

iPad, iPhone, Kindle Fire tablet; MAC & PCs; Amazon Fire TV; LG, Sony & Samsung, smart TVs & Blu-ray players; Xbox 360, PS3, PS4, Wii, Wii U; Sony set-top boxes & home cinema set

Implicitly unlimited for streaming Per purchased video could be downloaded to up to 2 devices; Per rental video limited to one device; Prime users have extra download limit

Streaming, Download

1 account only Yes, On 2 devices (impossible to stream the same video simultaneously)

Cloud + Local Discs for hard-copy rental

DRM-protected, Widevine; Microsoft Silverlight

Video iTunes Yes, Purchase or rental per consumption

iOS, MAC OS, Windows 7 and later

iPhone, iPod touch, iPad and Apple TV, PC and MAC

10 devices including up to 5 computers

Download to iTunes library

6 Apple IDs (account) for Family sharing

Yes, numbers not specified

iCloud+ Local

DRM-protected, FairPlay



Type of content

Service name


Number of devices

Delivery modes


Simultaneous usage

Storage options

DRM restricions

Other limitations

Video Now TV (Sky)

Yes Mac OS, iOS, Android, smart TV, set-top box, media streamer, Blu-ray players, Game console

Now TV streaming box; iPad, iPhone, Android devices, PC or Mac; Apple TV, LG Smart TVs, YouView boxes, Roku; PS3, PS4, Xbox 360, Xbox One, Google Chromecast

4 devices (1 changed per month)

Streaming 1 account only

2 devices Cloud DRM-protected, Microsoft Silverlight

Video Blinkbox Yes, Purchase or rental per consumption

Mac OS, iOS, Android, smart TV, set-top box, media streamer, Blu-ray players, Game console

iPhone, iPad, Android devices, Windows 8 tablets; PC or Mac; Samsung, Philips, LG & Toshiba Smart TVs; LG & Samsung Blu-ray players ; LG boxes, Philips boxes Technika boxes; Xbox 360, PS3, Xbox One, Google Chromecast

Up to 5 devices for video purchase (in case of rental, restriction on 1 device to stream a downloaded video, 2 devices if streaming)

Streaming, Download

1 account only

Not allowed Cloud+Local

DRM-protected, Microsoft Silverlight

Hosting Dropbox Free for basic service Paying features

Web, Android, iOS, BlackBerry OS, Windows XP and later, Linux, Mac OS

Desktop; iPhone, iPad, mac; Android phones & tablets, Windows phones & tablets; Kindle Fire; Blackberry

No limitation Download 1 account only for basic users; Multiple accounts for paying users (numbers not specified)

Yes, implicitly unlimited

Cloud + Local (2GB for basic users; 1T or more for paying consumers)

DRM-free 10GB or less/file uploaded through the website

Hosting iCloud No: 5GB Yes: 20 GB - 1 TB

iOS, MAC OS, Windows 7 and later

iPhone, iPad, MAC, iPod touch, PC with Windows

No limitation Download 1 account only Yes, implicitly unlimited

Cloud + Local)

DRM-free

Music (storage)

iTunes Match

Yes, Yearly subscription

iOS 5.0.1 and later, MAC OS

iPhone, iPad, MAC, iPod touch, Apple TV

10 devices, including up to 5 computers

Download 1 account only Yes, numbers not specified

iCloud + Local

DRM-free (though DRM-protected music can be played)



Type of content

Service name


Number of devices

Delivery modes


Simultaneous usage

Storage options

DRM restricions

Other limitations

Music Apple Music Yes (9.99£ for

single membership and 14.99£ for family sharing option)

iOS, Watch OS, MAC OS, Windows 7 and later, coming to Android in fall 2015

iPhone, iPad, Mac, iPod touch, PC, coming to Apple TV & Android devices the fall 2015


Streaming, Offline local device playing

1 Apple ID for Single; 6 Apple IDs (account) for family membership

Yes for Family membership, device number restriction not specified

iCloud + Local for offline mode


Up to 30 days for offline playing, online connection is required to activate offline mode

Music Spotify Free Basic service; Paying Premium services (29.99£ when adding 5 profiles to the account)

Windows XP and later, Linux, Mac OS, Android, iOS, Symbian, Web

IPhone, iPad, Mac; Android phones & tablets; Windows phones & computers; Amazon Kindle Fire; Third parties’ devices: Samsung Smart TV, Sonos, Squeezebox, Telia Digital-tv, TiVo, WD TV, Onkyo, Parrot, Car system, etc.

Unlimited devices for streaming mode 3 devices for syncing offline playlist

Streaming, Offline local device playing for premium users

Free Basic users not specified, implicitly (1 account only); Up to 5 accounts for Premium Family Plan

Not allowed (1 track only) Yes for Family plan, device number restriction not specified

Cloud + Local for offline mode

DRM-protected, proprietary solution

Up to 30 days for offline playing, online connection is required to activate offline mode

Music Amazon Prime Music

Yes, Amazon Prime subscription

iOS 6 and later, Mac OS, Android 4.0 and later, Fire OS, Windows, Amazon.com

Fire tablets (except Kindle Fire 1st Generation), Fire phone, Amazon Fire TV, Fire TV Stick, Amazon Echo; iPad, iPhone, iPod touch, PC & Mac; Android devices

Implicitly unlimited 4 devices for offline mode


1 account only Not allowed (1 track only)

Cloud + local, Export outside of Amazon Music app impossible

DRM-free Up to 30 days for offline playing, online connection is required to activate offline mode

Music Amazon Cloud player (Amazon Music app)

Yes, app is free, music should be purchased from Amazon music store

iOS, Mac OS, Android 4.0 and later, Fire OS, Windows, Amazon.com, Amazon music-enabled car system

Fire tablets (except Kindle Fire 1st Generation), Fire phone, Amazon Fire TV, Fire TV Stick, Amazon Echo; iPad, iPhone, iPod

10 devices Streaming, Offline local device playing

1 account only Not allowed Cloud + local, Export possible to Windows Media Player or iTunes on

DRM-free



Type of content

Service name


Number of devices

Delivery modes


Simultaneous usage

Storage options

DRM restricions

Other limitations

touch, PC & Mac; Android devices, Roku, Sonos, Samsung Smart TV and Home Audio Products, BMW, Ford and Mini

MAC and PCs

Music Google Play Music All Access

Yes, Monthly suscription

Android, iOS, Web

Android phones and tablets, iPhone, iPad, iPod Touch, MAC; Chromecast, Android TV, Sonos

10 devices (up to 5 smartphones) including 4 device deactivations per year


1 account only Not allowed Cloud + Local for offline mode

DRM-protected, Widevine

Music Tidal Yes, 2 paying packages: Premium & Tidal HiFi

Windows XP and later, Linux, Mac OS, Android, iOS, Web

iPhone, iPad, Mac; Android devices; Web Player on PCs; Home Audio Players (IXON, Linn, etc.); Sonos

Implicitly unlimited 3 devices for offline mode


1 account only Not allowed Cloud + Local for offline mode

Implicitly with DRM, not clearly specified

Book iBooks Yes, Purchase or rental per consumption

iOS, Mac OS

iPhone, iPad, iPod touch, Mac


Download 6 Apple IDs (account) for Family sharing;

Yes, Limited to number of devices

iCloud+ Local+ Print PDFs


Book Amazon Kindle

Yes, Purchase per consumption

Fire OS, iOS, MAC OS, Android, BlackBerry OS, Window, Webapp

iPhone, iPad, Mac and iPod touch, Android, Samsung, PC Windows 8, Kindle E-Readers 3.4 and later, Kindle Cloud Reader; Fire tablet and phone, Amazon Fire TV devices, Amazon Echo

Generally 6 devices, other limits on the number for specific books

Download 6 accounts for family program: 2 adults and up to 4 children

Yes, Limited to number of devices

Cloud + local Local only available to account owner, not to invited accounts

DRM-protected, KF8, Mobipocket, Topaz

Book Oyster*(Netfl Yes, iOS 7.1 and iPhone, iPad, iPod 6 devices Streaming, 1 account only Not specified Cloud + DRM- Offline



Type of content

Service name


Number of devices

Delivery modes


Simultaneous usage

Storage options

DRM restricions

Other limitations

ix for books) -Monthly subscription; -Purchase per book

later, Android 4.0 and later, web reader via the Chrome, Safari & Firefox

Touch; Android devices; non-first generation Kindle Fire; Nook HD; PCs through web reader

Download for offline reading & purchase

local protected, Proprietary solution

reading limited to 10 most recently- opened books

Software Apple App Store

Free and paying apps

iOS iPhone, iPad, iPod Touch, Apple Watch


Download 6 Apple IDs (account) for Family sharing

Not specified, Implicitly unlimited

Local DRM-protected, FairPlay

Software Google Play Free and paying apps

Android Android smartphone and tablet


Download 1 account only Not specified, Implicitly unlimited

Local DRM-protected, Widevine

Video games

Steam

Free and paying games

Windows, Mac OS X, SteamOS+Linux, Android, iOS

PC, Mac, Linux box, mobile device, television

10 devices Online + offline for single-player games

5 accounts via Family Sharing

Not allowed (1 player only)

Cloud + local for offline single player

DRM-protected and DRM-free games Proprietary solution

Some games may be unavailable for sharing

Video games

Battle.net

Yes Windows, Mac OS, Android, iOS

PC, Mac, mobile device, television

Not specified, Implicitly unlimited to mobile devices

Online 1 account (can be shared between legal guardian and a single minor child)

Not allowed Cloud Games protected with proprietary solution

Video games

Miniclip.com No iOS, Android, Web

PC (web browser), Android phone & tablet, iPhone, iPad, iPod Touch & MAC, Windows Phone


Online + In-app playing

1 account (sharing not specified)

n/a Cloud + local

Games protected with proprietary solution

*Oyster: In September 2015, the co-founders of Oyster announced in its blog the coming close down of its Oyster services over the next few months, and that customers’ requests for refunds over the next few weeks would be honored.



Delivery modes

Table 3: Delivery modes and limitations for the different solutions

Type of services Streaming feature Download feature Digital Rights Lockers Yes (often the main option, some

limits) Yes (with limits)

Personal Cloud No (optional, only a few operating systems)

Yes (main option, no limits)

Licensed Digital Rights Cloud Yes Yes Video service Yes (as the main option) Yes (few services) Music service Yes (as the main option) Yes (increasingly included in the

prime option) Books No (Oyster, the only existing ebook

streaming service will shut down) Yes (as the main option)

Software No Yes (as the main option) Video games Yes (as the main option) No Source: IDATE

Storage options The type of storage is directly linked to the delivery mode and is also influenced by both technical and business issues. Clearly, content storage on consumer equipment is not necessary with rentals or subscriptions and with streaming delivery modes, which by nature use cloud-based storage. Cloud-based providers and device players are also likely to have different strategies. The importance of the different players is likely to influence the preferred option for storage. Device players such as Amazon (with its Kindle) and Apple are notably pushing local storage in addition to other forms of storage.

Table 4: Storage options for the different solutions

Type of services Cloud Local Device Physical media Digital Rights Lockers Yes (main storage) Yes Yes (DVDs/BRs, but also

SD cards) Personal Cloud Yes (main storage) Yes No Licensed Digital Rights Cloud Yes Yes (main storage) No Video service Yes (main storage) Yes Yes (few) Music service Yes (main storage) Yes only for offline mode No Books Yes (main storage) Yes (main storage) No Software No Yes (main storage) No Video games Yes Yes No Source: IDATE

Content protection used by service providers is the detection of irregular activities of content. Different solutions exist in Automatic Content Recognition such as Content ID used by YouTube, while other names include Audible Magic used by Facebook, discussed below. The system is based on ensuring copyright compliance.



3.3. Reasons for infringing Figure 13: Reasons for infringing

Source: Online Copyright Infringement Tracker

Figure 14: Perception of content availability

Source: Digital Entertainment Survey 2013, Wiggin (www.des2013.co.uk)

http://www.des2013.co.uk/



4. Unauthorised content techniques 4.1. Detection solution providers

The table below provides an assessment describing the capability of the solutions described above to detect consumers distributing or accessing unauthorised copies of content.

Table 5: Assessment of the different detection solutions

Company name Content detection

Content analysis

Type of detection

Downloaders detection

Uploaders detection

Robustness and scalability

Hologram Industries (Acquired Advestigo in 2009)

Automated queries of keywords

Automated analysis of real content using fingerprinting technology

Direct, but don’t share the content (no upload)

No Yes First uploaders may be detected, but this is not guaranteed

No false positive (according to them) Scalability depends on computing power and memory

Irdeto USA (previously BayTSP)

Automated queries of keywords constantly scanning the file sharing networks

Automated analysis of real content (combination of fingerprinting and watermarking technologies) and human review

Direct and Indirect

Yes (through indirect method)

Yes, including first uploaders (Early Propagator product)

No information on false positives IP detection process is robust for uploaders only Scalability depends on computing power and memory

MarkMonitor (previously DtecNet), acquired by Thomson Reuteurs


Depends on the type of content and customer requirements (manual analysis for games and software / fingerprinting for audio / watermarking for video)

Direct Yes Yes, including first uploaders (according to them)

No false positive (according to them) Scalability depends on computing power and memory

Peer Media Technologies - ArtistDirect (previously MediaSentry and MediaDefender)


Automated analysis of real content (use of Advestigo fingerprinting technology)

Direct Yes Yes, including first uploaders (Early Leek)

No false positive (cf. Advestigo) Scalability depends on computing power and memory



Company name Content detection

Content analysis

Type of detection

Downloaders detection

Uploaders detection

Robustness and scalability

TMG (Trident Media Guard)

N/A N/A Direct, with false information sent to the tracker and no upload

Yes Yes First uploaders are not specifically targeted

Scalability depends on computing power and memory

Source: IDATE

4.2. Case of wrong detections In some cases, even when using the solutions or techniques presented above, copyright holders may collect erroneous IP addresses. Main reasons for wrong identification can come from: • technical solution itself generating false positive • initiatives from end-users willingly adding false positive solutions • Anonymity solutions used by infringers to prevent their identification such as IP spoofing, the use

of an anonymous proxy server, a VPN or onion routing to access file sharing networks, or the use of a seedbox (see following section).

A detection company will provide to an ISP the following typical report.

Typical infringement report

Title: Dead Like Me - Season 2 Infringement Source: BitTorrent Initial Infringement Timestamp: 5 Aug 2004 11:02:55 GMT Recent Infringement Timestamp: 5 Aug 2004 17:04:46 GMT Infringer Username: Infringing Filename: dead.like.me.s02e02.the.ledger.dvd-rip.xvid.dd3.avi Infringing Filesize: 362383360 Infringers IP Address: 68.11.102.162 Infringers DNS Name: ip68-11-102-162.no.no.cox.net Infringing URL: 68.11.102.162:6883/dead.like.me.s02e02.the.ledger.dvd-rip.xvid.dd3.avi

The error can therefore mostly come from an error on one of the following elements: • the content itself • the timestamp • the IP address

Fake content The content itself may be a source of error. Indeed, the content downloaded or uploaded may be fake, which means that the file name may not correspond to the right content. The file name may either correspond to some other infringed content or to content with no specific rights. Fake files are most of the time found on P2P networks. However, in order to reduce the pollution level, some torrent sites may manually inspect new content, in order to remove fake content, content with low perceptual quality, and content with incorrect naming. In that case, the error comes from directly the content itself which is fact not really infringed in the first place.



Wifi access When connecting through a Wifi router (either at home or at a company), the IP address that is seen by a third party to exchange data is not the IP address of the end-user (and its associated computer) but that of the router itself. The user’s computer has a private IP address (e.g. 192.168.0.2). However, the recipient does not know this address. The problem is solved by a solution called NAT router, integrated into almost all routers, which is in charge of substituting its private address by the public IP address that the ISP assigns to the network (e.g. 90.80.34.202) and a free random port number (9000). Hence, even in a local network case, only the (public) IP address of the modem is used during external communication. In the case of a Wifi home router, errors can come from the fact that the actual end-user may not be the owner of the box, in case of connection to the router through a wireless access, especially through WiFi. In that case, the detected IP address is right but the real pirate may not be the one that is directly in control of it. In the case of a public Wifi hotspot, the network is mostly operated by a public administration or by a commercial company offering the service for free to its unregistered customers like McDonalds. It can also be operated by a regular WiFi ISP (either dependent from a wireline or wireless telco, or a pure player like The Cloud). It should be noted that a few ISP already stand out on this topic. Indeed, some ISPs assign new IP address to public network users as they (outside the home network) could be better identified and could also benefit from the same features (like in their home, P2P for instance). Technically, they use an authentication on a web interface, such as BT for its partnership with FON (using another CPE than the regular Fonera) or Free with http://wifi.free.fr. Indeed, the Free ISP provides several IP addresses on their WiFi router. With this approach, the CPE owner’s IP address is not detected. It is the IP address of the pirate that would be detected.

Pollution of trackers in BitTorrent or similar technologies With BitTorrent or similar technologies, trackers are used by clients to obtain the IP addresses of other peers associated with a torrent, and to exchange the client's transfer statistics. Clients contact the tracker which responds with the addresses of the other peers. The tracker does not know which nodes have which pieces; its job is simply to tell its clients where to find each other. Some BitTorrent tracker implementations support an optional extension that allows clients to specify a different IP address that the tracker should record in its list of peers instead of the actual client’s address. This is intended to provide support for proxy servers, peers behind NAT routers, etc. But this may lead to incorrect IP addresses being reported. Indeed, the standard tracker protocol is based on HTTP, which allows malicious clients to easily update the tracker with arbitrary IP addresses, thus declaring them as peers, and implicating them in the swarm, though they might have never downloaded or uploaded the content. Since BitTorrent trackers do not include any sanity check, meaning that IP addresses are not checked, nothing prevents this from happening. Consequently, anti-piracy companies using an indirect detection mechanism based on the observation of the tracker, and which gather all the IP addresses associated to a tracker without checking that they are really involved in the swarm, may encounter a certain amount of false positives.



Actually, this is the main reason why malicious clients started polluting trackers: tracker owners are aware of such methods used by anti-piracy companies, and trick them by polluting the list of IP addresses the tracker returns. Some academics were even able to have their printer receive a DMCA takedown notice after updating trackers with some networked printers’ IP addresses4. Though polluting trackers degrades the overall performance and costs extra traffic and connections, it is one of the techniques The Pirate Bay used, for example, to show how inaccurate such an IP detection method is and to force copyright holders to acquire hard evidence against file sharers. This error can be avoided with the direct detection method, in which the detection company will exchange data with the user.

Man-in-the-middle attacks In a man-in-the-middle attack (MITM), the attacker inserts himself between two nodes without being detected. He can then choose to stay undetected and spy on the communication or more actively manipulate the communication. He can achieve this by inserting, dropping or retransmitting previous messages in the data stream. A man-in-the-middle attack is thus a form of active eavesdropping in which the attacker makes the victims believe that they are talking directly to each other, when in fact the entire conversation is controlled by the attacker.

4 Michael Piatek, Tadayoshi Kohno, Arvind Krishnamurthy, Challenges and Directions for Monitoring P2P File Sharing Networks – or – Why My Printer Received a DMCA Takedown Notice

Torrentwebsite

Computer A-P

5. A-P downloads torrent

Tracker

6. A-P connects to tracker7. A-P receives info on peers

Torrent

Tracker data

Connection

Torrent

Tracker data

Connection

Peer 1

Peer 2

Peer 3List of IP addresses issued by the tracker

Swarm

8. A-P has a list of infringing IP addresses including false positives

Computer X

3. X connects to tracker4. X updates tracker with forged IP addresses

1. Peers 1 2 3 are connected to tracker2. Peers 1 2 3 update the tracker with their IP address



Figure 15: Man-in-the-middle attack

Source: IDATE

Man-in-the-middle attacks have become popular network-based attacks as they are quite straightforward. In particular, this type of attack is a common risk to web-based financial transaction systems - e.g., e-business websites, payment gateways, online banking, insurance and credit card servicing platforms. Man-in-the-middle attacks may indeed lead to identity thefts and financial frauds, as the attacker might be able to intercept the public key, modify it and provide a different public key instead. To prevent such attacks, most cryptographic protocols include some form of endpoint authentication, like SSL. The errors presented before in this section have very different levels of impact, as the errors have different origins and would impact different types of users: • the type of error (linked to IP source or linked to the content). If the error is related to the content itself,

the direct method will not provide an error, as the content will be checked anyway. Other type of errors may apply to all forms of detection.

• the type of users that could be concerned by such errors (tech-savvy vs regular users, Wi-Fi users, etc…).

Major errors would impact all forms of detection, even though the indirect method is clearly less reliable because of the possibility to alter trackers or to distribute fake contents. But the direct detection has also some flaws, especially in the case of Wi-Fi router. A few major errors could come from active users wanting to create difficulties for detection companies by deliberately accusing innocent people in an attempt to show that traditional detection techniques are inefficient. Fake content, piggybacking on Wi-Fi access, botnets or even man-in-the-middle attacks can be classified in that area. They still should have an overall low to medium impact as they could only be initiated by a few tech-savvy users. They are therefore not really scalable. The major remaining error, not coming from “activists” is clearly open wireless access with set-top boxes enabling access to a large number of people, without the knowledge of the Wi-Fi router owner. Numerous errors could be expected there, even with the detection method.

Computer A Computer B

MITM attacker

Intended connection

1. A sends a message to B

2. Attacker intercepts message

3. Attacker sends message to B4. B thinks it comes from A



Table 6: Analysis of cases ending up in detection errors

Type of erroneous identification/false positive

Type of error

Detection method impacted

Type of users Overall risk

Potential counter-measure

Fake content Content Indirect Any user downloading the content

High Use watermarking or fingerprinting technology to automatically check content When downloading, check comments/ratings or the names of the parts uploaded by other peers

Open wireless access IP address/User

All Any user on WiFi

High Provide 2 IP addresses (1 for public usage, 1 for private usage)

Piracy on secure Wi-Fi access

IP address /User

All Any user on WiFi with low security settings

Medium for encryption Low for MAC

Upgrade encryption keys Enable a list of restricted MAC addresses

Pollution of trackers in BitTorrent or similar technologies

IP address Indirect Possibly any Internet user or machine

Medium Connect to the user and exchange content

Man-in-the-middle attacks

IP address All Possibly any Internet user or machine

Low Connect to the user and exchange content

Source: IDATE

4.3. List of major privacy techniques The table below lists the privacy techniques described in the main body text, with complementary diagrams for VPN, Onion Routing and seedboxes.

Table 7: Main add-on privacy techniques are the following:

Anonymity solutions Short description of the solution To be used with

Blocklist software Software that avoids accessing a server or a computer to specific IP address. Blocklists have become a common method employed by users to avoid systematic monitoring. Users prevent any suspect third party (like anti-piracy monitoring agents) from scanning and monitoring the traffic activity to their computer.

P2P

Anonymous proxy server An anonymous proxy server generally attempts to anonymize web surfing. The targeted server receives requests from the anonymizing proxy server, and thus does not receive information about the end user's address. However, the requests are not anonymous to the anonymizing proxy server.

P2P, DDL, streaming

Virtual private network (VPN)

Computer network that is implemented in an additional software layer (overlay) on top of an existing larger network for the purpose of creating a private scope of computer communications or providing a secure extension of a private network into an insecure network such as the Internet.

P2P, DDL, streaming

Onion Routing Messages are repeatedly encrypted and then sent through several network nodes called onion routers. Each onion router removes a layer of encryption to uncover routing instructions, and sends the message to the next router where this is repeated. This prevents these intermediary nodes from knowing the origin, destination, and contents of the message.

P2P, DDL

Seedbox Private dedicated server used for the uploading and downloading of digital files.

P2P (BitTorrent)

Source: IDATE



The figure below shows how a VPN can be used in conjunction with BitTorrent in order to avoid detection by anti-piracy authorities.

Figure 16: Operating principles of VPN

The figure below shows how TOR (The Onion Router) works when a computer X wants to send a message or a file to computer Y:

Figure 17: Operating principles of TOR

The figure below shows the operating principles of seedboxes, where the user remains hidden in a similar way to proxies.



Figure 18: Operating principles of seedboxes

Table 8: Main “new” piracy systems include the following

Anonymity solutions

Short description of the solution Examples of solution

Anonymous P2P Peer-to-peer distributed application in which the nodes or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants.

I2P application based, iMule, StealthNet,

Encrypted P2P In this P2P application, files are encrypted for the transfer, and decrypted after the reception. Some P2P applications can both be anonymous and use encryption for files transfer.

I2P application based

Friend-to-Friend (F2F or Darknets)

Type of peer-to-peer network in which users only make direct connections with people they know. Passwords or digital signatures can be used for authentication. F2F networks which do not offer automatic anonymous forwarding are ordinary private P2P networks.

OneSwarm, Freenet, GNUnet, Retroshare

Encrypted cloud storage

Cloud storage services that encrypts files when stored on the service provider’s servers, and during the download and upload process. Moreover, to access a file, the “downloader” has to get the unique key, related to the file. This key can be got integrated in the download link, or separated.

Mega

Source: IDATE

The figure below shows the mechanism of anonymous P2P transfers, where the file transfer is done through multiple intermediaries (with an Anti-Piracy peer in this case). In this figure, Peer 1 sends a copyrighted file to the A-P computer, through peer 2 and peer 3.



Figure 19: Anonymous P2P file transfer (with an Anti-Piracy peer)

Source: IDATE

4.4. Blocking by legitimate services During the summer of 2014 Sony Pictures conducted research to identify the IP-ranges of various VPNs and proxies. These results were shared with Netflix and other streaming services so they could take action and expand their blocklists where needed.



4.5. Freenet & F2F Here, the example of Freenet will be used to explain the operating principle in more detail. Freenet is one of the most famous F2F networks, aiming to provide freedom of speech through a P2P network with strong protection of anonymity and is notably used for the distribution of censored information all over the world including countries such as China and the Middle East. In the diagram below, computer A requests some data and computer D has this data. In a darknet configuration, A and B are friends, meaning that if B had the data, it would send it directly to A. Here is how it works: 1. A requests the data to B. B doesn’t have the data, B has 3 other friends (C, E and F) in the network 2. B forwards the request to C 3. C doesn’t have the data and doesn’t have any other friends: it is a dead-end 4. B forwards the request to E 5. E doesn’t have the data but has another friend, F, so E forwards the request to F 6. F doesn’t have the data but has another friend, B, so F forwards the request to B 7. B has already received a similar request so B identifies a loop and tells F that it doesn’t have the

data 8. F forwards the message (request failed) to E 9. E has another friend, D, so E forwards the request to D 10. D has the data, so D sends the data to E 11. E forwards the data to B 12. B forwards the data to A

Some of the most popular F2F clients include Freenet and OneSwarm, with various others such as GNUnet, Tribler and RetroShare. It should also be noted that the term “darknet” is increasingly becoming used to refer to the “dark web”, including services such as Tor and I2P which contain “hidden services” through an overlay network (such as the black market “Silk Road” existing within I2P and Tor, as explained earlier).



4.6. BGP blocking BGP is the core routing protocol of the Internet. BGP blocking relies on the principle of re-routing specific IP addresses to be blocked to a router that implements a particular treatment to this traffic. It uses the BGP protocol that routes traffic in the IP network between autonomous systems (AS) and uses aggregation of routes in order to limit the size of routing tables. This protocol was originally only supported by core network routers or peering routers with learning routes functionalities from routers to which they are interconnected. But increasingly routers today have this capability. Therefore, this blocking can be implemented at any level of the ISP network. Operating principle BGP blocking, in all its forms, is based on the implementation of a BGP router which announces specific routes to its neighbours. With a blocking purpose, this router will announce to the rest of the network equipment the list of IP addresses of sites to be blocked. Dynamically, each packet (having its destination IP address a site to be blocked) is redirected to the specific BGP router. Even though this general principle remains valid, many implementation options exist depending on who hosts the BGP router. Option 1: BGP router is hosted by the authorities Here, the goal is to falsify routes announcement to the IP addresses to be blocked at a BGP router level and that will be made available to ISPs by the authorities (or a subcontractor of the authorities). The router can be located at a colocation centre (also called Internet eXchange Point – IXP) where all ISPs are already interconnected. It will then interconnect with the peering routers of each ISP. The list of IP addresses of sites to block will be updated at the level of that BGP router which will publish the routes announcement to other networks dynamically. In the end, it could be compared with a situation with two ISPs interconnected through a peering agreement. This technique is commonly known as “Sink Hole”. Specifically, the BGP announcement router told its neighbours the routes towards the addresses with the highest local preference. This means that announced routes will be systematically used by the packets, even though there are different from the actual routes in a non blocking situation. This option has the advantage of being similar for all ISPs which are interconnected with the specific BGP router. They therefore do not have to manage the IP address list or update their router configurations. Option 2: BGP router announcements are hosted by ISPs In case the authorities do not wish to centralize the BGP router, each ISP must set up such a router in the network. The lists of IP addresses to block are regularly received from the authorities and injected into the BGP router. Everything else works in the same way, with the simple difference that the authorities no longer host any equipment. The impact to the ISP is the implementation in its network of one or more announcement BGP routers and a specific information system. Compared to Option 1, this implies additional investment and operating costs. Option 3: BGP blocking with URL inspection (instead of IP addresses) There is a third BGP blocking implementation option but it is conditional on the provision by the authorities of a list of URLs of websites to block, not just a list of IP addresses. By announcing the routes for these IP addresses to the rest of the network, it attracts and concentrates all suspect IP traffic. Unlike the two previous options, the treatment does not end at the BGP router. The latter relays the traffic to a DPI server that analyzes the URLs and compares them with those from the blacklist. When the URLs match, packets are sent to a server hosting a specific page, which notifies users with the blocking reasons. In the event that the URL does not match, the traffic is not to be blocked and it is routed through a dedicated link to a transit operator responsible for the route to its final destination. Compared with the two BGP blocking options presented above, it offers a higher granularity and only blocks sites whose URLs are listed. However, it requires higher investment and operating costs because of the DPI server and IP transit link to set up and reconfiguration of BGP routes for each update of the list of URLs. A variant of this BGP blocking option exists and is called hybrid (detailed in “hybrid blocking” section).



Impacts Over-blocking induced BGP blocking is identical to IP blocking. Indeed, BGP blocking is based on IP addresses to block the flow, causing a risk of intrinsic over-blocking. This side effect applies to options 1 and 2 described above, when IP flows to be blocked are concentrated on a single router the ISP network and do not undergo any further analysis. In Option 3, the additional level of blockage that the DPI represents eliminates the risk of over-blocking related to IP addresses, since only a list of URLs (and not all domains with the same IP address) is blocked. In return, the DPI can be a bottleneck because its capacity is limited, and can cause significant congestion, if an IP address with high traffic (eg. Google server, Youtube) was inserted in the list of IP addresses by mistake. Moreover, it is difficult to size ex ante the IP transit connection at the output of DPI, due to the non-predictability of blocked traffic, which can reach high levels if all the corresponding IP flow is redirected to the DPI inspection. Moreover, the BGP is a complex protocol and its implementation does not imply frequent route updates, because it was not originally designed for blocking, but for routing packets between interconnected networks. It is therefore sensitive to errors that may occur with updates and frequent reconfigurations. It should be stressed that this risk is already assumed when peering. In practice, BGP is used by all ISPs at peering routers where the entire Internet traffic transits. Option Pros Cons

Option #1: BGP router hosted by authorities

Ease of implementation Risk of over-blocking BGP not designed for blocking

Option #2: BGP router hosted by ISP

Ease of implementation Risk of over-blocking BGP not designed for blocking

Option #3: BGP blocking combined with URL analysis

higher granularity and only blocks sites whose URLs are listed (compared to option #1 & #2) No risk of over-blocking

higher costs (compared to option #1 & #2)

Source: IDATE

4.7. DPI techniques Main solutions for telcos relate to some of kind of filtering: • full (full disconnection/blocking) or partial filtering • volume-based filtering (filter only when a threshold of volume is reached) • time-based filtering (filter only during certain periods of the day) • bitrate-based filtering (limit the speed) • activity-based filtering (block only certain applications) • destination-based filtering (block only connection to some IP addresses) Deep Packet Inspection (DPI) is a generational evolution of packet filtering technique allowing the observation and traffic analysis. It's not a simple filtering technique looking only into the header where only basic information (IP address and port number) can be identify.



Figure 20: Applications identifications with DPI

Source: Qosmos

Given the name, DPI inspects deeper in the packet by scanning the entire packet in both its header and payload. It provides up to application awareness by operating in the application layer of the OSI model in order to identify and to authenticate the content of the information packet conveyed by IP. In fact, the DPI engine ‘dissects’ the entire IP packet in real time.

Figure 21: Deep Packet Inspection mechanism

Source: IDATE

It's a technique enabling to detect user activities in real time and to gather information from subscriber traffic such as determining which application is used for a given session and given flow. Similar to fingerprints used to identify person, signatures are used to identify applications and protocols. To develop a signature, several analysis techniques (regularly combined) are used and look like a traffic parse (semantically and grammatically). • by port (such as incoming email/POP3/110; 995 if it is secure; outgoing email: 25) • by string match (such as the word ‘Kazaa’ is embedded within Kazaa application protocol) • by numerical properties (such as payload length, number of packet sent…) • by behaviour (such as packet length histogram: few hundreds bytes: HTTP; shorter: P2P) Based on the signature database, DPI is able to identify and classify traffic, allowing a tight control according to the application (such as peer-to-peer, browsing, VoIP and gaming). The classified packet can then be rerouted, marked/tagged, blocked, and reported to a reporting agent in the network. Spending on DPI and policy management solutions (PCRF) is increasing. IDATE estimates an annual growth rate at 23% between 2015 and 2019. The driven factor is due to mobile operators looking to manage and control the traffic while monetize data.

Deep Packet Inspection

Application

Presentation

Session

Transport

Network

Data Link

Physical

P2P: Bittorrent, e-donkeyWebmail: ymail (Yahoo!mail), gmail, HotmailAudio/Video : YouTube, Dailymotion, Deezer

FTP, http, DNS…

IP

TCP, UDP

Deep Packet Inspection

Application

Presentation

Session

Transport

Network

Data Link

Physical

P2P: Bittorrent, e-donkeyWebmail: ymail (Yahoo!mail), gmail, HotmailAudio/Video : YouTube, Dailymotion, Deezer

FTP, http, DNS…

IP

TCP, UDP



Figure 22: DPI and policy management market, 2015-2019 (million EUR)

Source: IDATE

4.8. Hybrid blocking This technique relies on the principle of communication by a national authority of a URL blacklist that lists the sites offering illegal content. Once the list loaded in the blocking system, the latter performs a DNS resolution allowing it to find the IP addresses of hosts with URLs to be blocked. The list of IP addresses is then injected into a BGP router, which announces the corresponding routes and gets all flows towards these IP addresses. The IP streams are then routed to a nearby DPI server that operates a URL inspection to match them with the blacklist. • If there is a match, the flows/streams are rejected or routed to the blocking page hosted on a nearby

server. • Otherwise, they are routed to their final destination through a dedicated IP transit link, avoiding re-

injecting into the network the packets whose IP addresses are attracted by the BGP router and thus creating infinite loops.

It is also possible to introduce into the system a white list, which contains the list of URLs not to filter, even though they are in the blacklist. This mechanism helps to prevent the URL hosted on the operator's servers from a blocking by error. It is also possible to introduce, in addition to the list of national authorities, some lists of other countries, still in a secure mode, ensuring the required confidentiality for such a mechanism. Thus, two blocking levels are performed • A first IP address blocking is used to select only the suspicious part of the traffic. • A second deeper/fiercer blocking at the URL level is performed by a DPI server

This cascade system can greatly reduce the volume of data to be processed, reducing overall system load and thus its implementation cost. The implementation of this solution in a DPI server (flanged with URLs inspection) can theoretically extend the inspection to a deeper level even up to image recognition. But the processing load is such that the solution becomes cost prohibitive.



Impacts Hybrid blocking experiences cumulative drawbacks of the final DPI blocking. Traffic redirected to the blocking platform and in particular the DPI equipment, must be absorbed at any time, which raises a design problem5. It is similar for IP transit connection to the output of the DPI to evacuate traffic which appears normal (after URL inspection). In the event of high traffic sites such Google, Youtube or Facebook being found in the blacklist, the system can quickly be overloaded and induce significant service degradation for users. This may be acceptable in a small ISP network (ideal for local ISPs). However, it is not acceptable in the case of national ISPs. Indeed, their networks are split hierarchically and geographically, and are based on a large number of routers that distribute the traffic. Focusing the blocked traffic at a single point in the network would be incompatible with the network architecture of large ISPs and would bring high risks in case of congestion of the hybrid blocking platform. In the event of generalized hybrid blocking where several operators use this mechanism at their networks and exchange traffic through peering agreements, successive inspections would introduce latency and huge packet loss probability due to the significant increase in the risk of errors in the lists used. Pros Cons • Efficiency (due to the

cascade system) • drawbacks of the final DPI blocking • not designed for high traffic websites • not designed for national/large ISP network implementation

Source: IDATE

5 Here are some minimum precautions to be taken by ISPs that want to deploy this type of blocking:

• a large oversizing of the solution, • a frequent updating of lists • traffic monitoring procedures alerting operational when there is platform overload, • release procedures static system when limits are reached



5. Estimates and forecasts of lawful and unauthorised content

5.1. Main objectives Estimates of consumption in volume are expressed in number of files consumed by adults 12+ in the UK and detailed per OTT distribution channel and per device. The dataset covers the period starting from 2012 to 2018.

Definitions Files are considered as consumed once they have been downloaded, streamed or accessed online. • Streamed or access: any content viewed, listened to or played directly through the Internet without

downloading a copy. • Downloaded: transfer of a copy of the file to a device.

Model structure The model producing estimates and forecasts is divided into two modules: • the first module provides estimates and forecasts of per category of content and subcategories based

on distribution channels; • the second module provides estimates and forecasts of number of files consumed per device for each

of the identified distribution channels.

Categories of content and scope of products and services covered:

Table 9: Categories of content and scope of products and services covered

Category Definition Included services Video Movies and TV programs EST, rental VOD, SVOD, online Playback

TV Music Music tracks and albums

Singles tracks and album, audio-streaming services

Books eBooks

Online book stores, online libraries

Video Games Video games software excluding patches and upgrades

Online stores (including app stores), online games

Computer software Computer software, excluding mobile phone apps and patches / upgrades to already owned software

Downloaded software, cloud based software

Source: IDATE.



5.2. First module: breakdown of files consumed per category of content The first module provides estimates and forecasts of number of files per category of content. To ensure the homogeneity of outputs, evaluations of historical data used in the first module are based on the results of the 5 waves of the OCI tracker study, conducted by Kantar Media for OFCOM then IPO (UK Intellectual Property Office) between 2012 and 2015. Below, a detail of the quoted references:

Table 10: Sources, 1st module

Report Release date Period studied Kantar Media for OFCOM: Online Copyright Infringement tacker Wave 1 November 2012 May 2012 – July 2012

Kantar Media for OFCOM: Online Copyright Infringement tacker Wave 2 March 2013 August 2012 – October 2012

Kantar Media for OFCOM: Online Copyright Infringement tacker Wave 3 May 2013 November 2012 – January

2013 Kantar Media for OFCOM: Online Copyright Infringement tacker Wave 4 October 2013 March 2013 – May 2013

Kantar Media for IPO: Online Copyright Infringement tacker Wave 5 July 2015 March 2015 – May 2015

Source: IDATE.

As volume data provided by OCI tracker are quarterly results, IDATE provides estimates based on waves 1 & 2 for 2012, waves 3 & 4 for 2013, wave 5 for 2015. Chronological series for year 2014 are reconstructed using growth estimates extracted from IDATE Content Economics 2015 study6. Due to a shift in the methodology between waves 1 to 4 and wave 5, the results of wave 1 to 4 are re-evaluated using a blend of median averages and mean scores. As said in the last edition, the resultant mean scores are highly influenced by a few respondents with high levels of activity. As a result the mean volumes are noticeably volatile from one wave to the next for all content types covered […].The median […] has proved to be much more stable for these metrics7. The blended solution satisfies both the need for stability in chronological series and coherence in volume size. The model also provides gross estimates of files (any type of content) accessed through illegal distribution channels: P2P, cyberlockers & newsgroups, illegal streaming. Volumes of content downloaded or accessed using P2P, cyberlockers (DDL) and illegal streaming are estimated according to use figures published in the 5 waves of IPO Tracker (table 2.2.1d).

The Forecasting model Forecasts are modulated according to the following parameters: • the evolution of both legal and technical antipiracy measures; • for both lawful and unauthorised services, the ease of use and the accessibility of online platforms

including: - general platform ergonomics; - the evolutions of content discovery techniques; - the state and perspectives of issues consumers face when accessing lawful and unauthorised online

content offers including the restriction of usage (devices, storage, DRMs, etc.) and the cost of circumvention techniques;

• the relative attractiveness of legal offers as compared with infringing ones. Several criteria are be taken in account: - the volume of content available; - the availability of most popular content; - the evolution of price positioning of legal offers.

6 IDATE. Content Economics 2015. Montpellier, 7 Kantar Media for IPO: Online Copyright Infringement tacker Wave 5, pp.13.



Perspectives concerning those entries are discussed in other tasks of the study. Below, a description of the general calculation principles of the first module of the model used by IDATE:

Figure 23: Illustration of calculation principles of the 1st module

Source: IDATE

5.3. Breakdown of time spent per device The second module provides a breakdown of files consumed per content type for each of the following connected devices: Desktop/Laptop, Smartphones and Tablets. The breakdown of content consumption per device is based on data extracted from the two waves of OFCOM Digital Day 2010 and Digital Day 2014 studies. Chronological series are reconstructed using growth estimates of time-spent per devices provided by eMarketer8.

Table 11: Sources, 2nd module

Report Release date Period studied OFCOM, Digital Day 2010 December 2014 April 2010 – May 2014 OFCOM, Digital Day 2014 October 2014 March 2014 – April 2014 eMarketer, Average Time Spent per Day with Major Media by UK Adults, 2010-2014

October 2014 October 2014

Source: IDATE.

The Forecasting model The forecasting model will be articulated around two series of parameters: • the evolution of selected connected device ownership in the UK; • the availability of each distribution channel on each of these devices (downloaded application, direct

Internet access) and ease of use.

8 http://www.emarketer.com/Article/UK-Consumers-Spend-over-9-Hours-per-Day-Consuming-Media/1011314



Below, a description of the general calculation principles of the 2nd module used by IDATE:

Figure 24: Illustration of calculation principles of the 2nd module

Source: IDATE



5.4. Dataset Table 12: Results of the 1st module: Volumes of content legally and illegally consumed par category of content

2012 2013 2014 2015 2016 2017 2018 CAGR 2012/2014 CAGR 2015/2018

Digital Content Consumption 4498.8 4841.6 5087.0 5331.8 5594.8 5886.7 6233.3 6.3% 5.3% Music 2985.9 3163.0 3282.0 3401.0 3502.2 3606.4 3682.4 4.8% 2.7% Video 1038.8 1162.0 1270.4 1378.7 1521.1 1689.6 1941.3 10.6% 12.1% eBooks 192.7 225.5 232.7 239.9 247.2 254.8 262.6 9.9% 3.1% Video games 137.7 146.8 155.6 164.1 172.0 179.6 186.6 6.3% 4.4% Computer software 143.7 144.2 146.3 148.2 152.2 156.3 160.4 0.9% 2.7% Legal Digital Content Consumption 3080.4 3713.9 4108.6 4472.4 4825.3 5189.7 5597.7 15.5% 7.8% Music 1916.1 2370.0 2643.0 2873.7 3057.9 3225.1 3349.7 17.4% 5.2% Video 796.1 930.3 1030.8 1144.5 1294.1 1472.4 1737.1 13.8% 14.9% eBooks 166.2 193.5 198.3 202.1 206.4 211.4 217.0 9.2% 2.4% Video games 115.2 126.9 137.0 146.6 155.6 164.1 172.0 9.0% 5.5% Computer software 86.7 93.2 99.5 105.5 111.3 116.7 121.9 7.1% 4.9% Illegal Digital Content Consumption 1418.5 1127.6 978.5 859.5 769.5 697.0 635.6 -16.9% -9.6% Music 1069.8 793.0 638.9 527.2 444.3 381.4 332.7 -22.7% -14.2% Video 242.7 231.7 239.5 234.3 227.0 217.2 204.1 -0.7% -4.5% eBooks 26.6 32.0 34.5 37.9 40.8 43.4 45.6 13.9% 6.4% Video games 22.4 19.9 18.7 17.5 16.4 15.5 14.6 -8.7% -5.7% Computer software 57.0 51.0 46.8 42.7 40.9 39.5 38.5 -9.3% -3.4% Share of Illegal consumption 31.5% 23.3% 19.2% 16.1% 13.8% 11.8% 10.2% -21.9% -14.2% Music 35.8% 25.1% 19.5% 15.5% 12.7% 10.6% 9.0% -26.3% -16.5% Video 23.4% 19.9% 18.9% 17.0% 14.9% 12.9% 10.5% -10.2% -14.8% eBooks 13.8% 14.2% 14.8% 15.8% 16.5% 17.0% 17.4% 3.6% 3.3% Video games 16.3% 13.6% 12.0% 10.6% 9.5% 8.6% 7.8% -14.1% -9.7% Computer software 39.7% 35.4% 32.0% 28.8% 26.9% 25.3% 24.0% -10.2% -5.9%

Source: IDATE



Table 13: Results of the 1st module: Volumes of content consumed through illegal distribution channels

2012 2013 2014 2015 2016 2017 2018 CAGR 2012/2014 CAGR 2015/2018

Illegal Digital Content Consumption 1418.5 1127.6 978.5 859.5 769.5 697.0 635.6 -16.9% -9.6% P2P 771.7 638.6 525.0 432.5 371.5 322.2 280.7 -17.5% -13.4% DDL 286.6 219.2 198.5 183.0 165.7 151.5 139.2 -16.8% -8.7% Illegal Streaming 360.1 269.8 254.9 244.0 232.3 223.4 215.8 -15.9% -4.0%

Source: IDATE

Table 14: Results of the 2nd module: Volumes of content consumed per device

2012 2013 2014 2015 2016 2017 2018 CAGR 2012/2014 CAGR 2015/2018

Music 2985.9 3163.0 3282.0 3401.0 3502.2 3606.4 3682.4 4.8% 2.7% Desktop / Laptop 1933.5 1951.5 1932.6 1905.0 1845.8 1774.1 1678.0 0.0% -4.1% Smartphone 830.1 926.3 1012.6 1105.4 1199.2 1300.9 1399.3 10.4% 8.2% Tablet Computer 222.3 285.2 336.8 390.5 457.2 531.4 605.1 23.1% 15.7% Video 1038.8 1162.0 1270.4 1378.7 1521.1 1689.6 1941.3 10.6% 12.1% Desktop / Laptop 647.6 696.3 739.8 782.4 829.0 907.9 1012.9 6.9% 9.0% Smartphone 217.5 199.9 171.5 142.6 133.9 111.5 114.9 -11.2% -6.9% Tablet Computer 173.7 265.9 359.0 453.8 558.3 670.2 813.5 43.7% 21.5% eBooks 192.7 225.5 232.7 239.9 247.2 254.8 262.6 9.9% 3.1% Desktop / Laptop 29.7 29.2 25.5 23.7 21.3 17.5 16.5 -7.3% -11.3% Smartphone 148.3 161.2 114.3 80.5 50.3 35.5 27.4 -12.2% -30.2% Tablet Computer 14.8 35.2 92.9 135.7 175.6 201.8 218.7 150.3% 17.2% Video Games 137.7 146.8 155.6 164.1 172.0 179.6 186.6 6.3% 4.4% Desktop / Laptop 100.6 98.2 93.8 89.6 85.5 81.7 78.0 -3.4% -4.5% Smartphone 22.7 26.6 30.8 35.1 39.4 43.6 47.7 16.6% 10.8% Tablet Computer 14.4 22.0 31.0 39.4 47.1 54.3 60.9 46.6% 15.6% Computer software 143.7 144.2 146.3 148.2 152.2 156.3 160.4 0.9% 2.7% Desktop / Laptop 103.8 90.3 78.8 72.5 69.5 67.4 65.7 -12.9% -3.2% Smartphone 30.9 39.0 45.0 49.4 53.4 56.8 59.8 20.7% 6.6% Tablet Computer 9.1 14.9 22.5 26.3 29.3 32.1 34.9 57.6% 9.9%

Source: IDATE

Online Content Study: Changes in the distribution ... - Ofcom

Documents

Transcript of Online Content Study: Changes in the distribution ... - Ofcom