European pay TV operators re-launch fight against piracy

Leading European pay TV operators and their security vendors are renewing their fight against piracy by announcing the new Audiovisual Anti-Piracy Alliance (AAPA) at the HbbTV Symposium in Paris. This is a successor to the existing Association Européenne pour la Protection des Œuvres et services Cryptés (AEPOC), comprising the same members including DTH operators BSkyB, Sky Deutschland and Sky Italia; cable TV providers Liberty Global and ZON; along with content security vendors Conax, Irdeto, Nagra, NDS (now part of Cisco), Verimatrix and Viaccess.

The move begs the questions of why the body had to be re-launched under a new name, and also why there has to be a pan European group when each country has its own active anti-piracy group, such as Society for the Prosecution of Copyright Infringement in Germany, the Federation Against Copyright Theft (FACT) in the U.K. and the Association for the Fight Against Audiovisual Piracy in France.

The answer to the second question is that the pay TV industry felt it needed a separate body to represent and lobby for its own specific interests on the piracy front, which are distinct from other industry sectors given the fast evolving balance between threats and defenses. The need for a new body reflects the current revolution sweeping the industry, which is changing the threat landscape dramatically.

“As new technologies emerge and new ways of distributing audiovisual content become more popular, it is crucial that we have all the possible tools to work with collaboratively against the persistent threat of piracy, which causes enormous damage to jobs in the creative and other sectors,” said AAPA Vice-President Christine Maury-Panis, General Counsel at Viaccess.

According to Sheila Cassells, AAPA Executive Director, the seeds of the new body were planted at IBC two years ago with a discussion about the security issues surrounding connected TV.

“Since then, AAPA members have been active in developing security for smart TVs, and making OTT content available," she said. "We need to ensure that all stakeholders recognize the importance of implementing and maintaining content security robustly.”

AAPA states that its role is to build upon the work of its predecessor to facilitate the coordination of intelligence and anti-piracy activities among its members and interact with EU (European Union) institutions to ensure that there is effective legislation to achieve successful enforcement action.

In terms of threats, the AAPA will recognize the growing issue of unauthorized content redistribution in the IP video age. This is one of three main categories of threat, where a pirate makes a high-quality copy of content after it has been legally decrypted and then redistributes it over the Internet. The second category is control word sharing, where a pirate discovers a common key used to decrypt the content and distributes it via the Internet or other means. Thirdly comes cloning, where a pirate replicates part of a device’s software or hardware such that control words can then be extracted and used to decrypt content. This replicated part can then be distributed, although the severity of this threat depends on exactly what part of the CA system has been hacked.

Cloning was the most common and serious of the three threat categories in the era of pure broadcast before the availability of mass broadband services. But according to a recent survey by U.K. TV consultancy Farncombe, the balance of risk has now shifted away from cloning towards control word sharing, but more significantly the situation is about to change again as content redistribution becomes the biggest threat. This, in turn, reduces the advantage of hardware based security, for even if it does offer stronger protection against cloning, it does not help prevent redistribution.

This then means that other forms of protection and detection become more valuable or even essential, with Farncombe identifying content watermarking, content fingerprinting, and Internet monitoring, as being three that will increasingly be deployed.

Watermarking embeds indelible and imperceptible data within the audio or video, and can be applied at any stage of content distribution, from creation to consumption on a device, designed mainly to identify the source of the content piracy.

Fingerprinting is different in that it allows the video itself to be identified by comparing some unique signature generated from a video segment and stored in a database before distribution with the one calculated on receiving the video. This process allows for automated and rapid comparison of multiple video streams on a single server. Then monitoring involves various processes to identify and locate pirate activity, including behavioral analysis to seek anomalous network activity that might indicate piracy has occurred.

The newly launched AAPA will be shifting its focus more towards cardless systems and these new techniques that are best placed to tackle content redistribution, although for the foreseeable future, existing card-based methods will still rule for broadcast pay TV services.