1. Digital Rights Management
Team Guts - CSC 540
9/17/2018

2. DRM history
Team Guts - CSC 540
9/17/2018

3. DRM Timeline: Too Much CRAP
So, I made a timeline regarding the history of DRM in music, but there’s so much CRAP on it, that you can’t read it. I also made a HUGE timeline detailing music, video, and ebooks, but it’ has even MORE crap. I couldn’t squish it down enough to be readable on this slide. So, we’re just going to hit the highlights.
DRM Timeline: Too Much CRAP
Team Guts - CSC 540
9/17/2018

4. DMCA
Team Guts - CSC 540
9/17/2018

5. Crafted in 1996, passed in 1998 to “protect” copyrighted content that could be delivered digitally
Reads like a document designed to protect an out of date business model
Makes it a crime to circumvent “anti-piracy” measures
Makes it a crime to distribute, manufacture, or sell DRM cracking technologies
Provides exemptions to researchers, ISPs, certain libraries, educational institutions, and certain content providers
Requires “content providers” to pay a licensing fee to copyright holders (RIAA, MPAA, etc.)
DMCA: Highlights
Team Guts - CSC 540
9/17/2018

6. DMCA: Section 1201 Details the “Anti-Circumvention” Regulations
‘‘§ Circumvention of copyright protection systems
‘‘(a) VIOLATIONS REGARDING CIRCUMVENTION OF TECHNOLOGICAL MEASURES.—(1)(A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title.”
‘‘(2) As used in this subsection—
‘‘(A) to ‘circumvent protection afforded by a technological measure’ means avoiding, bypassing, removing, deactivating, or otherwise impairing a technological measure; and
‘‘(B) a technological measure ‘effectively protects a right of a copyright owner under this title’ if the measure, in the ordinary course of its operation, prevents, restricts, or otherwise limits the exercise of a right of a copyright owner under this title.
Further:
‘‘(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—
‘‘(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
‘‘(B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or
‘‘(C) is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing a technological measure that effectively controls
access to a work protected under this title.
‘‘(3) As used in this subsection—
‘‘(A) to ‘circumvent a technological measure’ means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair
a technological measure, without the authority of the copyright owner; and
‘‘(B) a technological measure ‘effectively controls access to a work’ if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.
‘‘(b) ADDITIONAL VIOLATIONS.—(1) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—
‘‘(A) is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under
this title in a work or a portion thereof;
‘‘(B) has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright
owner under this title in a work or a portion thereof; or
‘‘(C) is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing protection afforded by a technological measure that
effectively protects a right of a copyright owner under this title in a work or a portion thereof.
‘‘(2) As used in this subsection—
‘‘(A) to ‘circumvent protection afforded by a technological measure’ means avoiding, bypassing, removing, deactivating, or otherwise impairing a technological measure; and
‘‘(B) a technological measure ‘effectively protects a right of a copyright owner under this title’ if the measure, in the ordinary course of its operation, prevents, restricts, or otherwise
limits the exercise of a right of a copyright owner under this title.
DMCA: Section 1201
Team Guts - CSC 540
9/17/2018

7. DMCA: Screwing the Consumer
Protects “copyright holders”
Protects “content providers”
Protects “delivery providers”
Protects law enforcement
Sort of protects researchers, libraries, and schools
Puts the consumer at the mercy of all of the above
Actually encourages piracy and jailbreaking
DMCA: Screwing the Consumer
Team Guts - CSC 540
9/17/2018

8. DMCA: Encourages Piracy
The one immutable fact I’ve been able to determine is that DRM/DMCA actually ENCOURAGES piracy.
DMCA: Encourages Piracy
Team Guts - CSC 540
9/17/2018

9. DRM Failures: Macrovision through HDCP
Directly stolen from:
'Digital rights management' suggests an electronic equivalent of the work that the Mechanical Copyright Protection Society does in the UK, collecting money to make sure musicians are rewarded for their work. However, what all currently available DRM vendors' products have in common is that they attempt to restrict the playback or copying of music, which is not the same thing as collecting payment for it. A better name for the technology might therefore be 'digital rights enforcement'.
This really pisses people off, and circumvention of these enforcement policies is rampant.
DRM Failures:
Macrovision through HDCP
Team Guts - CSC 540
9/17/2018

10. Macrovision Original copy protection scheme Used on VCRs in 1984
Later added to DVD players – still in use
Macrovision now known as Rovi
Directly stolen from:
Macrovision. The original copy protection scheme was first deployed in 1984 on VHS tapes. Macrovision worked by adding invisible signals to the video recordings on commercially released VHS tapes, which would make it impossible to make copies of these tapes with a second DVD VHS recorder. Macrovision was later also added to DVD players, disabling the ability to record DVDs on VHS. Macrovision was however easily defeated when tinkerers figured out ways to filter out those extra signals, leading to a brief boom of Macrovision filtering devices. Some DVD player manufacturers also allowed users to disable Macrovision through special codes.
Macrovision’s corporate entity is now called Rovi, and it’s increasingly focusing on delivering programming guides for CE devices. Its long-defeated technology, however, is still in use on virtually any DVD player.
Macrovision
Team Guts - CSC 540
9/17/2018

11. Directly stolen from: http://gigaom
CSS. The Content Scramble System was Hollywood’s attempt to lock down the DVD format and prevent end users from ripping and copying DVDs. It was cracked in 1999, when a number of unknown hackers disassembled a software DVD player to extract its encryption key. This crack eventually led to a tool called DeCSS. One of the people involved in the creation of DeCSS was Jon Lech Johansen, who found himself targeted by Norwegian law enforcement and Hollywood studios as a result. The case against Johansen was eventually dropped in 2004, and he went on to bring media playback tools to the Android world with his San Francisco-based company doubleTwist. CSS decryption tools now have found their ways into many DVD copying tools, but their sale is still illegal in the U.S.
CSS and DeCSS
Team Guts - CSC 540
9/17/2018

12. Directly stolen from: http://gigaom
SDMI. The Secure Digital Music Initiative tried to prevent music piracy through watermarking of audio tracks. The initiative was founded in 1998 and backed by some 200 music, technology and CE companies. However, it faced difficulties coming to market, partially because even within the industry, some doubted its effectiveness. These critics were supposed to be convinced with a contest launched in 2000 that asked security experts to “hack SDMI.”
Princeton professor Ed Felten took the initiative by its word, and cracked all but one proposed watermarking schemes. The Recording Industry Association of America (RIAA) went on to threaten Felten with a lawsuit when he tried to document his findings, but subequently backed down when Felten teamed up with the EFF. SDMI eventually dissolved in 2001.
Directly stolen from:
The Secure Digital Music Initiative was an early casualty in the war on music sharing. The SDMI was relatively unusual among groups advocating DRM, in that it was a wide-ranging coalition including companies from the technology and music industries, as well as artists' representatives such as the American Society of Composers, Authors and Publishers.
A competition was announced in September 2000, in which a cash prize was offered to anyone who could break one of four different SDMI watermarking schemes. A team of academics from Princeton University and Rice University in the USA, among over 400 other entrants, decided to give it a go. Watermarking is designed to incorporate inaudible data into a digital music file which would enable unauthorised copies to be identified. It's claimed that the technique does not affect perceptible audio quality, although some audiophiles have doubts about this.
The challenge in the 'HackSDMI' contest was to remove the watermark and produce a file which sounded like the original. Presumably, the SDMI consortium must have been reasonably confident of the technologies in order to offer them for public scrutiny. The Princeton/Rice team successfully removed watermarks from all four examples, but declined the cash prizes because they would have meant signing a gagging agreement. Instead, the academics produced a paper for a technical conference in April 2001.
Before this paper was presented, the SDMI tried to suppress the information, indicating that they still believed the watermarking techniques were viable, despite the flaws discovered during the contest. The Recording Industry Association of America threatened to have the research team prosecuted (and possibly jailed) under the notorious Digital Millennium Copyright Act, on behalf of the SDMI and Verance. The Verance watermark was one of those defeated by the Princeton/Rice team, and is the DRM technology used in DVD-Audio discs.
The academics went ahead and published their research at another conference in August The RIAA eventually backed down, agreeing by 2002 that the publication of scientific research exposing flaws in watermarking was in the best interest of all parties. The SDMI consortium became dormant, although its web site still exists. A note entitled Current Status, dated May 18, 2001 says "it was determined that there is not yet consensus for adoption of any combination of the proposed technologies. Accordingly, SDMI is now on hiatus, and intends to re-assess technological advances at some later date."
SDMI
Team Guts - CSC 540
9/17/2018

13. Would you say an audio CD that installs hidden software on your PC, without your consent, that compromises your computer's security to the point that hackers could use it for malicious purposes, was:
a) a really great product,
b) an average product,
c) an extremely bad product, or
d) the worst product anyone has ever released in the history of the music industry?
Directly stolen from:
If your answer was anything but d, you're wrong.
The sad fact is that in 2005, Sony BMG put Extended Copy Protection (XCP) and MediaMax CD-3 software -- the black death incarnation of DRM -- on a total of 102 CD titles.
Users who played these CDs on their computers unknowingly had malware known as a 'rootkit' installed on their machines. Rootkits can avoid detection by anti-virus and security programs by hiding deep within a computer's operating system. This rootkit left PCs on which it was installed at the mercy of hackers.
Sony paid dearly for its work, but maintained that "there were no security risks associated with the anti-piracy technology". Right. It did, however, exchange CDs containing the questionable security protection for versions without it. Just for fun.
Sony Rootkit CDs
Team Guts - CSC 540
9/17/2018

14. Directly stolen from: http://gigaom
BD+. The early defeat of DVD copy protection hasn’t stopped the industry from trying to lock down Blu-ray disks. In fact, the BD+ copy protection scheme is far more sophisticated than CSS, because it’s based on updateable keys. However, that hasn’t stopped skillful minds from cracking BD+, and rips of a number of Blu-ray movieshave since appeared online. The industry has reacted to this by in turn updating BD+, but the cure turned out to be more like a poison: Dozens of Blu-ray titles have been rendered unplayable for owners of Samsung’s Blu-ray players, thanks to copy protection gone wrong.
SlySoft is the brave software company behind ‘AnyDVD HD’ a programme which decrypts HD DVDs so they can be copied sold uploaded onto bittorent trackers‘stored for your own personal back ups’. It works by removing the AACS encryption on the discs and even knocks out HDCP meaning you won’t need a monitor or graphics card that is HDCP compliant. In fact, HD DVD is an open book to AnyDVD HD since the software will also let you remove the copyright code, CSS encryption and regional code.
BD+
Team Guts - CSC 540
9/17/2018

15. Directly stolen from: http://gigaom
And just like with Macrovision, this has led to the emergence of HDCP filtering devices. Dongles that make it possible to play HDCP-protected streams on non-compliant devices have been available for a number of years, but the fact that HDCP is now completely broken could potentially enable rogue manufacturers to build more sophisticated DVRs or Blu-ray copying devices. Also possible: Interfaces like an HDMI USB adapter or an HDMI Firewire converter, allowing you to write encrypted video streams onto your hard drive and then decrypt them with the help of a future DeHDCP application.
One of the biggest banes of professional venue and home theater installers is HDCP. The necessary handshake between encryption chips is notoriously twitchy, especially with long cable runs, even with the use of repeaters. Now, a couple of really smart guys have figured out how to crack it at a price that many people can afford.
Rather than trying to design a customized chip (both expensive and complicated), computer scientists in the Secure Hardware Group at Germany’s Ruhr University built a custom board using relatively inexpensive FPGA chips. A Xilinx Spartan-6 FPGA featuring an HDMI port and a serial RS232 communication port was created and sat between a Blu-ray player and a flat screen TV, intercepting and decrypting traffic, without being detected. The rig, which cost little over $200, was built by professor Tim Güneysu and PhD student Benno Lomb, as part of a research project in copy protection.
HDCP
Team Guts - CSC 540
9/17/2018

16. Emerging trends
For those of us who are NOT pirates and choose to purchase our content, we get hit with porting limitations and an egregious use of tracking methodologies.
DRM IDs from Microsoft:
“The Digital Rights Management (DRM) Identifier is used to manage usage rights of media downloaded on your computer. Each protected file, whether audio or video, comes with certain privileges given to the user by the distributor. These conditions state the playback limitations, copying permissions and portable device syncing rights. By updating the DRM Identifier on your Window Media Player software, the probability of consistent playback without interruption is increased.”
However, each DRM ID has an identity correlator that maps the user to the media. Sneaky.
DRM IDs: A Violation of Your Privacy, a Limit on Your Transactions
Team Guts - CSC 540
9/17/2018

17. Who Tracks Your Purchase?
Um, everyone.
Discuss
Who Tracks Your Purchase?
Team Guts - CSC 540
9/17/2018

18. Big Brother IS Watching
"The war on privacy, which comes to us courtesy of the National Security State, is the means by which the government wages all of its other wars. Without the ability to monitor, track, and catalog the day-to-day individual behavior, the centralized state is unable to carry out all of its other freedom-crushing activity."
Directly STOLEN from:
We all know that data mining and predictive analysis are the most insidious methods being used by the government to curtail freedom in this country. DRM methodologies report back to the “owner” (who isn’t you) on your purchases and use of DRM protected content. Who else has access to that information. That’s right – the Feds. Bastards.
Big Brother IS Watching
Team Guts - CSC 540
9/17/2018

19. Who Owns Your Purchase?
Team Guts - CSC 540
9/17/2018

20. Ownership If you’re a pirate – you own your ill-gotten gains.
If you’re a legitimate consumer, the content provider still “owns” your stuff.
Limits on how many times you can copy.
Limits on what device can be used.
If the provider discontinues support, your stuff “disappears”.
Ownership
Team Guts - CSC 540
9/17/2018

21. Emerging trends Eliminating the Producer and Going DRM free
Team Guts - CSC 540
9/17/2018

22. DRM Free Options Amazon iTunes Walmart Audiophile (www.hdtracks.com)
eMusic
Napster
LimeWire
Audio Lunchbox
LiveDownloads
Still pay-to-play, and prices vary. However, you can download DRM free music, books, and video from these guys. And, of course, there’s always BitTorrent and Pirate Bay.
DRM Free Options
Team Guts - CSC 540
9/17/2018

23. Eliminate the Producer
Trent Reznor
Stephen King
J. K. Rowling
Tor/Forge eBooks (the ONLY publishing house to do so)
Many content producers have opted to join with major resellers in offering DRM free content, but not many are going direct to the customer. And don’t forget the EME controversy with HTML5.
These artists and publishers have opted to provide their content completely DRM free, and are skipping the traditional “production mill” that makes said content so expensive.
Eliminate the Producer
Team Guts - CSC 540
9/17/2018

24. Emerging trends DRM in HTML5
This proposal allows JavaScript to select content protection mechanisms, control license/key exchange, and implement custom license management algorithms. It supports a wide range of use cases without requiring client-side modifications in each user agent for each use case. This also enables content providers to develop a single application solution for all devices.
NOT COOL.
The proposal is called Encrypted Media Extensions, and proponents claim that using the methodology isn’t really DRM. The EFF disagrees.
Source:
“The EME proposal suffers from many of these problems because it explicitly abdicates responsibilty on compatibility issues and let web sites require specific proprietary third-party software or even special hardware and particular operating systems (all referred to under the generic name "content decryption modules", or CDMs, and none of them specified by EME). EME's authors keep saying that what CDMs are, and do, and where they come from is totally outside of the scope of EME, and that EME itself can't be thought of as DRM because not all CDMs are DRM systems. Yet if the client can't prove it's running the particular proprietary thing the site demands, and hence doesn't have an approved CDM, it can't render the site's content. ”
Oh, yeah. The proponents just happen to be
DRM in HTML5
Team Guts - CSC 540
9/17/2018

25. “Because it's clear that the open standards community is extremely suspicious of DRM and its interoperability consequences, the proposal from Google, Microsoft and Netflix claims that "[n]o 'DRM' is added to the HTML5 specification" by EME. This is like saying, "we're not vampires, but we are going to invite them into your house".
“Proponents also seem to claim that EME is not itself a DRM scheme. But specification author Mark Watson admitted that "Certainly, our interest is in [use] cases that most people would call DRM" and that implementations would inherently require secrets outside the specification's scope. It's hard to maintain a pretense that EME is about anything but DRM.” – Cory Doctorow
EME in HTML5 = no DRM?
Team Guts - CSC 540
9/17/2018

26. DRM consumers’ Rights Protected or Infringed Upon?
World Wide Web Consortium  W3C is your friend – sort of.
Protected or Infringed Upon?
Team Guts - CSC 540
9/17/2018

27. "There has grown up in the minds of certain groups in this country the notion that because a man or corporation has made a profit out of the public for a number of years, the government and the courts are charged with the duty of guaranteeing such profit in the future, even in the face of changing circumstances and contrary to public interest. This strange doctrine is not supported by statute or common law. Neither individuals nor corporations have any right to come into court and ask that the clock of history be stopped, or turned back." - Robert A Heinlein, Life-Line
“The purpose of DRM is to give content providers leverage against creators of playback devices.” - Ian Hickson, on overseeing the HTML5 standard at the W3C
Infringement
Team Guts - CSC 540
9/17/2018

28. Protection Um, yeah. Couldn’t find any. Crickets.
I guess the only “protection” you have is protection against prosecution – but that’s iffy.
Protection
Team Guts - CSC 540
9/17/2018

29. Questions?
Team Guts - CSC 540
9/17/2018

30. All of the images Karen used in this presentation were flat out STOLEN with no attribution. Sorry, boys.
105th Congress of the US, 2d Session. (1998, January 27). H.R Retrieved March 17, 2013, from Digital Millenium Copyright Act:
Anonymous, the Hacker Collective. (2001, April 20). RIAA Challenges the SDMI Attack. Retrieved March 28, 2013, from Extras - The Register, UK:
Bradley, P. (2013, March 20). DRM encourages piracy, not libraries! Retrieved March 27, 2013, from Phil Bradley's Weblog:
Defective By Design. (2012). What Is DRM? Retrieved March 27, 2013, from DRM - Defective By Design:
Electronic Information Privacy Center. (2004, March 29). Digital Rights Management and Privacy. Retrieved March 17, 2013, from Privacy - EPIC:
Sources
Team Guts - CSC 540
9/17/2018

31. Goble, G. (2011, June 16). DRM from 1998 to the Present: A Brief History of Copy Protection. Retrieved March 17, 2013, from Articles - Maximum PC:
James, D. (2003, August). Digital Rights Management & Music: A Barrier to Creativity? Retrieved March 29, 2013, from Music Business Articles - Sound on Sound:
Jantakahalli, P. (2012, Second Quarter). To DRM or Not To? Retrieved March 22, 2013, from Impelsys Official Newsletter:
Lanxon, N. (2007, November 20). Top Ten Terrible Tech Products. Retrieved March 22, 2013, from CNET UK - Gadgets:
Layton, J. (2013). How Digital Rights Management Works. Retrieved March 22, 2013, from Tech Articles - How Stuff Works:
Sources
Team Guts - CSC 540
9/17/2018

32. New Media Rights. (2007, November 1)
New Media Rights. (2007, November 1). A Citizen's Legal Guide to the Digital Millenium Copyright Act (DMCA). Retrieved March 23, 2013, from Copyright Articles - New Media Rights:
Pfeiffer Consulting. (2001, February 8). The Hidden Dangers of Digital Rights Management. Retrieved March 15, 2013, from The Pfeiffer Report:
Roettgers, J. (2010, September 17). DRM FAIL: Five Broken Copy Protection Schemes. Retrieved March 30, 2013, from Tech News and Analysis - Gigaom:
Suehle, R. (2011, November 3). The DRM Graveyard: A brief history of digital rights management in music. Retrieved March 27, 2013, from Life Articles - OpenSource:
Suehle, R. (2012, July 9). The DRM Graveyard Part 2: A brief history of digital rights management in video and TV. Retrieved March 27, 2013, from Life Articles - OpenSource:
Sources
Team Guts - CSC 540
9/17/2018

33. Suehle, R. (2012, July 9). The DRM Graveyard Part 2: A brief history of digital rights management in video and TV. Retrieved March 27, 2013, from Life Articles - OpenSource:
Vora, P., Reynolds, D., Dickinson, I., Erickson, J., & Banks, D. (2001, January). Privacy and Digital Rights Management: A position paper for the W3C workshop on Digital Rights Management, January Retrieved March 30, 2013, from WC3:
Wikipedia. (2013, March 30). Digital Rights Management. Retrieved March 30, 2013, from Wikipedia:
Wikipedia. (2013, March 14). Sony BMG Copy Protection Rootkit Scandal. Retrieved March 17, 2013, from Wikipedia:
Sources
Team Guts - CSC 540
9/17/2018

34. The Rise and Fall of Ownership
Commentary by Sir. Evan Lampley Esq. of Cumbria.
Team Guts - CSC 540
9/17/2018

35. EULAs. EULAS Everywhere
Steam (Valve)
Origins (EA)
Dropbox
You are now free to take off your tinfoil hat.
Or keep it on. Your choice.
Picture Credit:
Presentation Notes:
Explain EULAs. As if nobody in the room already knows what that is. Bonus points: Ask for a show of hands for who has actually read an EULA in the last three months. Laugh at them. Tell them to put their tinfoil hats back on.
The EULAs from a handful of key websites will be examined. These are websites the average person in THIS CLASSROOM may lost their data. Also a brief examination into how they treat your data. EULA legalese on the right, and approximate translation on the left.
EULAs. EULAS Everywhere
Team Guts - CSC 540
9/17/2018

36. Steam Steam subscriber agreement Presentation Notes:
Briefly explain Steam in case some of us live under a rock. One or two sentences. Try not to enthuse about how I personally have 135 games locked up in this enterprise. I am so screwed.
Steam
Team Guts - CSC 540
9/17/2018

37. “Limited terminable license”
You don’t actually ‘own’ the games and content we sell, but you’re purchasing access to use/play them.
“The Software is licensed, not sold. Your license confers no title or ownership in the Software.”
Presentation Notes:
According to the Steam subscriber agreement (Their EULA) -
“Limited terminable license” is a common phrase in online content distribution
EULA’s direct TL;DR:
“Limited terminable license to use and modify purchased content, excluding rights to sale, transfer, copy or reproduce original content.”
terminable
“Limited terminable license”
Team Guts - CSC 540
9/17/2018

38. Now you’re thinking with Portals!
Break copyright laws. (DMCA)
Violate their “Online Code of Conduct”
Upload Trojan horses, defame other users or otherwise make people hate you.
Modify the delivery software.
Resell or trade their content outside provided trading system.
Modifying content source code;
Employ protocol emulation or protocol tunneling
Obvious illegal behavior.
Presentation Notes:
Okay, so how does one lose access to their purchased content?
Now you’re thinking with Portals!
Team Guts - CSC 540
9/17/2018

39. Your account may be suspended for, guess what, violating our EULA
Your account may be suspended for, guess what, violating our EULA. When that happens, you’re not getting a refund for the stuff you bought.
“In the event that your Account or a particular Subscription is terminated or cancelled by Valve for a violation of this Agreement or improper or illegal activity, no refund, including of any Subscription fees, will be granted.”
Presentation Notes:
“Account may be terminated for violation of the Steam subscriber agreement, resulting in loss of purchases.”
You lose complete access to your content save what you’ve already downloaded. Even in that circumstance, usage is not guarenteed.
Terminable?
Team Guts - CSC 540
9/17/2018

40. Origin Terms of Service Presentation Notes:
Origin is a content delivery system similar to Steam released by the game developer EA in June 2011 in response to Steam’s success. Steam and Origins are in direct competition. EA restricts their game catalogue almost entirely to their delivery system.
Origin
Team Guts - CSC 540
9/17/2018

41. Limited terminable = Limited non-exclusive
Again, you don’t actually “own” the content you purchase from us. We’re allowing you to play it for the time being
“EA grants you a personal, limited, non-exclusive license to use Content and Entitlements…”
Presentation Notes:
Origin’s terms on ownership is as crisp and limited as Steam: You don’t own it. We do.
Limited terminable = Limited non-exclusive
Team Guts - CSC 540
9/17/2018

42. Don't you use your fancy mathematics to muddle the issue.
Obey all local, state and federal/national laws relating to their services.
Copyrights (DMCA)
Prohibited from content resell and modification.
Similar to Steam, EA prohibits the usual suspect activities.
Don't you use your fancy mathematics to muddle the issue.
Team Guts - CSC 540
9/17/2018

43. Spam a chat channel or engage in “disruptive” behavior.
Improperly use in-game support or complaint buttons.
Use and communicate exploits and/or cheats.
Abuse undocumented game bugs/features.
They suspect you are using software to hack/cheat
Presentation notes:
Here are a select number of things their EULA prohibits. Selected for potential of abuse.
Full copy from EULA:
- Post, transmit, promote, or distribute Content that is illegal. - Harass, threaten, embarrass, spam or do anything else to another player that is unwanted, such as repeatedly sending unwanted messages or making personal attacks or statements about race, sexual orientation, religion, heritage, etc. - Organize, effectuate or participate in any activity, group, guild that is harmful, abusive, hateful, racially, ethnically, religiously or otherwise offensive, obscene, threatening, bullying, vulgar, sexually explicit, defamatory, infringing, invasive of personal privacy or publicity rights, encourages conduct that would violate a law or in a reasonable person's view, objectionable and/or inappropriate.  Hate speech is not tolerated. - Use abusive, offensive, or defamatory screen names and/or personas. - Engage in disruptive behavior in chat areas, game areas, forums, or any other area or aspect of EA Services.  Disruptive behavior includes but is not limited to conduct which interferes with the normal flow of gameplay or dialogue within an EA Service. Disruptive behavior shall also include, but not be limited to, commercial postings, solicitations and advertisements. - Disrupt the flow of chat in chat rooms with vulgar language, abusiveness, hitting the return key repeatedly or inputting large images so the screen goes by too fast to read, use of excessive shouting [all caps] in an attempt to disturb other users, "spamming" or flooding [posting repetitive text]. - Impersonate another person (including celebrities), indicate falsely that you are an EA employee or a representative of EA, or attempt to mislead users by indicating that you represent EA or any of EA's partners or affiliates. - Attempt to get a password, account information, or other private information from anyone else on EA Services. - Upload any software or Content that you do not own or have permission to freely distribute. - Violate any additional Rules of Conduct applicable to a specific EA Service that you are using. - Promote, encourage or take part in any activity involving hacking, cracking, phishing, taking advantage of exploits or cheats and/or distribution of counterfeit software and/or virtual currency/items. - Upload files that contain a virus, worm, spyware, time bombs, corrupted data or other computer programs that may damage, interfere with or disrupt EA Services. - Post messages for any purpose other than personal communication, including advertising or promotional messaging, chain letters, pyramid schemes, or other commercial activities. - Improperly use in-game support or complaint buttons or make false reports to EA staff. - Use or distribute unauthorized "auto" software programs, "macro" software programs or other "cheat utility" software program or applications. - Use any game hacking/altering/cheating software or tools.  - Modify or attempt to modify any file or any other part of the EA Service that EA does not specifically authorize you to modify. - Post or communicate any person's real-world personal information using an EA Service. - Attempt to interfere with, hack into or decipher any transmissions to or from the servers for an EA Service. - Use and communicate exploits and/or cheats. - Attempt to use EA Software on or through any service that is not controlled or authorized by Electronic Arts.  Any such use is at your own risk and may subject you to additional or different terms.  EA takes no responsibility for your use of EA Software on or through any service that is not controlled by Electronic Arts. - Interfere with the ability of others to enjoy playing an EA Service or take actions that interfere with or materially increase the cost to provide an EA Service for the enjoyment of all its users. - Unless expressly authorized by EA, you may not sell, buy, trade or otherwise transfer your Account or any personal access to EA Services, Content or Entitlements, including by use of auction websites. - You may not conduct any activities that violate the laws of any jurisdiction including but not limited to copyright infringement, trademark infringement, defamation, invasion of privacy, identity theft, hacking, stalking, fraud and the distribution of counterfeit software. - Post or transmit unsolicited advertising, promotional materials or other forms of solicitation in-game or in the forums. - Abuse or exploit bugs, undocumented features, design errors or problems in the game.  - “Role–playing” is not an excuse for violating this or any other policy.
Team Guts - CSC 540
9/17/2018

44. Aaaand Boom goes the Dynamite.
EA can and will terminate your account at any time after giving 30 days notice or less
Or none at all. It’s all up to them, really.
Presentation Notes:
Loss of account means loss of access to all purchased content
Aaaand Boom goes the Dynamite.
Team Guts - CSC 540
9/17/2018

45. EA’s Policy on User Generated Content (UGC)
EA respects the intellectual property rights of others.
Presentation Notes:
Fun time. Here’s EA’s policy on User content, which includes but not limited to Account personas, forum posts, profile content and any other Content contributed to EA’s Services.
EA’s Policy on User Generated Content (UGC)
Team Guts - CSC 540
9/17/2018

46. “When you contribute UGC to an EA Service, you expressly grant to EA and its licensors a non-exclusive, perpetual, worldwide, complete, sub-licensable and irrevocable right to quote, re-post, publish, use, adapt, translate, archive, store, reproduce, modify, create derivative works from, syndicate, license, print, sublicense, distribute, transmit, broadcast, and otherwise communicate, and publicly display and perform the UGC, or any portion thereof, in any manner or form and in any medium or forum, whether now known or hereafter devised, without notice, payment or attribution of any kind to you or any third party….You waive and agree not to assert any moral or similar rights you may have in such UGC.”
Atleast they warned you.
Team Guts - CSC 540
9/17/2018

47. TL;DR: We own your stuff. Get over it.
Pictured: An every day experience with always online DRM
“If you are a repeat infringer… EA may terminate your Account without notice to you.  If your Account(s) are terminated, you are not entitled to a refund for any fees you have paid, and you will lose access to Entitlements associated with your Account.”
You lose.
TL;DR: We own your stuff. Get over it.
Team Guts - CSC 540
9/17/2018

48. DropBox Presentation Notes:
Finally, a more ‘traditional’ cloud service. Dropbox is a cloud service that syncs and stores data.
DropBox
Team Guts - CSC 540
9/17/2018

49. Huh? You actually “own” your data here?
“You retain full ownership to your stuff. We don’t claim any ownership to any of it.”
“You retain full ownership to your stuff. We don’t claim any ownership to any of it. These Terms do not grant us any rights to your stuff or intellectual property except for the limited rights that are needed to run the Services.”
Hosting or sharing at user discretion.
Redundant data backup.
Analytics
Geolocation
Access Data
Third party with consent
Wont share content with others, including law enforcement unless directed by the user.
Huh? You actually “own” your data here?
Team Guts - CSC 540
9/17/2018

50. EULA violation Violating the DMCA.
DMCA takedown Notices
Violating the law in any way or the privacy of others.
Breeching security authentication.
Malware, Trojan horses, viruses
General interference with network.
EULA violation
Team Guts - CSC 540
9/17/2018

51. Violation of EULA will result in action left up to Dropbox’s discretion
Reserves the right to terminate account at any time, though promises to “try to let you know in advance and help you retrieve data”.
Crime and Punishment
Team Guts - CSC 540
9/17/2018

52. Sources: http://store.steampowered.com/subscriber_agreement/
Sources:
Team Guts - CSC 540
9/17/2018

53. What could keep me from using the stuff I paid for/host with the service?
Yeah that sounds bad but is that really happening?
How can I recover from/circumvent that?
Well then what are some services that get it right?
Consumer Protection

54. Always-On User must always be connected to server in order to play.
Used even in Single Player campaigns.
Content you have purchased is rendered unusable without internet connection.
Causes problem for those with bandwidth caps.
Progress may be lost.
Always-On

55. Always-On - Implementation
SimCity
Servers only used for authentication. Game could easily run locally.
City of Heroes
MMO that used servers for more computations. Was shut down in late 2012.
Uplay system
Game stored locally but incomplete. Uplay tracks progress and downloads code as game progresses.
Always-On - Implementation

56. Always-On - Recovery Depends entirely on the community
More popular content get hacks/workarounds
Legal – Not if your life depended on it
Virtually all EULAs contain a clause about altering/enhancing the application
Always-On - Recovery

57. Content may only be downloaded a specified (or unspecified) number of times or is limited by a time frame.
If you go over the number of downloads and your machine dies, you’re SOL and must repurchase content.
Limited Downloads

58. Limited Downloads - Implementation
Amazon Kindle Books
Limits you to an undefined number of downloads
Amazon MP3
Limits number of devices you can register
Wii U
Account tied to one (1) console.
Limited Downloads - Implementation

59. Limited Downloads - Recovery
Again, no legal recovery.
Depends entirely on hacks.
Limited Downloads - Recovery

60. Required Programs/Proprietary File types
Services deliver their content in a file type only readable/launched by proprietary software.
Makes it much easier to revoke licenses/access to content.
Required Programs/Proprietary File types

61. RP/PF - Implementation
Amazon Kindle KF8 (notice a trend?)
2009 – Sold Animal Farm without rights to it. Refunded users and remotely deleted content from devices.
Origin
Content purchased on service must launch the service to play.
RP/PF - Implementation

62. Third-party services exist that can convert proprietary file types to open source types.
Ex: KF8 to TXT with Calibre
Legal: Questionable. Most likely not in your TOS though.
RP/PF - Recovery

63. User Account Banning Rogue admin doesn’t like criticism and bans you.
You lose access to all purchased, free, and uploaded material.
There are no refunds.
User Account Banning

64. User Account Banning - Implementation
EVERY EULA has a clause allowing this.
Often have very generalized requirements.
Give more flexibility to the provider.
User Account Banning - Implementation

65. User Account Banning - Recovery
Contact Customer Service
Make sure you weren’t breaching the TOS
Attempt to appeal ban
Most will attempt to settle it out of court
Last ditch effort: spread it to the media
User Account Banning - Recovery

66. Transferring Licenses
Limits may be placed on transferring licenses between accounts, devices, etc.
Time limits
Count limits
Transferring Licenses

67. Transferring Licenses - Implementation
Xbox 360
Can transfer content licenses from one console to another once every four months
Can not transfer content between Xbox LIVE accounts
Steam
License cannot be transferred between accounts…period
Transferring Licenses - Implementation

68. Transferring Licenses - Recovery
No legal method to circumvent transfer restrictions
Remember: licenses are (for the most part) limited, terminable, and non-transferable
Transferring Licenses - Recovery

69. Be Proactive Do your research Compare EULAs and TOS
Most services have an alternative
Ex: Dropbox/Google Drive, Steam/Origin, iTunes/Amazon/Google Play
Compare reputations with users
Be Proactive

70. Choosing the Right Service
Content Distribution
Look for:
No “Always-On” DRM
No limited downloads
Ability to access content on multiple devices
Heavy-handed admins
Choosing the Right Service

71. Choosing the Right Service
Content Storage (Lockers)
Look for:
Reputation (Are they hosting copyrighted materials?)
Local mirroring
Make sure what belongs to you remains yours
Don’t forfeit ownership
Choosing the Right Service

72.
Sources