FCC Suffers Content Security's Growing Pains
The FCC is finding it difficult to recommend an industry-wide downloadable content security strategy at a time when both content and security are rapidly changing.
Downloadable security, it turns out, is about a lot more than just security. The way the Federal Communications Commission (FCC) 's Downloadable Security Technology Advisory Committee (DSTAC) has debated the issue, agreeing on an industry-wide approach means solving everything from how to define a pay-TV service to how to navigate content licensing restrictions in a multi-screen, multi-region, multi-protocol environment.
Officially, the mandate for the committee is to recommend a downloadable security strategy that will promote retail competition for pay-TV compatible devices -- in other words, a successor to CableCARD. However, for reasons both technical and business related, the committee's task is more convoluted than it sounds. (See FCC Panel Debates CableCARD Successor.)
As just one example of the technical hurdles, there's the story of Cablevision Systems Corp. (NYSE: CVC)'s downloadable security deployment. The cable company has successfully implemented downloadable security, but many DSTAC members were surprised to learn at the latest committee meeting that Cablevision's solution only works on systems running Cisco Systems Inc. (Nasdaq: CSCO)'s conditional access (CA) technology. That means that a Cablevision set-top wouldn't work in another cable company's system using competing Arris Group Inc. (Nasdaq: ARRS) CA technology. Given that one of the main reasons for downloadable security is to make hardware portable, the solution that Cablevision currently has in place doesn't meet DSTAC's requirements.
The corollary to the Cablevision example is Charter Communications Inc. , which is preparing to launch a Worldbox set-top with downloadable security that works in both Cisco and Arris systems. However, Charter hasn't yet rolled out its solution, and Cablevision's deployment means there's yet more legacy equipment in the field that doesn't work universally across all pay-TV provider regions. (See Charter Thinks Outside the 'Worldbox'.)
John McCoskey, CTO for the Motion Picture Association of America (MPAA), also pointed out from a technical perspective that a unified approach to downloadable security has its own problems. If cracked, a single security system could potentially expose a greater amount of content to hackers across a greater number of devices. Because of that vulnerability, any downloadable security solution has to be adaptable. As McCoskey put it, any agreed-upon solution "needs to be upgradeable because, as we know, content protection is something that is always a moving target."
As difficult as the technical hurdles are for DSTAC, however, the business challenges are even more so. In the time since CableCARD was first conceived, pay-TV service has evolved dramatically. Several DSTAC members have argued that service no longer just means a linear video stream, but includes interactive features, metadata, parental controls, advertising support that extends into the program guide and recorded content -- and much, much more.
There's also the problem of content licensing. Many programming agreements today have very specific requirements detailing how content can be presented, what display resolution is allowed on different devices, and even where in a channel lineup content is allowed to be positioned. It's hard to reconcile some of those provisions with a security solution that has to work across unmanaged devices and certain operating environments that don't even recognize the concept of a channel lineup.
Tough questions -- such as how to define pay-TV service and how to run security technology across new types of devices -- are all part of the waterfall effect of the television industry's trend toward IP video. Unfortunately, on the IP front, the DSTAC committee is even more conflicted than on some of its other points of debate. It's unclear, for example, if the committee is supposed to be considering over-the-top video in its downloadable security recommendations.
One member of the public watching the proceedings is concerned that the committee might avoid the OTT question altogether. Steve Effros, who is a partner in Beyond Broadband Technology LLC (BBT) -- a technology organization that has developed a downloadable security solution, but was not invited to be a part of DSTAC -- tried to illustrate the problem from a consumer's perspective.
"It just seems to me if you put yourself in a consumer's point of view," said Effros, "and then say, 'Well we're going to separate out the boxes again and we're only going to deal with the boxes for cable and satellite and maybe what we call IP but it's not really OTT IP,' you will have totally confused the consumer... I'd just like to point out that not talking about OTT in the context of a new consumer box doesn't seem to make any sense to me whatsoever."
There's also a controversial counter position in the cable community that questions the need to have a downloadable security solution at all. At the recent Light Reading Cable Next-Gen Technologies & Strategies conference, Time Warner Cable Inc. (NYSE: TWC) Principal Architect Nicholas Nielsen suggested that maybe the need for downloadable security has passed.
"At Time Warner Cable, right now we're operating more than 8 million boxes with CableCards in them that provide conditional access," said Nielsen, "but we're also serving a ton of retail devices using just DRM... There's a lot of different ways to deliver content down to users that doesn't need to have a mandate for conditional access."
Cox Communications Inc. Director of Video Applications Development Steve Calzone supported Nielsen. "I actually do agree with Nick," said Calzone. "I think we're in a much better world than we were years ago."
He also added, "The technology's not stopping us. That's more rights and regulations."
Whether DSTAC should be pursuing its downloadable security mission or not, practically speaking, the committee is mandated with providing recommendations to the FCC by September 4. The next committee meeting is scheduled just three weeks from now on April 21.
— Mari Silbey, special to Light Reading