Protecting your content, a handy guide
1. If you want to prevent people from accessing your content who aren’t supposed to, what can you employ?
- Geo-blocking (only granting access to people whose IPs are associated with a given country or list of countries).
- Authentication (users must log in, for example using a username and password).
2. What happens if your content is served from a different place to the front end, and the front end is protected but the content itself is not?
- Employ some kind of shared session or single-sign on (perhaps, for example, passing a signed time-limited key whose signature is checked by the content server)
- If using Flash Media Server (or compatible), enable SWF Verification (achieves goal imperfectly, essentially as a side-effect; it only actually verifies that the user has, or has had in the past, access the requesting SWF; penalises legitimate users using non-standard access mechanisms).
3. Once your content has been served to a user, who is a knowledgeable pirate willing to distribute it such that others can easily download it, how do you prevent them from doing so?
- Serve your content only to devices which are under your complete and effective control (noting that PCs, mobile phones and games consoles rarely—if ever—satisfy this condition).
4. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you prevent them from doing so if they for some reason attempt to despite the probability that somebody else (see (3)) will already have done for a given piece of content?
(a) and they are not likely to obtain it from aforementioned knowledgeable pirate who also has access to your content (see (3))
- Employ some kind of digital rights management (noting that it is at this point moot, because they weren’t going to do anything with your content anyway; noting also that it runs the not insignificant risk of inconveniencing them at some point or another causing harm to your reputation and potentially to your turnover; noting further that it artificially restricts the platforms and devices upon which your content can be enjoyed by a legitimate consumer; finally also noting that it almost always significantly restricts the choice of technologies that your developers can employ in order to achieve realisation of your goals).
(b) and they are likely to obtain it from aforementioned knowledgeable pirate who also has access to your content (see (3))
- As per (4)(a), noting however that any inconvenience they might suffer as a result significantly increases the risk of them obtaining your content from an illicit source.
5. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that it can only be viewed on a narrow range of supported devices?
- See (4)
6. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that they cannot write a copy to transferrable media (such as a DVD-ROM, BD-ROM, USB stick, etc.) and pass a copy to a friend, irrespective of whether that friend has legitimate access to the content themselves?
- See (2) and (4)(b), noting that the friend willing to be the recipient of an illicit transfer in this way can instead simply obtain the content from a knowledgeable pirate (see (3)).
7. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that they cannot write a copy to transferrable media (such as a DVD-ROM, BD-ROM, USB stick, etc.) and retain that copy for a prolonged period?
- See (2) and (4)(b).
8. Once your content has been served to a user, who is not a knowledgeable pirate willing to distribute it such that others can easily download it, how do you ensure that they cannot write a copy to transferrable media (such as a DVD-ROM, BD-ROM, USB stick, etc.) and transfer that copy to an unsupported device for playback (portable media player, phone, laptop computer, etc.)?
- See (2) and (4)(b).
9. What else?
- The more enhanced and flexible the legitimate distribution channel, the less demand is placed upon illicit channels.
- Lack of, for example, Digital Rights Management does not negate the copyright status of a piece of content.
