SDMI releases secure music spec.

The music industry on Tuesday took its first step toward securing control over unchecked copying of digital music, but all are not happy...
Written by Robert Lemos, Contributor

The Secure Digital Music Initiative or SDMI -- a consortium of more than 110 companies from the music and computer industries -- released the initial version of its requirements for portable digital music players. Last week, an SDMI committee gave the thumbs up to the technical specifications.

"The last year has clearly proved that consumers want music online," said Jack Lacey, chairman of the SDMI Portable Device Working Group, during a conference call. "Our focus has been to create an environment and an architecture that the people who own the rights to music can feel comfortable with."

SDMI-compliant players and content will include digital watermarking and screening technology to make unauthorised copying of music more difficult. In addition, in its next incarnation, the spec will allow music companies to enforce a flexible set of "rules" on consumers; for example, the music could time-out after two days of playing, or the system could charge users only if they decided to keep the music.

Yet, such control over content has others worried.

The Electronic Frontier Foundation (EFF), a cyber rights advocacy group, organised a group to counter the SDMI's push for greater control over audio content. Called the Consortium for Audiovisual Free Expression, or CAFE, the group warns that the SDMI's copyright protection scheme could put barriers up to free speech.

"Online music fans should not be forced to relinquish important rights like fair use and free speech because others fear they will abuse those rights," said Tara Lemmey, EFF's executive director, at the June 15 launch of CAFE. "EFF supports the development of an open digital-audio architecture that respects the public's long standing legal rights under copyright and international standards of free expression."

Another consumer advocate believes the consumers' privacy could be at risk. "They intend to use a unique identifier for both players and media, which immediately brings to mind the Intel serial number," said Jason Catlett, president of anti-spam firm Junkbusters.com. Intel's scheme to put a hardware serial number in processors resulted in the EFF and Junkbusters, among others, calling for a boycott of any computer using the chip.

Worse, the SDMI has not made any guarantees that they will protect users privacy, Catlett said. "They have not voiced any policy over how these serial numbers will be used, which is extremely worrying considering that there are no limits set by law," he said.

So far, the SDMI requirements do not look all that sinister, however.

The actual technical spec divides the infrastructure needed to support digital music into three layers: the application, the licensed compliant module and the portable device. Each of the components could be created by one of the member companies.

The specification, released Tuesday, calls for allowing consumers to make up to four copies of any song on an audio CD. Those songs , if created with an SDMI-compliant software application, could be given to others. "The reason for this is that we want to discourage the filling-station model," SDMI's Lacey said. "We want to prevent people from ripping the CD once and then making a million copies."

Another potential problem for SDMI-compliant hardware makers: since the specification does not mandate a single technology for the security, it is possible that multiple -- and, unfortunately, incompatible -- devices could be created.

"SDMI provides a specification where interoperability is agreed upon, but total interoperability is not guaranteed," said Leonardo Chiariglione, executive director for the SDMI.

He added that over the next few months, the association will hammer out interoperability rules with device makers, in hopes of heading off any problems.

Do you think the SDMI's copyright protection scheme could put barriers up to free speech? Tell the Mailroom

Editorial standards