Advances in mobile telecommunications technology are providing the potential to deliver new services to subscribers, including interactive multimedia services to mobile end user devices instantly, wherever they are. The delivery of such services, using encrypted digital multimedia content, raises problems about digital rights management (DRM), in other words, the ability of the content provider to prevent unauthorised copying of the content. There is currently interest in the development of DRM languages and DRM system architectures.
Successful DRM architectures must be trusted by the content provider. This requires trust in the computing platform that supports the system, and trust in any external data sources that determine the conditions under which the content may be used. The ability to manipulate these usage conditions represents a threat to any DRM system.
One specific case where this threat may defeat a DRM system is the implementation of broadcast blackouts. Broadcasters are often required by content providers to restrict broadcasts of certain content to specific geographical regions, or specific dates and times. The reasons for doing so could be to meet local regulations, or to meet commercial terms agreed with the content provider.
For example coverage of a sporting event may be forbidden in areas immediately surrounding the stadium while the event is taking place. Subscribers in other regions may pay a premium rate to view the live event. Immediately after the event the content may be available in all regions at a reduced cost.
Currently, broadcasters use conditional access systems that scramble the service in a manner that can only be unscrambled by receivers with specific regional codes embedded in them. The assumption is that these receivers remain relatively static.
Although in theory it may be possible to track the location of mobile receivers, using for example satellite ranging or GPS, this is not practical for low cost mobile devices, such as mobile phones, with no satellite receiver or GPS capability. Also, receivers may have the ability to store and forward the content.
This redefines the problem of broadcast blackouts: current solutions ensure that the point of reception is outside the blackout region. What is required now is proof that the end user is outside the blackout region.
Therefore the current time and location of each device capable of rendering content must be made available to the DRM application in a trustworthy manner. The difficulty in attaining this trust is compounded by the fact that it is the user who is most likely to try to deceive the application; it is not the user who needs to trust the time/location information but the content provider.
Work has been done on determining the location of a device with respect to a fixed local transmitter, but this is not applicable on a national scale, and the issue of trust is not relevant. The recently-proposed Echo protocol (by Sastry, Shankar and Wagner in WISE03, Assoc. Computing Machinery, September 2003) addresses the problem of trustworthy location data. However, as it is designed for physical access control, and uses ultrasonics and fixed transmitters, it is not suitable for controlling transmission of broadcast content.