Beyond DRM: Finding Stolen Content and Addressing Piracy (part 3 of 3)

Watch our fireside chat or read the article below

Steven Hawley
Founder & Managing Director
Piracy Monitor
Diagrams sourced through Friend MTS

Digital rights management isn’t enough to stop the redistribution of stolen video content outside of its legitimate service context. In our previous article, we described how unique but invisible identifiers can be embedded within the video. But the equation is incomplete unless there also is a way to find stolen video, identify its source, and take effective action.

Detection: Finding the needle in the haystack

Embedding watermarks alone is only half of the detection story. To make watermarking effective, stolen video must be located, which is done by monitoring suspected pirate video outlets. Detection is assisted by matching the fingerprint of a suspected asset with a reference fingerprint that was generated during the production process.

Once the suspected item has been recognized, it is analyzed to detect the presence of an identifying watermark, and then evaluated to read the information that it contains. This process is called ‘extraction’ or ‘recovery.’

How pirates interfere with detection

Thieves don’t want to be detected. To reduce the likelihood that an instance of stolen content could be traced back to its last legitimate distribution end-point or to the pirates themselves, pirates may attempt to make the watermark unreadable by applying transformations to the content.

Such transformations are called ‘attacks.’ A watermark that has been successfully attacked is no longer available or readable, making identification difficult or impossible.

Types of attacks include:

  • Visual quality attacks such as blurring, sharpening, or changes to contrast
  • Geometric transformations such as rotation, pin-cushion distortion, and mirroring
  • Cropping, upscaling/downscaling, changes to aspect ratio
  • Collusion attacks, where multiple instances of a video – such as outputs from multiple set-top boxes or streaming devices – are combined: example blending, interleaving, mosaicing, etc.
  • Format transcoding, digital-to-analog transformation
  • Attacks on the delivery of the watermark itself, such as temporal disruption through streaming segment switching, or by video output switching/splicing

The diagram below shows a pirate’s watermark removal workflow.

Figure 1: A pirate captures legitimate video, attacks the watermark and then re-streams it to the consumer

Source: Friend MTS. Image source: frames from (CC) Blender Foundation |

On the left side of the diagram, a pirate captures video programming using a consumer device such as a camera or smartphone, intercepting it at the HDMI connector, via screen-scraping, or by capturing the output of a player in a consumer device. The pirate then attacks the video using one or more of the methods we listed above, in an attempt to remove the watermark; and then makes the video available for re-streaming or download.

A “robust” watermarking solution has a better likelihood of surviving real-world attacks by remaining readable.

Taking action

Once the identity of an illicit video stream has been confirmed using video fingerprinting, what happens next? A decision must be made as to how to treat the incident.

A range of remedial actions is available, including direct actions against the pirate and actions against the consumer. Remediation policies themselves are either the domain of the video content’s owner or license holder, the video distributor, or both.

In turn, these policies are subject to the constraints of locally-applicable regulation. In some jurisdictions, the act of consumption, in itself, is considered to be an act of piracy.

Types of actions that can be taken directly against the pirate include:

  • Issue take-down notices to the pirate streaming services and escalate to their infrastructure suppliers, such as CDNs and hosting providers
  • Apply for search engine link removal
  • Enforce existing blocking orders
  • Report to law enforcement

Most video providers are likely to take actions against subscribers whose accounts are detected to be restreaming. This can include interrupting the session or requiring the user to re-enter access credentials. Other approaches can include suspending the end user’s account, disallowing the use of the device on the account, or initiating legal action. Note however that some subscribers may be unaware that their accounts have been compromised and being used to illegally restream.

Diligent monitoring of subscriber account behaviour may also identify out-of-profile usage such as increased concurrent stream usage, abnormal geographic dispersion, massive numbers of stream requests, or the use of the same financial accounts to purchase multiple streaming accounts.

Key take-aways

Anti-piracy is secretive by nature. Video providers are very careful about disclosing their methods in public forums. They don’t want to reveal anti-piracy “sources and methods.” They want to quietly encourage the use of their legal services.

A rigorous approach to piracy detection should be part of a broader anti-piracy initiative that helps maintain the market value of the premium content. But it’s not just about the content. Video providers invest heavily in placing and maintaining their delivery infrastructure of systems, software, operations, and technical support. Anti-piracy helps operators preserve the value of this infrastructure investment.

Risks of doing nothing

The risks of doing nothing about infringement and piracy are mixed.

On one hand, with the increasing value of content, distributed anywhere, anytime, to any device over the Internet, the risk of loss to theft and the need to minimize it have grown almost exponentially. If content is to retain its value in this environment, it’s more important than ever to identify where it came from, where it is going, and to make deliberate decisions as to whether it’s going where it’s intended to go.

By the same token, doing nothing can reduce the risk of alienating consumers. With anti-piracy, knowing the location and disposition of video content should not necessarily be a call to action. Much can be learned by observing what happens with instances of infringement. For example, new market opportunities can be uncovered if content is found to be popular in territories where it has not been licensed.

In this light, every situation has its nuances, but it’s always best to be informed. Watermarking and monitoring are important tools in that pursuit.

Check out the other articles in our series:

Download the full series as a PDF

Take a look at the Quick Facts from our white paper Attacks on Subscriber Watermarking Technologies to learn about the key differences between various watermarking technologies and why Client-composited solution is the most widely used watermarking today.

Download PDF

Watch our fireside chat or read the article below Steven Hawley Founder & Managing Director Piracy Monitor [...]

Get in Touch

Talk with one of our experts for more information or a demo.

Please enter your enquiry here:

* indicates mandatory field

Friend MTS Limited
177 Shaftesbury Avenue

UK: +44 203 588 2111
US: +1 267 382 4280