Staff Technologist Seth Schoen, EFF's resident expert on trusted computing, recently attended this year's Windows Hardware Engineering Conference (WinHEC). This is the final post in a four-part series in which Schoen provides detailed updates on the status of Microsoft's security and lockware strategies for Windows. The outcome of these strategies will affect to what degree people using the platform and "trusted" PCs can maintain a desirable level of control over their own computers. Previous posts can be found here, here, and here.

*****

Although the Digital Millennium Copyright Act gave the public a raw deal, its reach is not unlimited. The DMCA's scope is expressly limited by the so-called "no mandate" clause, which establishes that technologies that deal with unencrypted, open standard media formats are not restricted by the DMCA. These technologies are unregulated even if the entertainment industries dislike them and even if they do not obey those industries' preferences for restricting users. Absent additional legislation, the copyright holders have no right to control general-purpose technologies -- like computers, sound cards, or software -- that deal only with open standards. That's why the Motion Picture Association of America has long sought new "technology mandate" legislation to go beyond the DMCA: to impose the broadcast flag, to "close the analog hole," and to regulate file-sharing software. Without such legislation, MPAA argues, the public will continue to have access to at least some avenues for making unauthorized uses.

Or will it? What if technology companies collaborate with Hollywood in locking up open standards, even without any legal obligation to do so? This prospect is looking increasingly plausible as Microsoft moves closer to supporting the Copy Generation Management System for Analog (CGMS-A). CGMS-A is an industry standard for marking video programming with metadata about the copyright holder's or broadcaster's preferences for whether and how a work may be recorded. The DMCA expressly provides that devices do not have to act upon or enforce such preferences; complying with CGMS-A metadata is a favor to Hollywood, not the law.

(Read on for more after the jump.)

If a recording device -- including a video capture card in a PC -- is not specifically built with extra logic to detect CGMS-A, it won't even know whether CGMS-A markings are present. (CGMS-A is literally carried alongside closed-caption data -- a deliberate choice in order to deter devices from simply discarding that part of the video signal. Just as a video recorder without a closed-caption decoder would record and play back a recording without detecting or displaying captioning, a recorder without special CGMS-A decoders will record and play back without regard to the CGMS-A markings.)

For years, Hollywood has responded to criticism of the effects of digital rights management (DRM) on fair use by suggesting that the public can still use analog outputs to make (possibly lower-quality) copies of works for fair use purposes. Because of the prospect of using analog outputs in this way, say studios, lawful personal copying is not completely eliminated by DRM. Even as they made this argument, however, the studios pursued a campaign to restrict such recording by characterizing it as a "loophole" -- the so-called "analog hole" or "analog reconversation problem." The same recording techniques that movie studios hailed as the protection for fair use were also stigmatized as an intolerable escape from the supposedly perfectly controlled world of DRM.

Just as a sound card can take its input from a phonograph player or CD player, allowing computers to record sounds from the outside world, a computer video card can take input from a TV tuner, set-top box, VCR, or other video device, allowing the computer to record and process video. Both of these devices are unquestionably lawful, and both are now standard equipment in desktop PCs. But entertainment industries have attacked both as threatening DRM by allowing the creation of unencrypted recordings through the "analog hole." So far, Congress has not been eager to act on this concern. Yet entertainment companies are pursuing an astonishingly effective campaign to persuade technology firms to stop making and selling lawful recording devices.

CGMS-A compliance is one of Hollywood's top priorities. A lack of transparency in the copyright industry's negotiations with technology companies makes it unclear precisely what sorts of threats and incentives are winning the technologists over. Yet these negotiations appear to be accomplishing what Congress declined to do: making devices that obey CGMS-A ubiquitous, arranging for recording equipment to comply with the studios' and broadcasters' copying policy preferences, even to the point of refusing to record certain programming at all. Once again, this outcome is not the law; it is simply the technologists' decision to side with the studios against end users.

Microsoft's capitulation on CGMS-A is only the most recent in a string of Hollywood successes. Indeed, so common is voluntary CGMS-A compliance becoming that studios have taken to openly stigmatizing recording devices that do not implement CGMS-A as though Congress had already banned them. This is despite the fact that CGMS-A compliance -- just like broadcast flag compliance in the digital television context -- requires extra expense and engineering complexity, and produces devices with strictly less functionality for consumers.

Microsoft's collaboration on CGMS-A comes in the form of the Protected Broadcast Driver Architecture (PBDA) in the forthcoming Windows Longhorn and other Windows operating systems. PBDA also includes support for applying DRM restrictions to programming received from conditional access systems such as premium cable. Prior to the recent court decision striking down the broadcast flag rule, PBDA also included mechanisms for broadcast flag compliance. (Microsoft has not indicated whether broadcast flag compliance will be removed from Windows Longhorn now that the law does not require it. There is therefore a possibility that, as with CGMS-A, Longhorn will also obey the broadcast flag restrictions even though it is not legally obliged to do so.)

PBDA is used to apply DRM restrictions to video programming received from a broadcast or analog video input device. It supports a fairly flexible mechanism to allow Microsoft, in negotiations with broadcasters or other parties, to define sets of Windows Media 10 DRM restrictions that correspond to particular kinds of restrictions requested by a broadcaster. In the case of CGMS-A, PBDA will encrypt the (originally unencrypted) video stream from a capture device with Windows Media 10 DRM if the CGMS-A markings in the video indicate that copying restrictions were requested. If an analog video signal is marked Copy Never, PBDA can prevent Windows from recording it at all.

The use of PBDA requires video hardware manufacturers to meet certain technical requirements. For example, their hardware must provide Windows with the appropriate parts of the video signal to allow PBDA to look for flags that indicate which restrictions were requested.

Although it is still possible to write Windows drivers for video capture equipment that ignores CGMS-A entirely, Microsoft is taking steps to prevent such arrangements from becoming popular or profitable in the marketplace. It will use licensing and compatibility logo programs to ensure that hardware and software most commonly bundled with Windows -- including products built around the popular Windows Media Center Edition -- are PBDA-compatible. Manufacturers suggest that this will tend to further marginalize equipment and Windows software configurations that ignore CGMS-A, since it is immensely difficult to turn a profit in the Windows multimedia market without participating in Microsoft's compatibility and logo-branding programs.

Therefore, video recording equipment and drivers that simply record video inputs, without decoding them and without applying DRM restrictions, are likely to become increasingly limited to the hobbyist and niche markets. Apart from its impact on the fair use rights of the general public and on third-party PVR software for Windows, this could make it ever easier for movie studios to stigmatize non-CGMS-A aware equipment as outside a perceived industry consensus and therefore somehow bad.

Microsoft ought to be building media products that let people use multimedia in all the ways that copyright law permits -- or, at the least, not standing in the way of others who want to do so.