Napster-proof CDs

The music industry has a secret plan to safeguard popular music from the wild Web.

Published March 27, 2001 8:30PM (EST)

If all goes as planned, Charley Pride will make music history in April. After selling more than 70 million records, Pride -- one of the last great figures from the pre-Garth, twang-box radio glory days of country music -- is set to release America's first copy-protected compact disc. A tribute to singer Jim Reeves, who died in a plane crash in 1964, Pride's CD will incorporate technology that, in theory, will stop listeners from ripping its tracks into MP3s. If it works -- a hotly disputed question -- copy protection will change the terms of the battle over online music.

Although at first glance there would seem to be little overlap between Pride's audience and the "information wants to be free" demographic, the singer was disturbed to find his songs on Napster. "As I was negotiating with Charley, I learned that [protecting CDs] was important to him," says Bob Heatherly, head of Music City Records, the independent Nashville label that Pride joined in January. "He was especially concerned about the songwriters," says Heatherly, because, unlike singers who can tour, songwriters depend almost entirely on CD royalties. "I've seen songwriters myself who have been close to homeless before they finally got the two or three hits that let them survive. And so when I realized how important this was to Charley, I said, 'Let's find a way to make this happen.'" Read Inside's interview with Charley Pride.

Music City plans to employ patent-pending CD-protection software from SunComm, a Phoenix start-up. The software passed initial tests in late March and Heatherly believes that a copy-proof "Charley Pride: A Tribute to Jim Reeves" should appear on store shelves by early May.

Pride almost certainly won't be the last musician to use the technology. For years the digerati have mocked the labels for putting out what are, in effect, perfect rip-ready copies of digital master recordings. "The CD is the root of all of our problems with the Net," says Jay Samit, senior vice president of new media at EMI, which is testing various copy-protection technologies. "If CDs were as hard to copy as DVDs or VHS tapes or even books, we would not be going through anything like what we're going through now with Napster or Gnutella."

Prodded by the explosive growth of Napster, and the difficulties of blocking copyrighted material on any file-sharing service, the labels have been actively examining methods of copy-protecting CDs. Indeed, Inside has learned that at least four of the five major labels are seriously evaluating the technology -- and that at least three have begun or are about to begin testing it. Although label executives stress that their companies have not yet committed to copy-protecting their releases, they are unanimous in their belief that someone will try out the technology commercially within months.

Unfortunately, every CD-protection scheme faces a crucial obstacle: making CDs unrippable onto CD-ROMs also makes them unplayable on some CD players -- a feature guaranteed to anger customers. The risks were demonstrated clearly in June, when BMG trial-released in Germany a version of "Razorblade Romance," the second CD from the Finnish tattoo-metal band HIM, that used copy-protection software from Midbar Technology of Tel Aviv. Despite apparently extensive testing, about 3 percent of buyers could not play it, forcing a chagrined BMG to recall the CDs and reissue the record. The label is continuing to test copy-protection systems.

"Nobody wants to make things difficult for legitimate purchasers," says Cary Sherman, general counsel of the Recording Industry Association of America, which is helping the labels examine the new techniques. "But if piracy continues to spiral out of control, [copy-protecting CDs] will become more and more attractive an option -- even if it has some negative impact on some listeners."

A number of software companies have sprung into existence to help the industry solve its piracy problems, including SunComm, Midbar and TTR Technologies, another Israeli outfit. None will publicly discuss how its products work, but interviews with the labels and audio engineers suggest they all function in essentially the same way: They take advantage of small differences between the technical specifications for compact discs, which follow what is called the "RedBook," or CD-DA standard, and the specifications for CD-ROMs, which follow the "YellowBook" (for straight CD-ROMs) or "OrangeBook" (for rewritable CD-RWs) standards.

The RedBook standard -- named after the red binder it first appeared in -- was defined by Phillips and Sony in 1982, back when Shawn Fanning was still crawling around bear rugs. Quickly Sony and Phillips realized that the CD could also be used to house computer files, and in 1984 the two companies developed the somewhat different YellowBook standard for data storage. (Phillips and Sony finalized the OrangeBook standard, for rewritable CDs, in 1995.)

Unlike vinyl records, which store music in a continuous spiral, RedBook CDs -- the CDs owned by every music fan -- break up music tracks and distribute them higgledy-piggledy around the disk in "sectors" that are similar to the data sectors on computer hard drives. Because the data are scattered all over the disc, each CD has a "table of contents" that tells the player where to find each track. RedBook CDs run a maximum of 74 minutes and can hold at most 99 tracks -- if a CD is longer or has more tracks, the player won't know how to read the extra music. Importantly, the music sectors on a CD are interwoven with additional error-fixing data that the player's built-in software uses to reconstruct the tracks if dirt or tiny air bubbles from the manufacturing process make little chunks of the disk unreadable.

CD-ROMs, which are also used for computer software, are different. Because CD-ROMs may have hundreds or even thousands of files, they need to handle many more than 99 "tracks," which means they have different, larger tables of contents and can, in theory, hold up to 100 minutes. Because computer programs can't just skip a bit of code if the disc is dirty, CD-ROMs are more exacting about error correction. For that reason, a YellowBook CD-ROM devotes an extra chunk of each data sector to a second method of detecting and fixing flaws.

According to label executives and audio engineers, copy-protection firms take advantage of these differences by adding extra data to both the tables of contents and the music tracks -- data that are ignored by CD players but confuse CD-ROMs. One purchaser of the Midbar-protected version of Razorblade Romance, for instance, reported on Slashdot that an Onkyo CD player had no trouble with the CD, but Cdparanoia, a powerful open-source ripping program, could extract only 30 seconds of it. The CD player, the Slashdotter wrote, displayed "a playing time of 100 minutes, 30 seconds -- not! ... So the trick seems to be that the playing time of 100:30 is interpreted as 00:30." The literal-minded computer software, he suggested, stopped when told it had reached the end, whereas the "hifi-player also says 00:30 of course, but after 30 secs it goes down to 99:59" and plays normally. Asked about this account, a Midbar representative said the firm "cannot provide more technical information at this time."

Although audio engineers say that planting false data in the table of contents is part of every copy-protection scheme, they also aver that the most important copy-protection techniques involve adding actual errors to the music. When a standard CD player comes across an error in a CD, says a technology officer at a major label, "it basically skips over it and keeps playing. But a CD-ROM must read every bit of the data. When it detects something that it suspects is an error, it loops back and rereads the data, trying to discover how to fix the problem. And ultimately, if the error can't be corrected" -- as is the case with the "erroneous" data introduced by copy-protection programs -- "the software will cease to run and the CD-ROM will stop playing."

The trouble is, many high-end and car-stereo CD players use CD-ROM technology, which is both more accurate and less likely to skip when the player is jostled. Consequently, some audiophiles and commuters may not be able to play protected CDs. "I feel gloomy every time I go on a plane and see how many people are listening to music with their laptops," says a label executive who nonetheless regards copy protection as inevitable. "High-end players, car players, laptops -- those people are going to feel burned, and justifiably so, if they can't listen to music in the way they like."

In addition, according to Don Shulsinger of Oak Technology, a CD-RW and optical-storage manufacturer, the sheer disparity in the technical specs of CD-ROM brands almost ensures that some CD-ROM machines will always be able to read copy-protected CDs. "There is no standard way in which the firmware inside of a CD-ROM drive is written," he says. "There's massive amounts of drives out there and the testing copy-protection firms have to do is simply enormous."

"We're of course aware of these issues," says Emanuel Kronitz, chief operating officer of TTR, which says two major labels are testing its software. "It's a major technological challenge, which is why we believe that what we've done -- mostly beating it -- is not trivial."

Even if the compatibility issues can be solved, the Slashdot crowd will protest that the very idea of copy protection infringes their fair-use rights. (The industry responds that fair use of music does not include the right to make entire backup CDs, and that consumers will still be able to make cassette copies.) More importantly, Internauts argue that copy protection is futile because it will inevitably be cracked by the Net's legions of amateur lock-rattlers. In their view, people will get around copy protection simply by running the output of their CD players directly into their computer sound cards and capturing the resulting music with stream-capture programs like Total Recorder. In addition, computer-game hackers have developed programs -- such as BlindRead, CloneCD and DiscDump, all readily available on the Net -- that duplicate copy-protected game CD-ROMs by ignoring the "errors" that manufacturers introduce into the data in an effort to stump typical CD-ROM copying programs. In theory, people could adapt them to rip protected music tracks.

More methods of beating copy protection will surely evolve, hackers argue, spurred on with the tacit consent of the computer trade. As chagrined label executives have often noted, an entire industry -- ranging from start-ups like MusicMatch to giants like Hewlett-Packard and Apple, which are touting their products as ripping machines -- has grown up around the CD-ROM and MP3. Will all of these companies just sit on their hands if copy-proofing becomes the norm?

Copy-protection firms mostly regard hacking threats as marginal. "It is always possible that somebody somewhere will break the protection," concedes William H. Whitmore Jr., SunComm's vice president of marketing. Acknowledging this, SunComm's promotional material promises only "to greatly reduce unauthorized digital copying of original content on CDs. "But it will be far too difficult for the average user," Whitmore says. "For them, the CD-ROM in their computer -- the nemesis of the recording industry -- just won't play our CDs."

But even in the best of circumstances, copy-protecting CDs is "not a long-term solution," according to Talal Shamoon, vice president of media at the digital-rights management firm InterTrust Technologies, which works extensively with Universal. Copy-protected CDs, he argues, inevitably remove possibilities which listeners now enjoy, such as the ability to rip songs onto CDs.

The industry will have to make a better tradeoff with its customers, he says. As an example, he points to the French techno act Daft Punk's second album, "Discovery." Released earlier this month by Virgin Records, the CD came with a plastic card that gave CD purchasers access to a special fan-club Web site. The site offered additional music that is, in theory, available exclusively to people who bought CDs. "The beauty of the Daft Punk model is that there's no real threat to consumers," Shamoon says. "Instead it's aimed at creating an affinity experience around the compact disc." He believes that putting such value in consumers' hands lessens their incentive to pirate.

Ultimately, though, affinity experiences alone will not save the industry, in Shamoon's view. "I've talked to a lot of people in the record industry, and they all are of the opinion that in the long run, the CD and the CD player, as they stand now, are basically a lost cause." At best, he says, protected CDs will be a "bridge technology" as the industry prepares itself for "the only real solution": replacing CDs with a new kind of music-playing machine, such as the forthcoming, quarter-sized DataPlay disc, which should be available by Christmas.

"You're going to need a new generation of secure devices," says Dan Lieman, one of the four mathematicians who co-founded NTRU, a rights-management firm in Burlington, Mass. "Ultimately it's going to have to be done in hardware, because hardware is a lot harder to hack than software."

Unfortunately, consumers have resisted past efforts to replace CDs with MiniDiscs, DVD audio discs and Super Audio Compact Discs. For now, the labels' technologists agree that copy-protecting CDs with software locks is the most practical way to go. "Some of the best and most experienced engineers in the world are working on this," says Samit of EMI. "It's near and dear to our hearts to get this right."

By Charles C. Mann

MORE FROM Charles C. Mann

Related Topics ------------------------------------------