Slashdot Mirror

← Back to Stories (view on slashdot.org)

RIAA Unveils Net Tracking Tag for Online Sales

Posted by timothy on from the oh-nothing-just-watching-you dept.

openbear writes "A story over at MSNBC talks about the Global Release Indentifier (GRid). It is a code akin to the Universal Product Code (UPC) bar code found on a CD or cassette tape in stores. Each track will be distributed online with an individual GRid serial number and will be reported back to rights societies and collection agencies sold or transferred."

9 of 278 comments (clear)

  1. Could this technology by Rudy+Rodarte · · Score: 5, Interesting

    ... be embedded in CD audio tracks and used to track piracy or... Used to show which versions of songs are crappy quality, RIAA Fakes, etc....

    --
    What, me Tweet?
  2. Tim Russert Is My Cousin by Acidic_Diarrhea · · Score: 5, Interesting

    Did you read the article? This isn't an attempt to curb piracy. While the MSNBC article is a bit unclear as to why this needs to be done, here's what was said, "But music officials have complained that sales-tracking systems in place at the moment need to be standardised so that online sales, though small at the moment, can be better recorded." This isn't a way to put a tracker in an mp3 so the RIAA can track down the person who is distributing it but merely a way to keep track of sales.

    --
    I hate liberals. If you are a liberal, do not reply.
  3. It's totally different from a UPC by morcheeba · · Score: 5, Interesting

    The article seems to get the basic premise of this wrong. A UPC code describes only the product; the buyer is still anonymous. The only reason a reseller would have to buy millions of GRid's would be if each track sold was unique (as opposed to each type of song sold). Either the RIAA's layers did a good job of fooling Reuters, or they just didn't understand the implications of this... and the implications are exactly what they deny-- that songs bought on the internet could be tracked to the buyer if they ever end up being shared.

    --
    HIV Crosses Species Barrier... into Muppets
    1. Re:It's totally different from a UPC by the_quark · · Score: 3, Interesting

      Inserting per-purchase tracking info into songs is something to worry about. But I don't think this is necessary for them to do so. The $250/year is comparable to what UCC charges for UPCs - they've just moved to an annual fee structure, and it runs $150 - $9,000 depending how many numbers you need. In fact, on a per-number basis, the RIAA is probably a lot cheaper.

      Also, it's worth noting that I doubt they'll "sell millions of IDs per year." The design of IDs like this aren't that the merchant makes them - merchants will get the numbers from the record companies. The RIAA will tell a record company or destributor, "Your prefix is 12345" and this is a 16-digit number, you can make up everything after 12345." The record company or distributor will tell the merchant, "every time you sell this song, put a tick mark next to 1234567890123456 and tell us once a quarter how many you sold." This makes merchant's lives easier because they have unique identifiers for everything in thier system, and it makes it a lot easier to do stuff like figure out top-40 rankings across multiple distributors since everything has a unique string.

      If this seems to contradict anything I said in my previous post, please remember that EMusic is unusual in this model - they are a retailer, but, under the covers, they're a music distributor. They license the music they have from artists, and have the ability to re-license it to others. So, in that sense, they're more like a distribution company, and need their own UPCs (or GRips or whatever). When people like Tower think about doing downloadable music, they'll still need a license (that's the law) but they're not thinking redistribution, so they'll be getting this magic number from the licensor.

      Again, bottom line, I think that imbedding a unique tag in songs is something some people would like to do, and it's something to keep our eyes open for. But I don't believe this is to do anything except literally to be an online UPC - to give each unique type of item a globally unique identifier. Certainly anyone selling downloadable music could imbed a unique transaction cookie now. Numbers are cheap, you don't have to pay the RIAA to give them to you. Anyone wanting to track individual downloable sales now could put a unique 128-bit cookie into a song and sleep well knowing there'd never be a collision.

  4. Similar to a Custom Watermark by mrs+clear+plastic · · Score: 4, Interesting

    Could this be similar to a custom watermark on each individual song or piece that's sold?

    How tamper-proof will this be? If all of the on-line sources that will be selling musing/videos/whatever are to be expected to issue these watermarks, the standards would have to be public, or at least very darn near public.

    If the standards are even close to being public, perhaps someone could figure out how to remove and or alter these watermarks.

    Hmm, very interesting. I buy a song from MSN. I read the file into a scrip that I hacked. I change the watermark in some way. I then turn around and sell it under the table. The buyer takes the song and then in turn sells it, or whatever.

    Sometime later, someone gets raided by the SPA,
    MPAA, or whatever. They audit the songs. They find a few with the watermark that I altered. Their trail will be lost or steered into some poor victim whose watermark I 'stole' to alter my songs.

    A possible solution to this would be to have a secret algorithm to generate the watermarks. This would have to be implemented in tamper-proof chips or, perhaps, a tamper-proof device that goes between your computer and the network; ie; a special NIC card. The card would know who you are and what song you are about to release. It would then generate and record the water mark in it's secret way before the song is sent on its way.

    The logistics of this solution would be challenging. The devices would have to be distributed, cataloged, and recorded. Who has which special NIC card would have to be recorded in RIAA'a TIA infrastructure. Of course, this same infrastruction would have to record each subsequent sale/disposal of the card. The security of the cards would have to be impeccible.

    Good luck to you all!

    Luv

    Mark

    --
    Cleara
  5. conspiracy central... by MarvinMouse · · Score: 4, Interesting

    Everyone here is freaking out because this is another way to track people, and man it's a blatantly obvious one. But do you really believe that the techies and people working at the RIAA are that stupid? Like really?

    The RIAA wouldn't do something so obviously usable as a tracking method and then deny it. They didn't in the past. When they were violating your rights, they were up right and in your face about it. That's why so many people despise them. They don't try to hide what they do.

    I think this may be a legit way for them to just track for internal records and all, and yes, I am pretty sure they as well as you have thought about the possibility of tracking individual downloaders with this. But like someone already said.

    MP3 -> Wave -> MP3 , no more tracking code.

    Or even better

    Clean CD -> MP3 , No tracking code.

    I think that logic would be clear to anyone. Including the RIAA.

    The sky isn't falling, the RIAA is just playing some games.

    --
    ~ kjrose
  6. Watermarking MP3's by Superfreaker · · Score: 3, Interesting

    We run an ASP with music sales where they are watermarking mp3 files during the encoding process. That way they can see if their files make it onto file trading networks. Since the watermark is encoded into the actual track, you can't remove it by converting to Ogg. It's already an mp3.

    I don't think it is a bad idea. At least they are selling the files in MP3 format. The only people who would have anything against this would be those who download music they haven't paid for.
    IMHO.

    1. Re:Watermarking MP3's by apweiler · · Score: 3, Interesting

      Since the watermark is encoded into the actual track, you can't remove it by converting to Ogg.

      And that was what the SDMI was about - testing how crackable such a watermarking scheme is. This is the kind of thing Ed Felten cracked. If you're a small business, perhaps no one will have bothered to crack it (or didn't think it was right) - but if the RIAA tries it, see how long it takes for a de-watermarker to show up...

  7. Point of sale ID by RichMan · · Score: 4, Interesting

    The GRid is a point of sale identification so that the seller can identify which track has been sold and then send the appropriate $ to the recipient (RIAA member).

    You can view this as the thin edge of the wedge in a scheme that will probably work to get a "Palladium" like system in place.

    Bob buys track 9 from CD X from Amazon. Amazon records the GRid and forwards the appropriate share to RIAA member reponsible for producing the track. Bob is happy because he was able to access the track.

    Later Bob will be investigated for file shareing. He will not have the GRid's to prove he bought the file. The GRid's are not part of the music track. The RIAA will say but "Palladium" can solve that. Bob will ask to have "Palladium" implemented so that he does not have to go to jail.