Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Music Media Your Rights Online

RIAA Unveils Net Tracking Tag for Online Sales 301

openbear writes "A story over at MSNBC talks about the Global Release Indentifier (GRid). It is a code akin to the Universal Product Code (UPC) bar code found on a CD or cassette tape in stores. Each track will be distributed online with an individual GRid serial number and will be reported back to rights societies and collection agencies sold or transferred."
This discussion has been archived. No new comments can be posted.

RIAA Unveils Net Tracking Tag for Online Sales

Comments Filter:
  • by Rudy Rodarte ( 597418 ) on Monday February 10, 2003 @05:34PM (#5273932) Homepage Journal
    ... be embedded in CD audio tracks and used to track piracy or... Used to show which versions of songs are crappy quality, RIAA Fakes, etc....
    • by grub ( 11606 ) <> on Monday February 10, 2003 @05:51PM (#5274132) Homepage Journal
      Not likely. MP3 is a lossy compression. The "secret bits" would be at the mercy of the MP3 compression scheme rendering them useless.
    • by sstamps ( 39313 ) on Monday February 10, 2003 @08:07PM (#5275477) Homepage
      No and yes. This is simply a way for the INDUSTRY to track what the hell they are selling. Like the article says, it is akin to a UPC code. UPC codes are not unique across all boxes of cereal, but only across specific SKUs, like between 20 oz Cheerios, 40oz Cheerios, and 16oz Count Chocula, for example.

      For you geeks out there, it is a CLASS_ID, not an OBJECT_ID, meaning that the number will be the same across all instances of the class.

      For example, when a consumer goes to and purchases an audio track from the latest Hoodies album,'s product database will contain an SKU number to track the PURCHASE so that they can report to the vendor how many tracks of that song were sold so that the artists (the "manufacturer") can get their money. It MAY be included in the track itself, but it would make it easier to automate the process, since the product itself can be polled when they put the track up for sale online, and no one has to manually enter the number. The number should not vary from track to track of the SAME EXACT song. They may put in a serial number in the download, but that would be something completely different than what they are talking about here (and easily foiled for piracy tracking purposes).

      All they are doing is Standardizing the domain of these ID numbers across the entire industry so that the money from the sale goes into the right pocket. This is ESPECIALLY important where there is no tangible object being sold, and thus, no purchasing audit trail from the reseller to the vendor.

      Sounds like a smart system to me, and one that has nothing to do with our "online rights"; at least no moreso than the computer industry standardizing on Tech Data's SKU numbers for ordering computer parts. Hmm. Wouldn't that be cool?
  • encode to OGG/MP3. No problem.
    • by Acidic_Diarrhea ( 641390 ) on Monday February 10, 2003 @05:40PM (#5274003) Homepage Journal
      Did you read the article? This isn't an attempt to curb piracy. While the MSNBC article is a bit unclear as to why this needs to be done, here's what was said, "But music officials have complained that sales-tracking systems in place at the moment need to be standardised so that online sales, though small at the moment, can be better recorded." This isn't a way to put a tracker in an mp3 so the RIAA can track down the person who is distributing it but merely a way to keep track of sales.
      • Its not an attempt to curb piracy *now* or so they say. If they are going to put data in the files similar to a barcode for tracking purposes, what makes anyone think they will stop there and not just add an identifer for the transaction number you bought the song with? Thing is it this going to be a simple issue of tackingon data, ot they are gonna 'watermark' the digital data, not to cause damage but just to track. If 'hidden data' is the method, what happens whenyou transcode the music?
        • You are making a slippery slope argument. This is a flawed way to debate a point. Your argument is that if online retailors are allowed to track certain data, any whatsoever, eventually they will begin tracking names and credit cards numbers to prevent piracy. I will quote this:

          "The slippery slope argument is clearly invalid if it is meant to be a point of logic, for it does not follow that "if b is an exception to A, then no part of A is true." Specific exceptions to a rule or principle do not in any way logically imply that the rule is otherwise false or never justifiably applicable in any cases. In fact, calling something an "exception" points out that only it is the relevant act that the rule does not cover. If, for example, a pharmaceutical drug should be used only by people who have asthma, that does not imply people should also take it for arthritis or pregnancy. Permitting stem cell research on embryos does not logically imply that sacrificing infants or terminally ill patients is acceptable.
          It appears the argument is meant to be more an argument about people's psychology, and, spelled out, it seems to be something more like "if you make any exceptions to a rule, particularly a cherished or time-honored rule, people will think the rule arbitrary to begin with and will see no reason to follow it at all." Hence, any exceptions undermine respect for a rule, and thus eventually lead to the rule's not being followed at all. Or another intended argument might be "people cannot generally make fine distinctions, so if you make an exception to a (time-honored) rule, people will think you have shown the rule to be flawed and therefore unnecessary to follow."
          A slightly different, and more sophisticated version of the principle might be "if you make exceptions to a rule, people will generalize the reasons for that exception and apply them to other aspects of the rule to which those generalizations will also apply." In the embryo issue, the argument would be that "if you allow embryonic stem cell research people will see that defenseless human life has only instrumental value --value for helping others-- so nothing will stop people from wanting to kill infants or people with terminal diseases to help others." Or it might be phrased as "if you allow embryonic stem cell research because embryos are not viable on their own, then you will end up allowing infanticide and termination of the lives of the terminally ill because they are not viable on their own either."
          Just for you: Tinfoil Hat Linux []: Enjoy!
      • Forgive me for not trusting the RIAA, but what a line of bull - they think we'll believe that they "need" this to track sales, and for that reason only! That never was a problem when they made their money selling CD's. When I gave my money to Sam Goody and walked out with a CD, the recording studio had no clue who I was, and they still did just fine that way. Why the change?? I'm not believing it.
      • This isn't a way to put a tracker in an mp3 so the RIAA can track down the person who is distributing it but merely a way to keep track of sales.

        You buy a song online, and the reseller tacks a Global Release Indentifier onto your MP3.

        When the RIAA finds your file floating around the global P2P networks, they will read the ID, use it to identify you, and then release the DCMA on your ass.

        If you think otherwise, you need to remove the tin-foil hat.
        • Yeah but how long will it take someone too compare a couple of files that differ by onyl the Global Release Indentifier and write a 300KB program that strips out the unique number and replaces it with random garbage? Then if some gets told they a file sold to them appears they just have to point out that someone else took a copy ran this utility and it put in their number. Problem solved, unless the RIAA can PROVE that it is their file, then the perosn isn't guilty.
        • And this is pretty much the truth after the concept is boiled down to brass tacks.

          Somebody finally got it right.
      • The article contradicts the spec, which clearly states that at least part of the purpose is to put a tracker in MP3s.

        From the spec at: /cidf -gen-en-79.pdf
        "This Identifier can also be used for usage surveillance services called Net-Police, which uses web spider to search out sites that might potentially be infringing content."

        The pdf at that URL is *much* better documentation than the news article.

  • by inteller ( 599544 ) on Monday February 10, 2003 @05:36PM (#5273945)
    and exactly what kind of file format can this tag be imbedded into? in order for it to work you have to have a transport medium. Yet another brilliant idea from the people who brought us Hillary Rosen.
    • Unlikely they will go for a new format - that approach has failed in the past. More likely they will embed the tag in the music, inaudible to humans but detectable for computers, like is already being done for images. Of course, any tag _they_ can detect can also be detected and garbled|stripped by others, something which is likely to happen when songs are encoded as OGG Vorbis or MP3.
    • Yet another brilliant idea from the people who brought us Hillary Rosen.
      you mean... Hillary Rosen's parents?

      ...thanks, i'll be here all week.

  • by feepness ( 543479 ) on Monday February 10, 2003 @05:36PM (#5273946) Homepage
    Look at the header from the article:

    A music industry trade body launched on Monday electronic identity tags to keep tabs on Internet music sales in a bid to compensate musicians and song writers as more of their works become available online.

    If that isn't leading I don't know what is. They specifically do not mention the RIAA and are trying to portray it as compensating the poor artists as opposed to saving music industry executive's asses.
    • Sorry, they did. 7th paragraph: International Federation of Phonographic Industry (IFPI) and Recording Industry Association of America (RIAA) have been developing the standard for the past two years.
  • Ahhhaaa (Score:5, Funny)

    by T3kno ( 51315 ) on Monday February 10, 2003 @05:37PM (#5273960) Homepage
    The G stands for Get, as in GetRid of the RIAA.
  • by Anonymous Coward on Monday February 10, 2003 @05:38PM (#5273968)
    the code to remove the tag has already been written and is avilable for distribution.
  • by jamesjw ( 213986 ) on Monday February 10, 2003 @05:38PM (#5273970) Homepage

    Yet another reason not to buy CD's anymore!

    Not that there is much worth buying these days anyhow :)

    Wonder whats next?

    "Sir, we're happy to sell this new album to you - just piss in this specimin jar and supply a drop of blood on the application provided..."


    • Why do you think that RIAA music is crappy?

      Have you heard me sing in the shower lately?
      That would change your mind.

      I just got a $200.00 surcharge on my rent because the landlord had to replace the full length bathroom mirror that broke while I was singing.

      Such as life
  • This is news? (Score:5, Insightful)

    by the_verb ( 552510 ) on Monday February 10, 2003 @05:39PM (#5273988) Homepage
    It sounds like an industry-approved ID3 field. I'm assuming this 'net barcode' would be paired with some new file format, something that weaves the ID into the music itself rather than tagging it on as an afterthought.

    I'm not sure how they plan on compensating artists with this plan, since there doesn't seem to be a *payment* mechanism. It strikes me as a first step towards 'Music Audits' in which a hard drive is scanned for the works of particular artists.

  • Indentify? What, is the unique ID so that the RIAA can indenture you while you work off the money you owe from your MP3 collection?
  • firewall. (Score:5, Insightful)

    by Kewjoe ( 307612 ) on Monday February 10, 2003 @05:40PM (#5274009)
    and thats why having a nice firewall that blocks programs from outbound transmission is crucial.
    • ...until they embed this Digital Rights Restrictions nonsense into WinXP as an essential service that you can't disable. Just try blocking WinXP's access to the 'net through your firewall.. No internet==no problem. Except that you might want to get networked things done eventually.

      Best to wait for the crack.
      • ...until they embed this Digital Rights Restrictions nonsense into WinXP as an essential service

        WinXP?! Because...?

        Best to load a different OS, no?

        Light a candle rather than curse the darkness, and all that...
  • They should just have the artist repeating a watermark chorus.

    "This mp3 was stolen.
    This mp3 was stolen.
    This mp3 was stolen.
    This mp3 was stolen... and she loves me!"

  • Bad Journalism 101 (Score:5, Insightful)

    by burgburgburg ( 574866 ) <splisken06@ema i l .com> on Monday February 10, 2003 @05:41PM (#5274019)
    industry that is reeling from lost sales compounded by a slumping global economy and the growth in online music piracy.

    Industry "fact sheets" make reporting so much easier. Now I have time for another nap.

    • by Stanl ( 646331 ) on Monday February 10, 2003 @06:11PM (#5274354) Journal
      You couldn't be more correct. The music industry and it's partners consistently disseminate its news releases with prepackaged quotes, phone numbers of "friendly" experts and hand-selected excerpts from related technical and legal documents to make writing these types of stories "easier" for the press. It saves the writers time from having to do indepth interviews and actually reading up on what they are writing about. My news writing professor is spinning in his grave.
  • by morcheeba ( 260908 ) on Monday February 10, 2003 @05:41PM (#5274024) Journal
    The article seems to get the basic premise of this wrong. A UPC code describes only the product; the buyer is still anonymous. The only reason a reseller would have to buy millions of GRid's would be if each track sold was unique (as opposed to each type of song sold). Either the RIAA's layers did a good job of fooling Reuters, or they just didn't understand the implications of this... and the implications are exactly what they deny-- that songs bought on the internet could be tracked to the buyer if they ever end up being shared.
    • by the_quark ( 101253 ) on Monday February 10, 2003 @05:59PM (#5274242) Homepage
      No, this is a legitimate issue. I was VP of Technology for EMusic prior to their purchase by Universal. We licensed our MP3s to other resellers. We had at least 125,000 tracks when I left.

      We tried to use actual UPCs, but they are only 12 digits. 6 Are the manufacturer ID, 1 is the classs of the item and 1 is a checksum. That only leaves 4 digits for the SKU - only about 10,000 items. We called UCC (the UPC equivilant of ICANN) and asked for 400,000 numbers, because we figured that would cover something like 90% of the music sold in the US. UCC said, "You realize, if you have a bin of screws, you don't put an individual UPC on every screw, you just assign a number to the bin, right?" We explained that we knew that, and that we really did expect to have 400,000 individual, unique items for sale. They said, "We don't think UPC is the solution for you." So we made up our own SKUs, and gave those to our licensees.

      Remember that you need one for the album and one for each song - an an average of 13 per album. Every format you provide that in gives you another set of numbers. So, for example, if EMusic wanted to license its 150,000 song catalog in 128kbps MP3, 256kpbs MP3 and Windows Media, in songs and albums, it'd need nearly 500,000 numbers. And EMusic isn't very big, in music terms. If they need half a million, it's very easy to imagine someone really big might need millions. As all programmers know, you should figure out what the maximum amount you could every possibly need and then increase it by at least an order of magnitude. ;) If we'd hit our goal of 400,000 songs, that would've been 1.3 million in the above formats.

      • Thanks - that's a good analysis; I didn't realize that the number could be so high. But I still worry....

        The aim is to track each time a record label, online retailer or distributor such as Microsoft's (NASDAQ:MSFT) MSN or Italian Internet service provider Tiscali (MI:TIS) sells a song in the form of a Web stream or download. (emphasis mine)

        It's still tracking each sale, and by extension, each buyer. Also, they are charged for their ID's annually... that's either the licensing model (fixed number of ID's, yearly cost), or they expect to sell millions of ID's per year (which I'm not sure the music industry puts out millions of songs/format combinations per year).
        • by the_quark ( 101253 ) on Monday February 10, 2003 @06:46PM (#5274778) Homepage
          Inserting per-purchase tracking info into songs is something to worry about. But I don't think this is necessary for them to do so. The $250/year is comparable to what UCC charges for UPCs - they've just moved to an annual fee structure, and it runs $150 - $9,000 depending how many numbers you need. In fact, on a per-number basis, the RIAA is probably a lot cheaper.

          Also, it's worth noting that I doubt they'll "sell millions of IDs per year." The design of IDs like this aren't that the merchant makes them - merchants will get the numbers from the record companies. The RIAA will tell a record company or destributor, "Your prefix is 12345" and this is a 16-digit number, you can make up everything after 12345." The record company or distributor will tell the merchant, "every time you sell this song, put a tick mark next to 1234567890123456 and tell us once a quarter how many you sold." This makes merchant's lives easier because they have unique identifiers for everything in thier system, and it makes it a lot easier to do stuff like figure out top-40 rankings across multiple distributors since everything has a unique string.

          If this seems to contradict anything I said in my previous post, please remember that EMusic is unusual in this model - they are a retailer, but, under the covers, they're a music distributor. They license the music they have from artists, and have the ability to re-license it to others. So, in that sense, they're more like a distribution company, and need their own UPCs (or GRips or whatever). When people like Tower think about doing downloadable music, they'll still need a license (that's the law) but they're not thinking redistribution, so they'll be getting this magic number from the licensor.

          Again, bottom line, I think that imbedding a unique tag in songs is something some people would like to do, and it's something to keep our eyes open for. But I don't believe this is to do anything except literally to be an online UPC - to give each unique type of item a globally unique identifier. Certainly anyone selling downloadable music could imbed a unique transaction cookie now. Numbers are cheap, you don't have to pay the RIAA to give them to you. Anyone wanting to track individual downloable sales now could put a unique 128-bit cookie into a song and sleep well knowing there'd never be a collision.
    • You know, as much as I usually hate this crap, I don't really have that much of a problem with it (as long as it isn't paired with spyware). If they do this, then they could do away with copy protection, because they wouldn't need it.

      So, how about this - mp3's have tags in them, and if your stuff shows up repeatedly online, then you eventually get busted. In return, NO copy protection is used, and you can have copies anywhere you want, so long as you don't share them. No spyware either.

      Honestly, I think that's the best deal we're likely to get.

      • How does that proposed system tell the difference between *you* listening to copies of the song in multiple locations (like at home and at work and walking around the city with your laptop with WiFI card), versus OTHER PEOPLE listening to copies of the song? How does it know which copies are fair use and which are not? (Granted, the Music industry does't *want* you to have fair use, so I wouldn't be surprised if there wasn't a way to tell the difference.) This was what made Adobe's e-books so awful - they tied your copy down to the specific computer it was installed on, making it less share-able than even a paper book.
        • Fair Use vs. Piracy (Score:3, Interesting)

          by siskbc ( 598067 )
          Now, of course, this is my take on the matter, not theirs...

          I think, as someone mentioned in reply, that the difference is one of scale - if they were to only go after the big fish, it would effectively weed out the pirates from the multiple site users. One brightline would be a P2P server - that can pretty much be assumed to be piracy in most instances (if the RIAA can SEE the server, it's public)

          Naturally, what this comes down to is "will they EVER endorse fair use." My plan assumes they do, or would - after all, if they can nail pirates, what's the harm in fair use? It completely negates all their arguments except one...namely, that they want us to buy a separate copy for every place we want to listen to the song.

          I didn't express it well in my original post, but if the community accepts the tags, it would serve as a perfect litmus test for where the RIAA stands on fair use when the spectre of piracy has been dealt with. In other words, I like the tags idea because it strips them of excuses. We know that "anti-fair-use" is already the position of the MPAA, as Jack was kind enough to provide great quotes like "What is fair use? There's no such thing..." and "If you lose your copy, you buy another..." Let's see where the RIAA stands on this when piracy goes out the window.

    • Given that you'd have to download them you can modify the file on the way out to be a hash of your user id, address, etc AND the song information. This hash does not have to be one way either. This could be encoded onto the file in the form of a watermark. RIAA, if they wanted to, could even impose that you would have to know a secret key to be able to play the file as well (this requires support from the OS, or software). I'm sure at some point RIAA will try some scheme like the MPAA has on DVD encryption.

      This way RIAA/whomever can see who "owns" that track in both senses. Who gets paid for it, and who paid for it.
  • by Samurai Cat! ( 15315 ) on Monday February 10, 2003 @05:41PM (#5274026) Homepage
    "Jessop cautioned that GRid is not designed, nor is it intended for, keeping track of songs that wind up on online file-sharing networks, a major source of music piracy."

    All this is is a way to track online sales of individual tracks. Nothing to do with CDs, P2P, etc.
  • in a bid to compensate musicians and song writers as more of their works become available online

    Oh wow! They're expressing concern that the money goes to the artists... did I miss something here?

    More like they want to be able to track exactly how much is due to them, while still screwing the artists concerned... funnily enough 'GRid' sounds like an Aussie way of telling the RIAA to go crawl back down into the hole they came from.

  • correct me if i'm wrong, but this only tracks the distribution of tracks online, i.e. from "the Man",

    the same folks who still can't develop a business model that allows for quick and easy digital delivery of songs.

    the mp3s i make from discs i buy, on the other hand, will have no Grid tags, so this really isn't a threat to p2p music sharing as we know it; it means that we (theoretically) won't be able to trade tracks we've downloaded from

    well, who needs them anyway?

    besides, this stuff is pointless, they'll never be able to close the anolog hole.

  • its not for tracking files on file networks, so far. But if this is used to track files downloaded from a certian place, say and it ends up on Kazaa or whatever, would get charged more?
    But honestly, once it hits P2P, that doesn't matter since it'll be all over the place in a matter of hours.
  • Doesn't this presuppose that RIAA allows a viable online sales model to develop? Given the overpriced, crippled vendors of music feebleware, I just don't see it happening.
  • by thatguywhoiam ( 524290 ) on Monday February 10, 2003 @05:43PM (#5274047)
    Excellent! Finally someone has stepped up and provided a nice, complete solution to the record companies prob... hey, hold on:

    Jessop cautioned that GRid is not designed, nor is it intended for, keeping track of songs that wind up on online file-sharing networks

    ... oh. I guess you can just... rename the file, or something.

    So really, they have just figured out a way to do this:

    resellers would be charged an annual fee of 150 pounds ($245.10)

    Yeah, that sounds about right.

  • So... (Score:2, Insightful)

    What's preventing users from transcoding the audio file into another format which doesn't have this serial number "feature"?

  • by Bizaff ( 443681 ) on Monday February 10, 2003 @05:46PM (#5274086)
    On Monday, the British Phonographic Industry (BPI) reported a 3.7 percent decline in recorded music sales in the fourth quarter of 2002...

    When I first read that, I thought it said British Pornographic Industry.. that sure changed the tone of the article...
  • by Lxy ( 80823 ) on Monday February 10, 2003 @05:48PM (#5274103) Journal
    The basic idea (because I know you didn't read the article) is that online retailers can issue unique IDs to track online sales. If used properly, this could prove that internet sales DO work and MP3s are GOOD for the industry. The article also states that it's not an attempt to curb/track file sharing.

    Now, the flipside is that this is the RIAA. They probably have a devious use for the ID, probably just so they can prove they have a system in place. Whether or not they'll be manipulating the numbers in their favor and implementing a tracking system is another question, but knowing their past history, it wouldn't surprise me.

    And finally, was I the only one, or does "International Federation of Phonographic Industry" look like "International Federation of Pornographic Industry" on first glance?
    • Everyone notice the part where you have to pay $250 PER YEAR to participate in this program? I'd feel a lot better about it if it was an internationally agreed upon standard, like UPCs and EANs, and if it was a one-time fee for each block of numbers that you got. $250 a year is no big deal for big outfits, but for small-time publishers who would benefit the most from releasing their work, $250 is a lot of money.

      Who wants to bet that some big retailer is going to charge smaller outfits for the privilege of using the big retailer's tracking tags? If I were a small music publisher, I'd cook up my own open-source solution. Form a consortium, charge $50 for a block of 100 numbers & associated database space, create a new IDv3 tag for MP3s & put out code that would allow users to buy music by clicking on the tag. The only reason for the consortium to exist is to keep track of the numberspace (like with UPC and EAN), and help standardize the incorporation of the open-source numberspace into as many pieces of software as possible.

      Why give the RIAA another $250 a year to persecute filetraders and destroy fair use rights, when for $50, you can help promote a workable system for buying music on the fly (even streaming music)?
  • by pair-a-noyd ( 594371 ) on Monday February 10, 2003 @05:48PM (#5274105)
    These "tags" will be stripped out the day this hits the wires.

    These people seriously underestimate the resolve of teens.

    My kid is 17. Here is what he tells me. He won't buy CD's because if a CD has a song that he likes there will be 12-15 songs on there that he thinks SUCK. In other words he's paying ~$15 for ONE SONG. He would rip that one song to HDD and compile his own CD to use in his car with only the songs that he likes.

    But, at ~$15 each and being limited by law to only working a max of 20 hours a week at minimum wage he can't afford too many CD's.

    Thus enter Kazaa. He can leech all the songs he wants for free and burn his own mixes for his car that suits his taste.

    And forget that stuff about buying music online, he can't do that as a kid and I don't have or use any form of banking system. I live strictly by GREEN CASH ALONE and have nothing at all to do with any financial institute in any form. Despite that fact, even if I did have credit cards or bank accounts I would never use them online for any reason, ever. Nor would I permit him to use my accounts.

    Kids are smart, far smarter than the people that try to maintain their grip on the music industry.
    NOTHING that they can devise will stop piracy, ever. If something must be paid for there will always be someone that will find a way to get it for free.

    The digital age is Pandora's box. It's been opened and there is no closing it now.

    I predict to see a tool to strip the tags on freshmeat the next day..
    • by HisMother ( 413313 ) on Monday February 10, 2003 @06:04PM (#5274295)
      > ... I don't have or use any form of banking system. I live strictly by GREEN CASH ALONE and have nothing at all to do with any financial institute in any form.

      Cool. If this gets out, I bet he'll have LOTS of friends who want to come over and play -- say, dig in the yard, play hide and seek in Dad's bedroom...

    • My kid is 17. [...]

      But, at ~$15 each and being limited by law to only working a max of 20 hours a week at minimum wage he can't afford too many CD's.

      Thus enter Kazaa. He can leech all the songs he wants for free and burn his own mixes for his car that suits his taste.

      Please explain how a 17-year-old who is limited by labor law from earning enough $$$ to buy CDs happens to have his own car.

      • by Didion Sprague ( 615213 ) on Monday February 10, 2003 @06:42PM (#5274735)
        Please explain how a 17-year-old who is limited by labor law from earning enough $$$ to buy CDs happens to have his own car.


        I mean, just because you disdain financial institutions doesn't mean you can't give groovy gifts to your kid.

        Slightly, OT:

        I'm impressed you're managing to live without financial institutions. But are you pulling a Tony Soprano and stashing cash around the house? In the compost bin? Up in the attic?

        I mean, at some point, the volume of green must get a little overwhelming. (Unless you give a lot of gifts and don't let the green accumulate.)

    • by gregmac ( 629064 )
      He won't buy CD's because if a CD has a song that he likes there will be 12-15 songs on there that he thinks SUCK. In other words he's paying ~$15 for ONE SONG.

      In the past 20 years, music has changed quite a bit. There are many more genres of music nowadays, and many more bands, and many more one-hit-wonder type bands.

      The recording industry obviously knows this - most of the big ones have different divisions for different genres, and there are hundreds of smaller companies now that deal with specific styles of music. Despite this, they still try to sell music in the exact same way - you buy an entire album, and get all the songs on it, regardless if you only actually like or want one or two songs. From a consumers point of view, you're now paying ~$15 to be able to listen to that one song.

      From the article:

      The music industry blames the popularity of such networks, including Kazaa and Grokster, where millions of consumers swap songs for free, for the decline in recorded music sales.

      They need to take this as a sign: its time to wake up, start doing what consumers want, and sell individual songs. Obviously, tradional methods for this don't make sense - the overhead in producing a CD (printing, packaging, shipping, etc) with one or two songs doesn't make it worth it. But the internet provides a perfect medium for this by eliminating most of the overhead costs.

      The industry is in turmoil right now anyways. The RIAA is bringing lawsuits to everyone they can. Then theres the media companies:

      • Sony has their music division, which grosses something like $6 million/year. They also have Sony Electronics, which makes things like portable MP3 players, CD burners, etc. This division grosses $40 million/year.
      • AOL Time Warner is another one. Time Warner has an entertainment divison, selling CDs, etc. AOL is an internet service provider, and obviously one of the reasons people use internet is for downloading music.
      All of a sudden, it starts making sense why these companies remain tight-lipped about the RIAA's actions and things like the DCMA.

      (The sony example was originally from the radio show "The Ongoing History of New Music" by Alan Cross, which did a very interesting show a while back on how the music industry works. Sorry, I can't find a link)

  • by mrs clear plastic ( 229108 ) <> on Monday February 10, 2003 @05:49PM (#5274109) Homepage
    Could this be similar to a custom watermark on each individual song or piece that's sold?

    How tamper-proof will this be? If all of the on-line sources that will be selling musing/videos/whatever are to be expected to issue these watermarks, the standards would have to be public, or at least very darn near public.

    If the standards are even close to being public, perhaps someone could figure out how to remove and or alter these watermarks.

    Hmm, very interesting. I buy a song from MSN. I read the file into a scrip that I hacked. I change the watermark in some way. I then turn around and sell it under the table. The buyer takes the song and then in turn sells it, or whatever.

    Sometime later, someone gets raided by the SPA,
    MPAA, or whatever. They audit the songs. They find a few with the watermark that I altered. Their trail will be lost or steered into some poor victim whose watermark I 'stole' to alter my songs.

    A possible solution to this would be to have a secret algorithm to generate the watermarks. This would have to be implemented in tamper-proof chips or, perhaps, a tamper-proof device that goes between your computer and the network; ie; a special NIC card. The card would know who you are and what song you are about to release. It would then generate and record the water mark in it's secret way before the song is sent on its way.

    The logistics of this solution would be challenging. The devices would have to be distributed, cataloged, and recorded. Who has which special NIC card would have to be recorded in RIAA'a TIA infrastructure. Of course, this same infrastruction would have to record each subsequent sale/disposal of the card. The security of the cards would have to be impeccible.

    Good luck to you all!


    • A "tamper proof watermark" imho is easy to attain, if they keep the method of adding and removing the watermark secret, and do not provide any easy way of detecting if the watermark exists or has been removed

      Unfortunately the music industry is stupid and will insist on making this somehow do copy prevention. That has the totally counter-productive result of providing a pirate with a fast and easy and foolproof method of determining if they have removed the watermark (ie if it plays they have succeeded in removing it).

  • Who's Taking Bets? (Score:2, Insightful)

    by LookSharp ( 3864 )
    Estimated time before a "DeGRid" app appears on the 'net, completely removing the offending number from the file?

    I say 6 days from first retail release!

  • by MarvinMouse ( 323641 ) on Monday February 10, 2003 @05:51PM (#5274128) Homepage Journal
    Everyone here is freaking out because this is another way to track people, and man it's a blatantly obvious one. But do you really believe that the techies and people working at the RIAA are that stupid? Like really?

    The RIAA wouldn't do something so obviously usable as a tracking method and then deny it. They didn't in the past. When they were violating your rights, they were up right and in your face about it. That's why so many people despise them. They don't try to hide what they do.

    I think this may be a legit way for them to just track for internal records and all, and yes, I am pretty sure they as well as you have thought about the possibility of tracking individual downloaders with this. But like someone already said.

    MP3 -> Wave -> MP3 , no more tracking code.

    Or even better

    Clean CD -> MP3 , No tracking code.

    I think that logic would be clear to anyone. Including the RIAA.

    The sky isn't falling, the RIAA is just playing some games.
  • Watermarking MP3's (Score:4, Interesting)

    by Superfreaker ( 581067 ) on Monday February 10, 2003 @05:51PM (#5274137) Homepage Journal
    We run an ASP with music sales where they are watermarking mp3 files during the encoding process. That way they can see if their files make it onto file trading networks. Since the watermark is encoded into the actual track, you can't remove it by converting to Ogg. It's already an mp3.

    I don't think it is a bad idea. At least they are selling the files in MP3 format. The only people who would have anything against this would be those who download music they haven't paid for.
    • by apweiler ( 300457 )
      Since the watermark is encoded into the actual track, you can't remove it by converting to Ogg.

      And that was what the SDMI was about - testing how crackable such a watermarking scheme is. This is the kind of thing Ed Felten cracked. If you're a small business, perhaps no one will have bothered to crack it (or didn't think it was right) - but if the RIAA tries it, see how long it takes for a de-watermarker to show up...
    • How does that work? MP3's have lossy compression who's goal is NOT to reproduce the bits precisely, but just good enough for human listeners to not be able to tell the difference. I would have thought that this would make it impossible to embed a key (or watermark) in the audio data since bits will come out garbled.
  • by merlyn ( 9918 ) on Monday February 10, 2003 @05:52PM (#5274149) Homepage Journal
    From what I understand, it's an audible voice that comes on at 15-second intervals reading the serial number "This is copy three... one... five... four... one... nine... one".

    True enough, the RIAA spokesman reportedly said "This will have no effect on the quality of the recording".

  • Point of sale ID (Score:5, Interesting)

    by RichMan ( 8097 ) on Monday February 10, 2003 @05:54PM (#5274176)
    The GRid is a point of sale identification so that the seller can identify which track has been sold and then send the appropriate $ to the recipient (RIAA member).

    You can view this as the thin edge of the wedge in a scheme that will probably work to get a "Palladium" like system in place.

    Bob buys track 9 from CD X from Amazon. Amazon records the GRid and forwards the appropriate share to RIAA member reponsible for producing the track. Bob is happy because he was able to access the track.

    Later Bob will be investigated for file shareing. He will not have the GRid's to prove he bought the file. The GRid's are not part of the music track. The RIAA will say but "Palladium" can solve that. Bob will ask to have "Palladium" implemented so that he does not have to go to jail.
  • Vegas Odds (Score:3, Insightful)

    by BigGar' ( 411008 ) on Monday February 10, 2003 @05:55PM (#5274194) Homepage
    Anyone got the bookie odds on how long it'll take to figure out how to strip this off a downloaded file?
    • I give it 25 minutes till its cracked, another 4 hours for the Windows GUI app to come out.
    • Hmmm... go to two stores and buy two different copies of the same CD. Rip the tracks from both with cdparanoia or similar. Look at the diff between the two.

      Figure out where it is in the file (beginning/end/n bytes offset). Write a script to zero out those bytes in a WAV (or randomly perturb a little in the least significant bits if that's what it takes).

      Shouldn't take more than an afternoon, I'd think. The whole thing can't be that hard--CDs are basically a list of samples. Without more advanced data storage, there isn't much to hide.

      I suppose the watermark could be at a random location in each track. That would be harder, but in the worst case: take two WAVs of any song and average the two.

  • by nolife ( 233813 ) on Monday February 10, 2003 @06:14PM (#5274385) Homepage Journal
    Anyone actally read the article? Either the article is missing some information or the listed planned usage for this thing is far from what they actually plan on doing with it.

    It appears this is supposed to be used so that a retailer can be charged correctly for every download they offer. Meaning a standard method of keeping track of online retail sales. To do this they will encode some unique bits in every file sold online. Sounds bogus already. I do not see the connection between me having a unique coded file and tracking total sales from retailers. Where is the discussion about how my number is reported or disclosed to anyone? Seems to me the real goal is to track a specific file after it is downloaded. They find your file on KaZaa, track it to the retail source, they release your name and bingo, full swat team visit. Maybe you would become the retailer and they will charge you the original downloader for every instance of the unique indentifier they can find online.

    I'm not some consipracy theory nut but I can not honestly see the connection between tracking sales and a unique number embedded in a file.
  • I'm not worried about tracking. When I go and buy a box of brownies at the suppermarket and use my "Kroger Plus" card, I've been entered into the database, and they know that on February 10th I bought a box of brownies mix.
    They do not know that I've taken the brownies and made "Magic Brownies" with some THC stashed in the closet.
    I don;t see the GRiD being used to track who downloaded what individual song. All it will show when it shows up on Kazaa is that someone bought this song legally and is sharing a song with a friend or three.
    How long will it take for a utility to be released that removes the GRiD from an MP3 or song track?
  • Sounds OK. (no pun)

    No different from the number stamped on a copy of a movie to identify which copy from which master it is. If the movie gets ripped it gets traced back to the movie theater and distributor. If the music gets copied and the tag stays intact they can go bitch to the distributor and the person it was sold to.

    Always adding the usual provisos:

    1. Does the press release match the reality?
    2. Is it one step in a bigger nasty plan?

    Provided the answers are yes & no, I think this is reasonable. Anyone have more detail?

  • It puzzles me to realize that most of these people (RIAA, etc.) would blame file sharing as THE ONLY reason why the industry is experiencing a down turn. I realze that there would be some economic fall out. BUT! How about the fact that 10's of 1,000's of people being laid off has a significant impact on any economy?!?! If my 10 year old son can figure it out, why can't the RIAA figure it out as well? I guess it must be the NEW math they are teaching in school these days...

  • the publishers are proposing something that actually addresses copyright violation, rather than a rights grab. A tracking number has problems (what if someone steals your music collection?) but at least is targeted towards true "pirate" publication rather than those scoundrels who make copies to play in the car.
  • by Anonymous Coward
    and zero out the tag.

    Problem solved.
  • Unique ID's on CDs (Score:3, Informative)

    by FuzzyDaddy ( 584528 ) on Monday February 10, 2003 @06:35PM (#5274643) Journal
    My understanding of the CD manufacturing process is that the aluminum is formed in a press, which allows you to quickly make zillions of identical copies, but does not let you make small variations in copies. (As opposed to, say, microprocessors, which all have small amounts of non-volatile memory which can be programmed.)

    I believe this is why some software includes a key on a sticker that you have to type in. The CD will recognize a whole bunch of keys, but by entering the one on the sticker, you give your software an ID number.

    This being said, I don't think we are in immediate danger of getting unique ID's on CDs. Unless someone knows if there's a manufacturing process for writing small amounts of data on a mass-produced CD?

  • by telstar ( 236404 ) on Monday February 10, 2003 @06:37PM (#5274664)
    These geniuses can't even keep their website online, and now they plan to keep an track-ID database running? I'll believe it when I see it.
  • The next step of course: Every cd player and mp3 player can only play GRID'd files!
  • by frumiousbar ( 587038 ) on Monday February 10, 2003 @06:38PM (#5274677)
    My god, from reading this thread you'd think this identifier is the work of satan or John Ashcroft (redundant?). People, before posting the standard knee-jerk reaction to something, why not do a little research [].

    This is a harmless number & metadata scheme that is intended to identify electronically distributed content since the existing identifiers (e.g. UPC and ISRC) have limitations that don't satisfy the needs of content owners, publishers, and retailers. I was involved in the project so I know first hand this has nothing to do with P2P or consumer tracking.
  • by porky_pig_jr ( 129948 ) on Monday February 10, 2003 @06:41PM (#5274718)
    I am looking forward having MY (as a customer) personal tracking number assigned to me and embedded in my body as a microchip - courtesy of RIAA.
  • no one can take potshots at the golden "analog hole", it remains untouchable.

    any audio file, i don't care how well you secure it, has to be turned into an audio signal at some point to be understandable to the human ear. at which point, the signal can be copied. this will never be preventable or difficult to do for any vaguely committed technically clueless wannabe music pirate.

    you are talking about the skillset and the resource level of your average 13 year old. the same 13 year old who has the deepest desire for pop music, and the least amount of money. put 2 and 2 together and you get the downfall of the riaa right there in a nutshell.

    when will the riaa get this clue? i mean c'mon, talk about fighting historical inevitability.

    what next? implant digital audio chips in people's eardrums and transmit the data through 802.11/ bluetooth?

    wait, forget i asked, i don't want to give the recording industry police any ideas... they are so stupid, they'd probably propose that as a reasonable solution ;-P
  • by Eric Damron ( 553630 ) on Monday February 10, 2003 @07:11PM (#5275030)
    "Jessop cautioned that GRid is not designed, nor is it intended for, keeping track of songs that wind up on online file-sharing networks, a major source of music piracy."


    Why would they have to "tag" a downloaded file in order to pay for that download? The Only thing this does is to allow the seller to provide a way to associate the buyer with a particular file.

    People who swap copyrighted files are breaking the law. However, the RIAA is going to assume that the files were traded. It is also possible for files to be stolen from buyer's hard drives.

  • Clean copy = (File 1 + File 2)/2
  • Yeah, right... (Score:2, Insightful)

    by DarwinDan ( 596565 )

    Ahem, soapbox please!

    First, the RIAA will lose this one to wise consumers and 120-IQ hackers. Now that we the /. community) know even the name of this technology we will have already have a crack of the GRid code before it hits the shelves of your local [despised] music store.

    Secondly, support for so-called pay-per-download is very mimimal. Pressplay is one example. Countless other music industry-sponsored portals have failed miserably. There is no way this will become as popular (or acceptable) as the current retail system.

    And, finally, we have Gnutella {BearShare | Limewire | Morpheus}, WinMX, and more already penetrating the online music "market." It's no wonder that I can download ANY -- and I mean ANY -- song I have ever so desired. The truth of the matter is...there will never again be a reason to purchase a copy-protected or DRM-restricted CD again.

Any sufficiently advanced technology is indistinguishable from a rigged demo.