• PC World
• »Security

Hollywood wants a piece of your hard drive.

An obscure proposal now pending before a technology standards committee could lay the groundwork for manufacturers to include content-protection capabilities on your next hard drive.

A group called the 4C Entity is pushing the content-protection plan. Composed of industry heavyweights IBM, Intel, Matsushita Electronic, and Toshiba, the group asked a subcommittee of the National Committee for Information Technology Standards (NCITS) to incorporate new code into the next ATA standard.

The ATA standard dictates the way a PC communicates with its hard drives and other storage devices, and this code would enable copy-protection features like the 4C Entity's Content Protection for Recordable Media. CPRM is an encryption and key-management technology that prevents unauthorized copying of protected content.

Opponents contend that the plan will lead to content protection on hard drives, limiting how you can use your PC by curtailing the exchange of digital audio, video, and information. Some claim it is the first step toward the end of free content on the Web. They argue that the strategy plays directly into the hands of greedy music companies and movie studios, and that it could even hinder basic tasks such as hard drive backups.

"There is a lot that is bad for everyone whenever use of content is carefully metered and controlled," says Brad Templeton, chairman of the board of the Electronic Frontier Foundation, a free-speech advocacy group.

"Once this technology is in, you could use it on everything," he notes. That could lead to a day when content companies allow downloads only onto secured drives, which would fundamentally change the Net, he says, and how people use it to exchange information.

Proponents ridicule such claims and argue that the proposal has nothing to do with hard drives or limiting the function of PCs. They say that the plan involves only removable storage media such as flash storage and IBM Microdrives--and that it won't touch regular files. "The scenario [that opponents] put forth is hilarious," says Intel spokesperson Manny Vara.

Which side's claims are valid? As we go to press, it's hard to say. The co-inventor of the plan, IBM's Jeff Lotspiech, declined repeated requests for an interview, and hard drive vendors remain silent. However, Lotspiech and others in the 4C Entity have been working on a paper that should be viewable by the time you read this. A draft version of the document obtained by PC World appears to support both sides of the argument.

Mixed Signals

The proposed changes to the next edition of the ATA standard would not introduce the encryption technology itself into the storage media, but would add code that lets device manufacturers incorporate CPRM (for a fee) or other types of content protection during production.

The draft version of the 4C Entity's document that PC World obtained states repeatedly that CPRM is not intended for hard drives. However, a sentence in the document indicates that the group had indeed discussed this possibility: "We did consider fixed hard drives in the technical group and some of our design decisions anticipated that."

This statement seems to indicate that the 4C Entity reversed its position--perhaps in response to growing protest against the standard.

Andre Hendrick, a storage-industry consultant on the subcommittee--called T13--was the first to object, he says. While he missed the initial proposal meeting, and later discussions omitted talk of hard drives, Hendrick says he felt that that use was implied.

Despite the 4C Entity's claims to the contrary, Hendrick also contends that CPRM content could cause backup problems for users and might even require new utilities. He is pushing to have a disable feature included if the T13 subcommittee accepts the standard, he says.

Questions Linger

You can expect questions about this issue to persist for months, says Kate McMillan, director of the NCITS Secretariat. The new ATA standard will not be finalized for quite some time, she explains.

The T13 subcommittee may approve the standard at its February 20 meeting, but then must make it available for public review for at least 45 days so opponents and supporters can voice their opinions. "I'm sure we're going to get some comments," McMillan says.