I get the feeling that the BBC is running a 'how to make sure people steal our content" experiment with their brain dead tone deaf geographic restrictions.
Embed commercials in your video stream, make the stream public, and make money off the commercials. You know, just like you do when you broadcast on freeview. Market to your advertisers that they can now reach a global viewership.
EDIT: yes I am aware that the BBC does not broadcast commercials domestically. They can’t. There is no such restriction on their broadcasts outside the UK.
The document spends initial time discussing the amount of money BBC brings to Aus. (“look how important we now are to your economy - you must bow to our whims!”) and the reported cost of piracy to “Content rights holders like BBC Worldwide and its related entities” it says nothing about what they could be doing better through their own actions to stop piracy - nor does it bother to explain why piracy happens specifically to them in large volume.
It demands laws be created - because they want them and they can’t see any other way to do the job. It also claims that if they get legislation, it will be making use of “reasonable steps” so as to legitimize the actions against those who do find themselves sued.
I find the most offensive thing to be the fact that this company doesn’t acknowledge that even legitimate users don’t want people knowing what it is they’re doing on the internet for privacy’s (not “piracy’s”) sake. “Obfuscation” - give me a break. BBC has been pulling this crap for years. Because you’re in the area they treat as “covered by home rule”, I really recommend you download and read.
Even though there are well-documented studies telling companies what not to-do to reduce piracy, the BBC steams on ahead and continues to do them over-and over. Then, every time, they act surprised and demand some outside force fix the issue.
When it came to the Doctor Who leakage, apparently this was because the material was uploaded to the receiving party dealing with whatever it was via anonymous FTP.
Now, in post-production circles, this is not uncommon. Indeed, we operated an anonymous FTP server ourselves (we’re talking around 6-7 years ago now). But you’d only ever were be able to upload to specific paths and you’d never get to see the contents of those paths that we agreed upon in advance with the client - only those staff operating internal to the company network could access that once the upload was complete. There were the usual lockouts and never had problems with people trying to dump illicit stuff there. Nevertheless, I was pushing for fully encrypted FTPS or SFTP, but was told that clients (mainly advertising agencies) preferred the anonymous method rather than having to deal with usernames, passwords or pubkey authentication.
bangs head against brick wall
What film studios, post-production companies, and anybody else working in media where content is valued needs is an infosec manager. Somebody to oversee, implement and enforce policies which prevent anybody from ever deliberately or accidentally releasing material (whether it be through the internet or via physical media), but should it happen, you’d have audit logs or something to show how that material went astray.
But it is up to the film companies/post-prod studios to do this - and not put the blame squarely on the consumer who is going to be penalised because non-technical management are huffing and puffing at their own mistakes.
Oh believe me, I’ve been following their foolishness. They’re like farmers that want no gates and wonder why the sheep keep going missing. Those oh so tasty, and very expensive sheep.
If I were in Austrailia, I’d be a false positive under their criteria given my job. I strongly suspect they mean to identify people by the protocols they use and not the specific servers they connect to. Targeting specific VPN providers is a whole different can of worms. Encrypted traffic throttling is hell on our client’s China branch. Weirder kludges to get around this from a service level involve making information retrieval services that provide authentication and ip filtering over http. Obviously, these kind of solutions aren’t perfect and one must factor of how critical it is protect the information from interception. Weirdly enough, the easiest workaround is very similar to the problem.
