Escolar Documentos
Profissional Documentos
Cultura Documentos
org)
CONTENT PROTECTION
1 / OBJECTIVE
2 / BACKGROUND
3 / BEST PRACTICES
4 / BEST PRACTICES DOWNLOADS
5 / FACILITY-PAID INSPECTIONS
6 / SELF-ASSESSMENT QUESTIONNAIRES
7 / FAQ
8 / REPORT PIRACY
9 / CONTACT
OBJECTIVE
The MPAA is committed to protecting the rights of those who create
entertainment content for audiences around the world. From creative arts to the
(https://www.mpaa.org)
software industry, more and more people make their living based on the power of
their ideas. This means there is a growing stake in protecting intellectual property
rights and recognizing that these safeguards are a cornerstone of a healthy global
information economy.
For more than three decades, the Motion Picture Association of America, Inc.
(MPAA) has managed content security assessments at facilities on behalf of its
Member Companies (Members): Walt Disney Studios Motion Pictures;
Paramount Pictures Corporation; Sony Pictures Entertainment Inc.; Twentieth
Century Fox Film Corporation; Universal City Studios LLC; and Warner Bros.
Entertainment Inc.
Issuing a set of MPAA best practices by facility service that outline standard
controls that help to secure Member content.
Assessing and evaluating content security at third-party facilities against
the MPAA best practices.
Reinforcing the importance of securing Member content.
Providing a standard assessment vehicle for further individual discussions
regarding content security between Members and their business partners.
BEST PRACTICES
Content security best practices are designed to take into consideration the
services the facility provides, the type of content the facility handles, and in what
release window the facility operates. The purpose of these guidelines is to provide
current and future third party vendors engaged by MPAA Members with an
understanding of general content security expectations and current industry best
practices. Decisions regarding the use of vendors by any particular Member are
made by each Member solely on a unilateral basis.
Best practices outlined in this document are subject to local, state, regional,
federal and country laws or regulations.
Best practices outlined in this document, as well as the industry standards or ISO
references contained herein, are subject to change periodically.
Compliance with best practices is strictly voluntary. This is not an accreditation
program.
(/wp-
content/uploads/2015/09/chart.png)
The best practices for Application and Cloud are also organized according to the
MPAA Content Security model and are comprised of 6 main security topics across
application security and cloud security.
(/wp-
content/uploads/2015/09/bigchart1.png)
There are now two documents which provide the MPAA Best Practices. The
Common Guidelines apply to all facilities that handle motion picture content. The
Application and Cloud/Distributed Environment Guidelines apply to facilities
that offer applications and cloud hosting products and services. Below are the
links to downloadable versions of the MPAA Best Practices in six different
languages.
(https://www.mpaa.org)
Application and Cloud
Common Guidelines Language
Guidelines
Download (/wp- Download (/wp-
content/uploads/2015/11/MPAA-Best- content/uploads/2015/12/MPAA
Practices-Common- English Best-Practices-App-and-
Guidelines_V3_0_2015_04_02_FINAL- Cloud_V1-0-20150507-
r7.pdf) RELEASE-CANDIDATE-6.docx)
Download (/wp- Download (/wp-
content/uploads/2015/12/MPAA-Best- content/uploads/2015/12/MPAA
Practices-Common- Chinese Best-Practices-App-and-
Guidelines_V3_0_2015_04_02_FINAL- Cloud_V1-0-20150507-DRAFT-
r7_ZH-CN.docx) r2_zh-CN.docx)
Download (/wp- Download (/wp-
content/uploads/2015/12/MPAA-Best- content/uploads/2015/12/MPAA
Practices-Common- Japanese Best-Practices-App-and-
Guidelines_V3_0_2015_04_02_FINAL- Cloud_V1-0-20150507-DRAFT-
r7_JA.docx) r2_JA.docx)
Download (/wp- Download (/wp-
content/uploads/2015/12/MPAA-Best- content/uploads/2015/12/MPAA
Practices-Common- Korean Best-Practices-App-and-
Guidelines_V3_0_2015_04_02_FINAL- Cloud_V1-0-20150507-DRAFT-
r7_KO.docx) r2_KO.doc)
Download (/wp- Download (/wp-
content/uploads/2015/12/MPAA-Best- content/uploads/2015/12/MPAA
Portuguese
Practices-Common- Best-Practices-App-and-
(Br.)
Guidelines_V3_0_2015_04_02_FINAL- Cloud_V1-0-20150507-DRAFT-
r7_PT-BR.docx) r2_PT-BR.doc)
Download (/wp- Download (/wp-
content/uploads/2015/12/MPAA-Best- content/uploads/2015/12/MPAA
Spanish
Practices-Common- Best-Practices-App-and-
(Lat.)
Guidelines_V3_0_2015_04_02_FINAL- Cloud_V1-0-20150507-DRAFT-
r7_ES-LA.docx) r2_ES-LA.doc)
Award Screeners
Download
(http://www.fightfilmtheft.org/docs/Awards.pdf)
FACILITY-PAID INSPECTIONS
Although the MPAA does not offer a certification for content security, we do
perform security assessments of facilities and report the findings of these surveys
back to our Members through the MPAA Content Security Program. A facility
may make a security assessment request directly to the MPAA. The cost of the
assessment for a facility request is the responsibility of the vendor. A separate
agreement is signed for this and pre-payment is required. To receive a no
obligation quote for the cost to conduct and issue a Content Security Report for
your facility, please complete the application (below) and return it to
contentsecurity@mpaa.org (mailto:contentsecurity@mpaa.org.).
Download (/wp-content/uploads/2015/11/MPAA-Pre-Site-
Questionnaire.docx)
Within a week of receiving the completed questionnaire, the MPAA will provide a
detailed quote that will be valid for one month. If you wish to proceed, the MPAA
will provide you with an Agreement and invoice. Once the MPAA has received a
signed Agreement and payment in full, the MPAA will schedule a date for the
inspection or MPAA will instruct its outside consulting firm to contact you about
scheduling a date for the inspection. A Content Security Report is then issued
about one month after this inspection occurs.
Content Security Reports are provided to the MPAA and its Members solely as a
basis for individual discussions with the vendor about security at their facility.
Reports may also be distributed at MPAAs discretion, to other similarly situated
producers or distributors of audiovisual content.
SELF-ASSESSMENT QUESTIONNAIRES
FAQ
PROGRAM
A facility may make a request for an assessment directly to MPAA. The cost of
the assessment is the responsibility of the vendor. A separate agreement is
signed for this option and pre-payment is required. Inquiries for this process
are explained here.
What types of facilities are inspected? Are there limitations on who can be
assessed?
Facilities that currently handle or will handle content on behalf of MPAA
Members are candidates to participate. Generally, facilities should be
operational and not in pre-production or planning because the assessment is
designed to validate controls in place. Facilities assessed to date include visual
(https://www.mpaa.org)
effects houses, digital cinema, replication/distribution, video-on-demand,
various post-production specialists, and application and cloud providers.
It may take up to two months to complete the process. Typically, the greatest
delays happen during the initial pre-site coordination and scheduling. Once
the on-site visit occurs, there is a one-month performance standard to
disseminate the final Content Security Report to the MPAA and its Members.
BEST PRACTICES
Facilities should always apply the more restrictive set of best practices unless
the work processes are separated from each other, in which case, you should
reference Appendix C of the Best Practices Common Guidelines for the
security controls applicable for each facility type.
What if my current system does not allow for the implementation of best
practices?
When applying best practices in this guideline, will my facility still need to
comply with security requirements set individually by an MPAA Member?
REPORT PIRACY
The following list presents the 24-hour tip line contact information for each
country where the MPAA works with a local content protection office:
Additional information about the MPAA can also be found on this website located
at: www.mpaa.org (https://www.mpaa.org)
(https://www.mpaa.org)
You can also learn about programs worldwide to protect content during the
exhibition at: www.fightfilmtheft.org (http://www.fightfilmtheft.org)
CONTACT
The Motion Picture Association of America, Inc. (MPAA) along with the
Motion Picture Association (MPA) and other subsidiaries and affiliates serve as
the voice and advocate of the American motion picture, home entertainment and
television industries.
2017 Motion Picture Association of America, Inc. All rights reserved. | Privacy Policy
(https://www.mpaa.org/privacy-policy/) | Terms of Use
(https://www.mpaa.org/terms-of-use/)