Common use of Network Service Protection Requirements Clause in Contracts

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures must be received and stored at content processing and storage facilities of a distributor in a encrypted or otherwise protected format using an approved protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network services, servers, policies, and facilities shall be provided to and must be explicitly approved in writing by Licensor. Any changes to the security policies, procedures, or infrastructure must be submitted to Licensor for approval. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. The parties acknowledge and agree that STE’s delivery of the STE Services via the Internet as of the Amendment Date comply with this requirement. The parties also acknowledge and agree that the facilities and processes of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date).

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE All Included Programs in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STELicensee’s facilities in an unencrypted format), all Pictures possession must be received and stored at content processing and storage facilities of a distributor in a encrypted or otherwise protected format using an approved protection system, it being understood that . Access to such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers Included Programs must be encrypted in accordance with Section 3.1 limited to authorized personnel who need such access for operational purposes and Licensee shall maintain auditable records of this Schedule C. Documented actual access. Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content Included Programs not encrypted with at least AES128 or the equivalent and of encryption keys for such Included Programs in Licensee’s possession must be securely stored for a period of at least one year. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be updated updated, per Licensee’s standard operational procedures, to incorporate the latest security patches and upgrades. For the avoidance of doubt, Licensee may put encoded encrypted content onto internet facing servers for use by Approved Devices and. [TW: our deletion of Netflix Branded Applications here was Accepted]. All facilities within STE’s control which process and store content Included Programs not encrypted with at least AES128 or the equivalent and encryption keys for such Included Programs must be available for Motion Picture Association of America and Licensor audits at times and places to be mutually agreed upon the request of Licensor. STE shall use commercially reasonable efforts by Licensor and Licensee; provided, however, that any such inspection is conducted during Licensee’s normal business hours and does not materially interfere with Licensee’s operations or confidentiality obligations to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network services, servers, policies, and facilities shall be provided to and must be explicitly approved in writing by Licensorthird parties. Any changes to Licensee’s security policies or procedures set forth in this Clause 6 that would materially and negatively affect the security policies, procedures, or infrastructure protection provided to Included Programs must be submitted to Licensor for approval. Content Each Included Program must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such contentprogram’s license period License Period including, without limitation, all electronic and physical copies thereof. The parties acknowledge and agree that STE’s delivery of the STE Services via the Internet as of the Amendment Date comply with this requirement. The parties also acknowledge and agree that the facilities and processes of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date).

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored at content processing and storage facilities of a distributor in a protected and encrypted or otherwise protected format using an approved industry standard protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be regularly updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network services, servers, policies, and facilities shall be provided to and must be explicitly approved in writing by Licensor. Any changes to the security policies, procedures, or infrastructure must be submitted to Licensor for approval. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. The parties acknowledge Restrictions & Requirements In addition to the foregoing requirements, playback of UHD content is subject to the following set of restrictions & requirements: Robust Implementation Implementations of Content Protection Systems in the Approved Devices shall use hardware-enforced security mechanisms, including secure boot, secure key storage and agree that STE’s delivery a trusted execution environment. Implementation of Content Protection Systems shall additionally use industry standard obfuscation mechanisms for the security sensitive parts of the STE Services via software implementing the Internet as Content Protection System. The obfuscation shall be different between different versions of the Amendment Date comply with this requirementContent Protection System Player Validation and Authentication. The parties also acknowledge device must be connected to the licensed service for validation/authentication prior to the first playback of each title on the device in question. This online validation/authentication shall cryptographically authenticate the claimed identity of the device and agree establish that the facilities device is unrevoked, fully updated and processes of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place it has not been subject to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date)unauthorized modification.

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored protected according to industry best practices at content processing and storage facilities of a distributor in a encrypted or otherwise protected format using an approved protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits audits, which may be carried out by a third party to be selected by Licensor, upon the request of Licensor. STE shall use commercially reasonable efforts .If Licensor has a justifiable reason to make the facilities of its licensees distributing the STE Services available for similar audits. Security details believe that Licensee is in breach of the network servicescontent protection requirements of this Agreement, serversLicensor shall arrange for the services of an independent security technology auditor, policies(“Technical Auditor”), to review, test, and facilities shall be provided to and must be explicitly approved in writing by Licensor. Any changes to verity that the security policies, procedures, systems in use or infrastructure must intended to be submitted to Licensor for approvalused by Licensee are in accordance with the content protection requirements under this Schedule B (“Technical Audit”). The results of any Technical Audit and any information obtained in the course of auditing shall also constitute confidential information under this Agreement. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. SCHEDULE C Advertising Standards and Guidelines General Standards: The parties acknowledge following Standards and agree that STE’s delivery Guidelines apply to all advertisements: Advertising should be honest and in good taste. All advertisements must have been created and otherwise be in compliance with all applicable laws, rules, regulations and codes. No advertisement shall in any way infringe the trademark, copyright, privacy, publicity and/or other legal or contractual rights of any person or entity. No advertisement may defame or disparage any person or entity, or contain material likely to be deemed offensive by a segment of the STE Services via public due to content concerning race, religion, national origin or other protected class. No advertisement may contain any profane, vulgar, or pornographic content. No advertisement shall be displayed on the Internet as Licensee Service prior to clearance of any and all music and/or other intellectual property rights if and to the extent required by law. The public performance rights in the musical compositions embodied in each advertisement submitted to the Licensee Service are: (i) controlled by ASCAP, BMI, SESAC, and/or the local music performance rights organization(s) in the applicable countries of the Amendment Date comply with this requirementTerritory; or (ii) in the public domain. The parties also acknowledge Each and agree that the facilities every claim made in any advertisement (whether express or implied) must be truthful and processes substantiated, including so as not constituting any form of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date)false advertising.

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE All Included Programs in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STELicensee’s facilities in an unencrypted format), all Pictures possession must be received and stored at content processing and storage facilities of a distributor in a encrypted or otherwise protected format using an approved protection system, it being understood that . Access to such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers Included Programs must be encrypted in accordance with Section 3.1 limited to authorized personnel who need such access for operational purposes and Licensee shall maintain auditable records of this Schedule C. Documented actual access. Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content Included Programs not encrypted with at least AES128 or the equivalent and of encryption keys for such Included Programs in Licensee’s possession must be securely stored for a period of at least one year. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be updated updated, per Licensee’s standard operational procedures, to incorporate the latest security patches and upgrades. For the avoidance of doubt, Licensee may put encoded encrypted content onto internet facing servers for use by Approved Devices and. All facilities within STE’s control which process and store content Included Programs not encrypted with at least AES128 or the equivalent and encryption keys for such Included Programs must be available for Motion Picture Association of America and Licensor audits at times and places to be mutually agreed upon the request of Licensor. STE shall use commercially reasonable efforts by Licensor and Licensee; provided, however, that any such inspection is conducted during Licensee’s normal business hours and does not materially interfere with Licensee’s operations or confidentiality obligations to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network services, servers, policies, and facilities shall be provided to and must be explicitly approved in writing by Licensorthird parties. Any changes to Licensee’s security policies or procedures set forth in this Clause 6 that would materially and negatively affect the security policies, procedures, or infrastructure protection provided to Included Programs must be submitted to Licensor for approval. Content Each Included Program must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment terms in the applicable Agreement at the end of such contentprogram’s license period License Period including, without limitation, all electronic and physical copies thereof. The parties acknowledge and agree that STE’s delivery of the STE Services via the Internet as of the Amendment Date comply with this requirement. The parties also acknowledge and agree that the facilities and processes of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date).

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored at content processing and storage facilities of a distributor in a protected and encrypted or otherwise protected format using an approved industry standard protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be regularly updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security At Licensor’s written request, security details of the network services, servers, policies, and facilities that are relevant to the security of the Licensed Service (together, the “Licensed Service Security Systems”) shall be provided to the Licensor, and must be explicitly approved in writing by LicensorLicensor reserves the right to subsequently make reasonable requests for improvements to the Licensed Service Security Systems. Any substantial changes to the security policies, procedures, or infrastructure Licensed Service Security Systems must be submitted to Licensor for approval, if Licensor has made a prior written request for such approval rights. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. The parties acknowledge High-Definition Restrictions & Requirements In addition to the foregoing requirements, all HD content (and agree that STE’s delivery all Stereoscopic 3D content) is subject to the following set of restrictions & requirements: General Purpose ComputerPlatforms. HD content is expressly prohibited from being delivered to and playable on General Purpose Computer Platforms (e.g. PCs, Tablets, Mobile Phones) unless explicitly approved by Licensor. If approved by Licensor, the STE Services via additional requirements for HD playback on PCs will include the Internet as of the Amendment Date comply with this requirement. The parties also acknowledge and agree that the facilities and processes of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the following: Digital Outputs: For avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media)HD content may only be output in accordance with section “Digital Outputs” above unless stated explicitly otherwise below. If an HDCP connection cannot be established, as well as required by section “Digital Outputs” above, the playback of Current Films over an output on a General Purpose Computing Platform (either digital or analog) must be limited to a resolution no greater than Standard Definition (SD). An HDCP connection does not need to be established in order to playback in HD over a DVI output on any customers General Purpose Computer Platform that is registered for service by Licensee on or before the later of: (i) 31st December, 2011 and (ii) the DVI output sunset date established by the AACS LA. Note that this exception does NOT apply to HDMI outputs on any General Purpose Computing Platform With respect to playback in HD over analog outputs on General Purpose Computer Platforms that are registered for service by Licensee after 31st December, 2011, Licensee shall either (i) prohibit the playback of Licensor for its own VODsuch HD content over all analog outputs on all such General Purpose Computing Platforms or (ii) ensure that the playback of such content over analog outputs on all such General Purpose Computing Platforms is limited to a resolution no greater than SD. Notwithstanding anything in this Agreement, SODif Licensee is not in compliance with this Section, PPVthen, Sell Through Electronic Video products and services upon Licensor’s written request, Licensee will temporarily disable the availability of Current Films in HD via the Internet Licensee service within thirty (30) days following Licensee becoming aware of such non-compliance or New Media, are deemed to comply Licensee’s receipt of written notice of such non-compliance from Licensor until such time as Licensee is in compliance with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media section “General Purpose Computing Platforms”; provided that: if Licensee can robustly distinguish between General Purpose Computing Platforms that are entered into after in compliance with this section “General Purpose Computing Platforms”, and General Purpose Computing Platforms which are not in compliance, Licensee may continue the Amendment Date)availability of Current Films in HD for General Purpose Computing Platforms that it reliably and justifiably knows are in compliance but is required to disable the availability of Current Films in HD via the Licensee service for all other General Purpose Computing Platforms, and in the event that Licensee becomes aware of non-compliance with this Section, Licensee shall promptly notify Licensor thereof; provided that Licensee shall not be required to provide Licensor notice of any third party hacks to HDCP.

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored at content processing and storage facilities of a distributor in a protected and encrypted or otherwise protected format using an approved a protection system, it being understood that such distributor is permitted system standard to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilitiesinformation techonology industry. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be regularly updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network services, servers, policies, and facilities shall be provided to and must be explicitly approved in writing by Licensor. Any changes to the security policies, procedures, or infrastructure must be submitted to Licensor for approval. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. The parties acknowledge High-Definition Restrictions & Requirements In addition to the foregoing requirements, all HD content is subject to the following set of restrictions & requirements: General Purpose Computer Platforms. HD content is expressly prohibited from being delivered to and agree that STE’s delivery playable on General Purpose Computer Platforms (e.g. PCs, Tablets, Mobile Phones) unless explicitly approved by Licensor. If approved by Licensor, the additional requirements for HD playback on General Purpose Computer Platforms will include the following: Implementations of Content Protection Systems on General Purpose Computer Platforms shall use hardware-enforced security mechanisms, including secure boot and trusted execution environments, where possible. Implementation of Content Protection Systems on General Purpose Computer Platforms shall, in all cases, use state of the STE Services via art obfuscation mechanisms for the Internet as security sensitive parts of the Amendment Date comply with this requirementsoftware implementing the Content Protection System. The parties also acknowledge All General Purpose Computer Platforms (devices) deployed by Licensee after end December 31st, 2013, SHALL support hardware-enforced security mechanisms, including trusted execution environments and agree that secure boot. All implementations of Content Protection Systems on General Purpose Computer Platforms deployed by Licensee (e.g. in the facilities and processes form of licensees of STE Services over the Internet or New Media who are its usual and customary cablean application) after end December 31st, satellite telephone company licensees 2013, SHALL use hardware-enforced security mechanisms (including trusted execution environments) where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTVsupported, and not, for SHALL NOT allow the avoidance display of doubt, new or different infrastructure for delivery of HD content where the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via General Purpose Computer Platforms on which the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date)implementation resides does not support hardware-enforced security mechanisms.

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored at content processing and storage facilities of a distributor in a protected and encrypted or otherwise protected format using an approved a “state of the art” protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one yearthree years. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be regularly updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security At Licensor’s written request, security details of the network services, servers, policies, and facilities that are relevant to the security of the Licensed Service (together, the “Licensed Service Security Systems”) shall be provided to the Licensor, and must be explicitly approved in writing by LicensorLicensor reserves the right to subsequently make reasonable requests for improvements to the Licensed Service Security Systems. Any substantial changes to the security policies, procedures, or infrastructure Licensed Service Security Systems must be submitted to Licensor for approval, if Licensor has made a prior written request for such approval rights. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. The parties acknowledge and agree that STE’s delivery of the STE Services via the Internet as of the Amendment Date comply with this requirement. The parties also acknowledge and agree that the facilities and processes of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date).

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored protected according to industry practices at content processing and storage facilities of a distributor in a encrypted or otherwise protected format using an approved protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access If Licensor has a justifiable reason to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet traffic by “state believe that Licensee is in breach of the art” content protection systems includingrequirements of this Agreement and believes in good faith that an audit is the only method of resolution, without limitationupon thirty (30) days notice (and no more than once per calendar year), firewallson a mutually agreed date, virtual private networksduring regular business hours of Licensee, and intrusion detection systems. All systems must be updated in such a manner as not to incorporate unreasonably interfere with the latest normal business activities of Licensee, Licensor shall arrange for the services of an independent security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts technology auditor, (“Technical Auditor”), to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network servicesreview, servers, policiestest, and facilities shall be provided to verityfor the sole purpose of reviewing, testing, and must be explicitly approved in writing by Licensor. Any changes to verifying that the security policies, procedures, systems in use or infrastructure must intended to be submitted to Licensor for approvalused by Licensee are in accordance with the content protection requirements under this Schedule B (“Technical Audit”). The results of any Technical Audit and any information obtained in the course of auditing shall also constitute confidential information under this Agreement. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. SCHEDULE C Advertising Standards and Guidelines General Standards: The parties acknowledge following Standards and agree that STE’s delivery Guidelines apply to all advertisements: Advertising should be honest and in good taste. All advertisements must have been created and otherwise be in compliance with all applicable laws, rules, regulations and codes. No advertisement shall in any way infringe the trademark, copyright, privacy, publicity and/or other legal or contractual rights of any person or entity. No advertisement may defame or disparage any person or entity, or contain material likely to be deemed offensive by a segment of the STE Services via public due to content concerning race, religion, national origin or other protected class. No advertisement may contain any profane, vulgar, or pornographic content. No advertisement shall be displayed on the Internet as Licensee Service prior to clearance of any and all music and/or other intellectual property rights if and to the extent required by law. The public performance rights in the musical compositions embodied in each advertisement submitted to the Licensee Service are: (i) controlled by ASCAP, BMI, SESAC, and/or the local music performance rights organization(s) in the applicable countries of the Amendment Date comply with this requirementTerritory; or (ii) in the public domain. The parties also acknowledge Each and agree that the facilities every claim made in any advertisement (whether express or implied) must be truthful and processes substantiated, including so as not constituting any form of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date)false advertising.

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored at content processing and storage facilities of a distributor in a protected and encrypted or otherwise protected format using an approved a protection system, it being understood that such distributor is permitted system standard to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilitiesinformation techonology industry. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented Document security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet internet traffic by “state of the art” protection systems including, without limitation, firewalls, virtual private networks, and intrusion detection systems. All systems must be regularly updated to incorporate the latest security patches and upgrades. All facilities within STE’s control which process and store content must be available for Motion Picture Association of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network services, servers, policies, and facilities shall be provided to and must be explicitly approved in writing by Licensor. Any changes to the security policies, procedures, or infrastructure must be submitted to Licensor for approval. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. The parties acknowledge High-Definition Restrictions & Requirements In addition to the foregoing requirements, all HD content is subject to the following set of restrictions & requirements: General Purpose Computer Platforms. HD content is expressly prohibited from being delivered to and agree that STE’s delivery playable on General Purpose Computer Platforms (e.g. PCs, Tablets, Mobile Phones) unless explicitly approved by Licensor. If approved by Licensor, the additional requirements for HD playback on General Purpose Computer Platforms will include the following: Robust Implementation Implementations of Content Protection Systems on General Purpose Computer Platforms shall use hardware-enforced security mechanisms, including secure boot and trusted execution environments, where possible. Implementation of Content Protection Systems on General Purpose Computer Platforms shall, in all cases, use state of the STE Services via art obfuscation mechanisms for the Internet as security sensitive parts of the Amendment Date comply with this requirementsoftware implementing the Content Protection System. The parties also acknowledge All General Purpose Computer Platforms (devices) deployed by Licensee after end December 31st, 2013, SHALL support hardware-enforced security mechanisms, including trusted execution environments and agree that secure boot. All implementations of Content Protection Systems on General Purpose Computer Platforms deployed by Licensee (e.g. in the facilities and processes form of licensees of STE Services over the Internet or New Media who are its usual and customary cablean application) after end December 31st, satellite telephone company licensees 2013, SHALL use hardware-enforced security mechanisms (including trusted execution environments) where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTVsupported, and not, for SHALL NOT allow the avoidance display of doubt, new or different infrastructure for delivery of HD content where the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via General Purpose Computer Platforms on which the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date)implementation resides does not support hardware-enforced security mechanisms.

Network Service Protection Requirements. Other than Pictures delivered to, and stored by STE in facilities under its control (all of which are delivered by Licensor in an unencrypted format, and securely stored in STE’s facilities in an unencrypted format), all Pictures All licensed content must be received and stored protected according to industry practices at content processing and storage facilities of a distributor in a encrypted or otherwise protected format using an approved protection system, it being understood that such distributor is permitted to decrypt the Pictures, where applicable, in order to transcode or otherwise process the Pictures within the distributor’s facilities. For the avoidance of doubt, Pictures distributed to subscribers must be encrypted in accordance with Section 3.1 of this Schedule C. Documented security policies and procedures shall be in place. Documentation of policy enforcement and compliance shall be continuously maintained. Access to content in unprotected format must be limited to authorized personnel and auditable records of actual access shall be maintained. Physical access If Licensor has a justifiable reason to servers must be limited and controlled and must be monitored by a logging system. Auditable records of access, copying, movement, transmission, backups, or modification of content must be securely stored for a period of at least one year. Content servers must be protected from general Internet traffic by “state believe that Licensee is in breach of the art” content protection systems includingrequirements of this Agreement and believes in good faith that an audit is the only method of resolution, without limitationupon thirty (30) days notice (and no more than once per calendar year), firewallson a mutually agreed date, virtual private networksduring regular business hours of Licensee, and intrusion detection systems. All systems must be updated in such a manner as not to incorporate unreasonably interfere with the latest normal business activities of Licensee, Licensor shall arrange for the services of an independent security patches and upgrades. All facilities within STE’s control which process and store content must be available technology auditor (“Technical Auditor”), for Motion Picture Association the sole purpose of America and Licensor audits upon the request of Licensor. STE shall use commercially reasonable efforts to make the facilities of its licensees distributing the STE Services available for similar audits. Security details of the network servicesreviewing, servers, policiestesting, and facilities shall be provided to and must be explicitly approved in writing by Licensor. Any changes to verifying that the security policies, procedures, systems in use or infrastructure must intended to be submitted to Licensor for approvalused by Licensee are in accordance with the content protection requirements under this Schedule B (“Technical Audit”). The results of any Technical Audit and any information obtained in the course of auditing shall also constitute confidential information under this Agreement. Content must be returned to Licensor or securely destroyed pursuant to the Amended & Restated Amendment Agreement at the end of such content’s license period including, without limitation, all electronic and physical copies thereof. SCHEDULE C Advertising Standards and Guidelines General Standards: The parties acknowledge following Standards and agree that STE’s delivery Guidelines apply to all advertisements: Advertising should be honest and in good taste. All advertisements must have been created and otherwise be in compliance with all applicable laws, rules, regulations and codes. No advertisement shall in any way infringe the trademark, copyright, privacy, publicity and/or other legal or contractual rights of any person or entity. No advertisement may defame or disparage any person or entity, or contain material likely to be deemed offensive by a segment of the STE Services via public due to content concerning race, religion, national origin or other protected class. No advertisement may contain any profane, vulgar, or pornographic content. No advertisement shall be displayed on the Internet as Licensee Service prior to clearance of any and all music and/or other intellectual property rights if and to the extent required by law. The public performance rights in the musical compositions embodied in each advertisement submitted to the Licensee Service are: (i) controlled by ASCAP, BMI, SESAC, and/or the local music performance rights organization(s) in the applicable countries of the Amendment Date comply with this requirementTerritory; or (ii) in the public domain. The parties also acknowledge Each and agree that the facilities every claim made in any advertisement (whether express or implied) must be truthful and processes substantiated, including so as not constituting any form of licensees of STE Services over the Internet or New Media who are its usual and customary cable, satellite telephone company licensees (where such licensees use the same infrastructure that is already in place to deliver STE Services via cable, satellite or IPTV, and not, for the avoidance of doubt, new or different infrastructure for delivery of the STE Services over Internet or New Media), as well as any customers of Licensor for its own VOD, SOD, PPV, Sell Through Electronic Video products and services via the Internet or New Media, are deemed to comply with the terms of this Section 7 (it being understood that STE shall pass through the requirements in this Section 7 in all new agreements with licensees with respect to delivery of the STE Services over the Internet or New Media that are entered into after the Amendment Date)false advertising.