Reg comments117

Web inventor Sir Tim sizes up handcuffs for his creation – and world has 2 weeks to appeal

Anti-piracy DRM gets the green light, for now

Web browsers 2015

Sir Tim Berners-Lee, inventor of the world wide web, director of the web standards trendsetter W3C, and Knight Commander, Order of the British Empire, has given his blessing to anti-piracy locks on web content.

Traditionally, web technology has been open. HTML markup, CSS, and JavaScript code can be viewed (though not necessarily easily understood, thanks to minification), remixed, and reused. The web's openness allowed it to flourish.

But those selling costly content – software and media companies – prefer open wallets to anything goes. So they have employed copy deterrence schemes based on proprietary technologies like Adobe Flash and Wildvine to make high-value content viewable but not easily copyable in web browsers. However, this approach leaves much to be desired in terms of user experience and ongoing compatibility.

The Encrypted Media Extensions API – supported by companies like Apple, Google, Microsoft and Netflix and opposed by the free software community, academic researchers, and foes of anti-piracy mechanisms – provides a standards-based mechanism to display DRM-protected content in compliant web browsers.

The W3C is not mandating DRM in all cases; rather its EME API provides support for content providers who choose to implement DRM through proprietary content decryption modules (CDMs).

Speaking on behalf of Berners-Lee in a note posted to the W3C mailing list, project management lead Philippe Le Hégaret said, "After consideration of the issues, the Director reached a decision that the EME specification should move to W3C Recommendation."

First proposed in 2012, EMEs continue to elicit voluble opposition among those who believe web technology should steer clear of DRM entirely.

"We're mourning the Web today, as the W3C sells everyone out," lamented John Sullivan, executive director of the Free Software Foundation, in a blog post on Friday.

Slammed

In February, writing for the Electronic Frontier Foundation, author and activist Cory Doctorow called EMEs "indefensible."

That same month, Berners-Lee defended his support for the technology, arguing that it's better to have a seat at the table than to ignore the concerns of software and content companies and force them to implement their own DRM schemes.

"If W3C did not recommend EME, then the browser vendors would just make it outside W3C," he wrote. "...It is better for users for the DRM to be done through EME than other ways."

That's a point EME's foes do not concede. Yet, among those who view DRM as anathema, there's no obvious compromise that might placate studio executives focused only on investment returns.

Staking out a more pragmatic position, the Electronic Frontier Foundation last year proposed a way to mitigate the risk that EMEs pose to computer security researchers – legal threats based on the DMCA's anti-circumvention provision. The cyber rights advocacy group asked the W3C to back a DRM covenant, similar to the W3C's patent non-aggression policy, as a means to prevent EMEs from chilling security research.

The W3C, unable to reach agreement on how vulnerability disclosure should be handled, responded with something less than that, offering only voluntary guidelines instead a requirement.

EMEs will be published as a W3C Recommendation unless at least five per cent of the 475 members of the W3C Advisory Committee – composed of companies, non-profits, and educational organizations – support an appeal within 14 days. If an appeal it considered, members will have the opportunity to vote on whether to accept or reject the technology. ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017