Proposed Video Copy Protection Scheme For HTML5 Raises W3C Ire

suraj.sun writes with this excerpt from Ars Technica: "A new Web standard proposal authored by Google, Microsoft, and Netflix seeks to bring copy protection mechanisms to the Web. The Encrypted Media Extensions draft defines a framework for enabling the playback of protected media content in the Web browser. The proposal is controversial and has raised concern among some parties that are participating in the standards process. In a discussion on the W3C HTML mailing list, critics questioned whether the proposed framework would really provide the level of security demanded by content providers. The aim of the proposal is not to mandate a complete DRM platform, but to provide the necessary components for a generic key-based content decryption system. It is designed to work with pluggable modules that implement the actual decryption mechanisms."

So what is your suggestion then?

[Intelligenta]

DRM will be required by content providers. HTML5 video will never gain any market share without it. Otherwise we will continue to have Flash and Silverlight.

Re:So what is your suggestion then?

[betterunixthanunix]

DRM will be required by content providers

Which is why they will never see a penny from me. Unfortunately, nobody else has the backbone needed to stand up to them and say, "No, you are not going to take control of my computer in exchange for entertaining me for a few hours."

Re:So what is your suggestion then?

[RichMan]

They keep their locked down content to themselves.

And the internet is for unlocked content.

Either they play by the rules of the playing field or they go elsewhere.
They should stop trying to break the internet and go somewhere else where they can be happy.

Re:So what is your suggestion then?

[Myopic]

I don't agree. At the end of the day, if "content providers" are stubborn and refuse to release their "content" without DRM, while at the same time customers refuse all DRM, then those "content producers" will cease to exist, and will be replaced by new content providers, who are actually willing to... you know... provide content.

Oh, are they not willing to show their movies to people unless it is incredibly inconvenient for customers? Okay, well then they get what they wanted: nobody sees their movie. Yay! They got their way! No 'unauthorized' viewing of their content, because there is no viewing of theircontent! They should be very happy about that.

Consumers have done quite shockingly well at refusing DRM over the last decade. We defeated the music industry for the time being. I think it is quite likely that sufficient pushback from consumers could win the fight against movie companies, too.

Re:So what is your suggestion then?

[DrXym]

What does it matter to you if streaming content is encrypted or not pray tell? This isn't content you own, you are subscribing to a service.

Re:So what is your suggestion then?

[vadim_t]

It's an attempt to intrude on and limit what I can do with my hardware, which is unacceptable. It's as if they barged into my home and demanded to to have a guard standing there to make sure I don't get the idea of duplicating a DVD.

Re:So what is your suggestion then?

[TheRaven64]

Doesn't work, unfortunately. The same copyright cartel controls the distribution rights for most of what people want to watch. You can't set up a new streaming service without agreeing to the conditions that they require and that currently means Silverlight (not even Flash anymore).

Re:So what is your suggestion then?

[visualight]

There has never been a movie made by anyone that's so good it offsets the damage the copyright lobby has done to our culture since 1978 and not one dime of my money will support them. It's *just* entertainment.

HOLLYWOOD MUST DIE

Re:So what is your suggestion then?

[betterunixthanunix]

The fact that if I publish a method of decrypting that stream, or even publish links to descriptions of such methods, I can be sued. No thank you, I may not have any say over blatantly unconstitutional laws but I can refuse to pay for my rights to be trampled.

Re:So what is your suggestion then?

[DrXym]

Er, no it isn't. You are not forced to use the service, but if you do you abide by the terms and conditions of usage. The encryption is there to stop people from ripping off the content in ways the service does not permit, possibly for contractual reasons with the content providers.

Re:So what is your suggestion then?

[betterunixthanunix]

Except that in order to decrypt the information and let me enjoy it, they need to hide the decryption key somewhere. Somewhere that they are going to try to program my computer to make inaccessible to me, and should I find a way to defeat that, I cannot tell anyone else about without facing lawsuits.

Taking over my entire computer? No, it will not do that. Making some part of my computer work against me is what they want to do here, and I am not going to allow such a thing. They are free to encrypt the information they send me, so long as I am free to decrypt it how and when I choose, and to tell others about the decryption process.

Re:So what is your suggestion then?

[MobileTatsu-NJG]

.. and bring back Firefly!!

Re:So what is your suggestion then?

[betterunixthanunix]

I don't understand why people get so upset when content makers try to control their content.

Probably because regardless of whether or not we actually watch their "content," we are forbidden from publishing any information about weaknesses in their copy restriction systems. In fact, we are forbidden even publishing hyperlinks to such information, as per the 2600 decss ruling. These people are not only unfriendly, they are actively attacking important and fundamental rights in my country, at my expense, for their benefit.

The word "enemy" is appropriate. The copyright lobby should be considered an enemy, especially to anyone who is a fan of free speech, free-libre computing, and a free and open Internet. We are upset because every time our enemy tries to assert more control, we wind up suffering for it.

Re:So what is your suggestion then?

[DigiShaman]

That's a bit harsh to call someone as shill don't you think. I don't doubt they exist on Slashdot, but still. There are many great indi films out there, many of which get showcased at the Sundance Film Festival. While cheap technology is closing the quality gap between the indi artist and a full-blown Hollywood production, the differences are still quite noticeable. I think the previous poster was correct. If you want to enjoy a fully fleshed out flick (or block buster), you're still going to have to pay to watch. It's arguable how much longer this will last but none the less.

Re:So what is your suggestion then?

[Anonymous+Brave+Guy]

That's your choice and of course you're entitled to your opinion, but please don't force it on everyone else. A lot more people enjoy watching content produced by Hollywood than are up in arms over standardising DRM.

Re:So what is your suggestion then?

[Kamiza+Ikioi]

Absolutely. It's not like Avatar was a webisode. ;) A friend of mine is a B movie director working his way up in Hollywood. We're talking 5 and 6 figure budgets, but that's still a hell of a lot of money.

But it's just a reality that they hate Netflix, streaming, downloading, and anything you can think of because it is cannibalizing their DVD sales.

Or so they think. Fact is, the DVD is pretty dead for most people who actually want the latest/greatest. BluRay has an edge, but how long will that last.

The problem with the record companies is just that *record* companies, denoting a cluelessness beyond any doubt about changing technology.

The MPAA was fighting VHS. You think they actually get this stuff, even now?

In the end, they'll come begging. The proliferation of MP3's and Pandora like services forced the RIAA. And in the end, the same will happen here. They're just lucky we don't all have fiber yet.

Re:So what is your suggestion then?

[Pieroxy]

That's your choice and of course you're entitled to your opinion, but please don't force it on everyone else. A lot more people enjoy watching content produced by Hollywood than are up in arms over standardising DRM.

Of course there are more people enjoying crappy movies than those standing for their rights. It's the 21st century. None of the people in the US of A have known war on their soil, have known hunger and a great repression, none have known a repressing regime. So they don't know.

And apparently you're one of them.

I could live my life without watching anything HOLLYWOOD produces. I don't, but I will NEVER use any platform that endorses DRM *ever*

Because I want to be the master of what I watch, not someone else.

And last, DRM are just forcing people to use piracy, nothing else. It's been that way since the beginning of DRM and it will not stop. DRM enables piracy because DRM is doomed to begin with - since it's ultimate goal is to prevent people from watching the very thing they're trying to watch through DRM!!! When will they learn?

Re:So what is your suggestion then?

[vadim_t]

Movies are not a necessity of life, so there's always a way to not buy into it. Don't like the terms? Read a book, instead.

And I don't. Yet one more reason to object to having my hardware and software be forced to support something I don't want to.

I think that DRM on video will ultimately die out, much as it has on music, as providers realize that users are willing to pay for convenience. I don't want to own any movies, I just want to be able to watch what I want, when I want, and I am willing to pay for the convenience of not owning and organizing my own video files. Eventually, producers will realize that they are just wasting money with this sysiphean pursuit of absolute control.

Here we disagree: I do want to own my movies. I want to be the one who decides, absolutely, what I watch, when I watch, where I watch, and on what terms I watch.

But obstructing the technology is not a way of hastening that transition.

Why not? If everybody right now decided that they will not accept DRM, it'd die tomorrow. The more opposition there is, and the less convenient it is, the faster it will die. It won't go away because the industry decides to be nice one day, it will because it's the most profitable option. People complained a lot about DRM on music, and look, it went away.

Re:So what is your suggestion then?

[ZeroSumHappiness]

You can oppose red light cameras on principle even if you don't own and never drive a car. You can oppose the TSA even if you never fly. Why can't you oppose this even if you don't consume *AA entertainment?

Re:So what is your suggestion then?

[JohnFen]

I hope they don't, because I'm very happy with the current movie offerings. I just saw In Time and it was great movie. I doubt something like that could be made with amateurs. I was happy to pay for it, because it gave me good value and I know making good entertainment costs a lot of money.

Your point isn't relevant to this. The issue of DRM is independent of the issue of piracy. It is entirely possible to do away with all DRM and have the major studios still make bucketloads of money producing their overpriced schlock.

Re:So what is your suggestion then?

[vadim_t]

Why would anybody want to have access to "DRM protected content"? It gains you nothing over plain content. When DRM for music went away, were you suddenly unable to buy music? No, they still sell it to you, just without DRM. And you probably get it cheaper too, because without DRM they have no hold on you.

But trying to prevent others from having access to DRM-protected content is making the decision for others.

And by making DRM a standard, they're making a decision for me too. See how it works?

I don't want to provide support for DRM in any shape or form. But it's not as easy as just not subscribing to Netflix, because this kind of standard will ensure that I will ultimately have to pay for it, in one way or another. By simply using a browser that supports it, because there's a standard for it, I will be counted as somebody who can play that kind of content, no matter how much I don't want to. And if I use a commercial OS, part of the money I pay will be spent on developing the functionality that Netflix wants, even if I want nothing to do with Netflix.

If Netflix really wants some special video playing tech, they can manufacture their own tablet, and write their own software. So that their subscribers cover 100% of the cost, and I 0%.

Re:So what is your suggestion then?

[Guspaz]

Netflix would be just as happy to do away with all DRM. Unfortunately, they wouldn't be able to get enough content licenses to have a sustainable business if that were the case.

Re:So what is your suggestion then?

[arose]

They will attempt to keep the decryption keys from you. The best way to achieve it is to have more control over the computer than you do. They will attempt to get more control than you do. This is not a slipperly slope, it's an established pattern in DRM systems, if there is no system in place there is no expectation of protection, if there is a system in place and it's week it must be improved by any means necessary.

Re:So what is your suggestion then?

[Anonymous+Brave+Guy]

Of course there are more people enjoying crappy movies than those standing for their rights.

What right is that, exactly? The right to benefit from someone else's hard work without having to give anything back?

You can quibble over middlemen taking the lion's share, but someone spent a lot of time and someone risked a lot of money investing in every blockbuster movie, AAA game, and so on. I don't think you can credibly claim that those products have no value when millions of people pay real money to enjoy them, and millions more rip them off so they obviously enjoy the products even if they don't pay for them.

And apparently you're one of them.

Please don't insult those of us who have been lifelong supporters of civil liberties, and who have experienced the real consequences of things like over-reaching government and terrorist attacks, by equating war and repressive regimes with not letting you watch a film without DRM. I promise you will not convince anyone of anything that way, other than possibly the nature of your character and the likelihood (or lack thereof) that you personally have ever actually suffered from the kinds of serious problems you trotted out for the catchy soundbite.

Re:So what is your suggestion then?

[djfreestyler]

I don't understand why people get so upset when content makers try to control their content. If you don't like it, just don't partake of their content, but it's not worth getting all upset about it. If you think things should be different, then only support those companies that believe what you do. But surely you should never be watching any mainstream movie, because then you are buying into their beliefs

So by that same logic, if I sell you my car, you have no problems with me controlling where you drive with that car? And you also do not have any problems with me pushing technologies that allows me to remotely control that car? Or me pushing technologies that allow me to remote control your car even when you did not buy your car from me?

Re:So what is your suggestion then?

[jedidiah]

> I don't understand why people get so upset when content makers try to control their content.

It's not theirs to control really. It was never intended to be. Copyright is not some sort of virtual land grab and copyright is not property. It is something that is a derivative of the commons and it is something that's supposed to go back into the commons.

The idea that an artist can "control their content" is abusive to the social contract implicit in copyright. It's a legal fiction. It's propaganda. It's corporations pretending they have rights they don't really have it.

Once you publish, "control" is and should be very limited.

People get so upset when content makers try to "control their content" because it inevitably leads to trampling the property rights of the individual.

Re:So what is your suggestion then?

[Pieroxy]

Ok, feeding the trolls again... Here I go. Education has no boundaries.

Of course there are more people enjoying crappy movies than those standing for their rights.

What rights? And do those conflict with copyrights?

The right to have privacy when talking to someone over the internet. Ahhhhh, that's not a right that is written down in the constitution, but that's something we enjoy all the same. Because copyright (in this case) applies to data (movies, music, etc) the ability to enforce said copyright *is* the ability to snoop on *all* data exchanges on the internet. Period. Including your credit card number when you buy something on the web. See the problem here?

I could live my life without watching anything HOLLYWOOD produces.

Pretty pointless statement when you follow it up with 'I don't'.

I don't mean I consume all the stuff that hollywood produces. The stuff without DRM (music) I buy. The stuff with DRM I ... well, I don't buy.

I don't, but I will NEVER use any platform that endorses DRM *ever*

Yet you openly admit to funding companies that do, sounds like a lot of talk but not a lot of action.

Mind you I'm on Linux. So buying a DVD and watching it on Linux makes me a criminal, since no player has been "approved" by the producers, and by the great law of the DMCA, I am not allowed by law to "crack" the DRM that is built in. So if I want to watch a DVD on my PC, I have to be an outlaw (or to pay to get Windows and an overly expensive software player that I shouldn't have to pay for in the first place). I'd rather download the damn movie and be done with it. This way I'm also an outlaw, but I didn't fund the cretins that made me an outlaw.

Because I want to be the master of what I watch, not someone else.

Why? If DRM were transparent and the system just worked i'd be happy with it, i want it to be a license for me to play movies, not a license for a particular device of mine to play movies.

DRM cannot be transparent be the very definition of DRM. DRM's goal is to prevent you from listening to music or viewing a movie, without an "approved" device. The entire point is to give the producers control over the way you will enjoy your media. If they get their way, they will end up controlling everything, including the price and brands of TV producers. They would just have to "refuse" to license their DRM tech to Samsung (for example) and Samsung would be instantly out of the TV business, because unable to build a TV set that is lawfully able to decode a DRMed stream. Don't you think they have enough lobbying power as it is?

But more than that, DRM is doomed because all it takes nowadays is *ONE* human being for a movie to be on the internet. And no matter the protection, you will always have at least one person on earth willing to spend 2 hours with his professional camcorder in front of his TV set to have the movie on the internet for the entire world to download. That's what we call the analog hole. At some point, the digital signal - which can be DRMed - has to be transformed to analog to reach our sensors. At that point, the DRM is necessarily gone.

And last, DRM are just forcing people to use piracy, nothing else.

Well yes, and that's the problem with it, those who pirate movies get a better experience than the studios' actual customers. Somehow studios just haven't realized that.

That's not the problem, it's a side effect of all the rest.

since it's ultimate goal is to prevent people from watching the very thing they're trying to watch through DRM!!!

I'm not sure you understand DRM, it is to prevent you from using that content outside the

browser pluggable executable objects

[RichMan]

browser pluggable executable objects --

Yeah that always sounds like a good idea.

*sigh*

I thought the whole idea of HTML5 was to get open framework where no unknown code was needed so we could get away from these monsters.

Re:browser pluggable executable objects

[Zerth]

So the DRM consists of some code(which they send you) that uses a key(which they send you) to decrypt an encrypted video(that they send you).

Without TPM/code signing, I'm not sure why they even bother.

Misdirection ...

[gstoddart]

Netflix's Mark Watson responded to the message and acknowledged that strong copy protection can't be implemented in an open source Web browser. He deflected the issue by saying that copy protection mechanisms can be implemented in hardware, and that such hardware can be used by open source browsers.

Or, they'll eventually decide to outlaw open source browsers, since they're clearly designed to allow for copyright infringement.

Of course, that is exactly what the copyright lobby wants ... absolutely nothing will be allowed if it could even remotely be used to violate copyright.

This is good for Netflix and the people pushing this ... but it isn't good for the rest of us.

Re:Misdirection ...

[forkfail]

Your analysis is close, but misses the key point.

copy protection mechanisms can be implemented in hardware

That's where all this will end up. You won't be able to buy a computer without the DRM hardware installed, and it will be illegal/impossible to remove/alter.

And this is why Flash and Silverlight will survive

[elrous0]

All this HTML5 hype isn't going to change the fact that the studios are NOT NOW, NOT EVER, NEVER going to support streaming of content on a format with no DRM option.

... that content makers demand.

[girlintraining]

Solution: If you don't want your content on the internet, it's not like anyone's forcing you to put it there. You can keep it hidden in vaults deep within the mountains, only accessible with an armed guard who takes everything resembling technology from you, leads you down a long corridor, where you can watch Teh Valued Contentz.

Browser makers have no obligation to help them perpetuate their broken business model. I think the standards committee should just say "No. In fact, let me think about that for a minute... Hell No." Because the internet's very raisin de etre is to share information even when the network is badly damaged, under hostile control, etc. We can't simply redesign it into a read only medium to serve ONE industry's interests, nor should we.

Browser makers: Just say no. Walk away. Let their content rot behind their own walls.

Re:... that content makers demand.

[girlintraining]

Well, technically we can, and that's their preferred option ... make all technology subservient to copyright.

Even if every browser maker on the planet suddenly co-opted to every demand by the entertainment industry, people would simply stop using newer web browsers. The demands of the industry and market are such that any initiative like that would insta-fail. That's why they've been slowly increasing the penalties, throwing up road blocks here and there, feigning here and there about what they're up to, negotiating backroom deals with other governments, and making high profile arrests all over the place. They can't win the war by swaying public opinion -- the public is stupid. Very stupid. Monumentally stupid... but not that stupid. And I say this knowing full well that whenever I say "Nobody can be that stupid" in this industry, an example comes along to prove me wrong. Every average everyday thing that even the lobotomized flatworms of the IT world use depends on the internet being a two-way communications medium. They can restrict, throttle, beat, manipulate, and mutilate it to the point that it barely resembles the internet you and I know... but they can't fundamentally erase what it is right now without segmenting the network off from the rest of the world, and spending a ludicrious amount of money to keep it "pure" according to their standards.

As long as two-way packet-based communication is possible on the chunk of wires, routers, and "tubes" known as the internet, Big Copyright will never have a complete victory. I mean, even if they run around with portable execution squads and electric chairs and are given full reign to do whatever they want, ala the Spanish Inquisition... they won't be able to get what they want.. and they'll be utterly oblitherated by the first person who creates a system of communication they can't control.

Call it the Hacker's Law -- there will always be a place for the free exchange of information. Somewhere.

Keep using Flash

[pavon]

That's fine. There is a place for free software and there is a place for proprietary software. DRM is security-by-obscurity which by definition requires you to keep the implementation secret. That can't be done with free software, only by proprietary software. And the proper place for proprietary software on the web is in stand alone applications and plugins, not in open standards.

HTML5 will work great for YouTube, Vimeo, and the thousands of other people who don't care about DRM. Those who do can stick with proprietary solutions.

Impossible in open source is just impossible

[19thNervousBreakdown]

Compiled code is just very, very hard to read source code. Luckily, we've got these things called computers that can do all sorts of information processing, gathering millions of data points a second and sorting them for humans to interpret.

If it's impossible to implement securely in an open-source program, it's impossible to implement securely, period. There is nothing magical about machine instructions. A compiled program is just harder to interpret. For one person, out of the 7 billion on this planet. And then it's out there, forever and ever.

This entire debate is based on a fundamental misunderstanding of software.

Re:And this is why Flash and Silverlight will surv

[19thNervousBreakdown]

Yeah, that's what they said about the music industry.

Re:And this is why Flash and Silverlight will surv

[Myopic]

Just like music companies, right?

In the end, the market will win. If consumers won't buy DRM, then DRM won't exist. It's up to you; tell your friends. We won an amazing victory against the RIAA, now it's time to square off against the MPAA.

But it won't be the studios that end up paying

[Anonymous+Brave+Guy]

It won't be the studios worrying about streaming and DRM implementations. It will be services that want to implement different kinds of pricing model, maybe pay-per-view or a NetFlix-style flat rate subscription, which have contractual obligations to protect the content and will inevitably pass on the cost of meeting those obligations to their customers.

DRM is going to happen, on a wide scale, for the foreseeable future, and if it's used responsibly that's not necessarily a bad thing (because without it those new business models are unlikely to work commercially, yet many people apparently prefer to pay for their content in those ways). The only result of not standardising DRM for philosophical reasons will be introducing inefficiency into the supply chain, which will ultimately cost consumers more for no benefit or in the worst case make a business fail instead of offering a service that consumers would have enjoyed.

Not copy protection

[nightfire-unique]

Guys, can we all make an effort to start calling it what it really is?

Copy restriction.

The word "protection" was chosen by proponents to steer the debate on whether or not the practice is acceptable.

Frankly, I think it would be appropriate to offer a choice to content vendors: either use DRM/copy restriction, or receive the force of law in protection of your copyright. Not both. And, it would make sense; copyright is an exchange of limited monopoly, so if content is encrypted, they're not holding up their end of the bargain. Who's to say the key will be around when the copyright expires?

re: analogies and reality

[King_TJ]

Well, first off, I think your analogy is a little extreme ... but regardless? The initial invasiveness isn't as serious as the long-term potential for hassles for the end-user.
I'm sure my HTML 5 enabled browser will perform just fine whether or not DRM extensions are added to the codebase. (If they caused performance or reliability issues like random freezes/crashes, people would scream and complain until those problems were fixed -- just like any other code.)

IMO, the hassle comes in when we transition from traditional cable TV/satellite/over the air broadcasts to internet streaming for our media content. We've long enjoyed certain usage rights for said content (such as court rulings allowing personal use of the VCR to record television programming). But now, the studios and content owners view the move to digital as an excuse to take back some of those usage rights. At best, I think we're looking at a whole new round of court cases just to win back rights we had previously, if everything moves to streaming with DRM. (You know they're not going to simply allow you to click to save a copy of this DRM enabled content as you stream it to your browser, for the sake of "time shifting".)

Worse yet, there's FAR from a guarantee we'd even win such cases. The content owners like to use the argument that these digital copies encourage copyright infringements in a way the lossy analog copies of VHS tape days didn't. (Duplicating digital content doesn't create poorer quality copies; it creates perfectly identical ones. And that means, by extension, you can make a copy of a copy or a copy, and it's just as good as possessing the original content first.)

Cannot be unseen warning

[Quiet_Desperation]

Better idea: stop trying to stuff everything into web browsers. Just bring the mobile Netflix app to the desktop. They could dump Silverturd^H^H^H^Hlight and go with whatever format and encryption scheme gives Reed Hastings the biggest chubby.

DRM attacks the wrong end of the distribution chai

[Requiem18th]

I've said this before but it baffles me that the studios are so obsessed with forcing DRM on paying customers.

The kind of people that upload Hollywood movies is already capable and willing of breaking any DRM you can dream of since it is mathematically impossible to create unbreakable DRM. The kind of people who want to pay for content are exactly the kind that avoids downloading illegal copies, much less uploading. It creates enormous amounts of discomfort for paying customers in exchange of minimal discomfort for infringers.