Tim Berners-Lee, W3C Approve Work On DRM For HTML 5.1

An anonymous reader writes "Danny O'Brien from the EFF has a weblog post about how the Encrypted Media Extension (EME) proposal will continue to be part of HTML Work Group's bailiwick and may make it into a future HTML revision." From O'Brien's post: "A Web where you cannot cut and paste text; where your browser can't 'Save As...' an image; where the 'allowed' uses of saved files are monitored beyond the browser; where JavaScript is sealed away in opaque tombs; and maybe even where we can no longer effectively 'View Source' on some sites, is a very different Web from the one we have today. It's a Web where user agents—browsers—must navigate a nest of enforced duties every time they visit a page. It's a place where the next Tim Berners-Lee or Mozilla, if they were building a new browser from scratch, couldn't just look up the details of all the 'Web' technologies. They'd have to negotiate and sign compliance agreements with a raft of DRM providers just to be fully standards-compliant and interoperable."

Open source browsers?

[ZorinLynx]

How does this affect open source browsers like Firefox? If something is open source you surely can't enforce any sort of DRM restrictions; someone can just build a hacked version of the browser.

Is this possibly the beginning of the end for open source browsers?

Why in the hell are they even THINKING of approving this bullshit?

Re:Open source browsers?

[Jeremiah+Cornelius]

Maybe approving something doom to fail, is a way to get it off your agenda, and cease endless persistent lobbying by media companies.
"Yes. Why don't you start work on the perpetual motion machine - here we've provided you a framework."

Or maybe Tim Berners-Lee is Hitler.

Re:Open source browsers?

[ZorinLynx]

Why does this need to be made part of HTML, though? The existing plugin infrastructure works just fine. You can implement whatever the fuck you want in a plugin. Just use that and leave HTML alone. Things are complicated enough already without introducing new artificial complexity that is purposely designed to break things.

(All DRM is purposely designed to break content. It provides absolutely no benefit to the user)

Re:Open source browsers?

[non0score]

If it's so laughable, then isn't it better to just have it? So instead of a world where content owners won't publish jack on HTML5 (you read that right, content owners of the content you're willing to pay for will never publish on HTML5 unless they have some sort of DRM), you get a world where content owners would and you can somehow mine the keys. I don't see how this is any worse.

Re:Open source browsers?

Probably, but it's a dangerous move in the current political climate.
They will enforce this and make it a horrible crime to distribute a browser that "circumvents" the brave new web. This is the world we live in now.

Re:Open source browsers?

[MightyYar]

I don't really care whether they publish or not - if there is one thing the internet does not lack it is content.

Re:Open source browsers?

[fustakrakich]

...content owners of the content you're willing to pay for will never publish on HTML5 unless they have some sort of DRM

Who cares? Fuck 'em. There are plenty of people who will publish without all that crap, and we can just stick with them. Besides, DRM is easy to crack, a snake oil sold by scammers. I have no sympathy for those stupid enough to buy it.

Re:Open source browsers?

[Twylite]

Indeed. Encrypted Media Extensions, W3C First Public Working Draft 10 May 2013:

This proposal extends HTMLMediaElement providing APIs to control playback of protected content.

The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation). License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.

This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the simple clear key system is required to be implemented as a common baseline.

That rationale (as I've heard it explained) is that media (video/audio) content distributors are going to implement DRM, so the Hobson's choice is between giving them a standard interface (HTML EME) or having every distributor create their own proprietary media player (probably platform-specific with embedded rootkit).

If you believe that all media should be gratis, or you believe that all media should be open and consumers should be trusted to pay for non-gratis media absent any technological protection, then you will view EME as a bad thing.

If you believe that Copyright should be able to exist on media and that authors and/or distributors should be able to charge for the video/audio, and you believe that technological protection measures may have some impact to reduce non-paid use of such media, and you believe that it is in the interest of consumers to have standards for these sort of things, then you may view EME as a good thing.

Re:Open source browsers?

[jedidiah]

This is the exact opposite of "getting rid of Flash".

Re:Open source browsers?

[Kielistic]

No. Once their foot is in the door they will start demanding signed binary for browsers since anything else is useless to their wants.

Re:Open source browsers?

[lgw]

The reason to care is that they will publish, just not using HTML5, making yet another "if only people followed it" web standard.

I swear, every time DRM gets mentioned in HTML5 it's like IE6 never happened! Do we have to repeat that sad mistake? The point of a standard is to describe a specific way to do what everyone is going to do anyway. A standard that petulantly refuses to describe what the big players are doing anyway is worse than useless. The W3C finally learned this lesson, but apparently /. has a shorter memory.

Re:Open source browsers?

[calzones]

Some of us simply believe that if someone is going to try to impose DRM on us that it should be an inconvenient onus on them and the consuming public to do so. A fragmented non-API solution would mean that content providers choosing to implement DRM would face greater costs and suppressed demand due to the extra hurdles imposed by DRM.
If both any given content provider AND their audience agreed it was worthwhile to install Flash or Silverlight in order to view the content, then that's what they would do.
On the flip side, any content providers that attempt to impose DRM on an audience unwilling to install Flash or Silverlight would find their subscriber base evaporating, forcing them to release the content without DRM and find a different way to earn money. Once it's standardized and part of the browser, any moron on the web will suddenly feel like they can and should protect their content and all users will be forced to comply or stay out of the web.
Bottom line: DRM as a hassle means the onus is on content providers to provide users with a suitable value proposition and it leaves greedy or misguided or trend-following content providers who cannot meet that standard out of the web (or else on the web, but free). DRM as an integrated seamless solution flips that around and leaves consumers who seek free content out of the web.

Re:Open source browsers?

[Arker]

"If you believe that Copyright should be able to exist on media and that authors and/or distributors should be able to charge for the video/audio, and you believe that technological protection measures may have some impact to reduce non-paid use of such media, and you believe that it is in the interest of consumers to have standards for these sort of things, then you may view EME as a good thing."

Sorry that's a horrible strawman. Lots of people believe in copyright without condoning DRM in any way shape or form.

Re:Open source browsers?

[lgw]

A technical standard is in no way, shape, or form a law. That's probably where your thinking went off. A technical standard is just a piece of paper, making some recommendations. There's no enforcement or compulsion here, no requirement to comply.

Standards are useful precisely to the extent they describe what the big players actually do, so that you can code against the standard and be content. When standards fail, and the big players just ignore them, then they're only of academic interest - maybe you can learn something from them, but they're not directly useful.

Missing the big picture

[no_opinion]

Yes, I know I will be flamed for this, but I think the thing that is getting lost in the conversation is that we've all be using DRM for years, and the point of this is to increase interoperability. How many of us have netflix or amazon movie streaming? Buy kindle books? Use steam? Even the books downloadable from my library use some form of protection. Most people don't care, because those protections don't impact our typical usage patterns. But all of these services live in their own separate worlds, because they are not interoperable. Adding support for a common protection standard doesn't suddenly make it possible to encrypt movies or harder to download images on the net because that already exists today (and has for years)! The point is to end the balkanization of media players and let everything work in your vanilla browser. That sounds good to me.

Re:Missing the big picture

[jedidiah]

> and the point of this is to increase interoperability.

This does squat for increasing interoperability. It doesn't really change much of anything actually. The real problem is that it demonstrates a fundemental philosophical shift on the part of those entrusted with looking after web standards.

The web is no longer an open medium designed to be usable by anyone with any browser.

No, it's just another content consumption medium now. It's just cable TV.

The old status quo was fine. The corner case of media consumption was isolated while still being accommodated.

There was simply no need to "swim in the kool-aid" here.

This will not make Netflix any more accessible to Linux and will likely only make more of the web INaccessable to Linux and other alternative and non-corporate players.

Re:Kind of was expecting this

[wagnerrp]

If you allow web sites to require DRM, the web is no longer open. That's all there is to it. If you browsers must protect content, then browsers must be certified and signed before they can access the content. Had your desire to prevent the theft of your hard work guided the original protocols of the internet, it never would have become the important communications resource it is today.

MOD PARENT UP

[Tailhook]

Signed binaries running from a signed kernel, booted on UEFI Secure Boot hardware you can't legally compromise.

Alan Cox explained this 12 years ago.

That is the dream these people have.

Re:MOD PARENT UP

[hairyfeet]

Sounds just like Chromebooks to me, the only difference is IF you put in a page and a half of CLI gobbledygook that most can't pull off then and ONLY then can you take what was once a standard X86 laptop and install one of a handful of hacked bootloader Linux versions. Oh and no dual booting for you citizen, can't have that!

It just amazes the hell out of me that one company can cook up something nasty, like turning an X86 laptop into a locked down corp controlled thin client and get cheers and when another company does the exact same thing get treated as a monster. Would the ones that cheered the Chromebook have had the same reaction to a Winbook? Kinda doubt it.

As for TFA this is precisely why we must fight tooth and nail not to take HTML V5 in its current form, as its practically a love letter to the big corps who would like nothing more for the future to be similar to Chromebooks, locked down devices that access apps and content "stored in the cloud" that can only be viewed or used with approval.

Just to Point Out

[carrier+lost]

It wasn't all that long ago that browsing the internet with Linux was seriously crippled

Many sites in the early days used Active-X, Microsoft's "answer" to Java, which was only readable by IE and IE for Mac.

I remember not being able to use government services and banking sites because of this.

Because of the huge installed base of MS products, many govs and businesses just rolled out MS-centric solutions without any care for Unix, Linux or Mac.

Trust me, you don't want the web to go back to that.

It may not be MS at the helm this time, but it's easy to see that if there is a content-restrictive standard instituted for the web, there will be great pressure for it to be applied (even in places where it may not be needed!) and the collateral damage is inestimable.

WHATWG

[zmooc]

Due to slowness and creating other "less ideal" conditions, the W3C is quickly becoming an irrelevant marginalized nothing. They've their control over the HTML5 spec long ago; all browser manufacturers follow the HTML5 spec that's maintained by WHATWG (which, coincidentally, was formed by those browser manufacturers out of discontent with the way W3C managed it. Apparently they've learned nothing from that since this DRM stuff will marginalize them even further. Nowadays, W3C approving stuff has just about nothing to do with what browsers will support or what the Internet will look like in the future.