Slashdot Mirror
An Open Letter on DRM To the Inventor of the Web, From the Inventor of Net Neutrality (boingboing.net)
Tim Wu, a law professor at the Colombia University, and best known for coining the term "net neutrality," has published an open letter to Tim Berners-Lee, the creator of the web and director of the World Wide Web Consortium (W3C). In the letter, Wu has asked Berners-Lee to "seriously consider extending a protective covenant to legitimate circumventers who have cause to bypass EME, should it emerge as a W3C standard." Cory Doctorow, writes for BoingBoing: But Wu goes on to draw a connection between the problems of DRM and the problems of network discrimination: DRM is wrapped up in a layer of legal entanglements (notably section 1201 of America's Digital Millennium Copyright Act), which allow similar kinds of anticompetitive and ugly practices that make net neutrality so important. This is a live issue, too, because the W3C just held the most contentious vote in its decades-long history, on whether to publish a DRM standard for the web without any of the proposed legal protections for companies that create the kinds of competing products and services that the law permits, except when DRM is involved. As Wu points out, this sets up a situation where the incumbents get to create monopolies that produce the same problems for the open web that network neutrality advocates -- like Berners-Lee -- worry about.
When we look at recent browser usage stats we see that Chrome has 50% or more of the market. Safari has about 10%, but it's mainly on mobile devices. Other mobile browsers like UC Browser for Android, Samsung Internet and Opera Mini are about 15%. IE and Firefox are both down to around 5% or 6%. Then there are various minor players.
"Web browser" today means Chrome. If Chrome doesn't support some web technology, then it may as well not exist. If Chrome supports a technology, then Chrome's level of support effectively defines the standard.
So what's the point of the W3C these days?
Is it just to document how Chrome behaves, so the other lesser browser vendors can imitate it more closely?
With such a lack of competition when it comes to web browsers, an organization like the W3C seems to be toothless. Before moz://a ruined Firefox's user experience for so many of its users, at least there was some competition. But that has evaporated.
I don't see how the W3C can be anything other than a glorified documentation writer at this point. Maybe things will change in the future, but it seems unlikely to happen any time soon. Nobody else has been able to compete with Chrome in any meaningful way. The most likely competitor is Firefox, but it seems unlikely to turn its boat around soon. Users keep leaving Firefox, and their Servo effort is going nowhere.
Things are looking really bleak for the web, and I don't think that there's anything that the W3C can do to help.
If there is a case for supporting DRM, then clearly there is even better case for embedding support for violence. For example, someone moderated your post on ./ at -1? Use
in your post.
These are legit concerns, but they will never win the argument. Yes the example given is the problem with DRM, but it is so specific that there will be no mass uprising to protect it. And having DRM built in does scare me. Imagine not being able to take a screenshot of something on a webpage, or being prevented from copying text from an article. All of this could be done with DRM.
That being said I am hoping we have enough of an open browser system now to avoid the chokepoint issue. There are several open rendering engines that browsers can use, so there will always be an alternative to the IE problem. Those browsers can support DRM while still insuring the rest of the web stays open. In a way I think the market will show that DRM taking over the web won't work. It's tolerated on videos because everyone came to the same conclusion as Tim.
Be kind, for everyone you meet is fighting a difficult battle. - Plato
What is Berners-Lee going to do? Incorporate these changes into his next release of the interwebs?https://tech.slashdot.org/story/17/04/28/1533207/an-open-letter-on-drm-to-the-inventor-of-the-web-from-the-inventor-of-net-neutrality#
tone
I for one cannot wait for the DRM standard to be expanded to cover the entire contents of web pages, so it becomes extremely difficult to block advertising, trackers, web-asm based malware, or do something as simple as "right click" on an image and "save as".
Fun for all!
Captcha = boycott
Al Gore's response
Aaaand the concept of equivalence is dead.
One dude: invented and then gave away the rights to a set of legit improvements that changed the nature of life on earth quite profoundly.
Other dude: chose two words to describe common practice.
He talks about this as a problem, but I'm thinking: I really hope something like that happens.
DMCA defines circumvention as bypassing(,etc) the technological measures that limit access, without authorization from the copyright holder. Furthermore, there's a lot of language about its various provisions applying to "a work protected by this title," where "this title" means copyright.
That excludes PD.
If a PD work is DRMed, then it is not a violation of DMCA to break the DRM protecting that PD work. Nor is it a violation to manufacture, traffic, market, offer to the public (etc) tools that break that DRM.
If someone applies DRM to PD materials, they are effectively removing DMCA prohibitions to that entire DRM scheme. Had someone someone applied CSS to a DVD containing a PD movie, that would have legalized breaking CSS. That would have legalized non-DVDCCA-sanctioned DVD players, too. (Or at least partly. There's that whole "primarily intended" thing, but it'd still be a great weakening.)
(There's another angle involving copyright holders voluntarily authorizing the breaking of DRM too, but I won't go into that.)
[aside...]
This is why there can never be a DRM standard. (Never, at least, unless DMCA gets rewritten.) If there were a standard, people would apply it to a bunch of PD works, and then it would legally be open season on that standard. DMCA's prohibitions would not apply.
Alas, the fact that there will never be a standard, is also why every publisher is going to want their own EME module (so that a competing publisher, or any other party, won't be able to apply compatible DRM to other works which allow the DRM's defeat), and users are going to need to get into the habit of installing many, many unaudited and unauditable proprietary EME modules, which I'm sure are going to want high privs.
This is going to be one of the greatest malware vectors, ever. The Internet has not seen malware yet, on a scale that the pro-EME people are advocating.
And unlike "install this codec to watch this video," 99% of the time it will be "legit." (As legit as DRM can be, at least.) So the malware authors are going to have lots of cover, and you won't be able to train users "don't do that" since they really will need to do this incredibly unsafe thing, on a routine basis.
There are lots of reasons that EME is a bad idea, and that's one. You shouldn't be making people install weird software, just to watch a video. Watching videos in browsers is not worth that, Tim! You're compromising because you think the goal is worth it, but it's not!
Look at it this way, without net neutrality Facebook and Twitter would need users to pay subscriptions for better service. Then they would actually be worth billions of dollars, instead we get bubble companies who drained retired people bank accounts, and will be poor when bubble bursts.
At least no net neutrality rids us of free services a little more.
"Tim Wu, a law professor at the Colombia University"
Pretty sure Tim Wu is a professor at Columbia University, not "Colombia" university. "Columbia" is the personification of the New World, while "Colombia" is a country in South America.
Nothing interesting to say...MUST...NOT...REPLY...ohtheheckwithit.
Why do people think that if there isn't a standard for DRM, that websites won't use DRM at all?
All it means is that websites will write their own version, some already have.
Universal Embedded DRM would kill the social networks dead overnight. Just watch the titans fight it out. If the social networks lose, you can always spin up your own site with no DRM, standardized or not. Just be prepared to pay the new ISP toll.
History has proven over and over DRM is not a long term solution to anything. I'm kinda looking forward to the cat-mouse-mouse games between the rights-holders, social networks, and users. Maybe I'll make a few bucks "modding" browsers.
I swear, every couple of years, some new oppressive rights management shit sneaks onto the net, lives a few months, and dies. Unbroken DRM is like a target that only gets bigger with time.
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
It's not at all clear to me what the author is asking Berners-Lee and W3C to do. The issue he brings up is a concern with a particular law. W3C doesn't write the law. Html EME defines a technical interface for "if you want a browser to use an encryption module, here's the code to declare that". It doesn't, and can't, effect any law in any way I can see.
Have open letters actually had any effect? Seems just like a fancy term for web log post. When does a web log post become an open letter, when the news wire picks it up and it gets posted to a news site?
How long until we can expect an open source DRM-free browser to come out? Or will websites deny browsers that don't have DRM? Or will our non-linux OSs make sure that you can't run a DRM-free browser?
All [no standard] means is that websites will write their own version, some already have.
Indeed.
Also: In the race between weapons and armor, weapons always (eventually) win.
By creating a standard and getting the bulk of the "content providers" to adopt it, the WWWC creates a single big target that leads to breaking MOST of the DRM simultaneously. Meanwhile, content providers are left with the choice of getting behind the big target or being non-standard.
Which is fine: Like WEP, or a locked screen door, DRM won't protect things forever. But, like a "No Trespassing" sign, it DOES indicate INTENT forever. Intent of the content provider to limit access, and intent of the unauthorized content viewer to bypass that limit. That takes the "I didn't mean to do it." defence away, and gets any legal cases down to examining whether the poster of the No Trespassing sign had the right to limit the access and/or the crosser of the boundary had a right to obtain access.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
There's only a definition that you HAVE to support DRM calls in your browser and obey them. The DRM is not standard, not a single target, not even defined vaguely. EVERYONE will have their own DRM and instead of two or three variations on flash and a binary bitstream, there will be one for each and every publisher and it will change every three years or so, and you'll have to keep the old one installed.
From a standards perspective--the only perspective the W3C should concern itself with--what differentiates DRM from encryption or any other enabling technology standard? Yes, DRM is a messy legal construct, but why should the W3C concern itself with that, particularly when there's no global legal standard?
Richard M. Stallman (rms, widely known as the founder of the GNU Project and frequent lecturer speaking for software freedom, the freedom to control one's computers by having the freedom to run, inspect, share, and modify the code they run) explained why the W3C can't get away from DRM ("digital handcuffs") starting around 11m40s into the interview. Around 15m16s rms pointed out why the W3 is structurally incapable of challenging DRM:
Digital Citizen
Let's ditch the Web, it's done. Corporations have ruined it with their greed. I propose we use a simpler protocol: gopher. It needs to be wrapped in TLS or something if we want to be more secure, but gopher is simple enough that the most they can get from you is your IP address.