Unesco Says Adding DRM To HTML Is A Very Bad Idea
from the when-unesco-is-against-you... dept
For years now, we’ve written about the years-long effort, led by the MPAA and others, to put DRM directly into the standard for HTML5 (via “Encrypted Media Extensions” or EME) which continues to move forward with Tim Berners-Lee acting as if there’s nothing that can be done about it. It appears that not everyone agrees. Unesco, the United Nations Educational, Scientific and Cultural Organization has come out strongly against adding DRM to HTML5 in a letter sent to Tim Berners-Lee (found via Boing Boing).
… should Internet browsers become configured to work with EME to act as a framed gateway rather than serving as intrinsically open portals, there could be risks to Rights, to Openness and Accessibility.
Primarily, there is the issue of the Right to seek and receive information. To date, most filtering and blocking of content has been done at the level of the network, whereas the risk now is that this capacity could also become technically effective at the level of the browser. With standardized EME incorporated in the browser, a level of control would cascade to the user interface level. This could possibly undercut the use of circumvention tools to access content that is illegitimately restricted.
While a case can be made for exceptional limitations on accessing certain content, as per international human rights standards such as the International Covenant on Civil and Political Rights, the same human rights standards are clear that this is should never be a default setting. Unfortunately, many instances of limitation of access are not legitimate in international standards as they do not meet the criteria of legality, necessity and proportionality, and legitimate purpose, and it would be regrettable if standardized EME could end up reinforcing this unfortunate situation.
One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.
Filed Under: drm, eme, free speech, human rights
Companies: unesco, w3c
Comments on “Unesco Says Adding DRM To HTML Is A Very Bad Idea”
hope
“One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.”
Put that hope in one hand and….
The other point the W3C should consider is that DRM will not be available to individuals, and so this will give gatekeeper publishers power over those artists that decide to gt their work protected. The problem being that to gain DRM, the creator will have to assign their copyright, as gatekeepers do not want to risk any competition.
Masnick 1: Encryption for websites is super important. My site uses SSL and I won’t even take ad money from sponsors who can’t work with it. Privacy is the most important thing, and we can’t let anyone snoop on the stuff we broadcast over the internet. Every bit is critically important, and encryption should never be broken. I mean, Ed Snowden. FISA courts. Trump. ‘Nuf said.
Masnick 2: Encryption for media content is stupid and Tim Berners-Lee is crazy for supporting it. All encryption can and will be cracked. Who cares? It’s just stuff. Basic economics tells us it’s free to copy it, so that stuff is worthless. It’s just Hollywood. Did I mention Hollywood? ‘Cause SOPA. And free speech. Yeah, the First Amendment. Your encryption is a prior restraint, man. Everything is copied all of the time. Search engines are just giving people what they want. Hollywood. Jack the Ripper. MPAA. Hollywood. Valenti, brother! Hollywood.
Re: Re:
Anonymous Coward: 0
Just like other websites, streaming media should use transport-level encryption. This prevents access to the data stream between points A and B.
DRM is not encryption really: it is gatekeeping by obfuscation. This is due to the fact that the data being sent has to be decrypted locally. The goal of EME is to move this decryption of content as close to the hardware as possible, to prevent the person viewing the decrypted content from… viewing the decrypted content.
As such, DRM rarely functions as desired. One person sits something outside the EME, grabs the decrypted stream, and then shares this stream with others, circumventing the encryption. Others who have a legitimate access to the encrypted stream find that they can’t consume it as they see fit, can’t likewise encrypt their own streams without assigning copyright to someone else, and have access to information that is being intentionally sent to them arbitrarily restricted, not necessarily always in a legal manner, or a manner supported by fair use.
Re: Re:
Encryption protects the data, but does not limit what the user can do with the data. DRM limits what the user can do with the data to viewing or listening it only via defines programs and codecs.
Also there are signidficant implementation differences. Encryption is based on key exchange, and the user can use open source software for implementation. The proposed DRM mechanism is a way of downloading and execution proprietary closed source code which demands low level access to the likes pf the video and audio system, to try and bypass any use of the operating system to capture the decoded data. This also introduces a new route for malware to be install;ed on te system.
Re: Re:
I’d ask if you were incapable of knowing the difference between the privacy of user data and DRM, but we all know you’re not actually interested in the difference.
Re: Re:
3/10 Trolling, Wouldent derp again.
Re: Re:
Anonymous Coward 1: I don’t know the difference between DRM and encryption, but that won’t stop me spouting off like an idiot at the person I’m obsessed with, followed by whining when people tell me to STFU and GTFO again because they’re tired of my drooling idiocy.
Re: Re:
And what do you hope to achieve by showing everyone you cannot understand the difference? Common view that you are utterly dim?
Congratulations, you won.
If “Adding DRM To HTML Is A Very Bad Idea” then it’s because taking it out is a much worse idea — one that could send you to Federal prison thanks to the DMCA.
Of course any new DRM will be broken, it always is, and that means more government monitoring, investigation, prosecution, as well as building more prisons.
DRM is not necessarily a bad thing in itself. The problem is its implimentation, and the laws that enforce it, which typically bends to the demands of the copyright-industrial complex without any consideration to the needs of consumers whatsoever.
Re: Re:
“one that could send you to Federal prison thanks to the DMCA.”
DMCA violations are a civil, not criminal, case. Criminal copyright infringement is invoked in cases of commercial bootlegging: those $1 “new” CDs and DVDs you find on street corner and flea market stalls. But let’s not let the actual law get in the way of your ranting about the *-industrial complex and The Man.
Re: Re: (actual law)
17 U.S. Code § 1204 – Criminal offenses and penalties
(a)In General.—Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain—
(1)
shall be fined not more than $500,000 or imprisoned for not more than 5 years, or both, for the first offense; and
(2)
shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense.
https://www.law.cornell.edu/uscode/text/17/chapter-12
https://www.law.cornell.edu/uscode/text/17/1204
Re: Re: Re: (actual law)
“Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain”
How would that apply to a user removing DRM for purposes that do not include financial gain as a motive (i.e. most people who would be doing it).
Re: Re: Re:2 (actual law)
US courts have successfully claimed drug possession, for personal use within one state, is "interstate commerce" because it might have some effect on drug markets in other states. That’s why federal jurisdiction can be used to prosecute illegal possession. What stops them from using the same argument for DMCA?
Re: Re: Re:3 (actual law)
Well, nothing if the courts are allowed to be that creative with the rules. That’s a separate problem.
Re: Re: Re:2 (actual law)
Sadly, last I checked you don’t need to have financial gain as a motive for the advocates of DRM and the DMCA (well, the permission to use dumb robots for enforcement parts, not the icky, icky piratey safe harbor parts, anyway) to harass you and call you a pirate.
Re: Re: Re:3 (actual law)
Well, true. But, the AC above was trying to argue that breaking the DRM would be a criminal offense and when pressed for a citation he provided something with clear caveats. I’m interested as to how he’s interpreting this.
Re: Re: Re:4 (actual law)
To be honest, it’s not above advocates of IP law in general to mix civil and criminal. Criminal penalties and offenses that require only civil standards for burdens of proof is their ultimate wet dream.
It’s sort of whom you want to free, isn’t it?
If you want the political/economic power to be the thought police, then you’ll favor DRM and oppose encrypted communications.
If you want individualsto be free to think (and to do the necessary investigation) even without first obtaining great political/economic power, you’ll oppose DRM and favor encrypted communications.
Nobody favors both DRM and end-to-end encryption, and nobody opposes both.
Re: Response to: Anonymous Coward on Apr 4th, 2017 @ 4:53pm
Actually, someone here made a joke about how we should stop talking about “encrypting our communications” and start saying “protecting our communications with DRM” so that politicians will want to help us.
Devils Advocate.
Lets say I configured BitTorrent to work over HTML using EME.
Each time the client connects to the tracker, a seeder, or a leecher, the seedertracker sends the leecher a royalty-free redistribution agreement for redistribution of the data being sent, then the leecher sends acceptance of the agreement to the seedertracker. Literally, send an encrypted, salted data stream and occasionally pause, send the agreement, then continue.
1: ISP has the presupposition this is legit traffic. They look at it, see contract agreements and encrypted data. They respond the ISP cannot look at the data and can only presuppose that it’s legitimate since it’s DRM Traffic, and also, they can’t look at the data stream as that’s a felony.
2: Big Media then contacts law enforcement for a warrant, then drags John Doe into court at which point John Doe provides the documentation of whom gave him royalty free rights to redistribute the work, which they were totally doing via this cool video streaming app.
3: Big Media follows the chain to “This is the first IP Address that shared Movie X”, and discovers a private tracker. They raid it, and the tracker points to non-nonsensical addresses or to the movie studio’s own IP address block. That entire discussion comes down to a he said-she said between logs and proving their was no “technical” issue.
EME is awesome, because it means we have the right to privacy.
Re: Devils Advocate.
Yeah that’s…not how it works.
Funny
What is funny here is all the arm waving for nothing.
Adding a DRM option to HTML isn’t a big deal. Websites and site owners are not forced to use it, nor are end users required to use it if they do not wish. HTML will not suddenly break without it.
What it does is that it allows rights owners to make a choice how their content is shown to end users, and to protect it from piracy and unauthorized copying. It’s a choice by the content owner, and nothing more.
If you don’t agree with it, use a browser that does not support it or disable the code (you know there will be plugins to do that quick enough). That as an end user is your choice.
If enough users don’t use the feature, or stay away from sites that do require this feature, then either the sites will change or their will wither.
Adding optional DRM into HTML doesn’t break anything else, except perhaps a few narrow minds.
Re: Funny
You’re pretending that DRM isn’t essentially malware. You’re also pretending that all DRM’d items are essentially proclaiming that you don’t own it, you’re renting it. “Own it now on DVD,” etc. is a lie.
Re: Funny
You’re not forced to use Google either, but that’s never stopped you from becoming apoplectic with rage at the mere mention.
Re: Funny
“protect it from piracy and unauthorized copying”
So, you’re still dumb enough to think that this actually works for any lengths of time, dumb enough to think this won’t be used for other means and dumb enough to believe there are zero unintended consequences for legitimate users?
If only you spent as much time educating yourself as you did spouting your ignorance. But, that would involve at least listening to what others are saying before attacking them.
Tim Berners-Lee
Hostile witness. It might be time to move on fron his opinion.
Re: Tim Berners-Lee
Eh, you might find he’s under pressure to accept it. Now we need to find out where it’s coming from.
One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.
The problem with that is that the W3C aren’t the ones at the ledge, the public is, with the W3C standing behind getting their kicking shoes on and limbering up their leg for a swift boot to the backside.
so
make your own browsers and leave th ew3c behind they always been twits
oh and oh nvm
Tim Berners-Lee is now complaining about privacy on the web.
Re: Re:
From a pro or anti point of view?
Follow the Money...?
So, can somebody Kickstart a bribe bigger than the one TBL got from the MPAA? We can probably outbid them.
Re: Follow the Money...?
Don’t be so sure, they can add below the line items to your bill, so that they can still outbid you.