Unesco Says Adding DRM To HTML Is A Very Bad Idea
from the when-unesco-is-against-you... dept
For years now, we've written about the years-long effort, led by the MPAA and others, to put DRM directly into the standard for HTML5 (via "Encrypted Media Extensions" or EME) which continues to move forward with Tim Berners-Lee acting as if there's nothing that can be done about it. It appears that not everyone agrees. Unesco, the United Nations Educational, Scientific and Cultural Organization has come out strongly against adding DRM to HTML5 in a letter sent to Tim Berners-Lee (found via Boing Boing).
... should Internet browsers become configured to work with EME to act as a framed gateway rather than serving as intrinsically open portals, there could be risks to Rights, to Openness and Accessibility.
Primarily, there is the issue of the Right to seek and receive information. To date, most filtering and blocking of content has been done at the level of the network, whereas the risk now is that this capacity could also become technically effective at the level of the browser. With standardized EME incorporated in the browser, a level of control would cascade to the user interface level. This could possibly undercut the use of circumvention tools to access content that is illegitimately restricted.
While a case can be made for exceptional limitations on accessing certain content, as per international human rights standards such as the International Covenant on Civil and Political Rights, the same human rights standards are clear that this is should never be a default setting. Unfortunately, many instances of limitation of access are not legitimate in international standards as they do not meet the criteria of legality, necessity and proportionality, and legitimate purpose, and it would be regrettable if standardized EME could end up reinforcing this unfortunate situation.
One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: drm, eme, free speech, human rights
Companies: unesco, w3c
Reader Comments
Subscribe: RSS
View by: Time | Thread
hope
Put that hope in one hand and....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Masnick 2: Encryption for media content is stupid and Tim Berners-Lee is crazy for supporting it. All encryption can and will be cracked. Who cares? It's just stuff. Basic economics tells us it's free to copy it, so that stuff is worthless. It's just Hollywood. Did I mention Hollywood? 'Cause SOPA. And free speech. Yeah, the First Amendment. Your encryption is a prior restraint, man. Everything is copied all of the time. Search engines are just giving people what they want. Hollywood. Jack the Ripper. MPAA. Hollywood. Valenti, brother! Hollywood.
[ link to this | view in chronology ]
Re:
Just like other websites, streaming media should use transport-level encryption. This prevents access to the data stream between points A and B.
DRM is not encryption really: it is gatekeeping by obfuscation. This is due to the fact that the data being sent has to be decrypted locally. The goal of EME is to move this decryption of content as close to the hardware as possible, to prevent the person viewing the decrypted content from... viewing the decrypted content.
As such, DRM rarely functions as desired. One person sits something outside the EME, grabs the decrypted stream, and then shares this stream with others, circumventing the encryption. Others who have a legitimate access to the encrypted stream find that they can't consume it as they see fit, can't likewise encrypt their own streams without assigning copyright to someone else, and have access to information that is being intentionally sent to them arbitrarily restricted, not necessarily always in a legal manner, or a manner supported by fair use.
[ link to this | view in chronology ]
Re:
Also there are signidficant implementation differences. Encryption is based on key exchange, and the user can use open source software for implementation. The proposed DRM mechanism is a way of downloading and execution proprietary closed source code which demands low level access to the likes pf the video and audio system, to try and bypass any use of the operating system to capture the decoded data. This also introduces a new route for malware to be install;ed on te system.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Congratulations, you won.
[ link to this | view in chronology ]
Of course any new DRM will be broken, it always is, and that means more government monitoring, investigation, prosecution, as well as building more prisons.
DRM is not necessarily a bad thing in itself. The problem is its implimentation, and the laws that enforce it, which typically bends to the demands of the copyright-industrial complex without any consideration to the needs of consumers whatsoever.
[ link to this | view in chronology ]
Re:
DMCA violations are a civil, not criminal, case. Criminal copyright infringement is invoked in cases of commercial bootlegging: those $1 "new" CDs and DVDs you find on street corner and flea market stalls. But let's not let the actual law get in the way of your ranting about the *-industrial complex and The Man.
[ link to this | view in chronology ]
Re: Re: (actual law)
(a)In General.—Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain—
(1)
shall be fined not more than $500,000 or imprisoned for not more than 5 years, or both, for the first offense; and
(2)
shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense.
https://www.law.cornell.edu/uscode/text/17/chapter-12
https://www.law.cornell.edu/uscode/text /17/1204
[ link to this | view in chronology ]
Re: Re: Re: (actual law)
How would that apply to a user removing DRM for purposes that do not include financial gain as a motive (i.e. most people who would be doing it).
[ link to this | view in chronology ]
Re: Re: Re: Re: (actual law)
US courts have successfully claimed drug possession, for personal use within one state, is "interstate commerce" because it might have some effect on drug markets in other states. That's why federal jurisdiction can be used to prosecute illegal possession. What stops them from using the same argument for DMCA?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: (actual law)
[ link to this | view in chronology ]
Re: Re: Re: Re: (actual law)
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: (actual law)
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: (actual law)
[ link to this | view in chronology ]
If you want the political/economic power to be the thought police, then you'll favor DRM and oppose encrypted communications.
If you want individualsto be free to think (and to do the necessary investigation) even without first obtaining great political/economic power, you'll oppose DRM and favor encrypted communications.
Nobody favors both DRM and end-to-end encryption, and nobody opposes both.
[ link to this | view in chronology ]
Response to: Anonymous Coward on Apr 4th, 2017 @ 4:53pm
[ link to this | view in chronology ]
Devils Advocate.
Each time the client connects to the tracker, a seeder, or a leecher, the seeder\tracker sends the leecher a royalty-free redistribution agreement for redistribution of the data being sent, then the leecher sends acceptance of the agreement to the seeder\tracker. Literally, send an encrypted, salted data stream and occasionally pause, send the agreement, then continue.
1: ISP has the presupposition this is legit traffic. They look at it, see contract agreements and encrypted data. They respond the ISP cannot look at the data and can only presuppose that it's legitimate since it's DRM Traffic, and also, they can't look at the data stream as that's a felony.
2: Big Media then contacts law enforcement for a warrant, then drags John Doe into court at which point John Doe provides the documentation of whom gave him royalty free rights to redistribute the work, which they were totally doing via this cool video streaming app.
3: Big Media follows the chain to "This is the first IP Address that shared Movie X", and discovers a private tracker. They raid it, and the tracker points to non-nonsensical addresses or to the movie studio's own IP address block. That entire discussion comes down to a he said-she said between logs and proving their was no "technical" issue.
EME is awesome, because it means we have the right to privacy.
[ link to this | view in chronology ]
Re: Devils Advocate.
[ link to this | view in chronology ]
Funny
Adding a DRM option to HTML isn't a big deal. Websites and site owners are not forced to use it, nor are end users required to use it if they do not wish. HTML will not suddenly break without it.
What it does is that it allows rights owners to make a choice how their content is shown to end users, and to protect it from piracy and unauthorized copying. It's a choice by the content owner, and nothing more.
If you don't agree with it, use a browser that does not support it or disable the code (you know there will be plugins to do that quick enough). That as an end user is your choice.
If enough users don't use the feature, or stay away from sites that do require this feature, then either the sites will change or their will wither.
Adding optional DRM into HTML doesn't break anything else, except perhaps a few narrow minds.
[ link to this | view in chronology ]
Re: Funny
[ link to this | view in chronology ]
Re: Funny
[ link to this | view in chronology ]
Re: Funny
So, you're still dumb enough to think that this actually works for any lengths of time, dumb enough to think this won't be used for other means and dumb enough to believe there are zero unintended consequences for legitimate users?
If only you spent as much time educating yourself as you did spouting your ignorance. But, that would involve at least listening to what others are saying before attacking them.
[ link to this | view in chronology ]
Tim Berners-Lee
[ link to this | view in chronology ]
Re: Tim Berners-Lee
[ link to this | view in chronology ]
One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.
The problem with that is that the W3C aren't the ones at the ledge, the public is, with the W3C standing behind getting their kicking shoes on and limbering up their leg for a swift boot to the backside.
[ link to this | view in chronology ]
so
oh and oh nvm
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Follow the Money...?
[ link to this | view in chronology ]
Re: Follow the Money...?
[ link to this | view in chronology ]