Unesco Says Adding DRM To HTML Is A Very Bad Idea

from the when-unesco-is-against-you... dept

For years now, we've written about the years-long effort, led by the MPAA and others, to put DRM directly into the standard for HTML5 (via "Encrypted Media Extensions" or EME) which continues to move forward with Tim Berners-Lee acting as if there's nothing that can be done about it. It appears that not everyone agrees. Unesco, the United Nations Educational, Scientific and Cultural Organization has come out strongly against adding DRM to HTML5 in a letter sent to Tim Berners-Lee (found via Boing Boing).

... should Internet browsers become configured to work with EME to act as a framed gateway rather than serving as intrinsically open portals, there could be risks to Rights, to Openness and Accessibility.

Primarily, there is the issue of the Right to seek and receive information. To date, most filtering and blocking of content has been done at the level of the network, whereas the risk now is that this capacity could also become technically effective at the level of the browser. With standardized EME incorporated in the browser, a level of control would cascade to the user interface level. This could possibly undercut the use of circumvention tools to access content that is illegitimately restricted.

While a case can be made for exceptional limitations on accessing certain content, as per international human rights standards such as the International Covenant on Civil and Political Rights, the same human rights standards are clear that this is should never be a default setting. Unfortunately, many instances of limitation of access are not legitimate in international standards as they do not meet the criteria of legality, necessity and proportionality, and legitimate purpose, and it would be regrettable if standardized EME could end up reinforcing this unfortunate situation.

One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: drm, eme, free speech, human rights
Companies: unesco, w3c


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 4 Apr 2017 @ 3:10pm

    hope

    "One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position."

    Put that hope in one hand and....

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 4 Apr 2017 @ 3:27pm

    The other point the W3C should consider is that DRM will not be available to individuals, and so this will give gatekeeper publishers power over those artists that decide to gt their work protected. The problem being that to gain DRM, the creator will have to assign their copyright, as gatekeepers do not want to risk any competition.

    link to this | view in thread ]

  3. This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 4 Apr 2017 @ 3:49pm

    Masnick 1: Encryption for websites is super important. My site uses SSL and I won't even take ad money from sponsors who can't work with it. Privacy is the most important thing, and we can't let anyone snoop on the stuff we broadcast over the internet. Every bit is critically important, and encryption should never be broken. I mean, Ed Snowden. FISA courts. Trump. 'Nuf said.

    Masnick 2: Encryption for media content is stupid and Tim Berners-Lee is crazy for supporting it. All encryption can and will be cracked. Who cares? It's just stuff. Basic economics tells us it's free to copy it, so that stuff is worthless. It's just Hollywood. Did I mention Hollywood? 'Cause SOPA. And free speech. Yeah, the First Amendment. Your encryption is a prior restraint, man. Everything is copied all of the time. Search engines are just giving people what they want. Hollywood. Jack the Ripper. MPAA. Hollywood. Valenti, brother! Hollywood.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 4 Apr 2017 @ 4:02pm

    Re:

    Anonymous Coward: 0

    Just like other websites, streaming media should use transport-level encryption. This prevents access to the data stream between points A and B.

    DRM is not encryption really: it is gatekeeping by obfuscation. This is due to the fact that the data being sent has to be decrypted locally. The goal of EME is to move this decryption of content as close to the hardware as possible, to prevent the person viewing the decrypted content from... viewing the decrypted content.

    As such, DRM rarely functions as desired. One person sits something outside the EME, grabs the decrypted stream, and then shares this stream with others, circumventing the encryption. Others who have a legitimate access to the encrypted stream find that they can't consume it as they see fit, can't likewise encrypt their own streams without assigning copyright to someone else, and have access to information that is being intentionally sent to them arbitrarily restricted, not necessarily always in a legal manner, or a manner supported by fair use.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 4 Apr 2017 @ 4:02pm

    If "Adding DRM To HTML Is A Very Bad Idea" then it's because taking it out is a much worse idea -- one that could send you to Federal prison thanks to the DMCA.

    Of course any new DRM will be broken, it always is, and that means more government monitoring, investigation, prosecution, as well as building more prisons.

    DRM is not necessarily a bad thing in itself. The problem is its implimentation, and the laws that enforce it, which typically bends to the demands of the copyright-industrial complex without any consideration to the needs of consumers whatsoever.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 4 Apr 2017 @ 4:10pm

    Re:

    Encryption protects the data, but does not limit what the user can do with the data. DRM limits what the user can do with the data to viewing or listening it only via defines programs and codecs.

    Also there are signidficant implementation differences. Encryption is based on key exchange, and the user can use open source software for implementation. The proposed DRM mechanism is a way of downloading and execution proprietary closed source code which demands low level access to the likes pf the video and audio system, to try and bypass any use of the operating system to capture the decoded data. This also introduces a new route for malware to be install;ed on te system.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 4 Apr 2017 @ 4:43pm

    Re:

    "one that could send you to Federal prison thanks to the DMCA."

    DMCA violations are a civil, not criminal, case. Criminal copyright infringement is invoked in cases of commercial bootlegging: those $1 "new" CDs and DVDs you find on street corner and flea market stalls. But let's not let the actual law get in the way of your ranting about the *-industrial complex and The Man.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 4 Apr 2017 @ 4:53pm

    It's sort of whom you want to free, isn't it?

    If you want the political/economic power to be the thought police, then you'll favor DRM and oppose encrypted communications.

    If you want individualsto be free to think (and to do the necessary investigation) even without first obtaining great political/economic power, you'll oppose DRM and favor encrypted communications.

    Nobody favors both DRM and end-to-end encryption, and nobody opposes both.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 4 Apr 2017 @ 5:12pm

    Re:

    I'd ask if you were incapable of knowing the difference between the privacy of user data and DRM, but we all know you're not actually interested in the difference.

    link to this | view in thread ]

  10. identicon
    TheBobinator, 4 Apr 2017 @ 5:33pm

    Devils Advocate.

    Lets say I configured BitTorrent to work over HTML using EME.

    Each time the client connects to the tracker, a seeder, or a leecher, the seeder\tracker sends the leecher a royalty-free redistribution agreement for redistribution of the data being sent, then the leecher sends acceptance of the agreement to the seeder\tracker. Literally, send an encrypted, salted data stream and occasionally pause, send the agreement, then continue.

    1: ISP has the presupposition this is legit traffic. They look at it, see contract agreements and encrypted data. They respond the ISP cannot look at the data and can only presuppose that it's legitimate since it's DRM Traffic, and also, they can't look at the data stream as that's a felony.

    2: Big Media then contacts law enforcement for a warrant, then drags John Doe into court at which point John Doe provides the documentation of whom gave him royalty free rights to redistribute the work, which they were totally doing via this cool video streaming app.

    3: Big Media follows the chain to "This is the first IP Address that shared Movie X", and discovers a private tracker. They raid it, and the tracker points to non-nonsensical addresses or to the movie studio's own IP address block. That entire discussion comes down to a he said-she said between logs and proving their was no "technical" issue.

    EME is awesome, because it means we have the right to privacy.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 4 Apr 2017 @ 5:35pm

    Re: Re: (actual law)

    17 U.S. Code § 1204 - Criminal offenses and penalties

    (a)In General.—Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain—
    (1)
    shall be fined not more than $500,000 or imprisoned for not more than 5 years, or both, for the first offense; and
    (2)
    shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense.

    https://www.law.cornell.edu/uscode/text/17/chapter-12
    https://www.law.cornell.edu/uscode/text /17/1204

    link to this | view in thread ]

  12. identicon
    My_Name_Here, 4 Apr 2017 @ 5:42pm

    Funny

    What is funny here is all the arm waving for nothing.

    Adding a DRM option to HTML isn't a big deal. Websites and site owners are not forced to use it, nor are end users required to use it if they do not wish. HTML will not suddenly break without it.

    What it does is that it allows rights owners to make a choice how their content is shown to end users, and to protect it from piracy and unauthorized copying. It's a choice by the content owner, and nothing more.

    If you don't agree with it, use a browser that does not support it or disable the code (you know there will be plugins to do that quick enough). That as an end user is your choice.

    If enough users don't use the feature, or stay away from sites that do require this feature, then either the sites will change or their will wither.

    Adding optional DRM into HTML doesn't break anything else, except perhaps a few narrow minds.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 4 Apr 2017 @ 6:13pm

    Re:

    3/10 Trolling, Wouldent derp again.

    link to this | view in thread ]

  14. icon
    Wyrm (profile), 4 Apr 2017 @ 6:42pm

    Response to: Anonymous Coward on Apr 4th, 2017 @ 4:53pm

    Actually, someone here made a joke about how we should stop talking about "encrypting our communications" and start saying "protecting our communications with DRM" so that politicians will want to help us.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 4 Apr 2017 @ 7:55pm

    Re: Devils Advocate.

    Yeah that's...not how it works.

    link to this | view in thread ]

  16. identicon
    Pixelation, 4 Apr 2017 @ 10:29pm

    Tim Berners-Lee

    Hostile witness. It might be time to move on fron his opinion.

    link to this | view in thread ]

  17. icon
    PaulT (profile), 5 Apr 2017 @ 12:17am

    Re:

    Anonymous Coward 1: I don't know the difference between DRM and encryption, but that won't stop me spouting off like an idiot at the person I'm obsessed with, followed by whining when people tell me to STFU and GTFO again because they're tired of my drooling idiocy.

    link to this | view in thread ]

  18. icon
    PaulT (profile), 5 Apr 2017 @ 12:19am

    Re: Re: Re: (actual law)

    "Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain"

    How would that apply to a user removing DRM for purposes that do not include financial gain as a motive (i.e. most people who would be doing it).

    link to this | view in thread ]

  19. icon
    That One Guy (profile), 5 Apr 2017 @ 1:21am

    One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.

    The problem with that is that the W3C aren't the ones at the ledge, the public is, with the W3C standing behind getting their kicking shoes on and limbering up their leg for a swift boot to the backside.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 5 Apr 2017 @ 3:19am

    Re:

    And what do you hope to achieve by showing everyone you cannot understand the difference? Common view that you are utterly dim?
    Congratulations, you won.

    link to this | view in thread ]

  21. identicon
    Anonymous Champion, 5 Apr 2017 @ 5:39am

    so

    make your own browsers and leave th ew3c behind they always been twits

    oh and oh nvm

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 5 Apr 2017 @ 7:55am

    Re: Re: Re: Re: (actual law)

    How would that apply to a user removing DRM for purposes that do not include financial gain as a motive (i.e. most people who would be doing it).

    US courts have successfully claimed drug possession, for personal use within one state, is "interstate commerce" because it might have some effect on drug markets in other states. That's why federal jurisdiction can be used to prosecute illegal possession. What stops them from using the same argument for DMCA?

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 5 Apr 2017 @ 8:05am

    Re: Re: Re: Re: (actual law)

    Sadly, last I checked you don't need to have financial gain as a motive for the advocates of DRM and the DMCA (well, the permission to use dumb robots for enforcement parts, not the icky, icky piratey safe harbor parts, anyway) to harass you and call you a pirate.

    link to this | view in thread ]

  24. icon
    PaulT (profile), 5 Apr 2017 @ 8:30am

    Re: Re: Re: Re: Re: (actual law)

    Well, true. But, the AC above was trying to argue that breaking the DRM would be a criminal offense and when pressed for a citation he provided something with clear caveats. I'm interested as to how he's interpreting this.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 5 Apr 2017 @ 8:57am

    Tim Berners-Lee is now complaining about privacy on the web.

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 5 Apr 2017 @ 9:26am

    Re: Re: Re: Re: Re: Re: (actual law)

    To be honest, it's not above advocates of IP law in general to mix civil and criminal. Criminal penalties and offenses that require only civil standards for burdens of proof is their ultimate wet dream.

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 5 Apr 2017 @ 10:31am

    Follow the Money...?

    So, can somebody Kickstart a bribe bigger than the one TBL got from the MPAA? We can probably outbid them.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 5 Apr 2017 @ 10:39am

    Re: Follow the Money...?

    Don't be so sure, they can add below the line items to your bill, so that they can still outbid you.

    link to this | view in thread ]

  29. icon
    PaulT (profile), 6 Apr 2017 @ 12:43am

    Re: Re: Re: Re: Re: (actual law)

    Well, nothing if the courts are allowed to be that creative with the rules. That's a separate problem.

    link to this | view in thread ]

  30. identicon
    Wendy Cockcroft, 7 Apr 2017 @ 2:32am

    Re: Funny

    You're pretending that DRM isn't essentially malware. You're also pretending that all DRM'd items are essentially proclaiming that you don't own it, you're renting it. "Own it now on DVD," etc. is a lie.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 7 Apr 2017 @ 3:04am

    Re: Funny

    You're not forced to use Google either, but that's never stopped you from becoming apoplectic with rage at the mere mention.

    link to this | view in thread ]

  32. icon
    PaulT (profile), 7 Apr 2017 @ 3:24am

    Re: Funny

    "protect it from piracy and unauthorized copying"

    So, you're still dumb enough to think that this actually works for any lengths of time, dumb enough to think this won't be used for other means and dumb enough to believe there are zero unintended consequences for legitimate users?

    If only you spent as much time educating yourself as you did spouting your ignorance. But, that would involve at least listening to what others are saying before attacking them.

    link to this | view in thread ]

  33. identicon
    Wendy Cockcroft, 7 Apr 2017 @ 5:29am

    Re: Tim Berners-Lee

    Eh, you might find he's under pressure to accept it. Now we need to find out where it's coming from.

    link to this | view in thread ]

  34. identicon
    Wendy Cockcroft, 7 Apr 2017 @ 5:29am

    Re:

    From a pro or anti point of view?

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.