Unesco Says Adding DRM To HTML Is A Very Bad Idea

from the when-unesco-is-against-you... dept

For years now, we’ve written about the years-long effort, led by the MPAA and others, to put DRM directly into the standard for HTML5 (via “Encrypted Media Extensions” or EME) which continues to move forward with Tim Berners-Lee acting as if there’s nothing that can be done about it. It appears that not everyone agrees. Unesco, the United Nations Educational, Scientific and Cultural Organization has come out strongly against adding DRM to HTML5 in a letter sent to Tim Berners-Lee (found via Boing Boing).

… should Internet browsers become configured to work with EME to act as a framed gateway rather than serving as intrinsically open portals, there could be risks to Rights, to Openness and Accessibility.

Primarily, there is the issue of the Right to seek and receive information. To date, most filtering and blocking of content has been done at the level of the network, whereas the risk now is that this capacity could also become technically effective at the level of the browser. With standardized EME incorporated in the browser, a level of control would cascade to the user interface level. This could possibly undercut the use of circumvention tools to access content that is illegitimately restricted.

While a case can be made for exceptional limitations on accessing certain content, as per international human rights standards such as the International Covenant on Civil and Political Rights, the same human rights standards are clear that this is should never be a default setting. Unfortunately, many instances of limitation of access are not legitimate in international standards as they do not meet the criteria of legality, necessity and proportionality, and legitimate purpose, and it would be regrettable if standardized EME could end up reinforcing this unfortunate situation.

One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.

Filed Under: , , ,
Companies: unesco, w3c

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Unesco Says Adding DRM To HTML Is A Very Bad Idea”

Subscribe: RSS Leave a comment
Anonymous Coward says:

The other point the W3C should consider is that DRM will not be available to individuals, and so this will give gatekeeper publishers power over those artists that decide to gt their work protected. The problem being that to gain DRM, the creator will have to assign their copyright, as gatekeepers do not want to risk any competition.

Anonymous Coward says:

Masnick 1: Encryption for websites is super important. My site uses SSL and I won’t even take ad money from sponsors who can’t work with it. Privacy is the most important thing, and we can’t let anyone snoop on the stuff we broadcast over the internet. Every bit is critically important, and encryption should never be broken. I mean, Ed Snowden. FISA courts. Trump. ‘Nuf said.

Masnick 2: Encryption for media content is stupid and Tim Berners-Lee is crazy for supporting it. All encryption can and will be cracked. Who cares? It’s just stuff. Basic economics tells us it’s free to copy it, so that stuff is worthless. It’s just Hollywood. Did I mention Hollywood? ‘Cause SOPA. And free speech. Yeah, the First Amendment. Your encryption is a prior restraint, man. Everything is copied all of the time. Search engines are just giving people what they want. Hollywood. Jack the Ripper. MPAA. Hollywood. Valenti, brother! Hollywood.

Anonymous Coward says:

Re: Re:

Anonymous Coward: 0

Just like other websites, streaming media should use transport-level encryption. This prevents access to the data stream between points A and B.

DRM is not encryption really: it is gatekeeping by obfuscation. This is due to the fact that the data being sent has to be decrypted locally. The goal of EME is to move this decryption of content as close to the hardware as possible, to prevent the person viewing the decrypted content from… viewing the decrypted content.

As such, DRM rarely functions as desired. One person sits something outside the EME, grabs the decrypted stream, and then shares this stream with others, circumventing the encryption. Others who have a legitimate access to the encrypted stream find that they can’t consume it as they see fit, can’t likewise encrypt their own streams without assigning copyright to someone else, and have access to information that is being intentionally sent to them arbitrarily restricted, not necessarily always in a legal manner, or a manner supported by fair use.

Anonymous Coward says:

Re: Re:

Encryption protects the data, but does not limit what the user can do with the data. DRM limits what the user can do with the data to viewing or listening it only via defines programs and codecs.

Also there are signidficant implementation differences. Encryption is based on key exchange, and the user can use open source software for implementation. The proposed DRM mechanism is a way of downloading and execution proprietary closed source code which demands low level access to the likes pf the video and audio system, to try and bypass any use of the operating system to capture the decoded data. This also introduces a new route for malware to be install;ed on te system.

Anonymous Coward says:

If “Adding DRM To HTML Is A Very Bad Idea” then it’s because taking it out is a much worse idea — one that could send you to Federal prison thanks to the DMCA.

Of course any new DRM will be broken, it always is, and that means more government monitoring, investigation, prosecution, as well as building more prisons.

DRM is not necessarily a bad thing in itself. The problem is its implimentation, and the laws that enforce it, which typically bends to the demands of the copyright-industrial complex without any consideration to the needs of consumers whatsoever.

Anonymous Coward says:

Re: Re:

“one that could send you to Federal prison thanks to the DMCA.”

DMCA violations are a civil, not criminal, case. Criminal copyright infringement is invoked in cases of commercial bootlegging: those $1 “new” CDs and DVDs you find on street corner and flea market stalls. But let’s not let the actual law get in the way of your ranting about the *-industrial complex and The Man.

Anonymous Coward says:

Re: Re: (actual law)

17 U.S. Code § 1204 – Criminal offenses and penalties

(a)In General.—Any person who violates section 1201 or 1202 willfully and for purposes of commercial advantage or private financial gain—
shall be fined not more than $500,000 or imprisoned for not more than 5 years, or both, for the first offense; and
shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense.


Anonymous Coward says:

Re: Re: Re:2 (actual law)

How would that apply to a user removing DRM for purposes that do not include financial gain as a motive (i.e. most people who would be doing it).

US courts have successfully claimed drug possession, for personal use within one state, is "interstate commerce" because it might have some effect on drug markets in other states. That’s why federal jurisdiction can be used to prosecute illegal possession. What stops them from using the same argument for DMCA?

Anonymous Coward says:

Re: Re: Re:2 (actual law)

Sadly, last I checked you don’t need to have financial gain as a motive for the advocates of DRM and the DMCA (well, the permission to use dumb robots for enforcement parts, not the icky, icky piratey safe harbor parts, anyway) to harass you and call you a pirate.

Anonymous Coward says:

It’s sort of whom you want to free, isn’t it?

If you want the political/economic power to be the thought police, then you’ll favor DRM and oppose encrypted communications.

If you want individualsto be free to think (and to do the necessary investigation) even without first obtaining great political/economic power, you’ll oppose DRM and favor encrypted communications.

Nobody favors both DRM and end-to-end encryption, and nobody opposes both.

TheBobinator says:

Devils Advocate.

Lets say I configured BitTorrent to work over HTML using EME.

Each time the client connects to the tracker, a seeder, or a leecher, the seedertracker sends the leecher a royalty-free redistribution agreement for redistribution of the data being sent, then the leecher sends acceptance of the agreement to the seedertracker. Literally, send an encrypted, salted data stream and occasionally pause, send the agreement, then continue.

1: ISP has the presupposition this is legit traffic. They look at it, see contract agreements and encrypted data. They respond the ISP cannot look at the data and can only presuppose that it’s legitimate since it’s DRM Traffic, and also, they can’t look at the data stream as that’s a felony.

2: Big Media then contacts law enforcement for a warrant, then drags John Doe into court at which point John Doe provides the documentation of whom gave him royalty free rights to redistribute the work, which they were totally doing via this cool video streaming app.

3: Big Media follows the chain to “This is the first IP Address that shared Movie X”, and discovers a private tracker. They raid it, and the tracker points to non-nonsensical addresses or to the movie studio’s own IP address block. That entire discussion comes down to a he said-she said between logs and proving their was no “technical” issue.

EME is awesome, because it means we have the right to privacy.

My_Name_Here says:


What is funny here is all the arm waving for nothing.

Adding a DRM option to HTML isn’t a big deal. Websites and site owners are not forced to use it, nor are end users required to use it if they do not wish. HTML will not suddenly break without it.

What it does is that it allows rights owners to make a choice how their content is shown to end users, and to protect it from piracy and unauthorized copying. It’s a choice by the content owner, and nothing more.

If you don’t agree with it, use a browser that does not support it or disable the code (you know there will be plugins to do that quick enough). That as an end user is your choice.

If enough users don’t use the feature, or stay away from sites that do require this feature, then either the sites will change or their will wither.

Adding optional DRM into HTML doesn’t break anything else, except perhaps a few narrow minds.

PaulT (profile) says:

Re: Funny

“protect it from piracy and unauthorized copying”

So, you’re still dumb enough to think that this actually works for any lengths of time, dumb enough to think this won’t be used for other means and dumb enough to believe there are zero unintended consequences for legitimate users?

If only you spent as much time educating yourself as you did spouting your ignorance. But, that would involve at least listening to what others are saying before attacking them.

That One Guy (profile) says:

One would hope that when even organizations like Unesco are speaking up, that the W3C would take a step back from the ledge and reconsider its position.

The problem with that is that the W3C aren’t the ones at the ledge, the public is, with the W3C standing behind getting their kicking shoes on and limbering up their leg for a swift boot to the backside.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...