Monday, March 13, 2017

Encrypted Media Extensions (EME)

Glyn Moody (Reddit):

For the last four years, the Web has had to live with a festering wound: the threat of DRM being added to the HTML 5 standard in the form of Encrypted Media Extensions (EME). Here on Techdirt, we’ve written numerous posts explaining why this is a really stupid idea, as have many, many other people. Despite the clear evidence that EME will be harmful to just about everyone -- except the copyright companies, of course -- the inventor of the Web, and director of the W3C (World Wide Web Consortium), Sir Tim Berners-Lee, has just given his blessing to the idea[…]

Tim Berners-Lee:

The question which has been debated around the net is whether W3C should endorse the Encrypted Media Extensions (EME) standard which allows a web page to include encrypted content, by connecting an existing underlying Digital Rights Management (DRM) system in the underlying platform. Some people have protested “no”, but in fact I decided the actual logical answer is “yes”.

[…]

The reason for recommending EME is that by doing so, we lead the industry who developed it in the first place to form a simple, easy to use way of putting encrypted content online, so that there will be interoperability between browsers.

[…]

If W3C did not recommend EME then the browser vendors would just make it outside W3C. If EME did not exist, vendors could just create new Javascript based versions. And without using the web at all, it is so easy to invite ones viewers to switching to view the content on a proprietary app. […] If the Director Of The Consortium made a Decree that there would be No More DRM in fact nothing would change. Because W3C does not have any power to forbid anything.

Anne van Kesteren:

The fact that the CDM (DRM code in the article) is not part of the standard means the promise of interoperability is false.

And the fact that CDM sandboxing is not defined means you allow for a race to the bottom in terms of end-user security.

Peter Bright:

EME does not specify any DRM scheme per se. Rather, it defines a set of APIs that allow JavaScript and HTML to interact with decryption/protection modules. These modules will tend to be platform-specific in one way or another and will contain the core DRM technology.

[…]

The EFF, along with the Free Software Foundation (FSF) and various other groups, has campaigned against the development of the EME specification. They signed an open letter voicing their opposition and encouraged others to sign a petition against the spec.

[…]

However, it’s not clear that EME does anything to exacerbate that situation. The users of EME—companies like Netflix—are today, right now, already streaming DRM-protected media. It’s difficult to imagine that any content distributors that are currently distributing unprotected media are going to start using DRM merely because there’s a W3C-approved framework for doing so.

Update (2017-04-22): See also: Richard Stallman (via Hacker News).

6 Comments RSS · Twitter

The lack of standard for DRM media in HTML is what force broadcaster that want to distribute protected content to keep using flash and this is what is hurtful for users.

Thinking that these distributors are going to drop DRM because there is no standard is utopian.

"The lack of standard for DRM media in HTML is what force broadcaster that want to distribute protected content to keep using flash and this is what is hurtful for users."

Meh. The status quo is beautiful, IMHO. DRM requires plug-ins no sane user will install. Hence, DRM is effectively prohibited on the open web. I genuinely fail to see the problem with that.

What's wrong with apps on mobile, and streamer boxes for the 10 foot interface for DRM content? Why do PC's need access to DRM content?

I'm glad you got free stream boxed and TV, but on my side, I mostly watch TV replay services on my computer and I don't want to be forced to install a bunch of crapwares to be able to them. Moreover, I don't want to have to install a plugin per service I want to access.

"I'm glad you got free stream boxed and TV, but on my side, I mostly watch TV replay services on my computer and I don't want to be forced to install a bunch of crapwares to be able to them. Moreover, I don't want to have to install a plugin per service I want to access."

Fair enough. Every use-case-scenario is different. There will be trade-offs to any scheme.

But if you just look at numbers, how many folks have a real need to watch DRM content on a PC? You can't buy/use an iPad for such services, if you don't want to watch from a 10-foot interface?

I guess my point is that many, many more folks would be inconvenienced by DRM infesting HTML than would be inconvenienced by having to use a "mobile" platform or 10-foot interface for such content. Trade-offs, again. But from a utilitarian standpoint, IMHO, more folks would benefit by keeping DRM from infesting HTML. Obviously, YMMV.

[…] Previously: Encrypted Media Extensions (EME). […]

Leave a Comment