
W3C green-lights adding DRM to the Web's standards - zombio
http://boingboing.net/2013/10/02/w3c-green-lights-adding-drm-to.html?
======
cyrus_
The EFF has strong words about where this is taking the open web [1]:

"A Web where you cannot cut and paste text; where your browser can't "Save
As..." an image; where the "allowed" uses of saved files are monitored beyond
the browser; where JavaScript is sealed away in opaque tombs; and maybe even
where we can no longer effectively "View Source" on some sites, is a very
different Web from the one we have today. It's a Web where user
agents—browsers—must navigate a nest of enforced duties every time they visit
a page. It's a place where the next Tim Berners-Lee or Mozilla, if they were
building a new browser from scratch, couldn't just look up the details of all
the "Web" technologies. They'd have to negotiate and sign compliance
agreements with a raft of DRM providers just to be fully standards-compliant
and interoperable."

They suggest the W3C may be digging itself into another hole like the one that
led to the formation of WHATWG. A good read.

[1] [https://www.eff.org/deeplinks/2013/10/lowering-your-
standard...](https://www.eff.org/deeplinks/2013/10/lowering-your-standards)

~~~
wdewind
> It's a place where the next Tim Berners-Lee or Mozilla, if they were
> building a new browser from scratch, couldn't just look up the details of
> all the "Web" technologies. They'd have to negotiate and sign compliance
> agreements with a raft of DRM providers just to be fully standards-compliant
> and interoperable.

I may be totally naive here, but I'm not really sure why this matters. That
there is a WC3 standard does not imply that browsers have to adhere to it. If
they didn't they simply wouldn't be able to access DRM protected content. From
a UX perspective this seems no different from Netflix putting their content
behind a login. Maybe I am being an idiot, if so please correct me, but this
doesn't really seem like anything to worry about. The threats implied by EFF,
that massive corporations will control content on the internet, seems only
true for content published by those massive corporations (and thus are already
happening now, with 3rd party DRM ie: Netflix's Silverlight player). It
doesn't stop people from publishing non DRM protected content.

I would agree this doesn't belong in the spec on technical level, but it seems
to be inclusive not exclusive.

~~~
cyrus_
The W3C is the guardian of the world wide web, a system for disseminating
information publicly and globally to all those who may benefit from it. By
standardizing DRM for video, they are giving legitimacy to a technical kludge
that is designed specifically to prevent the dissemination of information.
There are legitimate reasons why someone may wish to save a video to their
hard drive, just like they can save an image today. There is no reason the web
should be built upon mechanisms designed specifically to privilege corporate
interests over the interests of those falling under fair use exemptions to
copyright laws.

~~~
wdewind
If I had my way we wouldn't have copyright at all. It seems idiotic to me for
the same reasons patents are.

But we do, and so just as you say there are "legitimate reasons" why someone
may wish to save a video, there are too "legitimate reasons" someone may want
to share their work in a protected manner. It's a product. If you don't like
it don't buy it.

There is no part of this that forces the user to view only DRM protected
websites. As far as I can tell this only increases the rights of copyright
holders, which, again, I think is stupid, but seems completely legal and a
reasonable thing to do under our existing legal framework. Edit: it also does
not seem like it will fundamentally change the user experience of the web
since the things that it allows are mostly already doable, just not with an
HTML standard.

~~~
aaronbrethorst

        If I had my way we wouldn't have copyright
        at all. It seems idiotic to me for the same
        reasons patents are.
    

Excellent news! So it's ok if I copy the images, CSS and HTML on your landing
page for your employer for my competitor, then?

Edit: I'm obviously not serious.

~~~
angrow
I wouldn't recommend it: the name and logo are trademarked, and even if you
replaced those, if anyone noticed the rest of the copying, you'd be the
laughingstock of the internet. Who'd want to buy your product then?

~~~
perrupa
Zynga doesn't particularly seem to care about that kind of thing and they're
doing pretty ok...

~~~
tesseractive
They are?

~~~
imdsm
The exec$ are doing ju$t fine I'm $ure

------
Pxtl
Funny how some of the largest sites on the internet can base their entire
business model on stolen pictorial content - completely with stripping off the
identifying information of the original artists - and nobody at the W3C bats
an eye.

But the moment the MPAA muscles their way into the debate, suddenly we're all
about DRM.

If you want DRM, you use a plug-in or a separate application. There's no
reason that an app like Netflix or whatever can't use pure-HTML for everything
_but_ the video-stream and use a plug-in based object for the stream.

Keep HTML free.

~~~
dublinben
>If you want DRM, you use a plug-in or a separate application. There's no
reason that an app like Netflix or whatever can't use pure-HTML for everything
but the video-stream and use a plug-in based object for the stream.

That's exactly what this standard would allow.

~~~
hayksaakian
That's how it is now without a standard. We don't need a standard for stupid
anti-UX features like built in DRM

~~~
thrillgore
And I seriously doubt with EME that it will change this way. I work for a
media company, Flash is used not just for its DRM but because our ad vendors
don't care about HTML5 support. It's why we can't move forward with HTML5
outside of mobile.

~~~
wildfire
You do realise that 'mobile' now accounts for > 50% of pageviews?

Which means that your ad vendors _actually_ about HTML5 support. They just do
not know it yet.

------
pslam
The W3C hasn't been a good "guardian" of HTML for a very long time. This is
pretty much why they're not even the only guardian around - there's also
WHATWG.

For example, 12 years ago W3C attempting to push "RAND" patent licensing into
HTML:

[http://lists.w3.org/Archives/Public/www-patentpolicy-
comment...](http://lists.w3.org/Archives/Public/www-patentpolicy-
comment/2001Sep/)

This was 100% against the concept of a free, open web, and it took a huge
effort to stop it happening. It's crazy that it even got that far.

So it's no surprise that they're pushing industry interests again today. I
lost all confidence in that group safeguarding HTML a long time ago, and it
looks like the they haven't changed.

------
bcoates
Here's the membership list of the W3C:
[http://www.w3.org/Consortium/Member/List](http://www.w3.org/Consortium/Member/List)

It would be great if anyone opposed to this would contact an organization on
this list, ask them why they're endorsing and funding DRM and the end of the
free Web, and if not, when they will be resigning from the W3C.

Every name you can get stricken from the list is up to around $70,000 per year
defunded from what is now most effective driver of DRM in the world. [1]
Getting some public statements from the membership would be educational, if
nothing else.

[1]
[http://www.w3.org/Consortium/fees?countryCode=US&quarter=10-...](http://www.w3.org/Consortium/fees?countryCode=US&quarter=10-01&year=2013#results)

~~~
smosher
How do you think Sony and the EFF will respond?

------
x0054
Ok, it sounds to me like this is way, way, over blown. First, the DRM is NOT
going to be built into the browser it self. It's basically a new name for a
plug in system, nothing more. So, to everyone who thinks they can roll their
own browser and avoid the DRM, no you will not be able to.

It's not bad or good for consumers, at best, it's about the same. It's very
simple, studios will not allow you to rent their movies without DRM. Netflix
will not be able to function without DRM. Neither can steam. It's not up to
them, it's up to the content providers, not companies like Netflix.

Is it stupid? Yes. My high school teacher, with no technical knowledge what so
ever had a way to brake almost any video DRM. He would play the video on his
TV, and record the image with his HD Cam. Stupid? Yes. Effective? Also yes.

The point is, as long as its a plugin type of architecture, not part of the
browser binary, what's the big deal. How is it different from Flash or
Silverlight?

Oh, and to everyone that proclaims that DRM is bad. Many of you are developers
for startups. Is your startup all open source? Why not? Isn't compiling code
or running it only on your servers just another type of DRM? Ask your self,
would you have a job if your company was forced to share all the code you
write? All of it, even the stuff that you write from scratch and only run on
your servers.

I think many people hate DRM because of how bad it's implemented, not because
of the fact that its there in the first place. Well implemented DRM should be
completely transparent to the end user who paid for the content. Steam and
Netflix do a pretty good job of it.

~~~
makomk
No, the DRM is going to be built into the browser itself. Browser vendors
could in theory implement it as a plugin but they don't seem to be planning to
and the W3C doesn't specify any kind of plugin mechanism. IE11 at least
integrates it into the browser executable.

~~~
diminoten
That's just not true, for exactly the example provided above.

It'd make no sense to let people roll their own browsers that circumvent DRM.

------
pkulak
I don't understand why everyone is up in arms about this. Some content cannot
go anywhere without DRM. That's not going to change. Do you think the
Universal is just 6 months away from streaming the latest blockbuster with VP8
in a video tag?

Right now we have Flash and Silverlight everywhere and it's a PITA. How open
are those two? This adds the option of moving this stuff out of plugins. If
you want to live in some everything-is-free utopia, just never visit
netflix.com.

~~~
chadwickthebold
There's a difference between a closed plugin and a closed browser. Let the DRM
content stay in their plugins in their paywalled sites, while the web in
general remains open and benefits from the creativity and innovation that
flows from that openness.

~~~
debacle
I don't think anyone said that the DRM code will be closed source.

You don't complain when you can't decrypt PGP, even though PGP implementations
are open source. This is the same thing.

~~~
revelation
If it's open source, I can just swoop in, inject some code and make a copy of
the decrypted data stream for 'archival purposes'. Won't take a day for a PoC.

I can still do this with closed source DRM blobs, but it will take much
longer. And there will probably be pointless anti-debugger tricks, system wide
hooks that break countless other software, kernel drivers that BSoD your
system..

That is precisely why this proposal is such a terrible idea. It writes into a
standard that it is okay to produce software that is actively hostile to its
user, while having absolutely no security gain whatsoever (because the concept
is fundamentally broken: if the data is being decrypted on my system, I will
get it).

~~~
debacle
But you can do that with any DRM - the unencrypted stream will always be in
memory at some point.

~~~
nitrogen
Not if the decryption is handled by hardware that refuses to give an
unencrypted video stream back to the CPU.

~~~
revelation
An extra hardware chip is a closed system. You control all the input that
comes in. It is just a more annoying form of obfuscation at that point.

~~~
nitrogen
Nothing in the W3C's DRM spec provides for anything better than a closed
hardware chip.

------
tikhonj
How will this work with open-source browsers like Firefox? After all, what's
to stop somebody from publishing an extension or even a modified version of
the browser itself? DRM seems fundamentally unenforceable, after all.

Are the people pushing for this hoping it's just too much hassle?

These questions aren't rhetorical: I'm interested in what exactly the DRM
people are pushing and how they expect it to work. Just not interested enough
to read about it myself :D. (Also, I think this makes for a great conversation
topic.)

~~~
schoen
In most DRM systems the information is distributed encrypted. The decryption
keys are given to technology developers who have specifically promised to obey
the DRM rules, as well as to make their technology hard for users to
understand or modify so that the users can't easily undo the restrictions or
extract the decryption keys.

Hence a browser developer or OS developer or developer of whatever software is
in question wouldn't be permitted (by the DRM system's inventor or
administrator) to get decryption keys if they didn't promise to implement
these restrictions.

Some of the people who invented the modern DRM business ecology called this
"the intersection of technology, law, and commercial licensing" (the title of
a 1996 article by Dean Marks and Bruce Turnbull). Here, the "technology" is
DRM implementations -- including software obfuscation and other measures; the
"law" is anticircumvention laws like the DMCA §1201 that make it risky for
people to use the decryption keys in ways that industry dislikes; and
"commercial licensing" is the permission from a DRM developer to interoperate
with that DRM, including "compliance" rules (about the functionality of the
technology product) and "robustness" rules (about tamper-resistance), that
result in the licensee being issued decryption keys.

In my view (I worked on EFF's objection) this is a deliberate attack on
software interoperability: the whole point is to allow someone to try to
prevent interoperability with software that hasn't been "approved". And it's
also in extreme tension with the idea of having browsers that end-users can
modify (their individual instances of).

~~~
PeterisP
I see no way how an open source system can implement any effective DRM
standard while staying open source.

If a proper open source system has a component that enforces DRM, and is
functional when I download it, then it includes those keys; but gives me an
unconditional right to use and modify it. And I am physically able to modify
it, un-implementing those restrictions.

If part of the system cannot be modified by me, then the whole is not open
source, and any open source system such as Firefox shouldn't include that part
or standard.

~~~
schoen
I agree. In previous discussions about this, some people emphasized the idea
of open source development, as opposed to giving an open source software to an
end user. For example, you could run a binary through an obfuscator after
compiling in a decryption key -- from source code that had been published and
distributed under an open source license. If the license isn't a
reciprocal/copyleft license, this is probably not a license violation, but it
seems wrong to say that the user who receives the binary is being given open
source software.

This issue reflects the way that people have had very different ideas about
what the point or purpose of free and open source software is (in some ways,
reflecting the split between people who preferred to say "free software" over
"open source" and vice versa).

It's also a very concrete issue today in whether people call, say, the Chrome
browser "open source". Most of their source code is downloadable, derived from
the fully open-source Chromium project, but in Google's current practice,
users never get the complete source code to the Chrome binaries that they run.
If you're focused on the development process, it might almost make sense to
call Chrome "open source" because almost all of its source code is
distributed, licensed, and developed in an open source manner -- but if you're
focused on what users can do with the software, it's obviously just a
proprietary application (with a proprietary EULA, to boot).

~~~
makomk
> For example, you could run a binary through an obfuscator after compiling in
> a decryption key -- from source code that had been published and distributed
> under an open source license.

Of course, if you do that you may as well just not release the source code at
all, because there's no way for the user to tell that the binary does actually
correspond to the source without also being able to extract the encryption key
and break the DRM.

~~~
schoen
I think that verifiability is an important security benefit from publishing
source code and I hope to talk more about that soon.

Some people think that publishing source code is first and foremost a way to
get other people to collaborate on its development, not to ensure any
particular rights or knowledge or safety for people who end up using the
software. For example, you could imagine a consortium of people who each make
a super-proprietary locked-down thing and they publish and collaborate on the
code of some libraries that their respective locked-down things need. They
actively do want other locked-down thing makers to comment on how to make the
code better and contribute patches, but they actively don't want customers to
use that knowledge to make the thing less locked-down (or to be able to verify
what it does or doesn't do).

This is a situation that we often encounter in the real world, and in fact
some of the locked-down thing makers are even surprised when people say the
contrast in their behavior with respect to these audiences is strange or
hypocritical, because they didn't know or didn't remember that other people
think software freedom is partly or mainly meant to benefit users.

~~~
makomk
I've certainly noticed some people do that, but in essence isn't that just a
way to get other people to do their development work for them for free,
without giving those developers any of the benefits that come from true open
source software in exchange?

------
AlexanderDhoore
Can someone PLEASE explain to me the following: If my computer is playing the
video and playing the audio. How on God's green earth can they stop me from
capturing that? ... It's playing right in front of me... I can hear and see
it. It's not hidden or secret. Look.

If you ask me, the only reason DRM has worked up to now, is because code/file
formats/protocols were secret. People didn't have access to the source. But
now they do, in the open source browsers.

But PLEASE enlighten me. I wants to know.

~~~
dublinben
HDCP does a 'pretty good' job of achieving that. There's a protected path all
the way to the display, that can't be accessed by other software.

~~~
AlexanderDhoore
If it's encrypted all the way to the hardware, then it get's a bit more
believable. But that really can't be done on the web, can it? "You no have DRM
chip? No tubez for you!"

~~~
frozenport
1\. Your cellphone can't watch YouTube without hardware decoding.

2\. An issue closer to home can be seen
[http://wiki.xbmc.org/?title=Raspberry_Pi/FAQ#Video_and_audio...](http://wiki.xbmc.org/?title=Raspberry_Pi/FAQ#Video_and_audio_formats_the_Raspberry_Pi_can_playback)
.

3\. Companies target audiences and not platforms. For example, Netflix on
Linux.

~~~
makomk
Come to think of it, in theory the Raspberry Pi could support a DRM scheme
that's entirely "open source" in the same way that their graphics drivers are
already. Basically, the GPU is actually a fairly powerful processor running a
binary blob that receives messages from the ARM CPU - if it did all the
decryption the CPU-side code could be entirely open.

~~~
Touche
It doesn't matter unless the website acknowledges your DRM scheme.

------
josteink
This is poison and against everything the W3C is set to do according to their
own mission statement.

Everything we've spent the last 20 years building and standardising. Now
ruined. Tainted.

They have now lost all legitimacy among anyone who calls themselves a
proponent of the open web. We need a new leadership as the old one can't be
trusted. We need an open web action group to start over.

Thanks for fragmenting the web, W3C. Thanks for nothing, assholes.

~~~
parasubvert
A bit melodramatic.

The W3C was always a pay-for-play organization led by corporate interests. The
full time staff of the W3C were MIT academics trying to foster conversation so
that the openness of the web could be preserved among the reality that most
funding for browsers was between competitors looking to make a buck. It took
enormous pressure and nearly a decade (1994-2004) to foster web standards to
the competent mediocrity they are today.

The WHATWG only solidified the corporate interests, by making browser makers
The Only Ones Who Matter: Google (who also funds Mozilla), Microsoft, and
Apple.

You can claim you want new leadership, but who has the credibility and
legitimacy you claim has been lost? Students? Government workers? All
competent engineers are working for for-profit companies (or are funded by
them) that want to monetize your eyeballs. You could look to academia and
government-funding, I suppose, like the original web. But the web is here,
now. It's likely not going to be replaced.

Starting over is a loser's game.

------
chadwickthebold
I think that many people are drastically underestimating the effect this may
have on the open web. The response "oh, well we'll just build a browser that
will avoid the DRM" isn't going to work quite as well as one might hope. It's
not such a stretch of the imagination that content providers will detect such
browsers and refuse to supply any content at all. This would be similar to
what many sites do now for users of IE6-8, where a message is displayed
prompting them to upgrade. Except in this case a message would be displayed
telling you to download an effectively locked-down browser. Ugh.

~~~
grimtrigger
Impossible, browser detection is easily spoofed. Some browsers come built with
the ability to spoof other browsers since its valuable for developers who need
to test how their sites appear in other browsers.

~~~
da_n
But you could easily do feature detection, much like Modernizr, simply
changing the user agent is not going to fool anyone.

------
DonGateley
This could have really huge and ugly long term consequences for search
engines.

OTOH, with a little help from the OS to guard the path through to the HDMI
spigot (which is probably already in place) I may be able to see all my Amazon
Instant Prime content via my browser in HD. :-)

There's an upside to the downside. Some things will be closed by this and some
things will be opened. The impact on the non-pirating media consumer will
mostly be positive.

The impact on the cable companies and other parasitic channels through which
content must now pass will, to our benefit, be negative since content
producers will need them for nothing to maximize the returns on their
investment. Many hands that dip into the revenue stream between the producer
and the consumer to merely protect the stream can be easily eliminated. The
same is true of all the various music channels from the labels through iTunes
to Spotify.

I like this because artists and producers will be able to negotiate with us
directly which will lower the cost and the motivation to pirate. I'm all for
artists and producers making money on their work, but not all the various
middle men this can remove from the picture.

I'm very concerned, however, about the possibly negative effect on things
other than media content like the general flow of news and information. Any
item of information can now easily carry a price for internet access
independent of the channels through which it moves.

Verdict: mixed bag.

------
revelation
I don't get it. If they want a plugin, they should build a plugin. Why would
any sane person (1) create redundant infrastructure for DRM plugins (2) get
all the same security problems and more just because some hipsters at Netflix
get a hardon when they can't use HTML5 video tags and have to embed a plugin?
We certainly shouldn't offload Netflixs woes with content producers onto every
browser maker in existence.

What a bizarre discussion. Should have been laughed out from the first
proposal.

~~~
josteink
_Should have been laughed out from the first proposal._

And yet it wasn't. Can certainly make you wonder about the health of the W3C
as a whole.

------
jimktrains2
What happened to the concept of the User Agent being a representative of the
user, not the content provider?

~~~
yk
It is now a user-double-agent.

------
oscargrouch
This is a clear sign that the W3C now is hostage of the big corporations.. say
goodbye to the dream and vision created by the founders of the Web, and what
the WWW was meant to be for us all: a democratic place of freedom, education
and shareing to all the world.. a world without frontiers, without borders..
infinite as it could be..

All i see now is the corporate internet.. people may not remember this but AOL
and the like tried to create privates corporate internet's and lose in the
long term.. the world was too big to be contained.. to be controlled..

This is the beginning of the end of what internet was supposed to be?

~~~
parasubvert
I think you completely have missed the historic charter and nature of the W3C.
It always was a pay to play organization, where they highly encouraged
corporate or institutional members and dissuaded individual membership. It's
very, very different from (say) the IETF.

The intent was to recognize the Web world for what it was: filled with
competitive interests with no interest on the integrity of the architecture
that had been created. The W3C was a way to bring their engineers together to
save the Web from the various marketing departments that were escalating an
arms race of proprietary browser features. It was to create a legitimate
channel to drive agreements across competitors without antitrust concerns.

It didn't entirely succeed, only somewhat. But this decision is consistent
with its history. The W3C is only a reflection of its members.

------
mmcclure
I don't mean this as a defense of EME, but I think this is more rabble-rousing
and fear mongering than anything else. What the EFF and this article are
saying is that EME opens the door for this kind of stuff to make its way to
the spec. EME on its own does absolutely none of this.

EME is _not_ DRM. It's a standard spec for plugins that provide DRM.
Essentially it means that someone like Netflix could still use the HTML5 video
element for playback while interacting with a browser plugin just to handle
the DRM aspect of things.

~~~
josteink
It's DRM legitimised as a concept in a supposedly open standard. it's a
slippery slope.

with video DRM having a foot inside, who dares to venture a guess at what the
next victim will be? DRMed js? DRMed html?

~~~
snowwrestler
How is the EME slope any more slippy than it is right now with Flash or
Silverlight? Both allow sites to serve code in an obscured and non-open way.
And yet no one serves a Flash-only or Silverlight-only site.

------
stackcollision
I don't see it taking too long for someone to make an open source DRM-free
browser that just ignores the HTML 5 DRM functionality.

~~~
AlexanderDhoore
Would that be possible? Then can this still be called DRM?

Edit: How can it be DRM if the algorithms/formats/protocols are open? Or
aren't they open?

~~~
forgottenpass
>How can it be DRM if the algorithms/formats/protocols are open? Or aren't
they open?

They're not. IIRC, the only open parts are the hooks the actual DRM plugin
(but we're not calling it a plugin!) will utilize.

------
tzs
Actually, they are green-lighting EME, not DRM. EME can be used as part of a
DRM system, but it has other possible uses. For instance, one could build a
nice system around it to allow a group of friends or family to share private
encrypted movies or images.

------
kineticfocus
[http://en.wikipedia.org/wiki/Foot-in-the-
door_technique](http://en.wikipedia.org/wiki/Foot-in-the-door_technique)

------
wavefunction
I'm just curious about what all of you opposed to this would offer as an
alternative to companies like Netflix or other streaming sites. No DRM? That's
simply not going to fly.

If you really want to undermine DRM in an honest and ethical manner, you
should leave those DRM'd properties to their owners and support non-DRM media.

How many of you listen to itunes media and are raging about this...

~~~
maggit
DRM-free is the way to go, and has been the way for music on iTunes since
March 2009
([http://www.macworld.com/article/1137946/itunestore.html](http://www.macworld.com/article/1137946/itunestore.html)
and
[http://en.wikipedia.org/wiki/ITunes_Store#Movement_against_D...](http://en.wikipedia.org/wiki/ITunes_Store#Movement_against_DRM))

I seem to remember reports that iTunes sales increased quite a bit as they
removed the DRM, indicating that removing DRM does indeed make the most
business sense, not just the most moral sense or whatever. The best source
I've been able to come up with quickly is this:
[http://www.theinquirer.net/inquirer/news/1022890/emi-drm-
fre...](http://www.theinquirer.net/inquirer/news/1022890/emi-drm-free-sales-
boom)

~~~
wavefunction
They only went DRM free in response to pressure from Amazon who began selling
DRM free MP3s. I am not a fan of DRM at all but I believe that if a "content
owner" wants to encumber their own creation with it, they should have that
right and freedom.

~~~
bowlofpetunias
No, they should not have that "right and freedom", because being a "content
owner" is not some natural god given right.

Copyright is something that is granted to someone by society for a purpose.
Encumbering a creation with DRM defeats that purpose.

Sure, anyone has the "right and freedom" to add DRM to anything. But in that
case anyone should also have the right and freedom to break the DRM and
redistribute the content.

~~~
parasubvert
DRM does not defeat the purpose of copyright. Both copyright and DRM are just
means to erect partial-excludability for an information good to encourage a
market economy around the exchange of that good. One is a legal barrier, the
other is technological.

We do this with physical goods through laws around theft, and police to
enforce those laws. Information goods however, are non-rival, thus aren't
subject to theft, just copying. So, generally, society doesn't enforce
"excludability breaking" with information as stringently as we would with a
rival good. Sometimes it does go completely, and inexcusably overboard: see
Aaron Swartz.

We haven't had a lot of time to think through what we really want as a society
here. Information economics concepts like transparency, excludability and
rivalry are still very new to people. The nature of information goods is not a
market economy, it's a gift exchange economy. Yet we've built 300 years of
progress on a market economy. So we're evolved to a hybrid of market-gift
economies in the information sector, but no one really knows where it will end
up in the long run.

Amusingly, the most free country on breaking and redistributing digital
content is China. I remember the old saw that Adobe Photoshop used to cost $0
in China, but $300 for the manuals. Almost every other country frowns upon
such behaviour and tries in some way to make it illegal.

------
treenyc
Just have a label in Firefox that says:

CLOSED SOURCE

icon

on top so that we know we are about to visit a site where we can't see the
source of the javascript that is being run on our computer.

The idea is to develop a culture for people to prefer OPEN SOURCED site vs a
CLOSED SOURCED one.

------
AlexanderDhoore
Look! The prison's so big you can't even see the walls! How nice.

------
thrillgore
Wow. This isn't just adapting DRM, they're literally saying that they can
change the HTML5 standard at a whim and we'll only have access to the CC0
licensed spec.

Time to fork HTML5.

------
oonny
Isn't this good news for video distributors who haven't converted over to
HTML5 (native video support) because of lack of support for DRM?

~~~
davexunit
And terrible news for all users.

~~~
oonny
how so? I really don't get it. how is moving from a plugin (flash/sliverlight)
to html5 a bad thing as long as you can protect your content?

~~~
davexunit
Because I think "protect" is propaganda in this context. Digital restrictions
management is harmful to users.

------
maxk42
Let them. I'll build my own browser and it won't respect this shit in the
slightest.

We'll make a new W3C. One that can't be bought so easily.

~~~
ToastyMallows
I'll go build my own W3C, with blackjack and hookers!

------
1qaz2wsx3edc
I wish a browser vendor would step up and say no to this. As in "we won't
support a DRM future in the browser". Firefox, Chrome?

~~~
mcherm
Mozilla (makers of Firefox) campaigned strongly against this in the W3C. But
they haven't promised never to support DRM in their browser, and they are not
likely to as it would marginalize their browser. What is more likely to happen
is that they won't be able to pay the licensing fees for the DRM software and
therefore won't include it, and then their browser will become marginalized.
("Firefox: the browser that can't view YouTube or Netflix.")

~~~
AnIrishDuck
For a preview of how this approach would turn out for Mozilla, look at the
H.264/WebM debacle. Mozilla refused to implement H.264 for a long time, but
after Google reneged on its promise to drop support, Mozilla finally caved to
keep its userbase.

I doubt they'd even try again, seeing as they've already seen this movie and
know how it will end.

~~~
keeperofdakeys
The main reason Mozilla didn't add H264 was because of royalties, which they
couldn't pay. I don't know how much ideology was also behind the decision.
Their solution was to use the OS to decode H.264, bypassing the need to
implement the codec, and pay royalties. So I'm not sure how much of it was
"caving", and how much was finally implementing the solution.

------
pippy
HTML5 DRM video makes sense, and it might force content producers to modernise
their distribution methods. This would be nice for consumers, many of who are
forced to pirate simply because content isn't available in their country or
don't have cable subscriptions.

It won't stop piracy, even if it means holding a camera up to the screen to
capture the data.

However locking down the browser itself is simply ridiculous. it reminds me of
snopes.com disabling right click.

------
cmircea
All of this is just the symptom of not providing a goddamn good service. If
these media companies would provide a good service DRM wouldn't make sense
even in their minds. But no, they're stuck in the dark ages, with their heads
up their asses.

I mean, look at what Steam has done to the video game industry; or iOS/Android
app stores. When it's easier to buy the copy pretty much nobody is going to
bother stealing it.

~~~
oscargrouch
Only that steal is such a strong word for that.. i dont think digital goods
can be stealed, cause steal is to subtract somebody of something.. if i get
your watch without your consent, you will be without it.. thats steal..

With a digital good you can copy over and over, and never subtract the
original author of its own copy..

The industry itself tried to implant this wrong concept on the peoples mind so
they would think its the same.. only its not..

i think the best approach from them would be to accept that new reality in the
digital age.. and try to collect money from good customers, the buyers, and
try to collect from the people that have made copies of the work by stating
they have obligations, and expenses to do that work, and ask for the users the
support..

i think thats pretty much what microsoft did with windows.. trying to fight
with a possible customer treating him as the enemy, will only hurt them in the
long term..

They need to think with a new perspective, not with the same ideas as the XX
century.. it will only cause them more damage than good.. people will see them
as the enemy, much like we are seeing now

------
ramigb
Fuck the greed, the amount of work that will be wasted from both sides of
people trying to implement DRM and others who are trying to bypass DRM should
be spent on something more useful like agreeing for once at already
implemented standards and making them work cross browser, or implementing new
better solutions, but no, it's important to protect Miley Cyrus' songs or the
universe will collapse.

------
cx42net
Maybe I missed the point here, but firstly, browsers are free to choose to
implement some parts of the W3C recommandations right ? and secondly, if the
browser you use is implementing the DRM constraint, it's just a browser level
restriction right? That mean you can either use a plugin that will fetch the
blocked content or use an other browser to do it ?

This is doomed before being born (or I missed something).

------
judah
New coined term: DRM-HTML.

'By contrast, W3C has now put its weight behind a restrictive future: let's
call it "DRM-HTML".'

------
otikik
Let them spend their money and time there.

That's money and time they will not spend doing something useful for their
interests.

------
pasbesoin
I refuse to engage in blind trust, either that content will remain available
(including that of historical or functional significance) or that -- encased
in an opaque block -- it will be safely and fairly delivered.

DRM is a non-starter, for me. Keep your shit out of my peanut butter.

------
rdl
While DRM is generally annoying, if the technology exists, it might be
interesting to use it for ERM -- being able to prevent copying of documents
which are editable in-browser would be potentially a better way to work than
the VDI or dedicated hardware used now.

------
robmcm
So implemented DRM will still need to be supported on different platforms and
browsers, and after the H264 crap what are the chances of that happening?

They would be better off having some sort of plugin archetecture that allows
this kind of development for specific platforms...

------
Gonzih
W3C - Ruining HTML since... often...

------
throwwit
How does allowing a proprietary tech into the browser do anything more than
harm the system?. Didn't this just open up the browser to possible secure
channels for botnets? Do DRM concerns trump security?.

------
wnevets
If you have to distribute the key to the client (dvd player, browser, etc)
isnt it just a matter of time before the key is discovered and the content can
decrypted at will?

How does this standard prevent that?

------
biturd
isnt this the equivalent of greying out the "view source" menu item or
removing the developer menu item?

You can still get the entire page, it comes in over the wire. If they do this,
I would assume we can just capture the raw data, and new apps that decode that
raw data and give the same tools as the browser developer tools offer.

If not, hopefully there are browsers who refuse to implement, and hopefully it
takes less time than it took Adobe to learn their lesson.

------
vvvVVVvvv
Oh, hi Minitel
([http://en.wikipedia.org/wiki/Minitel](http://en.wikipedia.org/wiki/Minitel)),
long time no see.

------
jakeogh
W3C is on HAL's side...
[http://www.youtube.com/watch?v=yYqkU1y0AYc](http://www.youtube.com/watch?v=yYqkU1y0AYc)

------
wildster
If this means companies like Netflix use HTML5 rather than Silverlight to
stream films it will ultimately make the world a better place.

~~~
camus
makes no difference , you'll still need to install some 3rd party plugin or
buy authorized hardware in order to run the media.

Doesnt change anything for the client.

The providers will swap an object tag for a video one ,that's what it is all
about.

It's basically a Flash or Silverlight for video and sound only.

------
jsilva
Does anyone know if this EME Plugins would be able to access browser data or
what kind of data would be available to this plugins ?

~~~
makomk
The mechanism for the EME plugins to interact with the browser isn't specified
at all last time I looked - it's totally browser-specific.

------
X4
They got perfectly subverted. I hope they revoke it, can somebody open a
petition? I'll sign it!!!

------
titaniu
> W3C green-lights adding DRM to the Web's standards

I think I threw up a little in my mouth when I read that.

------
transfire
The WC3 has sucked for ages. I can't wrap my mind around why anyone follows
there lead anymore. Everything that comes out there is overly complicated and
totally misses the larger picture. Sound like they've also sold out on top of
that now. I say frail them.

------
shmerl
One should think twice before supporting Netflix in any way after this.

------
asc123
As someone that learned a lot using view source. this is just upsetting

------
bsimpson
"So long, and thanks for all the GIFs."

------
nodata
Good. Roll on W4C!

~~~
asc123
Wicked World Wide Web

------
jcromartie
Aaaaaaand the W3C is now officially irrelevant.

------
vaibhav_kaushal
Web is all about hollywood now, it seems!

------
joshlegs
the hell? What were they thinking when they decided this would be a good idea
??

------
bingeboy
OMFG!

