Web's gatekeepers embrace DRM for next HTML5 standard

The Worldwide Web Consortium (W3C) formally accepted a big change recently that could affect future Web standards—a decision that will either change nothing or destroy the Web forever. It all depends on your point of view.

On Monday, the W3C’s HTML Working Group said it would continue working on digital rights management for video for possible inclusion in the upcoming HTML 5.1 standard. The W3C is the group charged with defining guidelines for Web technologies.

The end result could mean that one day, companies like Amazon and Netflix won’t need to rely on third-party plugins like Flash and Silverlight to deliver copy-protected movies and TV shows to your browser. Instead, these companies will be able to use a capability built right into the fabric of the Web itself called Encrypted Media Extensions (EME).

For users, it means no more needing to download a special plugin to view video content. Just fire up your browser, log in to your favorite online streaming video provider, and go. (Assuming providers embrace EME, naturally.)

The inclusion of EME in HTML 5.1 seems to make a lot of sense for the modern Web thanks to the popularity of video streaming services such as Amazon, Hulu, Netflix, and MLB.TV. There's just one problem: Current Web standards favor complete openness and don’t allow for major corporations to prevent their content from being copied.

“Most people would agree that individuals and institutions in general should have the right to limit access to proprietary information, or charge for access to content they own,” W3C CEO Jeffrey Jaffe wrote in May when HTML-based DRM was first publicly proposed for acceptance by the HTML Working Group. “Against this backdrop, the W3C Director [Tim Berners-Lee] has established that work on content protection for the Web is in scope for the HTML Working Group.”

The EFF’s slippery slope

Groups that oppose DRM are not happy about the change. Leading the EME opposition is The Electronic Frontier Foundation, a digital rights advocacy group. The EFF fears that EME could lead to a slippery slope where all kinds of other content protection schemes get included in HTML.

The group notes there is already a W3C community group pushing to make a Website’s source code impossible to read, thereby making it much harder for someone to copy a specific site’s design or front-end functionality. Currently, looking at a site’s source code is as easy as clicking on Tools>View Source in your Web browser. This ease of use has been instrumental in helping people learn how to create Websites by copying and understanding the design decisions of others.

The EFF is also concerned that even text and images in HTML could one day be locked down. In other words, no more cut-and-paste functionality online making it much harder to do research on the Web.

The EFF doesn’t necessarily think all of these usage nightmares will become a reality, but the group does wonder how the W3C can refuse other DRM schemes now that the proverbial barn door has been opened.

Don’t forget the silly

Digital dystopias aside, if you’re on the side of the EFF and hate the idea of copy protection, there are a few things to keep in mind. The W3C is not a standards body in the traditional sense. The group has no actual power to enforce its decisions on Websites and browser makers.

Generally, it's wise to play along with the W3C’s guidelines since everybody else is (at least these days), but Web purists are free to disregard any of the group’s recommendations. In fact, there is already a grassroots push to try and get Mozilla to categorically state it won’t include the EME specification in Firefox.

Given that Apple, Google, and Microsoft—all of whom sell video services themselves—are sure to include EME in their browsers, however, it seems unlikely Mozilla would hold out for long even if it did take a stand.

Beyond the true power of the W3C, there is a more important thing to realize: DRM is silly. It simply doesn’t work. The biggest problem, as author and activist Cory Doctorow has pointed out on many occasions, is that for DRM to work you have to give both the encrypted content and the power to decrypt that content to your potential attacker.

You can’t watch Netflix videos or a Blu-ray disc, after all, without the ability to get past that DRM. And once you’ve given someone the keys to your digital kingdom, it’s only a matter of time until a determined hacker figures out how to crack your copy protections.

Don’t believe it? Type “unlock Kindle books” into your favorite search engine. As long as you know how to click a mouse you’ll have unfettered ePub versions of all your copy-protected ebooks within an afternoon.

Netflix isn’t immune from foiled copy protections either. The company’s exclusive DRM-laden, online-only content including Arrested Development, House of Cards, and Orange is the New Black all appeared on torrent sites within hours of going live on Netflix. Even if hackers didn’t actually crack Netflix’s copy protections and only used screen recording software, it proves there’s always a way to get around nearly any copy protection scheme.

As the EFF notes “DRM is a pain to design, does little to prevent piracy, and is by its nature, user-unfriendly.”

So take heart, friends of the open Web: It’s highly likely there will always be a way around any potential anti-copying measures built into the fabric of HTML.

As for the inclusion of EME, well, as long as copy protections stop at premium video services, it seems unlikely that many people will mind or even notice.

Whether that’s a good or a bad thing, I’ll leave to you.

Subscribe to the The Advisor Newsletter

Comments