Higher standards

Many people are—quite rightly, in my opinion—upset about the prospect of DRM landing in the W3C HTML specification at the behest of media companies like Netflix and the MPAA.

This would mean that a web browser would have to include support for the plugin-like architecture of Encrypted Media Extensions if they want to claim standards compliance.

A common rebuttal to any concerns about this is that any such concerns are hypocritical. After all, we’re quite happy to use other technologies—Apple TV, Silverlight, etc.—that have DRM baked in.

I think that this rebuttal is a crock of shit.

It is precisely because other technologies are locked down that it’s important to keep the web open.

I own an Apple TV. I use it to watch Netflix. So I’m using DRM-encumbered technologies all the time. But I will fight tooth and nail to keep DRM out of web browsers. That’s not hypocrisy. That’s a quarantine measure.

Stuart summarises the current situation nicely:

From what I’ve seen, this is a discussion of pragmatism: given that DRM exists and movies use it and people want movies, is it a good idea to integrate DRM movie playback more tightly with the web?

His conclusion perfectly encapsulates why I watch Netflix on my Apple TV and I don’t want DRM on the web:

The argument has been made that if the web doesn’t embrace this stuff, people won’t stop watching videos: they’ll just go somewhere other than the web to get them, and that is a correct argument. But what is the point in bringing people to the web to watch their videos, if in order to do so the web becomes platform-specific and unopen and balkanised?

As an addendum, I heard a similar “you’re being a hypocrite” argument when I raised security concerns about EME at the last TAG meetup in London:

I tried to steer things away from the ethical questions and back to the technical side of things by voicing my concerns with the security model of EME. Reading the excellent description by Henri, sentences like this should give you the heebie-jeebies:

Neither the browser nor the JavaScript program understand the bytes.

Alex told me that my phone already runs code that I cannot inspect and does things that I have no control over. So hey, what does it matter if my web browser does the same thing, right?

I’m reminded of something that Anne wrote four years ago when a vulnerability was discovered that affected Flash, Java, and web browsers:

We have higher standards for browsers.

Have you published a response to this? :

Responses

www.kryogenix.org

“If all your friends jumped off a bridge, would you jump too?” “Oh jeez. Probably.” “What!? Why!?” “Because all my friends did.” — xkcd, Bridge

Mozilla have decided to implement the HTML5 EME DRM for videos. This sucks. I don’t like the EME stuff. It’s contrary to the whole idea of the web. It’s potentially the beginning of a slippery slope of web pages being locked off because that’s what the ebook people want. I wrote about this last year. Jeremy says that it is precisely because other technologies are locked down that it’s important to keep the web open, and he’s right. But… that didn’t happen. The web is not open. Google and Microsoft and Apple have already started implementing EME, over the complaints of precisely nobody. The argument that adding DRMed video divides the web into haves and have-nots apparently didn’t cut any ice with those browser vendors. So Mozilla reluctantly fall in line, and are castigated for it in a way that the others weren’t. Now, there’s a reasonable argument that Mozilla should be held to a higher standard, because their goal actually embodies the Open Web and the others are primarily about profits and market share. Mozilla should stand on principle, precisely because they have principles. I admire this argument, but unfortunately it’s like perpetual motion machines, the 200mpg carburettor, and the rehydrateable pizza from Back to the Future — it doesn’t work. The world isn’t nice just because you wish real hard. Mozilla have stood on principle in the past, by refusing to implement H.264 format video. It made no difference. They were laughed at for not being “modern”, their users just found that some videos mysteriously wouldn’t play, they were told that standing on principle made them irrelevant, and it made no difference to the market. They have a voice at the table, but it’s not loud enough to move the industry when the industry want something else. The last people to try this other than Mozilla were Opera. The Opera team devoted their time to being standards compliant, working to improve those standards where possible, taking the decision to be correct rather than compatible in most cases, and what happened? Nobody used their browser because it didn’t work, and now they use Blink as their renderer instead. I like the warm fuzzy feeling I get from knowing that Mozilla are out there doing the right thing. But there’s always been an edge of, well, they’re doing the right thing which means that I don’t have to. Firefox should stand on principle here and refuse to play DRMed videos… but of course I’m not going to stop using DRMed video, I’ll just use Safari for that. The warm fuzzy feeling is jolly nice, but it’s not enough to actually keep the Mozilla organisation running. If you dislike Mozilla doing this (which I do, too), then where’s the outcry against Apple and Microsoft and Google for doing the same thing? Where’s the outcry against them for doing it first? Mozilla helps keep the web open for us, but in return we have to help keep the web open for Mozilla. And we aren’t.

# Thursday, May 15th, 2014 at 12:41pm

www.kryogenix.org

“If all your friends jumped off a bridge, would you jump too?” “Oh jeez. Probably.” “What!? Why!?” “Because all my friends did.” — xkcd, Bridge

Mozilla have decided to implement the HTML5 EME DRM for videos. This sucks. I don’t like the EME stuff. It’s contrary to the whole idea of the web. It’s potentially the beginning of a slippery slope of web pages being locked off because that’s what the ebook people want. I wrote about this last year. Jeremy says that it is precisely because other technologies are locked down that it’s important to keep the web open, and he’s right. But… that didn’t happen. The web is not open. Google and Microsoft and Apple have already started implementing EME, over the complaints of precisely nobody. The argument that adding DRMed video divides the web into haves and have-nots apparently didn’t cut any ice with those browser vendors. So Mozilla reluctantly fall in line, and are castigated for it in a way that the others weren’t. Now, there’s a reasonable argument that Mozilla should be held to a higher standard, because their goal actually embodies the Open Web and the others are primarily about profits and market share. Mozilla should stand on principle, precisely because they have principles. I admire this argument, but unfortunately it’s like perpetual motion machines, the 200mpg carburettor, and the rehydrateable pizza from Back to the Future — it doesn’t work. The world isn’t nice just because you wish real hard. Mozilla have stood on principle in the past, by refusing to implement H.264 format video. It made no difference. They were laughed at for not being “modern”, their users just found that some videos mysteriously wouldn’t play, they were told that standing on principle made them irrelevant, and it made no difference to the market. They have a voice at the table, but it’s not loud enough to move the industry when the industry want something else. The last people to try this other than Mozilla were Opera. The Opera team devoted their time to being standards compliant, working to improve those standards where possible, taking the decision to be correct rather than compatible in most cases, and what happened? Nobody used their browser because it didn’t work, and now they use Blink as their renderer instead. I like the warm fuzzy feeling I get from knowing that Mozilla are out there doing the right thing. But there’s always been an edge of, well, they’re doing the right thing which means that I don’t have to. Firefox should stand on principle here and refuse to play DRMed videos… but of course I’m not going to stop using DRMed video, I’ll just use Safari for that. The warm fuzzy feeling is jolly nice, but it’s not enough to actually keep the Mozilla organisation running. If you dislike Mozilla doing this (which I do, too), then where’s the outcry against Apple and Microsoft and Google for doing the same thing? Where’s the outcry against them for doing it first? Mozilla helps keep the web open for us, but in return we have to help keep the web open for Mozilla. And we aren’t.

# Saturday, November 22nd, 2014 at 5:03pm

Related links

W3C and EME: it isn’t about preventing DRM but saving the W3C – Baldur Bjarnason

A damning assessment of Tim Berners-Lee’s defeatist portrayal of the W3C:

No matter which side is right, the W3C faces an existential crisis.

Either:

  1. The W3C is a shepherd of the web for all, the web on everything, and a web of trust. But now it is fundamentally compromising its own principles in the name of maintaining industry relevance.
  2. Or, the W3C is merely an industry body for browser vendors to collaborate and its mission statement is nothing more than PR to increase buy-in from the smaller, largely powerless, members.

Both can’t be true. Neither is good news for the organisation.

Tagged with

On EME in HTML5 | W3C Blog

Much as I respect Tim Berners-Lee, his logic here is completely flawed. First of all, treating DRM as though it’s an implacable force of nature is a category error. Secondly, EME doesn’t in any provide a standardised solution: it provides a sandbox for each DRM vendor to inject their own proprietary solution.

Tagged with

5by5 | The Web Ahead #73: DRM with Jeremy Keith and Doug Schepers on Huffduffer

Here’s the chat I had with Jen and Doug about the prospect of DRM in browsers.

Tagged with

What is EME?

Henri gives an overview of the DRM-style encryption proposed for HTML. It’s a very balanced unbiased description, but if you have the slightest concern about security, sentences like this should give you the heebie-jeebies:

Neither the browser nor the JavaScript program understand the bytes.

Tagged with

DRM for the Web is a Bad Idea | Internet Archive Blogs

The Encrypted Media Extensions (EME) addition to HTML is effectively DRM with the blessing of the W3C. It’s bad for accessibility, bad for usability, bad for security, and as the Internet Archive rightly points out, it’s bad for digital preservation.

Tagged with

Previously on this day

14 years ago I wrote Lazy loading on Huffduffer

Lazy responsiveness or responsive laziness.

14 years ago I wrote Respond

Another way of ensuring Internet Explorer gets your layout styles.

18 years ago I wrote Fogbound

I’m going to San Francisco.

22 years ago I wrote Gladiator's Stroke Of Genius

There’s a reason for this post’s unusual headline: I’m doing some small scale googlebombing.

22 years ago I wrote Where's my flying car?

Now I know I’m living in the future.

23 years ago I wrote The Random Masturbation Synonym Generator

Twisting the sheriff and waiting for the posse to come.