Defective by Design

Keep DRM out of Web standards -- Reject the Encrypted Media Extensions (EME) proposal

The following letter was submitted to the World Wide Web Consortium (W3C) on April 24, 2013. View the PDF of the letter.

Dear Sir Berners-Lee,

We write to implore the World Wide Web Consortium and its member organizations to reject the Encrypted Media Extensions (EME) proposal. As prominent organizations defending Internet and computing freedom, we join the more than fifteen-thousand Web users who have already signed Defective by Design's petition against EME. This disastrous proposal would change HTML, the underlying language of the Web, to make it accommodate and encourage Digital Restrictions Management (DRM). EME is sponsored by a handful of powerful companies who are W3C members, like Microsoft and Netflix. These companies have been promoting DRM both for their own reasons and as part of their close relationships to major media companies. DRM restricts the public's freedom, even beyond what overzealous copyright law requires, to the perceived benefit of this privileged, powerful few.

The W3C's work is crucial to the continued integrity and interoperability of the global network. We recognize the need for the W3C to respond to the changing landscape of the Web and to reconcile the interests of multiple parties. But ratifying EME would be an abdication of responsibility; it would harm interoperability, enshrine nonfree software in W3C standards and perpetuate oppressive business models. It would fly in the face of the principles that the W3C cites as key to its mission and it would cause an array of serious problems for the billions of people who use the Web.

First, in the process of rendering media, every required browser plug-in is a metaphorical gate where restrictions can be enforced. Since DRM requires denying users their right to modify the plug-ins and other relevant programs, it is by nature incompatible with free "as in freedom" software. Because of this, browser plug-ins designed to play media under the EME specification would all be proprietary, and widespread adoption of this plug-in system would pressure more and more Web users to sacrifice their computing freedom in order to view media. Enshrining nonfree software in HTML itself would comparatively diminish the values of freedom, self-actualization and decentralization so critical to the Web as we know it.

Second, EME is inconsistent with W3C's stated principles. It would damage the Web's interoperability by spurring a new proliferation of the plug-ins for playing DRM-encumbered media. Since each plug-in option could have unique hardware and software restrictions, this would move the Web away from universal compatibility and toward a more fractured state. Therefore, adopting EME would run counter to "global interoperability," an explicit commitment of the Open Stand standards guidelines to which W3C is a signatory.

The W3C's official vision statement also "recognizes that trust is a social phenomenon, but technology design can foster trust and confidence" and asserts that the W3C's mission includes "building trust on a global scale." A specification designed to help companies run secret code on users' computers to restrict what they do on the Web would severely undermine that trust. The only trust being built here is between media companies calling for DRM and their powerful allies promoting EME in the W3C.

Some have said that EME is not itself a DRM scheme, and so is compatible with the principles underlying the Web. But this is a willfully blind attempt to hide from the bad publicity around DRM. EME has no purpose other than providing a hook in HTML on which to hang digital restrictions. EME author Mark Watson has even stated that "Certainly, our interest is in [use] cases that most people would call DRM." Claiming that EME adds no DRM to the Web is like saying (in the words of the Electronic Frontier Foundation's Peter Eckersley) "We're not vampires, but we're going to invite them into your house."

Another misguided defense of the proposal is that DRM applied to streaming media is just the same as renting videos at a store or borrowing books from a library and is therefore ethically acceptable. But this position ignores the historical context of DRM and the direction in which media is heading. Applying such restrictions to streaming media may seem less harmful now, when "ownership" of most media is still possible by storing it on a personal hard drive. It is quite possible, however, that this option will disappear as companies create a system in which media is only available via streaming -- where they are able to control who views what when with which software. In that situation, the role of DRM will be even more critically important.

Even in the present day, and even if it is applied only during streaming, DRM is not equivalent to restrictions involved when renting physical copies, because it requires computers to permanently treat their own users as hostile. Plug-in software may claim only to serve the purpose of decrypting streaming media, but since it is proprietary, users won't be able to see what that software is actually doing. There have been many examples in the short history of DRM of such systems providing attack vectors or otherwise doing much more than advertised, behind users' backs.

As the Web becomes an ever more vital medium for media, culture, commerce and communication, the base of stakeholders in the W3C's decisions is widening and diversifying. But ratifying EME would represent the narrow interests of entrenched software firms with strong ties to the entertainment industry. Though it is not in the W3C's power to prevent these companies from implementing DRM on the Web, endorsing EME would constitute an abdication of responsibility to the core goals of the W3C and the Web-using public. We call on the W3C to reject EME and any other provision for DRM in World Wide Web standards.

Sincerely,

April
Bristol Wireless
Call The Ninja
Canadian Pirate Party
Cellularity
Creative Commons
Electronic Frontier Foundation
Fight for the Future
Free Culture Foundation
Free Software Foundation
Free Software Foundation Europe
Free Software Foundation India
Free Software Foundation Latin America
Gatsby Media
IT for Change
Junge Piraten
JustOutSource.it
Modern Poland
Oeko.net
Open Knowledge Foundation
Open Technology Institute (of the New America Foundation)
Perpinux
Pirate Parties International
TheWayoftheWeb Ltd.
Torservers.net
Pirate Party of Sweden
UK Pirate Party

Login