The World Wide Web Consortium (W3C) was formed in 1994 to "ensure the long term growth of the Web." Its activities over the past few years, including the enshrinement of Encrypted Media Extensions (EME) and Digital Restrictions Management (DRM) into Web standards and its support of companies over rights, forces us to add it as a worst offender.
In spite of the good work the W3C has done, its behavior around DRM is inexcusable. Its active support of DRM, and dependence on DRM money, has earned it a spot on this list.
During 2016 and 2017, the W3C moved EME to an official recommendation--effectively turning it in to a Web standard. Along the way, Tim Berners-Lee, the inventor of the Web and former proponent of a free Web, abandoned his ideals and approved EME.
The dangers of EME don't end with media. It threatens the W3C's accessibility work. Accessibility standards, set by the W3C, call for all Web sites to meet certain base requirements to ensure that pages work for users who rely on technologies like screen readers, have problems with flashing colors, or need captions for video. With the creation of a Web where files cannot be made accessible through volunteer efforts, users with additional needs suffer.
It doesn't end with standards
The W3C publishes unofficial guidelines for organizations whose Web sites have user-endangering vulnerabilities. But we think the W3C missed the point on this one. Philippe Le Hégaret, a project manager at the W3C, made a template for organizations to create their own policies for disclosing vulnerabilities. This merely distracts from the real problems caused by DRM in Web standards.
There are no major actions to take at this moment. However, if you are associated with a W3C member organization, we recommend discussing the dangers of DRM, EME, and this decision.