back to article EFF files objections with W3C decrying addition of DRM to HTML5

The Electronic Frontier Foundation (EFF) has upgraded to full member status of the World Wide Web Consortium (W3C), and as its first act has registered a formal objection to the proposed addition of DRM to the HTML5 specifications. Its objection stems from the Encrypted Media Extension (EME) which was advanced to first draft …


This topic is closed for new posts.
  1. Jamie Jones Silver badge

    In an ideal world...

    I'd love everything to be DRM free, but as pointed out in the article, there are companies that will simply never switch away from proprietary plugins until html gets DRM.

    So, let them have it, and we can finally ditch Flash for good!

    Besides, everyone here knows that DRM to an open-machine is a fallacy - encryption when you effectively pass the decrypt keys to the end user (so they can decrypt the data to view the stream!) really does nothing other than protect the data from third party sniffers! The strength of the encryption is irrelevant - as demonstrated by "rtmpdump"'s ability to decode so called DRM-protected flash streams.

    1. Tom 35

      Re: In an ideal world...


      It's true that DRM will not prevent pirate copies from appearing 10 seconds after the content goes live, but the people who are paying still get a gimped service. I can't see this being any better then Silverlight with open source.

      1. Steve Knox

        Re: In an ideal world...

        It's true that DRM will not prevent pirate copies from appearing 10 seconds after the content goes live, but the people who are paying still get a gimped service.

        Gimped in what manner?

        Modern systems and networks can easily handle encryption, streaming, and decryption of full 1080p content.

        Are you complaining that a rental service doesn't allow you to make your own copies?

        1. Tom 7 Silver badge

          Re: In an ideal world...

          Modern systems and network may well be able to handle it. The point is its still completely insecure. You can run almost anything in a VM and copy the video/audio off it undiminished.

          The only way for DRM to work is if someone else owns part of your computer. And even that wont stop 'analogue' copying - which with modern equipment is a doddle.

          What the 'content providers' are asking for here is the equivalent of the man with a flag walking in front of your car. What they are asking for is for us to keep feeding their horses and keep blocking the road to the airport with their horseshit.

        2. Decade

          Re: In an ideal world...

          It's true that DRM will not prevent pirate copies from appearing 10 seconds after the content goes live, but the people who are paying still get a gimped service.

          Gimped in what manner?

          DRM has not been practical for preventing piracy. They use it to control average users. So far, DRM has been especially effective in DVD, BluRay, HDCP, Apple iTunes, and Amazon Kindle. I don't care about video games, but it's there, too.

          In DVD and BluRay, DRM prevents you from buying a disc in one region and playing it in an average disc player in another region. The media companies want to use differential pricing and staggered release dates to maximize revenue. Sometimes they decide that a region isn't worth the cost of releasing a product. Tough beans for you if they decide never to release a disc in your region. Also, DRM prevents you from skipping ads and propaganda about fictional laws that they insert at the beginning of movies.

          HDCP theoretically prevents you from copying movies as you're playing them. In practice, the HD stream is so big that, even though the HDCP master key has been leaked, nobody bothers using it to pirate. You get better speed and quality from breaking the AACS encryption on the BluRay. Instead, HDCP ensures that you're using properly restricted media players and properly restricted output devices to play videos exactly the way they're intended to be played. But there is some minor flaw that makes the DRM in your fancy-expensive device not operate properly with the DRM in your other device? Too bad, so sad.

          Apple and Amazon use DRM to make sure that, if you buy any content for your fancy gadget, then you're trapped with that brand of fancy gadget for the rest of your content's life. Apple does it to make their line of fancy gadgets more attractive to buy, making more money on hardware sales than music sales, though now also making a lot of money in the App Store. Amazon is in the low-margin high-volume market, and wants you sticking around for them to shove ads in your face. Also, Amazon uses DRM to remote-delete content from fancy gadgets, including, fittingly, copies of George Orwell's 1984.

          DRM has not yet been effective at preventing piracy, but it has been great at causing problems for people who want to use content legally.

          1. karlp

            Re: In an ideal world...

            I install locks on my doors.

            They exist for no other reason than to keep the honest people out and enable me to get homeowners insurance.

            They are also by many accounts an inconvenience; trying as I am to juggle for this and that while attempting to get the insufferable key to mate with the door.

            Judging by the fact that I have been burgled before, I can say with some confidence that they do nothing against people who want to get in.

            DRM is similar. It gives honest people pause and provides the basis for which content providers feel like some effort has been made.

            It really isn't a lot more complicated than that.

            I do still wish I lived in a world which didn't need locks, but that is a different issue altogether.

            1. asdf

              Re: In an ideal world...

              >DRM is similar. It gives honest people pause

              Of course that pause can last for a week when people can't play the game they legally purchased due to gimped DRM ala the recent SimCity EA debacle. All the companies I see big on DRM are struggling to survive lately (Sony, EA, etc). The only people who usually are forced to see the FBI warning telling them not to steal, legally purchased the item they are watching. Assuming your customers are all thieves is an easy way to lose tens of billions dollars for five years straight and be 1/5 the size of your heyday. Ask Sony.

            2. Paul Crawford Silver badge

              Re: @karlp

              Sorry, but a better analogue is DRM is like someone else installing locks on your doors and promising to let you in and keep others out.

              If you behave.

              And they can be bothered keeping your support up.

    2. Anonymous Coward
      Anonymous Coward

      Re: In an ideal world...

      Wrong, soooo wrong.

      If HTML5 goes ahead without DRM, Big Media will not just stop producing.

      If Netflix won't play nice, other companies will take its place.

      Its basic supply and demand.

      1. Anonymous Coward
        Anonymous Coward

        Re: In an ideal world...

        "Other companies" will never be able to sign deals with studios for distribution rights - because it isn't Netflix that is insisting on DRM, it is the studios and content producers. That includes the artists, actors, etc.

        And they will not sign a deal to distribute, and pay them, without DRM.

        Right now ANY company can produce and distribute DRM free content...but funnily enough, no one seems to be rushing in to do that, except amateurs with limited budgets, trying to make a name for themselves.

        1. asdf

          Re: In an ideal world...

          There is obviously many different draconian levels of DRM. Many people accept DRM if is done non intrusively and adds functionality such as with the Steam Client. Putting in DRM to keep people from First Sale rights (having the right to sell on games they have bought) is a whole nother matter. DRM more and more is less about protecting publisher rights and more about limiting customer rights and choices.

    3. Nigel 11

      Re: In an ideal world...

      I'm trying to think of any reason why HTML5 needs to contain the DRM standard, rather than just having a separate standardised DRM.

      Surely if the media lobby wants a single world-standard DRM they should decide on one themselves and put it forwards to ISO. Once standardised, users would download just one DRM entity to handle all standards-conforming media sites, and the (non-)problem of twenty incompatible DRM systems would be solved. Some browsers might even choose to implement ISOxxxx natively rather than as a separate user-requested plugin.

      The only conclusion I can draw is that the media lobby has an ulterior motive in trying to get DRM into html5. Tell them to sod off and standardize it amongst themselves without fouling the HTML standard!

    4. Christian Berger

      It's not like they didn't learn in other industries

      DRM for music is virtually dead, there are already early commercial legal download stores for movies... and BTW if you look at television, that's 99.9% DRM-free. You can simply record Freeview and Freesat off the air.

      Eventually movie companies will realize that the download market is just a more profitable version of the TV market. Essentially they can sell individual "broadcast rights", but they cannot keep people from saving it to disk just like they cannot keep people from lacing up some tape on their VT-machine and hitting record.

  2. Anonymous Coward
    Anonymous Coward


    "The W3C's chief executive Jeff Jaffe has defended EME's inclusion, and says it is needed to ensure that access to certain comment isn't limited to a variety of proprietary plug-ins. "


  3. Ole Juul

    Poisoning the well

    DRM is for business. HTML if for everybody.

  4. P. Lee

    Wrong direction

    The standard is there to promote interoperability. DRM is the opposite of that. You may as well let those who want it write their own plugins. There is no point including DRM in a standard.

    1. Anonymous Coward
      Anonymous Coward

      Re: Wrong direction

      Your right, best to have 20 plugins, all being hopefully patched and updated when needed and fully compatible with every browser and OS outthere.

      Or just define a standard.

      1. Anonymous Coward
        Anonymous Coward

        A standard for a plugin by another name

        So now we'll have 20 Content Decryption Modules, all hopefully patched and updated when needed and fully compatible with every browser and OS (and instruction set) out there. How is this better than the current situation?

        1. Paul Crawford Silver badge

          Re: A standard for a plugin by another name

          Having a lot of hassle for DRM is good - it stops everyone else getting in to it unless they are really paranoid and have something sufficiently worth while for the end user to jump through hoops.

          DRM in HTML5 is going to lead to web sites where you can't block adverts or skip crap or copy prices for comparison, etc, becoming the norm.

          DRM has no place in the free world, as it demands a locked-down computer and that is something that anyone with an interest in technology should oppose.

          1. Suricou Raven

            Re: A standard for a plugin by another name

            I'm reminded of those sites, rather common around the turn of the millenium, which used an annoying bit of javascript to hook the right-click function and block it to keep people from using 'view source' or 'save target as.' A tool of paranoid new web developers, concerned that others would steal their precious source or images. It didn't actually do that at all, but it did annoy users who wanted to print the page or copy some text.

        2. Anonymous Coward
          Anonymous Coward

          Re: A standard for a plugin by another name

          The other AC WAS referring to the current situation, in an ironic manner.

          Like it or not, we have to accept that major media outlets will continue to use proprietary plug-ins unless they get DRM in HTML 5. So as the above poster points out, it is either accept those 20 or so individual plug-ins (that will not be HTML 5 compliant) for the foreseeable future, or accept DRM in HTML 5 and be done with it.

          Either way they are going to insist on DRM, because they cannot stay in business without it (in their opinion). So we may as well give them DRM in HTML 5 and get rid of the plug-ins sooner rather than later. At least with the DRM in HTML 5, I have a reasonable belief that the DRM module ONLY does DRM and nothing else - these proprietary plug-ins run code on my computer that _should_ only do DRM, but who really knows...

      2. ecofeco Silver badge

        Re: Wrong direction

        "Or just define a standard."

        Nothing is preventing them from doing that now.

        This not about plug-ins, but about control of the Internet. Something they don't have and that well and truly threatens their business model.

        Say what you will and think what you will, but the Internet is the best thing to happen to the average person in a long, long time and empowering the average person is always a threat to entrenched organizations.

      3. Yes Me Silver badge

        Re: Wrong direction

        > Or just define a standard.

        Exactly. Like it or not, there *will* be DRM for HTML5 content. Better an interoperable standard than random proprietary solutions. As long as it is an optional standard, of course.

        The EFF should worry about applicability of DRM, not about its existence, which is a given.

  5. Anonymous Coward
    Anonymous Coward

    The purpose of the internet was to share information, the purpose of the WWW is to share information. DRM (Digital Restriction Manglement ) is to attempt to restrict access to information to some people only, generally involving money. This does not really fit, where their square peg is attempted to be rammed.

    1. Anonymous Coward
      Anonymous Coward

      Some of you fucking people...

      "DRM (Digital Restriction Manglement ) is to attempt to restrict access to information to some people only, generally involving money."

      Some of you fucking people, and the way you use "information" instead of "entertainment".

  6. Decade

    DRM is exactly what Jeff Jaffe claims to decry

    DRM is about ensuring that somebody other than the user is in control of the user's own computer. You can't do that without making the DRM module closed-source, preferably tied to a hardware component like TPM. That makes it fundamentally, mathematically, incompatible with the Open Web.

    The Web was built from the ability of people to make their own browser. We wouldn't even have had HTML5 and the <video> tag if Blake Ross et al were not able to create Firefox, their own web browser that worked with the content on the Web. If DRM is part of the standard, then it would reserve the ability to make a standard web browser only to companies big enough to ensure that the DRM is effective for the average user. DRM marginalizes open source, which means it closes the Web and eliminates a lot of its potential for disruption.

    Adding DRM to the Web doesn't even solve anything. Google and Microsoft already add Flash to their browsers, and they're free to add whatever else they want. In no way does this belong in the standard.

    I expected this sort of evil from Microsoft, but I'm disappointed in Google.

    1. Anonymous Coward
      Anonymous Coward

      Re: DRM is exactly what Jeff Jaffe claims to decry

      ANYTIME you run code you did not write 100% yourself, SOMEONE ELSE IS CONTROLLING YOUR COMPUTER, fool. It doesn't matter if that is the OS, a game, or a browser, or a browser plug-in. Even a JavaScript web page.

      You didn't write it, you don't control your computer. So how much code have you written in your life, enough to operate an entire PC and get online? Didn't think so...

      We all run code that is written by someone else, and it controls our computer every second it runs. Stop trying to hide your real objection - you can't pirate anymore.

      1. asdf

        Re: DRM is exactly what Jeff Jaffe claims to decry

        >you can't pirate anymore.

        You seriously think DRM has stopped any kind of pirating. Even the legal system using heavy handed Stasi tactics hasn't ended piracy. DRM simply inconveniences legitimate customers. The more you piss off customers the less they buy your stuff. Companies like Sony haven't figured this out (and why their media side friendly CEO is long gone, and their survival as a hardware company is in doubt). I haven't pirated anything in years but when I see a company trying to deny basic customer rights like the right of first sale (to sell a product on) I do not buy their stuff no matter how good it is.

  7. g e

    I still don't see the problem

    If there's a DRM standard then it's widely understood and used, so, when it's cracked then it'll be (again) too late for big meeja to put the cat back in the bag. So a win for the anti-DRM argument?

    It depends largely on whether you want flash or silverlight to perpetuate ad infinitum or not, too. I'd rather they went away to be honest. A DRM standard also gives non-silverlight platforms like Linux a chance of being able to use netflix, etc, too.

    No-one's forcing anyone to employ DRM in their streams but there's no way the swivel-eyed lunatics in Hollywood are going to license anything to anyone without some form of the stuff so you're gonna need it to consume the output without physical media. Not until they have their right-to-profit mandated into law as some form of blanket media tax, anyway, which would be far, FAR worse and is their ultimate goal.

    I'd rather big meeja clawed its way out of the 1950's, personally, but that's not happening any time soon and the customers don't care enough about forcing them into line by e.g. staying away from cinemas for 6 months.

    1. Jamie Jones Silver badge
      Thumb Up

      @ge: Re: I still don't see the problem

      That's basically my thoughts too, as I tried to write in the first post, but you put it more eloquently than I did.

      Yes, hollywood will stick with flash/silverlight if there is no standard DRM in html - anyone who thinks otherwise lives in fantasy land..

      One reply said "if they don't do a non-drm service, someone else will, and that will get the customers instead"


      1) The majority of people couldn't give a crap one way or the other.

      2) The people who actually MAKE the programmes will not release them over a non-drm service, especially if a drm service exists.

      You all know how stuck in the past the movie and music industry is - desperately trying to cling onto outdated models. No amount of wishful thinking from Linux users is going to change that

      1. FutureShock999
        Big Brother

        Re: @ge: I still don't see the problem

        I like what you write, btw. But to your later points, if you think the big media business model is outmoded, then PLEASE suggest one that will recoup a $100MM investment in a film in a reasonable amount of time, that does not involve pay per play. I have talked to business school professors that are dealing with JUST that problem, and they can't find a way frankly. And they _are_ trying to see how it could work.

        I know what "cheap" movies look like - go watch some bad, older Bollywood, or Korean cinema. Or Eastern European (non-porn). It SUCKS, frankly. Not worth my time, and once you are used to better, not yours either.

        What every business school professor that has studied it, that I have talked to or read, says is the same - get used to that type of "decontented" movie if studios cannot make money. Because they will not be paying the big bucks to the big stars, they will use cheaper talent. Because they will not invest in the special effects, nor the music production, nor the post-production....too expensive.

        I'm not saying it is right...just that no one has an answer to that problem. Right now the effect of piracy is limited, because few people can afford a Synology 1812+ NAS, 8 x 3T drives, with a fibre connection, etc. to make it a real threat. But storage is getting cheaper all the time, and fibre is now common.

        I KNOW I will get downvoted for this, but all I am doing is presenting the facts of the economics. Given the above, I can see why they want it...better business models would help, but not sure anyone has an answer.

        1. Suricou Raven

          Re: @ge: I still don't see the problem

          Perhaps 'cheap' movies could be the future. Some of the most influential and memorable movies ever were made with budgets and effects that would be laughable today - look at something like The Birds, and marvel at the way stuffed birds are thrown past the camera and very matte backdrops. Or the famous psychadelics and groundbreaking space scenes of 2001 - all done through nothing but optical effects and models. The need for hundred-million-dollar budgets, perfect CGI and big-name actors demanding the GDP of a small country is an artifact of the way the indstry works today - it hasn't always been that way, and it doesn't have to stay that way.

          There are other forms of financing - there's the kickstarter approach, for example, where a studio produces a trailer for a movie and viewers pledge money in advance to finance production. You're not going to reach £100m that way, but you can reach enough to make a pretty decent movie - espicially considering that modern technology could greatly reduce the production cost. One computer can replace a lot of dedicated studio equipment, and allow an editor or effects artist to work much faster. Reputation would obviously be important: No-one is going to pledge their money to a studio with a history of producing rubbish.

          If work is done well on the scripting (which is cheap) then viewers will not notice the less-than-perfect effects and a few backdrops that look suspiciously painted.

        2. Jamie Jones Silver badge
          Thumb Up

          Re: @ge: I still don't see the problem

          Hiya. Thanks, and actually I agree with everything you just wrote!

          I had a bit of a brain-fart when posting my original message. When I wrote "outdated models" I meant "ill thought out models" in reference to their stance on DRM on digital media and internet streamed files.

          I agree that they need to make the money, or the films will be crap. But all the anti-piracy stuff on DVDs, and the DRM they insist on on digital streams do nothing to stop the pirates. They may stop Joe-Bloggs from making a copy for his mate, but most people here - and definitely the commercial pirates - know how to circumvent the DRM - they only really piss off the real customers who have to sit through enforced adverts and FBI warnings just to watch a video they legitimately bought.

          We all know the DRM on netflix etc. doesn't make a blind bit of difference to pirates - but we also know that the movie companies will never (?) allow their stuff to be shown without DRM.

          Mind you, Itunes did finally get the record companies to allow downloadable mp3's without DRM (and they haven't gone bust!), so maybe one day, the movie companies will see sense. I'm not holding my breath!



    2. Old Handle

      Re: I still don't see the problem

      The problem is that the purpose of DRM is the opposite of every other part of HTML, to prevent access to information, rather than to share it. When you design a system (the browser in this case) to support two opposite goals it won't do either as well.

      I'm not just talking theoretically here, there are many real life examples of DRM-enabled devices doing their main job less well even if you're not using them to play DRM-encumbered media. I think they've gotten better about this (possibly because DRM-free music is now the norm), but the first that comes to mind is how many of the early generation MP3 players couldn't simply connect as a mass storage device and instead required special software. That's because they were designed with various DRM-encumbered formats in mind.

      In a web browser it might mean, for example, that because they now have to add a sub routine that checks if the user has permission every time they try to copy something, they decide it's easier to drop support for copying certain elements entirely.

  8. Mystic Megabyte


    Just having bought a Nook Simple Touch I was pleased to find out that I can borrow ebooks from my local library.

    My local library is on another island, it would cost me £12 to get there and return.

    Now I find that I need Adobe Digital Editions which is not available for Linux.

    So now I suppose that I'll have to torrent my books from you know where.


    1. Otto von Humpenstumpf

      Re: eBooks

      I know it sounds crazy, but stay with me here: Have you ever thought about... *buying* the books that you want to read? You know, to allow authors to *actually make a living*?

      1. James 51

        Re: eBooks

        If you buy an ebook the author should still be paid despite publishers best efforts. Authors are entitled to a small payment every time their book is borrowed.

        1. Otto von Humpenstumpf

          Re: eBooks


          What I object to is the attitude of "oh, I can't get my books from the library, so I'll have to torrent them" that Mystic Megabyte displays.

          If you can't get them from the library (either because they don't cater for your OS of choice, or for other reasons), and you can't afford to / are too cheap to buy them, you're still not entitled to torrenting them, neither legally nor morally.

          If you want to read a book, purchase it, in e-book or dead tree format. If nothing else, it will allow the author to keep on producing stuff we enjoy reading.

    2. James 51

      Re: eBooks

      Have you tried WINE? I got ADE up and running but it wouldn't recognise my 350 so it wasn't of much use to me but that was over a year ago.

    3. This post has been deleted by its author

    4. John Brown (no body) Silver badge

      Re: eBooks

      "My local library is on another island, it would cost me £12 to get there and return.

      Now I find that I need Adobe Digital Editions which is not available for Linux."

      Based on the two above conditions, the first you were already well aware of, the second of which could easily have been determined, why didn't you buy an e-book reader that was suitable for your specific situation?

  9. Alan Denman

    EFF sponsorship

    Who sponsors them, Apple?


  10. Alan Denman

    Stop killing the web.

    This sort of action simply makes the web a conduit to apps.

    The pirates are making proprietary suckers of us all.

  11. Badvok

    All the usual anti-DRM comments, but very few that look at what W3C is actually trying to do, and that is define a standard that works for everyone, whether or not they actually want to use DRM.

    EFF want there to be no standard for encrypted media delivery, NOTE: Not just no standard for DRM, no standard for encrypted media delivery at all.

    To me it seems like they want the businesses that still want to use DRM, are forced to use DRM by the content owners, or even simply want to provide you with secure access to your home CCTV system, to continue to use non-standards compliant front ends. We'll be stuck with Flash/Air/Silverlight/Java forever - great plan EFF!

    1. SImon Hobson

      > ... to continue to use non-standards compliant front ends. We'll be stuck with Flash/Air/Silverlight/Java forever - great plan EFF!

      Instead, if the proposal goes ahead, we'll still be stuck with non-standards front ends, and we'll still be stuck with Flash/Air/Silverlight/Java forever. The only difference is that the Flash/Air/Silverlight/Java will be wrapped in a standard compliant package.

      It'll be no less closed. It'll be no more widely available - wrapping it in a wrapper won't suddenly make it work on Linux when it's Windows only. It won't make it any less of a hassle to keep up to date. It won't make it run any more efficiently. In short, it will provide no benefits for the user.

      **ALL** it will do is allow the closed vendors to ship the same closed products, for the same limited uses/platforms, but they'll be able to say "but look, it's standards compliant" - which will only be true at a superficial level. So same old s**t, but now officially sanctioned by the standards.

      1. Daniel B.

        Not seeing the big picture, are you?

        ... to continue to use non-standards compliant front ends. We'll be stuck with Flash/Air/Silverlight/Java forever - great plan EFF!

        If DRM is put into the standard, we'll have a lot of black boxes that are not only the propietary crap packaged into one tidy black box, support will depend on whoever makes that black box. If the Big Hollywood Studios, or Netflix, or whatever deem that supporting Linux is too much of a hassle, we'll end up worse than what we currently have. At least Flash is supported in Linux (though Adobe does seem to be phasing that plugin out), and Java does have actual support in most OSen out there.

        1. Badvok

          Re: Not seeing the big picture, are you?

          To quote from the proposal that EFF are objecting to: "This specification does not define a content protection or Digital Rights Management system."

      2. Badvok

        @Simon Hobson, yeah of course you haven't actually bothered reading the proposal have you?

  12. Anonymous Coward
    Anonymous Coward

    HTML5 & Video Game Design...

    Anyone working in or tinkering with HTML5 & Video Game Design...? ....DRM considerations?

This topic is closed for new posts.