My views on DRM in HTML
It's been a long time since my last post, and one issue has been bugging me for a while. Last month at the Mozilla Summit I attended a discussion related to the inclusion of DRM in HTML5 through the new EME draft.
The discussion was lead by Andreas Gal (VP of Engineering) and Gervase Markham (Governator at Mozilla).
In case you don't know what EME implies, you might want to read Henri Sivoen's blog post explaining it all.
First of all, I need to say that all of the opinions expressed in my post are personal, and probably not shared by any company I might be affiliated with. Also, the events I relate might not be completely accurate, as it's been some time since then.
So, here it begins. I am generally opposed to DRM. I see no reason it should exist. Why would the contents of my hard-drive be controlled by someone else but myself? I also feel that DRM does not work as a way of controlling what and how users watch media content. However, according to some, DRM does work, but not how you might expect. "DRM's purpose is to give content providers control over software and hardware providers, and it is satisfying that purpose well."
So, the talk started by Gerv giving us a summary of the topic, more specifically that the W3C is currently considering a proposal by Google, Microsoft and Netflix for including EME (Encrypted Media Extensions) in HTML. This would allow content providers to server encrypted media to users. The W3C is also accepting formal comments on the draft from its members, and Mozilla could potentially submit one.
Also, as mentioned by Amelia Andersdotter, Pirate Party member of the European Parliament, the EFF submitted a formal objection to the draft, but this was mostly met with silence from the W3C and its members. Amelia suggested that the EFF's objection might have a greater impact if supported by Mozilla.
At one point, I took the liberty to ask whether the W3C was looking for technical objections from its members, or if legal and philosophical objections were also accepted. As questions related to the W3C were deferred to Henri Sivoen, he replied that it was only accepting technical objections to the draft.
Henri has in fact commented on the W3C mailing lists (not sure if this counts as an objection) that the draft is clearly underspecified and it would be impossible to be implemented in an interoperable way as it is dependant on a CDM module that is not specified in the standard, nor could it be implemented as open source software (because that would defeat its purpose). Apparently, the proponents of the draft try to cheat around the interoperability requirement by having a "clear key" mode, that is not actually intended for production use.
As another mozillian noted, we are pretty much fighting a loosing battle. In fact, Google and Microsoft already have working implementations of EME, and they are using it on Netflix at the moment. The way Google does this is by having parts of Chrome that are not open source. What these players are doing right now, with the backing of Hollywood is they're trying to use their influence in the industry to standardize DRM in HTML. As you might expect, this would have a devastating impact on the internet as we know it.
The discussion at the Summit lasted for about an hour and a half. People expressed some very interesting points of view.
Amelia noted that DRM in HTML would restrict some very important rights of regular people, like the ability to save a backup copy of their content.
Andreas said that it would be close to impossible to implement the standard as Open Source, as the code could be easily changed to defeat its purpose, and that the Hollywood content providers would never sign off on it.
Gerv remarked that Mozilla's stance on this issue should be carefully considered. On one hand, Mozilla is against DRM as it profoundly damages the web, but on the other hand rejecting W3C's proposal might be just as bad. IE and Chrome already have it, and the ability to play restricted content is clearly a competitive advantage. Rejecting the draft might take EME out of the W3C, into a working group in which Mozilla doesn't have a saying.
Although not present in Brussels during the Summit, Brendan Eich (Mozilla's CTO) posted his thoughts on DRM on his blog (PS. Read post comments) One alternate to DRM for distribution of media content that Brendan supports is watermarking. It does seem to be better than DRM, but its adoption largely depends on the content providers.
So in the end, it seems that Mozilla is against DRM in HTML5, but I doubt it will make a formal objection to the W3C. Meanwhile, since the standardization process can take multiple years, the hope is that other ways of distributing copyrighted content will catch on, and the draft will die a lonely death.
My opinion? This is a critical moment for the web. DRM would be a huge step back for the web, and Mozilla should be against it. It's true that in order to fight for the open web Mozilla must be relevant as a player in the browser market, but a "me too" approach isn't going to keep the game going. We know the right thing to do concerning this issue, so hopefully Mozilla isn't going to pass over the chance to do it, or we will probably live to regret it. The only other hope I have is that recent technical breakthroughs will make EME irrelevant.
That's just my opinion. Please take the time to form your own.
The discussion was lead by Andreas Gal (VP of Engineering) and Gervase Markham (Governator at Mozilla).
In case you don't know what EME implies, you might want to read Henri Sivoen's blog post explaining it all.
First of all, I need to say that all of the opinions expressed in my post are personal, and probably not shared by any company I might be affiliated with. Also, the events I relate might not be completely accurate, as it's been some time since then.
So, here it begins. I am generally opposed to DRM. I see no reason it should exist. Why would the contents of my hard-drive be controlled by someone else but myself? I also feel that DRM does not work as a way of controlling what and how users watch media content. However, according to some, DRM does work, but not how you might expect. "DRM's purpose is to give content providers control over software and hardware providers, and it is satisfying that purpose well."
So, the talk started by Gerv giving us a summary of the topic, more specifically that the W3C is currently considering a proposal by Google, Microsoft and Netflix for including EME (Encrypted Media Extensions) in HTML. This would allow content providers to server encrypted media to users. The W3C is also accepting formal comments on the draft from its members, and Mozilla could potentially submit one.
Also, as mentioned by Amelia Andersdotter, Pirate Party member of the European Parliament, the EFF submitted a formal objection to the draft, but this was mostly met with silence from the W3C and its members. Amelia suggested that the EFF's objection might have a greater impact if supported by Mozilla.
At one point, I took the liberty to ask whether the W3C was looking for technical objections from its members, or if legal and philosophical objections were also accepted. As questions related to the W3C were deferred to Henri Sivoen, he replied that it was only accepting technical objections to the draft.
Henri has in fact commented on the W3C mailing lists (not sure if this counts as an objection) that the draft is clearly underspecified and it would be impossible to be implemented in an interoperable way as it is dependant on a CDM module that is not specified in the standard, nor could it be implemented as open source software (because that would defeat its purpose). Apparently, the proponents of the draft try to cheat around the interoperability requirement by having a "clear key" mode, that is not actually intended for production use.
As another mozillian noted, we are pretty much fighting a loosing battle. In fact, Google and Microsoft already have working implementations of EME, and they are using it on Netflix at the moment. The way Google does this is by having parts of Chrome that are not open source. What these players are doing right now, with the backing of Hollywood is they're trying to use their influence in the industry to standardize DRM in HTML. As you might expect, this would have a devastating impact on the internet as we know it.
The discussion at the Summit lasted for about an hour and a half. People expressed some very interesting points of view.
Amelia noted that DRM in HTML would restrict some very important rights of regular people, like the ability to save a backup copy of their content.
Andreas said that it would be close to impossible to implement the standard as Open Source, as the code could be easily changed to defeat its purpose, and that the Hollywood content providers would never sign off on it.
Gerv remarked that Mozilla's stance on this issue should be carefully considered. On one hand, Mozilla is against DRM as it profoundly damages the web, but on the other hand rejecting W3C's proposal might be just as bad. IE and Chrome already have it, and the ability to play restricted content is clearly a competitive advantage. Rejecting the draft might take EME out of the W3C, into a working group in which Mozilla doesn't have a saying.
Although not present in Brussels during the Summit, Brendan Eich (Mozilla's CTO) posted his thoughts on DRM on his blog (PS. Read post comments) One alternate to DRM for distribution of media content that Brendan supports is watermarking. It does seem to be better than DRM, but its adoption largely depends on the content providers.
So in the end, it seems that Mozilla is against DRM in HTML5, but I doubt it will make a formal objection to the W3C. Meanwhile, since the standardization process can take multiple years, the hope is that other ways of distributing copyrighted content will catch on, and the draft will die a lonely death.
My opinion? This is a critical moment for the web. DRM would be a huge step back for the web, and Mozilla should be against it. It's true that in order to fight for the open web Mozilla must be relevant as a player in the browser market, but a "me too" approach isn't going to keep the game going. We know the right thing to do concerning this issue, so hopefully Mozilla isn't going to pass over the chance to do it, or we will probably live to regret it. The only other hope I have is that recent technical breakthroughs will make EME irrelevant.
That's just my opinion. Please take the time to form your own.