The World Wide Web Consortium (W3C) is down one member, with the Electronic Frontier Foundation (EFF) tendering its resignation after W3C published Encrypted Media Extensions (EME) as a standard.
EME allows for DRM-protected content published online to be decoded by web browsers without the need for plugins thanks to loading content decryption modules.
In its statement welcoming the standardisation, W3C touted EME as having a better user experience, while being more secure and improving accessibility.
“If you’re going to watch encrypted content, it is safer in the browser where the security and privacy are provided rather than downloaded as an app.” said W3C director Tim Berners-Lee. “A universal web must have content of all sorts: Audio, video, text, interactive, maps, and graphics.
“Some parts of the web are free, and some are for pay. It’s understandable that certain producers incurring huge costs to produce their content are not prepared to release them without protections. If we are to have de-encryption, the advantage of EME is that unlike the typical historical DRM, the user is protected from attacks.”
In response, EFF tendered its resignation from W3C, citing a lack of a covenant protecting security researchers and Berners-Lee overriding objections to the EME proposal.
“In our campaigning on this issue, we have spoken to many, many members’ representatives who privately confided their belief that the EME was a terrible idea (generally they used stronger language) and their sincere desire that their employer wasn’t on the wrong side of this issue,” wrote EFF representative to W3C Cory Doctorow. “You have to search long and hard to find an independent technologist who believes that DRM is possible, let alone a good idea.
“Yet, somewhere along the way, the business values of those outside the web got important enough, and the values of technologists who built it got disposable enough that even the wise elders who make our standards voted for something they know to be a fool’s errand.”
Doctorow said that by endorsing EME, the consortium had created a “legally unauditable attack surface” within web browsers, and allowed companies to sue those with legitimate reasons, such as archiving or increasing accessibility, to circumvent DRM.
“The W3C process has been abused by companies that made their fortunes by upsetting the established order, and now, thanks to EME, they’ll be able to ensure no one ever subjects them to the same innovative pressures,” he wrote.
In a blog post, W3C CEO Jeff Jaffe reflected on releasing the standard without the covenant.
“I know from my conversations that many people are not satisfied with the result,” said Jaffe. “EME proponents wanted a faster decision with less drama. EME critics want a protective covenant.”
“But my personal reflection is that we took the appropriate time to have a respectful debate about a complex set of issues and provide a result that will improve the web for its users.”
EME has been a contentious topic since its inception, with Jaffe stating in 2013 that if DRM were rejected, then there was the chance that content owners would remove their content from the internet.
“Without content protection, owners of premium video content — driven by both their economic goals and their responsibilities to others — will simply deprive the Open Web of key content,” Jaffe wrote at the time.
“It is W3C’s overwhelming responsibility to pursue broad interoperability, so that people can share information, whether content is protected or available at no charge. A situation where premium content is relegated to applications inaccessible to the Open Web or completely locked down devices would be far worse for all.”
EME is already included in all major browsers.