Biz & IT —

DRM in HTML5 is a victory for the open Web, not a defeat

W3C's decision to publish a DRM framework will keep the Web relevant and useful.

DRM in HTML5 is a victory for the open Web, not a defeat
The World Wide Web Consortium (W3C), the industry body that oversees development of many Web-related technologies, is again considering the development of a specification enabling DRM-protected media in HTML content. And the group working on Encrypted Media Extensions (EME) is running up against a deadline: the group's charter expires at the end of April. W3C working groups can only publish specifications with an active charter. So if W3C wants to publish a DRM specification, either the EME proposal must be published as a standard before the end of April or the group's charter must be extended.

Last year, the working group asked for such an extension, but the Advisory Committee could not come to any consensus on whether to grant it. W3C director and inventor of the Web Tim Berners-Lee last week voiced his support for the EME plan, but the future of EME and the working group's efforts are currently in limbo. Many of the arguments being made today mirror those made in 2013 when the working group first set about developing EME. And in light of this pending decision, we're resurfacing the op-ed below (from May 2013) that outlines the supporting view.

The World Wide Web Consortium (W3C), the group that orchestrates the development of Web standards, has today published a Working Draft for Encrypted Media Extensions (EME), a framework that will allow the delivery of DRM-protected media through the browser without the use of plugins such as Flash or Silverlight.

EME does not specify any DRM scheme per se. Rather, it defines a set of APIs that allow JavaScript and HTML to interact with decryption/protection modules. These modules will tend to be platform-specific in one way or another and will contain the core DRM technology.

W3C Chief Executive Jeff Jaffe announced W3C's intention yesterday. This was met with a swift response from the Electronic Frontier Foundation (EFF), which tweeted, "Shame on the W3C: today's standards decision paves the way for DRM in the fabric of the open web."

The EFF, along with the Free Software Foundation (FSF) and various other groups, has campaigned against the development of the EME specification. They signed an open letter voicing their opposition and encouraged others to sign a petition against the spec.

The EFF argues that EME runs counter to the philosophy that "the Web needs to be a universal ecosystem that is based on open standards and fully implementable on equal terms by anyone, anywhere, without permission or negotiation." EME undermines the Web's compatibility by allowing sites to demand "specific proprietary third-party software or even special hardware and particular operating systems."

Further, the groups argue that the Web is moving away from proprietary, DRM-capable plugins. The EFF writes that "HTML5 was supposed to be better than Flash, and excluding DRM is exactly what would make it better," and the petition claims that "Flash and Silverlight are finally dying off."

As a practical matter, it's unlikely that the petition could ever be meaningful. Even if W3C decided to drop EME, there are enough important companies working on the spec—including Netflix, Google, and Microsoft—that a common platform will be built. The only difference is whether it happens under the W3C umbrella or merely as a de facto standard assembled by all the interested parties. Keeping it out of W3C might have been a moral victory, but its practical implications would sit between slim and none. It doesn't matter if browsers implement "W3C EME" or "non-W3C EME" if the technology and its capabilities are identical.

These groups are opposed to DRM on principle. The FSF brands systems that support DRM as "defective by design," and insofar as DRM can impede legally protected fair use of media, it has a point. There's a tension between DRM (itself legally protected courtesy of the DMCA) and permissions granted by copyright law.

However, it's not clear that EME does anything to exacerbate that situation. The users of EME—companies like Netflix—are today, right now, already streaming DRM-protected media. It's difficult to imagine that any content distributors that are currently distributing unprotected media are going to start using DRM merely because there's a W3C-approved framework for doing so.

The EME opponents' claim that Flash and Silverlight are dying off has an element of technical truth, but it's also disingenuous.

The technical truth? Silverlight has apparently ceased all development. Flash is still actively developed, with Adobe outlining a ten-year plan for its future development, but the company is also investing heavily in HTML5 tooling and is actively working to ensure that developers have the software to use HTML5 in situations that previously would have used Flash.

It's also true that Adobe has discontinued Flash on smartphones. As a result, there's a thriving market of Internet devices that can't use Flash or Silverlight at all. These currently represent only a minority of Internet-connected devices—about 89 percent of browsing is still done on PCs, and an overwhelming majority of them do have Flash installed—but it's a minority that's growing.

But the claim is disingenuous when used as an argument against DRM. Deprived of the ability to use browser plugins, protected content distributors are not, in general, switching to unprotected media. Instead, they're switching away from the Web entirely. Want to send DRM-protected video to an iPhone? "There's an app for that." Native applications on iOS, Android, Windows Phone, and Windows 8 can all implement DRM, with some platforms, such as Android and Windows 8, even offering various APIs and features to assist this.

In other words, the alternative to using DRM in browser plugins on the Web is not "abandoning DRM;" it's "abandoning the Web."

It's hard to see how this is in the Web's best interest. Mozilla, in particular, is fighting this very outcome. The underlying justification for its development of the Firefox OS smartphone platform is that it wants to ensure that the Web itself is the application platform and that software and services aren't locked away in a series of proprietary, platform-specific apps.

And yet it's precisely this outcome that opposition to EME will produce.

Moreover, a case could be made that EME will make it easier for content distributors to experiment with—and perhaps eventually switch to—DRM-free distribution.

Under the current model, whether it be DRM-capable browser plugins or DRM-capable apps, a content distributor such as Netflix has no reason to experiment with unprotected content. Users of the site's services are already using a DRM-capable platform, and they're unlikely to even notice if one or two videos (for example, one of the Netflix-produced broadcasts like House of Cards or the forthcoming Arrested Development episodes) are unprotected. It wouldn't make a difference to them.

That wouldn't be the case if Netflix used an HTML5 distribution platform built on top of EME. Some users won't have access to EME, either because their browsers don't support the specification at all, or because their platform doesn't have a suitable DRM module available, or because the DRM modules were explicitly disabled. However, every other aspect of the Netflix Web application could work in these browsers.

This kind of Netflix Web app would give Netflix a suitable testing ground for experimenting with unprotected content. This unprotected content would have greater reach and would be accessible to a set of users not normally able to use the protected content. It would provide a testing ground for a company like Netflix to prove that DRM is unnecessary and that by removing DRM, content owners would have greater market access and hence greater potential income. Granted, it might also come with the risk of prolific piracy and unauthorized redistribution, so it might serve only to justify the continued use of DRM.

With plugins and apps, there's no meaningful transition to a DRM-free world. There's no good way for distributors to test the waters and see if unprotected distribution is viable. With EME, there is. EME will keep content out of apps and on the Web, and it creates a stepping stone to a DRM-free world. That's not hurting the open Web—it's working to ensure its continued usefulness and relevance.

Channel Ars Technica