World Wide Web Consortium abandons consensus, standardizes DRM with 58.4% support, EFF resigns by Cory Doctorow.
From the post:
In July, the Director of the World Wide Web Consortium overruled dozens of members’ objections to publishing a DRM standard without a compromise to protect accessibility, security research, archiving, and competition.
EFF appealed the decision, the first-ever appeal in W3C history, which concluded last week with a deeply divided membership. 58.4% of the group voted to go on with publication, and the W3C did so today, an unprecedented move in a body that has always operated on consensus and compromise. In their public statements about the standard, the W3C executive repeatedly said that they didn’t think the DRM advocates would be willing to compromise, and in the absence of such willingness, the exec have given them everything they demanded.
This is a bad day for the W3C: it’s the day it publishes a standard designed to control, rather than empower, web users. That standard that was explicitly published without any protections — even the most minimal compromise was rejected without discussion, an intransigence that the W3C leadership tacitly approved. It’s the day that the W3C changed its process to reward stonewalling over compromise, provided those doing the stonewalling are the biggest corporations in the consortium.
EFF no longer believes that the W3C process is suited to defending the open web. We have resigned from the Consortium, effective today. Below is our resignation letter:
…
In his haste to outline all the negatives, all of which are true, about the W3C DRM decision, Cory forgets to mention there are several upsides to this decision.
1. W3C Chooses IP Owners Over Web Consumers
The DRM decision reveals the W3C as a shill for corporate IP owners. Rumors have it that commercial interests were ready to leave the W3C for the DRM work, rumors made credible by Tim Berners-Lee’s race to the head of the DRM parade.
We are fortunate the Stasi faded from history before the W3C arrived, lest we have Tim Berners-Lee leading a march for worldwide surveillance on the web.
The only value being advanced by the Director (Tim Berners-Lee) is the relevance of the W3C for the web. Consumers aren’t just expendable, but irrelevant. Best you know than now rather than later.
2. DRM Creates “unauditable attack-surface” (for vendors too)
Cory lists the “unauditable attack surface” for browsers like it was a bad thing. That’s true for consumers, but who else is that true for?
Oh, yes, IP owners who plan on profiting from DRM. Their DRM efforts will be easy to circumvent, the digital equivalent of a erasable marker no doubt and offer the advantage of access to their systems.
Take the recent Equifax breach as an example. What is the one mission critical requirement for Equifax customers?
Easy and reliable access. You could have any number of enhanced authentication schemes for access to Equifax, but that conflicts with the mission-critical need for customers to have ready access to its data.
Content vendors dumb enough to invest in W3C DRM, which will be easy to circumvent, have a similar mission critical requirement. Easy and reliable approval. Quite often as the result of a purchase at any number of web locations.
So we have N vendors sites, selling N products, for N IP owners, to N users, using N browsers, from N countries, err, can you say: “DRM opens truck sized security holes?”
I feel sorry for web consumers but not for any vendor that enriches DRM vendors (the only people who make money off of DRM).
DRM Promotes Piracy and Disrespect for IP
Without copyright and DRM, there would be few opportunities for digital piracy and little disrespect for intellectual property (IP). People can and do photocopy individual journal articles, violating the author’s and possibly the journal’s IP, but who cares? Fewer than twenty (20) people are likely to read it ever.
Widespread and browser-based DRM will be found on the most popular content, creating incentives for large numbers of users to engage in digital piracy. The more often they use pirated content, the less respect they will have for the laws that create the crime.
To paraphrase Princess Leia speaking to Governor Tarkin:
The more the DRM crowd tightens its grip, the more content that will slip through their fingers.
The W3C/Tim Berners-Lee handed IP owners the death star, but the similarity for DRM doesn’t stop there. No indeed.
Conclusion
Flying its true colors, the W3C/Tim Berners-Lee should be abandoned en masse by corporate sponsors and individuals alike. The scales have dropped from web users eyes and it’s clear they are commodities in the eyes of the W3C. Victims if you prefer that term.
The laughable thought of effective DRM will create cybersecurity consequences for both web users and the cretins behind DRM. I don’t see any difficulty in choosing who should suffer the consequences of DRM-based cybersecurity breeches. Do you?
I am untroubled by the loss of respect for IP. That’s not surprising since I advocate only attribution and sale for commercial gain as IP rights. There’s no point in pursuing people who are spending their money to distribute your product for free. It’s cost free advertising.
As Cory points out, the DRM crowd was offered several unmerited compromises and rejected those.
Having made their choice, let’s make sure none of them escape the W3C/DRM death star.