Why Won't W3C Carve Security Research Out Of Its DRM-In-HTML 5 Proposal? (original) (raw)

from the questions-to-ponder dept

A few years back, we wrote a few stories about the unfortunate move by the W3C to embrace DRM as a part of the official HTML5 standard. It was doubly disappointing to then see Tim Berners-Lee defending this decision as well. All along this was nothing more than a focus by the legacy content providers to try to hinder perfectly legal uses and competition on the web by baking in damaging DRM systems. Even Mozilla, which held out the longest, eventually admitted that it had no choice but to support DRM, even if it felt bad about doing so.

There are, of course, many problems with DRM, and baking it directly into HTML5 raises a number of concerns. A major one: since the part of the DMCA (Section 1201) makes it infringing to merely get around any technological protection measure — even if for perfectly legal reasons — it creates massive chilling effects on security research. To try to deal with this, Cory Doctorow and the EFF offered up something of a compromise, asking the W3C to adopt a “non-aggression covenant,” such that the W3C still gets its lame DRM, but that W3C members agree not to go after security researchers.

Who could possibly object to that? But, for whatever reason, the W3C still won’t agree to it. Cory and the EFF are looking for security researchers to sign on to tell the W3C to get with the program and to protect security research. They’ve already got some great names signed on, but if you’re in the security research field, please consider signing on as well. Or if you know people in the field, please send them to the EFF asking them to sign on as well.

Filed Under: drm, html5, security research
Companies: w3c