EFF's Formal Objection to the HTML WG Draft Charter
The Electronic Frontier Foundation objects to the currently drafted HTML WG charter because the charter's current "support of playback of protected content" represents a significant broadening of scope for the HTML WG (and the W3C as a whole) to include the remote determination of end-user usage of content.
The inclusion of this deliverable, and any deliverable where ultimate control over user agent functionality is technically and legally removed from the user, will (1) exclude an entire class of platforms and user agents from full conformance with the HTML5 standard and the W3C's vision of the Open Web; (2) encourage the reduction of the amount of content accessible to users via the Web; and (3) create serious future impediments to W3C's core mission of promoting interoperability, voluntary standards compliance, and access for all.
We believe these risks to be inherent in the current EME proposal, but are also concerned with the precedent that overruling user control sets for the W3C. Our formal objection is intended, in part, to highlight the unusual nature of the EME proposal, and the challenges it presents to the strategic direction of the W3C. The listed issues and clarifications below consist of just a few of the potential problems we believe are raised by this step.
We're aware that the inclusion of EME has been already been controversial and debated publicly and within the W3C community, including within the working group itself. The issues are complex. We hope we can bring our experience working with standards groups, researchers, legislators, and users to help illuminate best practices for conveniently providing support for commercial content while still preserving user rights.
This objection is not intended to be a technical criticism of the standard of the current EME First Public Working Draft. We argue, however, that the EME is out of scope to the extent that it provides for the implementation of usage controls on the Web platform. To the extent that EME supports use cases other than usage control, existing Web standards already permit equivalent functionality.
Clarifying "content protection": access control vs. encryption vs. usage control
"Content protection" is a very broad term, with many different potential implementations, including access control, content encryption and digital rights management.
Access control is a topic that the Web platform has successfully addressed, with authentication standards with HTTP, client certificates, etc. Similarly, the Web platform has addressed the transit-layer encryption of communications with the TLS standard, and the work of the Web Cryptography Working Group. All of these technologies define a notion of authorized and/or authenticated information to information, and provide mechanisms to enforce that notion.
Support for DRM and usage control, however, is a new step for W3C.
Usage control poses insuperable challenges for implementation and interoperability
Usage control requires that in order to conform with a standard, a device must limit or restrict its operation to a subset of its normal or expected behavior. This restriction cannot be overridden by its owner. Indeed, the ease by which a user may override such restrictions may determine the perceived "success" of the usage control.
Engineering usage control on modern devices requires both preventing the user from controlling some of the functionality of her own device, and giving control over that functionality to a third party. Many developers view this as both technically problematic (users should normally have full access to the hardware and software of their own devices), and damaging to user security (with remote usage control, third parties may extract, delete or tamper data on the user's computer without permission; see, e.g. the Sony Rootkit scandal). Usage controls also provide an disturbing set of incentives to withhold the highest level of administrative control over a device from its owner, forcing individuals to cede power over their devices to others and eroding the meaning and scope of ownership.
At the same time, a successfully engineered, locked-down, device still embodies the fundamental paradox of usage control for the purposes of controlling media operations. The consumption of media always requires providing access. Access to media allows it to be copied; and copying allows media to be used free of usage constraints. Video or audio, no matter how controlled on the device, must be displayed or played to the purchaser at some point. If it is displayed or played, it can be recorded. If it can be recorded, it can be freed from usage restrictions.
Those who demand usage control have stated that they may not always require perfect control. However, for a certain large class of devices and users, the degree of remote control will never be sufficient for compliance with usage-based DRM: end-user control is by definition impossible to implement on free/open source platforms where users are free to run, copy, distribute, study, change and improve the software they use. As a consequence, standards for usage control by their nature will always exclude free/open source platforms.
Usage controls, by forbidding certain user agents from displaying content due to their identity rather than their capabilities, also undermines the goal of creating standards that give end users flexibility and influence by allowing them to choose their own user agents. Content producers will choose to prefer some clients over others, influencing the future development of the Web along narrower lines, via standards that were originally intended to provide flexibility to all participants in the Web environment.
Usage control also explicitly allows or assumes that services authenticate, not with users, but with user agents and their contained usage control mechanisms. This means that services using standards can (and indeed, are expected to) deliberately limit interoperability. In the present Web, a user agent developer can look up the technical details of how to build a browser, and create a better client that fully works with the entire Web as the W3C has defined it. With usage control as part of the standard, the developer will need to conduct a business negotiation with other parties in order to fulfil the media piece of the interoperability puzzle (and, in the course of this negotiation, agree to limitations upon the client's functionality).
Although interoperability could be, and has been, deliberately limited in the past, the parties excluding particular clients have not been able to claim that they were doing so as part of the open Web or by implementing web standards.
Usage control is not necessary for the provision of commercial content
There has been an assumption that content cannot be provided without pervasive third-party controls on usage. But there are plenty of possible licensing arrangements that do not require such control.
In practice, content can and has been provided using a variety of strategies: access control only models ("paywalls"), watermarked content, advertisement-sponsored content, and subscription models that do not contain DRM. Individuals and companies, including record labels, musicians, newspapers, writers, and commercial book publishers, can and do sell creative work on today's web -- every day, to the tune of millions of dollars. They do so using existing Web standards, and existing Web standards have never been understood to imply a prohibition on commerce, nor an abrogation of publishers' right to charge money for access to creative works.
It's also been claimed that certain owners of content will only provide content with usage control in place. It is EFF's experience that this is not the case. For example, when the entertainment industry was demanding such usage control in the form of the broadcast flag in US digital TV, the MPAA’s Fritz Attaway said that its absence would mean “content creators [would] cease making their high-value programming available for distribution over digital broadcast television [and] the DTV transition would be seriously threatened". Viacom declared that, without the broadcast flag, it would not provide any programming in high definition. Digital TV is now an everyday part of American life, without usage control, and these threats have not been acted upon.
Similarly, the music industry had long declared that it would not distribute its content without usage controls. Nowadays, all the major music labels distribute their content in MP3 format, without such controls.
Usage control restricts the user capabilities that created and sustain the Web
Usage control by its very definition means limiting user access to a pre-set group of operations. But the Web is built through the innovation and ingenuity of its users and creators. Usage control forbids unauthorised or unanticipated applications, but copyright law includes many exceptions and limitations on rightsholders’ abilities to restrict such usage. Many of these limits are essential to the current Web environment, including but not limited to hyperlinking, archiving, thumbnailing and web-spidering.
Usage control could have statutory implications for standards-making and technologists
The difficulty of implementing usage control purely through technological means has meant that its advocates have sought to use legal measures in order to enforce behaviour. Copyright law regulates conduct, but in many countries users are also prohibited from circumventing DRM, even for legitimate, although unauthorised or unanticipated uses. Technologists are also chilled from exercising their right of free expression to share knowledge about flaws in DRM.
Within the United States, an additional concern is U.S.C. §512(i), which requires ISPs to “accomodate” copyright protection measures that were developed in an “open, fair, voluntary, multi-industry standards process.” If the W3C's mechanisms is construed to meet that standard, the W3C could find itself being used as a channel for copyright controls that could become mandatory obligations for ISPs to monitor and interfere with web traffic.
The mechanisms proposed here are likely to be a floor, not a ceiling
If large content providers of video and audio content are able to demand usage control through the application of standards, it is hard to see why W3C should not widen the same capabilities to all Web content: for instance, embedded images and HTML pages themselves. Once usage control is permitted, it is unclear what the dividing line should be between content providers who are not permitted exercise this capability, and those which are permitted to do so by Web standards.
But even if adopted by a minority of users, such a step would transform the Web. Content could be made unlinkable, unviewable, uneditable or unbrowseable, based on a nest of permissions and negotiations. The web would turn from being an open environment for all, to a nest of incompatible pages, relying on a battery of proprietary plugins.
The strongest argument we have seen for EME and usage control at the W3C is it is no worse than the binary plugins we have now. But by accepting usage control as part of wiring of the Web, the W3C risks expanding the influence of such plugins to an even wider range of media, with the apparent support of the Web’s own architects.
These objections are clearly wider than technical criticism of the current standard. We feel that the W3C needs to develop a policy, not on the benefits of bringing certain premium content to the Web, but on the conditions that are currently attached to that content: in particular, its position on ceding control of the user agent to forces outside the user’s ultimate control, and using technical and legal measures to enforce that surrender.
Beyond the W3C's decision, we also note that legislative reforms have been discussed to fix the legal aspect of these challenges, including reforms to the United States' legal protections for technical protection measures, and plans for comprehensive copyright review in the United States and the European Union.
We suggest that W3C work on usage control be postponed until at least this legislative uncertainty is resolved.
The HTML Working Group’s modularity also permits standards to evolve outside of the W3C, and become incorporated as experimental use determines their popularity and support. If their work is successful, and the law becomes more tolerant of allowing the open Web and controlled content to better interact together, then will be the time to standardise those practices at the W3C.