The World Wide Web Consortium (W3C) has announced this past week its intention to promote the Encrypted Media Extensions (EME) draft as an official standard in the upcoming future.
The decision was signed by W3C head honchos, including Tim Berners-Lee, the World Wide Web's creator. Berners-Lee putting his name on the EME standard is ironic, as many Internet experts have warned that EME has the potential to kill openness on the Internet, the very thing that made it successful in the first place.
If you're not familiar with EME, this is a standard for supporting encrypted multimedia content over the Internet. While in theory, this has some broad applications at the technical level, all the organizations that have joined the W3C and pushed to adopt this standard are copyright holders, interested in using EME as a way to implement all-around DRM platforms inside browsers, mostly to protect their video streaming rights.
While protecting one's copyright is a legal right that anyone has, many experts have warned that the way in which the EME standard was written heavily favors copyright holders.
For example, security researchers cannot hunt for bugs or disclose security vulnerabilities inside DRM platforms without the approval of the DRM platform owners, potentially exposing millions of users to bugs that could go unreported for years.
Similarly, plugin or browser vendors that adapt video players for viewers with disabilities are in automatic "copyright infringement" just by adding subtitles to a video or correcting gamma settings.
Furthermore, the DRM allows copyright holders to impose their will on users. When users acquire a license for a video, they also acquire secondary rights, such as the right to remix a video for fair use or to resell or lend a copy of the video. A DRM in the browser would allow the copyright owner to deny a user his legal rights.
The EFF, UN's Unesco, the Free Software Foundation, independent security experts, human rights activists, and many others have criticized the W3C for allowing something like EME to be developed without any protections for users, security researchers, and software makers.
These organizations have submitted complaints and suggested modifications to the EME standard, but all have been ignored and shot down by the W3C.
Many have accused the W3C of selling out users in exchange for the financial involvement from deep-pocketed companies.
W3C wants 1/ to be w/w (good as far as it can go); 2/ to grow paying membership (bad if irreconcilable conflicts vs open web or among mems).— BrendanEich (@BrendanEich) July 8, 2017
The W3C has answered critics with claims that EME will improve user security, but the only real-world use case scenario that was ever discussed for the usage of EME was to support the DRM platform, allowing content owners to decide what, when, and for how much users can view multimedia content on the web.
EME has exactly one use-case: supporting DRM— Cory Doctorow (@doctorow) July 8, 2017
Many hoped that W3C's chief, Tim Berners-Lee, the World Wide Web's creator, would take the proposed protections into consideration before approving the EME standard.
Unfortunately, Berners-Lee stabbed his own creation in the back when he sided with copyright holders and streaming services, approving on Thursday an unmodified version of the standard that gives no protection at all to anyone but content owners.
Mourning the Web today, as @W3C sells everyone out. Still not the end; can be appealed. Don't let giant corporate publishers control the Web— John Sullivan (@johns_FSF) July 6, 2017
EME detractors and critics have two weeks at their disposal to file an appeal. Otherwise, EME will enter a streamlined W3C process that will make it an official standard by next year.