The Crisis of Standardizing DRM: The Case of W3C Encrypted Media Extensions

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)

Abstract

The process of standardizing DRM via the W3C Encrypted Media Extensions (EME) Recommendation has caused a crisis for W3C and potentially other open standards organizations. While open standards bodies are considered by definition to be open to input from the wider security research community, EME led civil society and security researchers asking for greater protections to be positioned actively against the W3C. This analysis covers both the procedural issues in open standards at the W3C that both allowed EME to be standardized as well as for vigorous opposition by civil society. The claims of both sides are tested via technical analysis and quantitative analysis of participation in the Working Group. We include recommendations for future standards that touch upon some of the same issues as EME.

Keywords

Digital Rights Management W3C Security Privacy Standardization 

References

  1. 1.
    Bai, G., Hao, J., Wu, J., Liu, Y., Liang, Z., Martin, A.: TrustFound: towards a formal foundation for model checking trusted computing platforms. In: Jones, C., Pihlajasaari, P., Sun, J. (eds.) FM 2014. LNCS, vol. 8442, pp. 110–126. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-06410-9_8 CrossRefGoogle Scholar
  2. 2.
    Batchelor, B., Jenkins, T.: FA premier league: the broader implications for copyright licensing. Eur. Compet. Law Rev. 33(4), 157–164 (2012)Google Scholar
  3. 3.
    Berners-Lee, T.: On EME in HTML5 (2016). https://www.w3.org/blog/2017/02/on-eme-in-html5
  4. 4.
    Berners-Lee, T., Fischetti, M.: Weaving the Web: The Original Design and Ultimate Destiny of the World Wide Web by its Inventor. Harpers Information, New York (2000)Google Scholar
  5. 5.
    Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)CrossRefGoogle Scholar
  6. 6.
    Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_25 Google Scholar
  7. 7.
    US Congress: Digital millennium copyright act. Pub. Law 105(304), 112 (1998)Google Scholar
  8. 8.
    Doctorow, C.: Security researchers: tell the W3C to protect researchers who investigate browsers (2016). https://www.eff.org/deeplinks/2016/03/security-researchers-tell-w3c-protect-researchers-who-investigate-browsers
  9. 9.
    Dorwin, D., Smith, J., Bateman, A., Watson, M.: Encrypted Media Extensions (2017). https://www.w3.org/TR/encrypted-media/
  10. 10.
    EFF: Objection to the rechartering of the W3C EME group: Covenant (2016). https://www.eff.org/pages/objection-rechartering-w3c-eme-group
  11. 11.
    Gupta, H.: (Lack of) representation of non-western world in process of creation of web standards (2016). https://arxiv.org/pdf/1609.01996.pdf
  12. 12.
    Halderman, J.A., Felten, E.W.: Lessons from the Sony CD DRM episode. In: USENIX Security Symposium, pp. 77–92 (2006)Google Scholar
  13. 13.
    Halpin, H.: DRM and HTML5: it’s now or never for the Open Web. Guardian (2013). https://www.theguardian.com/technology/2013/jun/06/html5-drm-w3c-open-web
  14. 14.
    LaMacchia, B.A.: Key challenges in DRM: an industry perspective. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 51–60. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-44993-5_4 CrossRefGoogle Scholar
  15. 15.
  16. 16.
    Mercuri, R.T., Neumann, P.G.: Security by obscurity. Commun. ACM 46(11), 160 (2003)CrossRefGoogle Scholar
  17. 17.
    Petrick, P.: Why DRM should be cause for concern: an economic and legal analysis of the effect of digital technology on the music industry. Berkman Center for Internet and Society at Harvard Law School Research Publication (2004)Google Scholar
  18. 18.
    Prakash, P.: Technological protection measures in the Copyright (Amendment) Bill 2010 (2016). http://cis-india.org/a2k/blogs/tpm-copyright-amendment
  19. 19.
    Rosenblatt, B.: DRM, law and technology: an American perspective. Online Inf. Rev. 31(1), 73–84 (2007)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.InriaParisFrance

Personalised recommendations