[encrypted-media] Formal objection: FLOSS and EME from doctorow via GitHub on 2017-03-23 (public-html-media@w3.org from March 2017)

From: doctorow via GitHub <sysbot+gh@w3.org>
Date: Thu, 23 Mar 2017 21:07:49 +0000
To: public-html-media@w3.org
Message-ID: <issues.opened-216573143-1490303267-sysbot+gh@w3.org>

doctorow has just created a new issue for https://github.com/w3c/encrypted-media:

== Formal objection: FLOSS and EME ==
EFF has repeatedly raised the issue of free/libre and open source software and EME, on-list, in calls and during the earlier covenant process. We reiterate these concerns, first published here (https://www.eff.org/deeplinks/2016/03/interoperability-and-w3c-defending-future-present) as a formal objection:

The free software movement has a longstanding commitment to providing users with the ability to run computers whose code is open to inspection and modification by any party. Free software advocates want to know that there are no sneaky back-doors in their programs, they want to avoid lock-in by companies, they want to be able to learn from their computers, they want to be able to improve their computers, and they want to be able to share those improvements.

The free software movement has given us many of the Internet's core technologies: the GNU/Linux operating system, the Apache web-server, NGINX, OpenSSL encryption,  and much, much more.

To implement an EME-capable browser, you must have a "Content Decryption Module." These modules are all presently implemented in closed, proprietary code. This isn't unusual: many core technologies begin life as proprietary blobs, and the normal course pursued by free software advocates is to reverse-engineer that proprietary software and make free, open implementations.

However, a reverse engineering attempt on an EME-CDM system can implicate DMCA 1201 and similar laws, meaning that anyone attempting to make a free/open equivalent would face potential lawsuits simply for undertaking this common activity.

A covenant that protects implementers from W3C members' use of  anticircumvention laws to attack interoperability solves this problem, at least for lawsuits initiated by parties to the covenant. Without it, anyone wanting to run a browser compatible with the video applications that the W3C is standardizing will have to run opaque, unauditable, unimprovable, non-distributable proprietary code, even if they're prepared to make a free/open alternative without any help from the original manufacturer.

Please view or discuss this issue at https://github.com/w3c/encrypted-media/issues/378 using your GitHub account

Received on Thursday, 23 March 2017 21:07:55 UTC