Re: Protecting WebFonts

Gary Ruben put forth an interesting proposal:

>1. I believe, very simply, that fonts should not be embedded on a Web
>page - that is, the font data and fonts programs in any format that can
>be handled directly by standard font rasterizers, like TrueType or PS
>Type 1, should not become part of a Web page in any form. Not
>re-encoded, not encrypted, as a block of binary data, etc. Not in any
>form.
>  The mechanisms used in HTML, or CSS1 to specify a font for use on the
>page should specify either a URL reference to a font on the Web server,
>or a set of parameters that allows the browser to match local fonts to
>the desired font (you know, like Face/Family, Weight, Style or PANOSE,
>or other font mapping systems), or the set of parameters that allows the
>browser to synthesize a font with particular metrics, using any font
>synthesis technologies they might build in (like Adobe MM, or Chamelion,
>etc.) ... THAT IS, there can only be a *reference* to a font, *never*
>the font itself.

So far, so good.

>2. Having a full URL for the font might tempt some less than upright net
>denizens to try to get the font directly from its Web server. To prevent
>the outright advertisement of the location of a font, the font URL
>reference should be restricted to *only* relative URLs, not fully
>qualified URLs.
>
>3. The browser itself must enforce a policy that prevents *any* font
>from being downloaded from a Web server different than the one
>originating the Web page the font request is in.
>
>4. When the browser downloads a font from a Web server and "installs" it
>into the operating system (so it can take advange of the regular OS font
>machinery), the browser *must* use the existing facilities for "private"
>installation (both Windows and Mac have parameters for installing fonts
>as private). This way, the fonts are not seen by or available to other
>applications running on the same box - only the browser will be able to
>use the font. For UNIX, because there is no standard font mechanisms
>(except for X BDF fonts), it is likely that the browser, if it
>implements font support, will have a built in connection to a
>font-rasterizer or two, and it can control its use of the rasterizer
>very tightly.
>
>5. If a browser downloads a font and keeps it in its cache, the font
>*must* be encrypted (with strong encryption, like RSA or PGP).
>
>6. A Web page author should be able to specify that they want secure
>_transmission_ for a font. The font reference tag(s) in HTML or CSS1
>should have an optional attribute "SECURE". When the browser retrieves a
>SECURE font, it should use the SSL security mechanisms, The server for a
>secure font must then, of course, be a secure server.
>
>Given these precautions, and the cooperation of browser vendors and
>manufacaturers, I believe that fonts can be safely used on Web pages
>without fear of casual appropriation, or even moderately determined (and
>therefore *deliberate*) attempts to lift a font out of its Web page.

And what happens when the browser becomes the operating system, as some
folks in OS design are suggesting?  Some fringe guy named Bill Gates is
even taken with the idea, and he just might be able to convince a few
other people to go along with him.  All of a sudden, there are no "other"
applications, and the font which only the browser is allowed to use is
completely available for everything you want to do on the computer.

Here's a variant, which addresses the actual rights of the font's copyright
holder.  The only acceptable font references in a web page should be refs
to the font distributor's server (or whoever holds the copyright to that
font).  That server can then send out copies if the copyright holder wants
to.  Adobe and Bitstream can give away their fonts, and I can choose not
to give away mine.  And you don't give end-users the false impression that
somehow they have the right to distribute copies themselves.

So if I want to use Adobe Minion, I can send out my page along with a
reference to Adobe's site for where to retrieve the font.  I'd better
expect that Adobe's site might not be working, or that Adobe might have
decided not to give it away any more.  Such is life.  But if Adobe is
still giving it away, great!

The font manufacturer can just send a bitmap instead, which will let the
document be read (see, dingbat fonts can't be substituted very well).  So
it doesn't have to be an all or nothing approach.  And for normal text
fonts, substitution will work just fine if the manufacturer doesn't want
to give away the font.

Nobody except me has the right to distribute the fonts I make.  They can
distribute bitmaps or printed output they've created using my fonts.  But
not the fonts themselves.  And conversions such as TrueDoc uses are not
sufficient to void my copyright on the arrangement of characters in a
dingbat font, or to void my copyright on non-alphabetic characters, or
to void my copyright on typeface design in many countries outside the
US, or to void a possible design patent in the US.  And all of Bitstream's
protesting that they want to give away their fonts doesn't give them the
right to give away mine, or to tell their users that it's ok if the
users do.

I'm very concerned about the erosion of perceived value in fonts.  That
destroys the market for future fonts.  For current fonts, wide illegal
distribution isn't as much of a problem as long as the sources can be
traced (which AltaVista and server logs make quite simple), because I
can recoup my lost sales through lawsuits.  And folks like Bitstream
would appear to be liable for contributory infringement, which makes life
even simpler.  I don't much like that approach to earning my income, but
if Bitstream is going to keep insisting that it's ok for them to help
give away my fonts, I don't see what alternative there is.  It'll be a
little simpler when a bunch of wronged independent foundries get together
to file suit a la SWIFTE...

Yours,
  Michael Bernstein
  Cascadilla Press
  michael@cascadilla.com

Received on Thursday, 22 August 1996 10:45:18 UTC