[encrypted-media] Formal objection to Encrypted Media Extensions advancing to Proposed Recommendation

rubenquidam has just created a new issue for 
https://github.com/w3c/encrypted-media:

== Formal objection to Encrypted Media Extensions advancing to 
Proposed Recommendation ==
{Sending to the public-html-mail list, copying it here for visibility}

My name is Ruben Rodriguez and I'm a free software developer and 
distributor. As a GNU developer I maintain the GNU IceCat browser[1], 
a freedom and privacy focused fork of Mozilla Firefox. As the director
 of the Trisquel[2] GNU/Linux free software distribution I publish 
copies of the "GNU IceCat" and "Abrowser" Firefox derivatives. Both 
those programs have their DRM capabilities disabled.

I formally object to Encrypted Media Extensions (EME)[3] being incuded
 as part of the HTML family of standards. My reason is that 
implementing and distributing DRM encumbered software exposes free 
software projects, distributors and users to legal risk, due to the 
wide limitations the DMCA imposes on studying, modifying and 
distributing software that implements DRM. Security and privacy 
problems have also been pointed out by others including Harry 
Halpin[4] and Wendy Seltzer[5].

These threats exist regardless of whether the software is under a free
 license or not, but they are amplified for free software projects:
    
* If the DRM components of an otherwise freely licensed browser are 
distributed under a proprietary licensing scheme, then the browser is 
no longer actually free software, and cannot be distributed by 
projects that only distribute such. 

* If to circumvent that -as Mozilla Firefox currently does- the 
non-free components are downloaded separately by the browser itself, 
then we have a backdoor that -even if we ignore the important security
 implications- robs the user of their control of their computation. It
 also exposes them to legal risk, as they are now in possesion of DRM 
encumbered software they didn't request and are forbidden to audit.

* The worse case is when the DRM components are licensed under a free 
software license -as would be possible with clearkey or other 
implementations- and thus included in the browser itself. The 
distribution of said browser under a free license would give users a 
false impression that it was safe to study, modify and redistribute 
the code. In reality, doing so would expose them to DMCA threats.

Given those alternatives, the conclusion is that DRM encumbered 
software cannot be distributed by free software developers without 
putting both the distributors and the recipients of the software at a 
high legal risk. DRM goes against the principles of free software, and
 against the World Wide Web as an open platform.

Respectfully,
Ruben Rodriguez.

[1]: https://www.gnu.org/software/icecat/
[2]: https://trisquel.info
[3]: https://w3c.github.io/encrypted-media/
[4]: 
https://lists.w3.org/Archives/Public/public-html-media/2016Aug/0001.html
[5]: 
https://lists.w3.org/Archives/Public/public-html-media/2016Aug/0007.html

Please view or discuss this issue at 
https://github.com/w3c/encrypted-media/issues/305 using your GitHub 
account

Received on Tuesday, 16 August 2016 15:04:13 UTC