The World Wide Web Consortium (W3C), which sets standards for the Web, has released what it calls a “disposition of comments“, designed to address objections to the controversial Encrypted Media Extensions (EME). EME is officially “a common API that may be used to discover, select and interact with content encryption systems”. In practice, for the first time it builds DRM officially into the very fabric of the Web, a move that will destroy an openness that has underpinned it since its public release in 1991.

The “disposition of comments” is the formal version of an earlier blog spost by the inventor of the Web, Sir Tim Berners-Lee, which he published back in February. There he explains in more detail why he wants to allow DRM to become part of HTML. It’s clear from both documents that the central argument is that the W3C is simply standardizing an existing situation where many DRM schemes are used, and that by providing a rigorous framework it is making life easier and better for the user. In fact, the W3C even went so far as to insist on Twitter that “There’s no DRM baked in the EME spec.” But as Florian Rivoal pointed out in reply, this is like claiming “Guns are not dangerous if you don’t put bullets in them. We’re just working on guns not bullets, so we’re not doing anything dangerous.”

Some people objected to the comparison, saying that DRM should not be compared to bullets, because DRM can’t kill. But it can, thanks to one of the biggest policy defeats ever suffered by civil society: the WIPO Copyright Treaty, agreed in 1996. Article 11 says:

“Contracting Parties shall provide adequate legal protection and effective legal remedies against the circumvention of effective technological measures that are used by authors in connection with the exercise of their rights under this Treaty or the Berne Convention”

This is the famous anti-circumvention provision, which is enshrined in the Digital Millennium Copyright Act in the US, and the European Copyright Directive in the EU. It means that it is illegal to circumvent DRM applied to copyright material, even for legal purposes. It effectively raises the protection of copyright material above all other rights. In a world where software is becoming ubiquitous, that’s a big problem. Software is covered by copyright, which means that if DRM is applied to protecting that software, it is illegal to circumvent it, even in order to save lives. Here’s why that is not hyperbole:

“Because of the DMCA, as much as 40% of the computer code in [critical] medical devices remains untested for safety by independent security experts. I am confident that I would find serious flaws in some or all of these devices if the DMCA did not prevent my research. Because of this lack of safety research, as a type 1 diabetic, I feel that using an insulin pump is too unsafe, and I instead self-inject with needles many times daily. I am not alone in this safety assessment: other diabetic security researchers behave similarly.”

As that analysis by a security research professional points out, thanks to the DMCA’s ban on circumventing DRM, it is impossible to look at the code in insulin pumps, artificial organs, birth control implants, kidney dialysis machines and morphine infusion pumps that collectively keep millions of people alive. There is thus no way of checking whether such systems have bugs that could lead to injury or death, either through accidental malfunction or because of malicious interference. One person taking the latter threat very seriously is former US Vice-President Dick Cheney, whose heart defibrillator was modified to prevent external access. DRM can indeed kill, although probably not when used on Web pages. But even there it is undeniably harmful, as Berners-Lee recognizes:

“Since EME directly interacts with CDMs [Content Decryption Modules – the DRM “bullets” for EME’s “gun”], it may appear that the W3C specification sanctions the notion that research into EME may be deemed “circumvention” under copyright anti-circumvention laws.”

Cory Doctorow explains how top researchers, digital rights activists and well-known tech organizations all suggested ways of addressing that serious issue, but copyright companies refused to allow even the narrowest protection to researchers. Instead, this is what the W3C came up with:

“We also recommend that such [organizations involved in DRM and EME implementations] not use the anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA) and similar laws around the world to prevent security and privacy research on the specification or on implementations.”

A “recommendation” – a pious hope – with no obligation, is worthless in terms of shielding researchers. They will naturally want to avoid the risk of prosecution, and so EME code will remain unchecked by them, making it likely that bugs will not be spotted. Thus, contrary to Berners-Lee’s claim that the new DRM in HTML approach will bring with it better security – one of his primary justifications for EME – it will in fact mean that there are unsuspected, possibly serious vulnerabilities.

And yet even the problems caused by anti-circumvention laws are dwarfed by the central threat of the new EME approach: that once a precedent has been set by introducing it for video, it will then be extended to other media. Berners-Lee himself admits this is a risk:

“For books, yes this could be a problem, because there have been a large number of closed non-web devices which people are used to, and for which the publishers are used to using DRM. For many the physical devices have been replaced by apps, including DRM, on general purpose devices like closed phones or open computers. We can hope that the industry, in moving to a web model, will also give up DRM, but it isn’t clear.”

Even that downplays the full catalog of horrors we could face once DRM has been definitively blessed and normalized by the W3C as an official part of HTML (the Free Software Foundation points out that there is still a tiny chance it could be stopped.) Some years back, the EFF spelt out what EME could lead to:

“A Web where you cannot cut and paste text; where your browser can’t “Save As…” an image; where the “allowed” uses of saved files are monitored beyond the browser; where JavaScript is sealed away in opaque tombs; and maybe even where we can no longer effectively “View Source” on some sites, is a very different Web from the one we have today.”

It is simply tragic that the man who created the World Wide Web, and then, in an act of great generosity, released it freely to the world, should acquiesce in this terrible mistake that will destroy a key aspect of his gift: its openness.