To cancel Netflix or not to cancel Netflix

by Gene Michael Stover

created Tuesday, 2013-07-02 T 15:07:07Z
updated Tuesday, 2013-07-02 T 15:07:07Z

Here's an excerpt from an e-mail that the EFF sent about HTML5, Digital Restrictions Manglement (DRM), & Netflix:

>    [1]#CancelNetflix
>
>    Netflix just announced that they are streaming videos in HTML5, only  
> in
>    browsers with "Premium Video Extensions". You know what that means --
>    Digital Restrictions Management (DRM).
>
>    The announcement is Netflix's latest chess move in their long game to
>    blanket the web in DRM. Slipping a DRM delivery mechanism into the
>    HTML5 standard is the online streaming giant's endgame. If the
>    outrageous proposal Netflix is peddling to the World Wide Web
>    Consortium (W3C) is adopted, you can kiss the free Web as we know it
>    goodbye. Where do they get the money to gain influence at W3C?
>
>    From your subscription dollars.
>
>    [2]Send Netflix a message: Cancel your subscription (This only works  
> if
>    you're logged in to your account.)
>
>    [3]Use the hashtag #CancelNetflix to tell @Netflix why you're leaving.
>
>    The proposal has faced massive public opposition, and so Netflix is
>    introducing a new strategy. Fake it til you make it. In yesterday's
>    [4]announcement, Netflix rep (and W3C proposal engineer) Mark Watson
>    said: "We expect premium video on the web to continue to shift away
>    from using proprietary plugin technologies to using these new Premium
>    Video Extensions." That's some impressive doublespeak: Premium Video
>    Extensions are proprietary.
>
>    Meanwhile, in the real world, at least one W3C member has [5]spoken  
> out
>    in opposition to the proposal, and an [6]international coalition of 27
>    organizations along with [7]tens of thousands of individuals have also
>    asked W3C to abandon the proposal. But so far Netflix, and other
>    powerful W3C members like Microsoft and Google, are drowning out that
>    substantial opposition with brute force.
>
>    [8]That's why now it's time to vote with your dollars.
>
>    While W3C CEO Jeff Jaffe's public support for the proposal is  
> baffling,
>    it's the proposal's authors, led by Watson, who developed this scheme.
>    DRM has been an important part of Netflix's business model from the
>    beginning; the company currently uses Microsoft's proprietary plug in
>    Silverlight to lock down its streaming videos. For Netflix, which has
>    previously had to spend time and money to implement DRM, getting W3C  
> to
>    include support for DRM in the HTML standard would make it easier and
>    cheaper for them to control your online viewing.
>
>    Netflix, and other companies supporting the proposal, have resorted to
>    thinly veiled threats to deprive the world of movies. Having  
> flashbacks
>    to the empty threats made during the SOPA/PIPA fight? Yeah, us too.
>    While it didn't work on Congress, the threat seems to be working on  
> the
>    W3C.
>
>    In a [9]recent blog post, Jaffe wrote: "Without content protection,
>    owners of premium video content - driven by both their economic goals
>    and their responsibilities to others - will simply deprive the Open  
> Web
>    of key content. Therefore, while the actual DRM schemes are clearly  
> not
>    open, the Open Web must accommodate them as best possible."[3] We
>    prefer the term 'free Web' Jeff, but we hear what you're
>    saying--Hollywood is a bully and if you don't give them your lunch
>    money, you'll end up with a wedgie.
>
>    The bullying may be influencing the W3C, but it won't work on us. We
>    want Netflix to know we won't let them pervert W3C's mission just so
>    they can save a few bucks. If Netflix wants to continue restricting
>    users with DRM, they can do it on their own dime. So let's show  
> Netflix
>    that pushing for DRM in HTML won't save them anything; in fact, it'll
>    cost 'em.
>
>    [10]Cancel your subscription to Netflix, and tell them why.
>
>    And once you've canceled, how about donating those subscription funds
>    to a group that is fighting on your behalf, like the [11]Free Software
>    Foundation or the [12]Electronic Frontier Foundation? We will use  
> those
>    dollars to amplify the impact of your cancellation.
>
>    Sincerely, Libby and the rest of the DRM Elimination Crew
>
>    PS. We need your help to spread the word. Please upvote this message  
> on
>    [13]Reddit or [14]share it via email or social network.

The EFF's claim checks out:

On Monday, 2013-04-15, on its own blog, Netflix says that they favor DRM in HTML5. ("HTML5 Video at Netflix")
There's another mention of it on the same day at Ars Technica. ("Netflix coming to HTML5 just as soon as the DRM ducks are in a row")
More than a year before, we were warned about it at both The Register and Ars Technica.
- "Who's adding DRM to HTML5? Microsoft, Google and Netflix"
- "Unethical HTML video copy protection proposal draws criticism from W3C reps"

Netflix & others favor of DRM features in HTML5. They make a false dichotomy that we need DRM in HTML or we can't stream videos. It's misleading; there are plenty of ways to stream movies without DRM in HTML5. So the substance of EFF's claim is totally correct.

However, if you look at the actual DRM proposal, it's not so clear that cancelling your Netflix subscription will improve things.

The DRM proposal is called the "Encrypted Media Extensions" (EME) to HTML5. You can read it for yourself in the HTML5 standards document.

The EME specifies an interface that Javascript programs in the browser can use to perform key exchange so they can decrypt the streamed movie. It doesn't specify a whole DRM system. It doesn't even specify a key exchange protocol, really. It's tools that a Javascript program can use to implement the key exchange that is part of a larger DRM system. The point is that EME is an API, not a full DRM system.

Let's back up & look at the big picture.

DRM is like shit: it happens. It's the embodiement of piracy paranoia & a disregard of consumer rights, but it's here to stay because our society long ago decided that corporations are people & that we collectively own nothing. Given that unfortunate reality, there are some benefits from it if it's applied justly & doesn't overstep its bounds.

I read an essay a long time ago that pointed out that DRM is software that's allowed to make decisions about the legality of data access. Put a DVD into your player, the DRM figures out that it's a legal copy & allows you to view it. Put a pirated disc into your player, the DRM figures out that it's not a legal copy & doesn't allow you to view it.

That's the way it works in theory. There are tons of cases in which it fails. There are two failure modes:

DRM software can fail by allowing an illegal access.
DRM software can fail by preventing a legal access.

Our society favors the big corporations, the "content owners" (a term that I suspect is misleading, but I'll use it for this rant). So our society tends to allow DRM to tend towards the first failure mode, the failures in which it prevents actions that it should have allowed.

Since DRM is here to stay, we need to define a few rules to protect the humans. If we do that properly, we can find a compromise that appeases the corporations's piracy paranoia but protects the rights of the users. Here are some ideas:

Corporations should never receive immunity when their DRM errs & prevents an action that would have been legal. That doesn't mean that they immediately, automatically owe someone money if DRM prevents an action that would have been legal, but it does mean that, when it happens, someone can take them to court with a realistic chance of winning judgement against the company & winning compensation. This provides financial motivation to the corporations to make sure that they get DRM right so that it serves both sides of the business-to-consumer relationship instead of simply embodying their own paranoia about illegal copying.

Here's an example: Maybe Netflix's DRM erroneously prevents me from streaming one specific movie on one of my computers, but it still allows me to watch its other movies on that computer, & it even allows me to watch that one movie on my other computer. This is about the most minor failure possible. The damage there is so low that it wouldn't be worth my time to take them to court, but in theory, I could.

But what if that previous case occurred to a lot of people? That group should be able to create a class action lawsuit (or whatever legal action you do in cases like that). Maybe they win, maybe not, but Netflix shouldn't be immune. They should be required to defend their choice of DRM software in court.

Even then, I can't imagine the damages being high. Hey, someone can't watch a particular movie for an evening. Big deal.

But what if something more serious happens? I can't know for sure unless & until it happens, so I have to make some guesses, but...
1. What if DRM on the instructions on a piece of equipment that a first responder uses refuses to let the responder read the instructions to operate the equipment, so he's unable to save as many people as he would have with the equipment. More people die &/or more property is damaged.
2. What if the DRM on an expensive collection of music, & which has allowed a person to listen to his music, suddenly & erroneously refuses to allow that person to listen to his music. So it's denying him access to hundreds or thousands of dollars of music.
What happens when the copyright period expires on a work? Does the DRM know & suddenly allow anyone to do anything with it? I suspect not, but if so, how does society reclaim what is now society's property? At least one un-encrypted copy of each copyrighted digital work should be placed in escrow from which anyone can copy it after the copyright period ends.

So I take a different view from EFF. Yes, DRM sucks, but it's also inevitable. Instead of futile resistance, against which DRM will still be used, I'd rather see society accept DRM & ensure that it's used in a responsible way, with protections for the people.

End.