Compliance Management, Government Regulations, Network Security

W3C’s rejected HTML5 proposal imperils security researchers

The World Wide Web Consortium (W3C) is embroiled in an ongoing dispute over digital rights management for HTML5. In the latest development of the dispute, W3C digital rights management (DRM) working group chairman Paul Cotton vetoed a proposal to discuss HTML5 standards before renewing the group's charter.

The proposal, raised by internet activist Cory Doctorow, affects penalties security researchers could face in researching security risks related to HTML5 digital rights management.

“Once DRM is part of a full implementation of HTML5, there's a real risk to security researchers who discover defects in browsers and want to warn users about them, and for new companies hoping to compete by offering features and products that the incumbents don't choose to implement,” Doctorow wrote, in a Boing Boing blog posted over the weekend.

Last year, the Electronic Frontier Foundation (EFF) and Doctorow argued against renewing the W3C's Encrypted Media Extensions Working Group unless the group's charter was modified to require members to agree not to use digital copyright laws to attack security researchers involved in research related to digital rights management and HTML5 standards.

Earlier this month, the EFF proposed that the group's charter not be renewed in September unless an exit condition is added to the group's work.

The dispute stakes out the contrasting views held by security researchers and established technology companies like Microsoft. W3C Director and internet inventor Tim Berners-Lee has supported digital rights management. “If we don't put the hooks for the use of DRM in, people will just go back to using Flash,” he said, during a SXSW keynote.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.