Internet Archive: "DRM for the Web is a Bad Idea"

Originally published at:


One can lockout one’s entire site from the Internet Archive merely by making an alteration to the robots.txt file on one’s server. Why should DRM pose an existential threat?

It’s actually worse than that. If you own a defunct domain, you can lock out everyone from the archive copy of the old site by putting a robots.txt file on your current squatter site. Which is completely insane, but that’s how the internet archive has decided to implement their policy for the robots.txt “do not archive” bit.


Because changing one’s robots.txt file is site-specific and voluntary, while changing the standards and browsers of the entire internet simply to cater to Netflix can be destructive.

1 Like

DRM introduces the opportunity for website operators to pursue criminal charges against people who circumvent their DRM, even in cases where the circumvention is a protected fair-use action under copyright law. By enforcing DRM as a browser standard across the web, as opposed to an opt-in add-on service, browsers become a tool for enforcing copyright, creating an existential legal threat to fair use in general. What Internet Archive does is specifically threatened, but as a fair-use advocate, its stake in the fight to protect fair use has much broader implications. If the DMCA (and related international laws) allowed DRM circumvention under fair-use, this would be a non-issue.


So those who DRM their work will be forgotten by the archives. Good riddance.

Does anyone know why the Internet Archive implemented it that way? Do they have a good argument?

The spectre of unknown legal cases I am sure.

I am sure they don’t remove said sites from their Archie’s, just from the public index. Any notion on if removing robots.txt will drop the site’s archives back into the public index?

1 Like

Don’t worry, every major browser had implemented EME for over a year before the W3C even considered adding it to the standard, and it has had zero impact on security researchers this entire time. Adding it to the standard is simply formalizing what has already been implemented for some time, it doesn’t change anything.

Adding it to the standard is simply formalizing something that has been around since 2013. EME and the W3C standard contains ZERO DRM, there isn’t any DRM in the standard nor in EME. EME is a secure way of discovering and connecting to third party DRM CDMs (content decryption modules). It is moving the access point from insecure plugins with system wide access to the secure video tag which can be sandboxed, which dramatically improves user privacy and security. Seriously there isn’t any DRM in the proposed standard, not a single line, not even one character of DRM code. All DRM code remains outside the standard as it always has been.

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.