You are seeing this wrong. Intel has two reasons to have ME:
1. It is useful in business settings
2. It enables the US spy agencies complete surveillance of all PCs
It's the second point that explains why they can't make it optional. And that makes business sense. That way they ensure backing from the NSA, instead of having to fight against them.
It can be useful for other purposes too, for example for enforcing DRM so that DRM code runs on a ME engine. And of course DRM code can be backdoored too so playing a specially crafted video would run code from it.
Intel ME is not an effective DRM scheme. You need to be exceptionally careful when you mention DRM, because if it becomes commonly believed that Intel ME could be used to implement DRM all of a sudden the DMCA comes into play. Research into Intel ME vulnerabilities becomes a federal crime.
> because if it becomes commonly believed that Intel ME could be used to implement DRM all of a sudden the DMCA comes into play
It is already common knowledge that the ME is used to implement DRM.
The DRM functionality of the ME has been discussed in several books. [0] The ME contains DRM functions to securely decode content (e.g. streaming video) in a way such that decoded content cannot be snooped by the host processor before it is displayed to the user (ostensibly via a secure channel like HDCP).
Of the four criteria in the exemption, I wouldn't put it past the government trying to make the case that exposing a NSA spy program somehow falls afoul of good faith investigation - but the general view that "any DRM research is a crime" is no longer accurate.
The good-faith requirement also means that likely you could not publish a way for someone to disable the "effective anti-circumvention measure". Even if you could, anyone who used that research to disable their own devices is arguably not conducting "good faith security research". While researchers might be safe, nobody will be able to use the results of their research legally except the companies that produce DRM (so that they can make it more secure). I don't think that's actually an improvement to be honest.
> because if it becomes commonly believed that Intel ME could be used to implement DRM all of a sudden the DMCA comes into play. Research into Intel ME vulnerabilities becomes a federal crime.
This is rather an argument against DMCA or an argument why researchers working in this area should consider leaving the USA.
All signatories to WIPO have DMCA-like laws (including the "effective anti-circumvention" clauses). Given how many countries are signatories to WIPO, there are very few countries where it would be strictly legal to do research into "effective DRM schemes".
All signatories to WIPO have DMCA-like laws (including the "effective anti-circumvention" clauses). All countries with "modern" copyright laws are signatories to WIPO, so I would not put money on it being legal in the UK.
1. It is useful in business settings
2. It enables the US spy agencies complete surveillance of all PCs
It's the second point that explains why they can't make it optional. And that makes business sense. That way they ensure backing from the NSA, instead of having to fight against them.