EFF, Texas Attorney General Sue Sony
Greg Abbott, the attorney general for Texas, today filed a lawsuit against Sony BMG Music Entertainment, alleging that its controversial (and now recalled) "XCP" anti-piracy software violates the state's anti-spyware and consumer protection laws.
"Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Abbott is quoted as saying in a press release on his official Web site. "Consumers who purchased a Sony CD thought they were buying music. Instead, they received spyware that can damage a computer, subject it to viruses and expose the consumer to possible identity crime."
Abbott's suit seeks civil penalties of $100,000 for each violation of the law, attorneys' fees and investigative costs.
At $100,000 per violation, this lawsuit could really hit Sony's pocketbook hard. Last week, computer security researcher Dan Kaminsky published research showing that Sony's flawed anti-piracy software is installed in computers on at least 560,000 networks around the globe. Kaminsky said that if there were on average just two machines on each network running the anti-piracy software, the number of computers currently endangered by Sony's products could number in the millions.
I spoke with Abbott shortly after their press conference on this and he said that if industry estimates about the percentage of people who buy music CDs listen to them on their PCs (30 percent) are accurate, then there could be "thousands if not tens of thousands" of affected Texas consumers."
"The message we hope to send with this lawsuit is don't mess with Texas' computers," Abbott said.
This would mark the first lawsuit filed under Texas's new spyware law, and it would be the third case brought against Sony over its digital-rights managements software, which installs surreptitiously on Windows PCs, hides its files and resists removal. Lawyers in California and New York also have filed class-action suits against the company.
Consumers who try to remove the software can damage their machine or render their CD-ROM drives inoperable. Security researchers also uncovered security holes in the program itself, as well as flaws in the "patch" Sony recently issued to help consumers remove the most dangerous portions of its software.
Sony said last week it would let consumers exchange compact discs encoded with the software for new versions of the same titles without the software. The company promised to recall the affected CDs from retailers' shelves, but the Texas suit claims the attorney general's investigators were able to purchase numerous titles at Austin retail stores as recently as Sunday evening.
Update, 1:37 p.m. ET: It looks like the Electronic Frontier Foundation (EFF), which has been rumbling about possibly filing a lawsuit on behalf of people who bought Sony CDs, is getting ready to announce something at 3 p.m. ET today. Security Fix will be following that development closely. From my brief conversation with EFF Legal Director Cindy Cohn, it appears EFF may be prepared to pressure Sony not just on the CDs protected by the "XCP" software targeted by the Texas lawsuit, but also vulnerabilities recently uncovered in MediaMax, the anti-piracy software produced for Sony by SunnComm Technologies, whose programs were stitched into roughly 20 million CDs already sold.
Update, 3:38 p.m. ET: EFF filed its class-action lawsuit against Sony in California state court, along with two leading national class-action law firms. In its filing, EFF issued a statement praising Sony for acknowledging problems with its XCP software, but said that the company "has failed entirely to respond to concerns about MediaMax. "Music fans shouldn't have to install potentially dangerous, privacy intrusive software on their computers just to listen to the music they've legitimately purchased," the EFF's Cohn said.
Update, 6:25 p.m., ET: It looks like Massachusetts Attorney General Tom Reilly could also soon be going after Sony. Sarah Nathan, a spokesperson for the Mass. AG, confirmed that Reilly's office is investigating Sony BMG for possible violations of the state's consumer protection laws, but she declined to comment further.
Posted by: JCanada | November 21, 2005 1:19 PM | Report abuse
Posted by: Don Wood | November 21, 2005 1:19 PM | Report abuse
Posted by: p@ | November 21, 2005 1:29 PM | Report abuse
Posted by: Keith | November 21, 2005 2:41 PM | Report abuse
Posted by: GTexas | November 21, 2005 4:33 PM | Report abuse
Posted by: Seb | November 21, 2005 7:07 PM | Report abuse
Posted by: Doug Terry | November 21, 2005 8:31 PM | Report abuse
Posted by: TonyC | November 22, 2005 2:15 AM | Report abuse
Posted by: Mike | November 22, 2005 5:24 AM | Report abuse
Posted by: Steve | November 22, 2005 9:04 AM | Report abuse
Posted by: GTexas | November 22, 2005 3:40 PM | Report abuse
Posted by: NoMoDRM | November 23, 2005 5:22 AM | Report abuse
Posted by: jacrav | November 23, 2005 10:57 AM | Report abuse
The comments to this entry are closed.