Sony Settles FTC Suit Over Music CD Spyware
Sony BMG Music Entertainment on Tuesday said that it had agreed to settle charges brought by the Federal Trade Commission for shipping dozens of music CDs -- that when played on a Microsoft Windows computer -- installed a hidden anti-piracy program that spied on users' listening habits and restricted the number of copies that could be made.
"Installations of secret software that create security risks are intrusive and unlawful," FTC Chairman Deborah Platt Majoras said in a written statement. "Consumers' computers belong to them, and companies must adequately disclose unexpected limitations on the customary use of their products so consumers can make informed decisions regarding whether to purchase and install that content."
Majoras' comments echoed those of Stewart Baker, an assistant secretary at the Department of Homeland Security. He indirectly slammed Sony shortly after the scandal broke in November 2005.
The terms of the FTC settlement closely track those outlined in two similar settlements from cases brought by attorneys general in Texas and California. The FTC settlement requires Sony BMG to "clearly disclose limitations on consumers' use of music CDs, bars it from using collected information for marketing, prohibits it from installing software without consumer consent, and requires it to provide a reasonable means of uninstalling that software. The settlement also mandates that Sony BMG allow consumers to exchange the CDs through June 31 and reimburse consumers for up to $150 to repair damage to their computers that they may have suffered in trying to remove the software."
Sony's secret software actually employed techniques similar to those found in "rootkits," a term used to described some of the file-hiding tactics used by some of the most advanced computer viruses in circulation today.
Security experts found that viruses or attackers also could use Sony's software to hide on a user's PC. Indeed, a virus later appeared that took advantage of that capability. The company that built the software for Sony later issued a patch to help people remove the software. However, the patch ultimately introduced its own set of security and stability problems after it was installed.
For a more in-depth look at the issue, refer back to two dozen or so of my blog posts: Piracy.
The comments to this entry are closed.