Sony settles DRM rootkit lawsuit for cash, 'clean' music |
 |
By Anne Saita, News Director
30 Dec 2005 | SearchSecurity.com |
|
|
Sony BMG has agreed to stop incorporating prying copyright-protection software on its CDs and to provide millions of free music downloads as part of a tentative settlement it reached this week in New York. If the agreement meets court approval, at least 15 other nationwide consumer class-action suits will become part of the settlement, as well as another lawsuit filed by the digital civil rights group Electronic Frontier Foundation.
"Sony agreed to stop production of these flawed and ineffective digital rights management technologies," EFF attorney Kurt Opsahl said in a prepared statement. "We hope that other record labels will learn from Sony's hard experience and focus more on the carrot of quality music and less on the stick of copy protection."
|
| Sony rootkit: |
Sony rootkit uninstaller causes bigger threat: Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit.
Sony takes second stab at DRM patch: But a top executive's response to criticism over the company's use of rootkit technology has added fuel to the backlash.
Trojans target Sony DRM and Windows: Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week. |
|
|
|
|
The company, a New York-based joint venture between Sony Corp. and Bertelsmann that is now the second largest music label, had incorporated digital rights management tools called XCP and MediaMax on CDs and DVDs to prevent consumers from making illegal copies. Piracy has become a huge problem for music and movie producers, costing billions of dollars in lost revenue. But Sony's technology also included a rootkit similar to those used by malicious hackers to spy on computer use, installed without consent and difficult to detect and remove. Once the scandal broke, Sony BMG issued an uninstaller that in some ways worsened the situation by creating bigger security holes that the digital underground could capitalize on.
Meantime, the public didn't buy Sony BMG's mea culpa and within weeks of the rootkit's discovery, class-action lawsuits began to accumulate. The timing of the scandal -- just before the holiday spending season -- also took its economic toll, though it's unclear how hard Sony's product lines were hit by the backlash.
As part of the proposed settlement, which is posted on Clearwater, Fla.-based Sunbelt Software Inc.'s Web site, Sony will immediately start payout benefits, which includes a $7.50 cash payout to each victim, and to ensure those impacted by the rootkit can readily remove it from their computers. The company also agreed to provide replacements for the 4 million CDs Sony began recalling last month. In total, 52 artists on the Sony label were impacted. It also offers a free download from one of 200 albums through a few online music sites, including market leader iTunes. Those who forgo the $7.50 cash reimbursement can receive even more free downloads, according to the agreement.
However, Sony BMG still has legal troubles to resolve elsewhere in the country. The state of Texas at present continues to pursue its lawsuit against the company for violating the state's new antispyware law. Other states with similar regulations are said to be considering legal action, too.
|
|
|
|
