Feeds

Texas puts Sony BMG in its sights

'Illegal spyware'

Secure remote control for conventional and virtual desktops

The Attorney General for the state of Texas filed a lawsuit against Sony BMG Music Entertainment on Monday, calling the media giant's copy-protection technology "illegal spyware".

The complaint alleges that Sony BMG violated the Texas Consumer Protection Against Computer Spyware (CPACS) Act, which includes provisions that punish those who hide software from a computer's owner. The focus of the legal action is a copy-protection program created by software firm First 4 Internet and used by Sony BMG to guard 52 CD titles.

The Extended Copy Protection (XCP) software hides itself and controls basic functions of the Windows operating system - tactics employed by the rootkits commonly used by online attackers. The software was included on some 4.7 million discs produced by Sony BMG, of which about 2.1 million were sold.

"Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Texas Attorney General Greg Abbott said in a statement. "Consumers who purchased a Sony CD thought they were buying music. Instead, they received spyware that can damage a computer, subject it to viruses and expose the consumer to possible identity crime."

With the lawsuit, Texas becomes the first state in the nation to sue Sony BMG for the company's role in installing the surreptitious copy-protection program on PCs. Following the discovery of the software three weeks ago, security experts, consumers and digital-rights advocates have taken the media giant to task, saying that Sony BMG's software makes computers insecure, does not adequately inform the user as to its function and cannot be uninstalled easily.

Sony BMG did not answer requests for comment on Monday.

At least a half dozen legal actions have already been filed or will be filed in the coming weeks, said sources at the firms involved in the cases. The same day as the Texas lawsuit, two law firms joined the Electronic Frontier Foundation, a digital rights advocacy group, to file a case in California court on Monday.

A lawyer in Los Angeles filed a class action lawsuit against Sony in citing three violations of consumer and business codes. Later that week, Italian digital rights group Associazione per la Libertá nella Comunicazione Elettronica Interattiva (ALCEI) filed a criminal complaint in the country to investigate whether Italian consumers were affected by the Sony BMG cloaking technology. Chicago-based law firm Cirignani Heller Harman & Lynch plans to file a lawsuit against Sony to recover damages caused to consumers by the media giant's copy protection scheme, an attorney with the firm said.

While the functionality and intent of Sony BMG's copy protection are at the heart of the lawsuits, they cases will also test whether consumers can give a company broad permission to install possibly detrimental programs on their systems. Moreover, the media giant constructed a number of hurdles to removing the program, including a privacy-invasive registration and the need to wait for a special identification number.

New York attorney Scott Kamber, who filed a class-action lawsuit against Sony BMG in a U.S. District Court in New York City last week, said that Sony BMG damaged consumers' computer systems with its code.

Beginner's guide to SSL certificates

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.