Feeds

Texas puts Sony BMG in its sights

'Illegal spyware'

Protecting against web application threats using SSL

The Attorney General for the state of Texas filed a lawsuit against Sony BMG Music Entertainment on Monday, calling the media giant's copy-protection technology "illegal spyware".

The complaint alleges that Sony BMG violated the Texas Consumer Protection Against Computer Spyware (CPACS) Act, which includes provisions that punish those who hide software from a computer's owner. The focus of the legal action is a copy-protection program created by software firm First 4 Internet and used by Sony BMG to guard 52 CD titles.

The Extended Copy Protection (XCP) software hides itself and controls basic functions of the Windows operating system - tactics employed by the rootkits commonly used by online attackers. The software was included on some 4.7 million discs produced by Sony BMG, of which about 2.1 million were sold.

"Sony has engaged in a technological version of cloak and dagger deceit against consumers by hiding secret files on their computers," Texas Attorney General Greg Abbott said in a statement. "Consumers who purchased a Sony CD thought they were buying music. Instead, they received spyware that can damage a computer, subject it to viruses and expose the consumer to possible identity crime."

With the lawsuit, Texas becomes the first state in the nation to sue Sony BMG for the company's role in installing the surreptitious copy-protection program on PCs. Following the discovery of the software three weeks ago, security experts, consumers and digital-rights advocates have taken the media giant to task, saying that Sony BMG's software makes computers insecure, does not adequately inform the user as to its function and cannot be uninstalled easily.

Sony BMG did not answer requests for comment on Monday.

At least a half dozen legal actions have already been filed or will be filed in the coming weeks, said sources at the firms involved in the cases. The same day as the Texas lawsuit, two law firms joined the Electronic Frontier Foundation, a digital rights advocacy group, to file a case in California court on Monday.

A lawyer in Los Angeles filed a class action lawsuit against Sony in citing three violations of consumer and business codes. Later that week, Italian digital rights group Associazione per la Libertá nella Comunicazione Elettronica Interattiva (ALCEI) filed a criminal complaint in the country to investigate whether Italian consumers were affected by the Sony BMG cloaking technology. Chicago-based law firm Cirignani Heller Harman & Lynch plans to file a lawsuit against Sony to recover damages caused to consumers by the media giant's copy protection scheme, an attorney with the firm said.

While the functionality and intent of Sony BMG's copy protection are at the heart of the lawsuits, they cases will also test whether consumers can give a company broad permission to install possibly detrimental programs on their systems. Moreover, the media giant constructed a number of hurdles to removing the program, including a privacy-invasive registration and the need to wait for a special identification number.

New York attorney Scott Kamber, who filed a class-action lawsuit against Sony BMG in a U.S. District Court in New York City last week, said that Sony BMG damaged consumers' computer systems with its code.

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.