Via SecurityFocus -
Music giant Sony BMG agreed to settle charges brought by the U.S. Federal Trade Commission that the company broke federal regulations by including an aggressive software program on dozens of music titles that monitored a user's PC and opened up security vulnerabilities.
The charges stem from the discovery by security researchers that Sony BMG had installed software on consumers' PCs that hid itself and could not be uninstalled--methods typical of malicious rootkit programs. The revelation prompted an outcry by consumers and digital-rights activists as well as multiple lawsuits. The FTC charged the company with violating federal consumer protection laws because the software did not properly notify consumers before being installed, used rootkit techniques to hide itself on victim's PCs and could not easily be uninstalled.
"Installations of secret software that create security risks are intrusive and unlawful," FTC Chairman Deborah Platt Majoras said in a statement announcing the settlement. “Consumers’ computers belong to them, and companies must adequately disclose unexpected limitations on the customary use of their products so consumers can make informed decisions regarding whether to purchase and install that content.”
The settlement is the latest fallout from Sony BMG's problematic protections for its music CDs. In December, the music company settled two lawsuits brought by the Attorneys General of Texas and California, agreeing to pay fines of $750,000 to each state and up to $175 per consumer impacted by the company's software.
The settlement requires that Sony BMG allow consumers to exchange CDs containing the stealthy digital-rights management software for new CDs that do not have the controversial copy protections. The company is also required to reimburse victims up to $150 to repair damage any damage caused by consumers’ attempts to remove the software.
The FTC stressed that such settlements are not an admission of guilt on the part of the company.
No comments:
Post a Comment