story by William David Jones
image by William Golden & Jay Gentile
Piracy is one of the biggest legal issues surrounding the music industry that our generation or any previous has had to face. However, in a recent attempt to thwart piracy, Sony BMG Music Entertainment (which will now be referred to as Sony for the sake of simplicity) has shown music connoisseurs just how far “too far” is in preventing the theft of their music. The ensuing saga and recently-settled lawsuit against the music giant has also opened up a completely new medley of legal issues in the process.
How It All Got Started
A British Company, by the name of First 4 Internet, developed software known as Extended Copy Protection, or XCP. It became famous after Sony decided to implement the software into their music CDs. The program has been identified as — and is more commonly known as — a rootkit, which is a program typically used to gain access to a computer system. A lot of terms have been thrown around in the media as to what the programs are called, and it can get quite confusing. You may ask, “Is it XCP, or a rootkit, or are those the same thing?” Think of it this way: the flu, by its characteristics, is classified as a virus. The program, XCP, has the characteristics of, and is therefore defined as, a rootkit, which is a more general term for these types of invasive computer programs. MediaMax (version 3.0 and 5.0) is another program, similar to XCP, that Sony has used, for which they have also come under scrutiny. (Again, for the purposes of simplicity, only XCP will be referred to from here on out, but both are involved in the problem, lawsuit, and resolution.) By using this sort of stealth technology, the program is masked so that users do not realize it has been installed on their computers. In doing so, Sony deliberately deceived their consumers, which was the first in a series of mistakes.
What XCP Does, Why Sony Would Do This, and How It Affects You
The XCP does a number of things. First and foremost, it prevents the buyer from using the compact disc in any way other than that provided by the program itself. Upon inserting an XCP-laden album, users are given the option of installing a special player for the disc, which is really their only option. It is the only way the CD will work on the computer, and prevents the user from ripping or burning the tracks in any way, other than those provided specifically by Sony. It won’t work with most media players, and the biggest shot to the consumer is that the albums are then incompatible with Apple’s iPod, which dominates the portable mp3 market and is a direct competitor to Sony. Furthermore, the problem predominantly affects Windows operating systems, and with a few exceptions, Mac and Linux were not subject to this program.
Additionally, the kit installs items which may be problematic to and quickly wear down the life of your CD-ROM drive; then it hides the evidence, much like a computer hacker might. Its cloaking also allows other malware to be hidden from the user’s view. All of this potentially causes more problems to the computer, and trying to manually delete it just makes things worse. The odd thing is that it is attacking those music fans that actually went out and purchased the CD. As stated previously, piracy issues are one of the most critical (in terms of music) to our generation, and major record labels are constantly trying to stay ahead of the consumer’s urge to take free music where they can get it. It is an understandable problem for a company like Sony, but at the same time, the use of rootkits and the deception of their honest customers is not the answer.
Sony’s Solution Worse Than the Problem
“Most people, I think, don’t even know what a rootkit is, so why should they care about it?” These were the words of Sony BMG Music Entertainment President Thomas Hesse, on NPR in November. Aside from the horrid, unethical concept that consumer ignorance is an excuse for this corporation’s actions, the physical responses to the problem have been even worse.
After coming under the scrutiny of computer security experts and consumers alike, Sony offered a “solution.” They released a patch that did not completely uninstall the XCP software, but simply unmasked it. Then a full uninstall was released by Sony, but only after requiring users to submit personal information, which is then potentially made available to third parties. The uninstaller is now known to cause more problems than the original rootkit. Using an ActiveX control marked “Safe for Scripting,” a hole is opened in the user’s computer, which can be used by outsiders to gain access to the PC, and even this uninstall is said to leave traces of the XCP files on the computer.
Opening a Bigger Can of Worms
What this raises are not only issues of piracy and what methods can legally be taken to prevent it, but also what is being done in the name of competition, and how major companies are really hurting their own consumers. For instance, is it logical and/or ethical for Sony to make their CDs incompatible with the popular iPod, and instead only usable with their own devices? In the past, competition usually meant lower prices, but in this new digital age, will consumers be forced to spend more money to get the music they want because certain bands are only available through certain companies, who in turn make their music only playable on their devices? The end result being someone who likes both Neil Diamond and Less Than Jake must buy two different devices, because competing companies prevent their music from being interchangeable?
The End Result
After a class-action lawsuit was filed against Sony, they have decided to stop production of albums using the XCP software and have recalled those already out on shelves. As part of a settlement brought forth by groups such as the Electronic Frontier Foundation (EFF), if you have already purchased a CD with this software, you have the right to exchange it with Sony for a CD without the copy protection. In addition to this, the EFF has stated that anyone with a CD with XCP is further entitled to free mp3 versions of the music, and either 1) $7.50 cash plus one free download from a list of approximately 200 albums OR 2) three free downloads from the list. MediaMax victims are entitled to different compensation, all of which and more can be found at http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq.php
Corynne McSherry, a staff attorney for the EFF who was involved with the case, told Chicago Innerview that “The settlement helps consumers finally get what they thought they were buying in the first place — music that will play on their computers without invading their privacy or eroding their security.”
Some of the popular albums this included were Neil Diamond’s 12 Songs, A Static Lullaby’s Faso Latido, and Frank Sinatra’s The Great American Songbook. The full list of 52 albums affected by this can be viewed at http://cp.sonybmg.com/xcp/ along with more information on the situation. However, if you have already used one of these titles on a home computer, you may have to sit tight, as there is seemingly no complete solution to the problem at press time. The EFF settlement with Sony BMG does not cover damages to computers, but acceptance of it also does not waive your right to sue over this as well, according to EFF’s Settlement FAQ. Both Microsoft and Sony have promised fixes, but at press time, none have been seen.
When Chicago Innerview attempted to contact Sony for a statement, all that was offered was referral to the website above and http://www.sunncomm.com/support/sonybmg (for MediaMax) regarding any further questions that consumers may have.
CI Special Report #003