Watching Sony BMG stumble from one fiasco to another over its copy-protection technology is like watching a silent-movie comedy about a bungling waiter. He starts to lose control of a heavy tray of soups and desserts, and, in trying to regain his balance, yanks tablecloths to the floor, sends silverware, dishes, and food flying, and veers around the room, knocking over furniture and patrons, and generally spreading disaster all around.

Sony's efforts to extricate itself from its digital rights management scandal are a similarly spectacular series of pratfalls. But it's likely to have little long-term impact on Sony. Just some public embarassment that Sony will quickly overcome, and fines that Sony can afford to pay.

The effects on business are much bigger. The fiasco is another demonstraton of the power of bloggers to shape public opinion.

And the events also demonstrate yet again that consumer Digital Rights Management (DRM) technology doesn't work, and can't be made to work.

Early this month, security researchers disclosed that CDs distributed by Sony BMG used copy-protection software containing a "rootkit." A rootkit is a software toolkit designed to let hackers take control of target computers. It quite simply has no legitimate purpose.

In and of itself, that wouldn't have been any big deal. It was a grossly irresponsible error by Sony. But big corporations are human institutions and imperfect like everything else done by human beings. The story would have been forgotten in days if Sony had simply done a quick mea culpa, promised to never do it again, and moved on.

But, instead, Sony refused to admit wrongdoing, and chose to remain mostly silent, except for a moment or two insulting its critics, and taking actions to make the matter worse.

A low point of Sony's PR campaign was when Thomas Hesse, Sony BMG's Global Digital Business President, said in an interview on National Public Radio: "Most people, I think, don't even know what a rootkit is, so why should they care about it?"

In other words: If you don't understand something, it can't be a threat. I guess that means if nobody tells you smoking is bad for you, then it's perfectly safe.

In one of the latest pratfalls in this comedy cavalcade, we discover that Sony's anti-piracy technology doesn't even work. Gartner analysts disclosed that it can be defeated by putting a sliver of Scotch tape on the right spot on the so-called "protected" disk.

The Electronic Frontier Foundation and the state of Texas have sued Sony under anti-piracy and anti-spyware laws. These laws were, no doubt, written with pimply-faced teen-age hackers and organized crooks in mind; but instead it looks like these laws are going to be brought to bear against executives of multi-billion-dollar multinational corporations trotting into court wearing thousand-dollar suits.

Waiting to see Sony executives doing the perp walk? That's not going to happen. Eventually, somebody inside the company is going to clobber enough of the right people with the big stupid-stick, and Sony will straighten up. They'll issue profuse apologies all around, agree never to err again, and write big fat checks to settle their outstanding lawsuits.

The long-term legacy for business in general? This is yet another example of the power of the blog. Bloggers broke Sony; they drove this story, kept it alive and forced it into the pages of the mainstream news media.

In some respects, the power of the blog is nothing new; it's just good, old-fashioned word-of-mouth, updated to the Internet age. But while word-of-mouth is powerful only in a small town or neighborhood, blogs and Internet discussion groups have worldwide influence. Bad word-of-mouth can hurt business at the neighborhood diner, bad blogging can hurt a multinational corporation.

Hopefully, the Sony debacle will drive a stake in the heart of consumer DRM technology, a terrible idea which has refused to die despite one marketplace failure after another. Media companies are addicted to the idea that they can somehow turn back the clock, and make Internet files as difficult to duplicate as VHS tapes and LPs. There is absolutely no evidence to suggest this is possible, and yet it's an article of faith among media companies that it can be done. The litany of failures include:

- Sending out copies of recordings to music critics in portable players that were glued shut.

- Digital watermarks that can be blocked by drawing a line with a marker near the edge of the CD. Sony was behind that brainstorm, too.

- Copy-protection that can be defeated by holding down a shift key.

The best that the media companies have been able to accomplish is copy-protection that's partially successful. Apple's iTunes, one of the top 10 music retailers, has DRM that limits the number of copies you can make of a particular song using Apple's proprietary format--but you are free to burn an MP3 of the song, and the very nature of MP3 technology means you can make unlimited copies of the MP3. That so-called copy protection is no protection at all.

Other copy-protection technology can be beaten with free software downloadable over the Internet, or by buying a cheap electronic gadget.

The net result of all this flawed DRM will be counter-intuitive. It will actually encourage music piracy.

Customers have to pay for media files that are limited by DRM software. If the customers choose to, they have to take extra steps to eliminate the DRM. Why bother, when pirated media is available for free, unencumbered by DRM technology?

Moreover, because DRM technology can be crippled with a little bit of effort and skill, but not a lot, pirated media becomes sort of romantic, like marijuana on a college campus or bootleg booze during Prohibition. It's illegal, sure, but it's easy to get if you know the right people.

So what's the answer for media companies? How can they protect their investments if DRM doesn't work? George Lucas, a guy who knows something about making money at the movies, has a few ideas for movie studios: Don't fight Internet movie distribution--embrace it, make it easy for people to download their favorite movies, and drop the price to $2 per movie. "If you can get it at home for $2, then why would you go on the street and get a bad version?" he says.

UPDATE 5:35 PM: A couple of pieces of interesting information came in after I posted this entry a few hours ago.

My colleague Tony Kontzer points to a blog entry by Michael Robertson, describing how the Sony debacle is actually good for consumers. Tony comments on Robertson's thoughts.

Robertson is a serial entrepreneur who founded the early online music-sharing service, MP3.com, and desktop Linux vendor Linspire. His current venture is MP3Tunes, which recently hired John Lech "DVD Jon" Johansen, who was tried and acquitted twice in Norway for writing software to break DVD encryption. MP3Tunes is working on a mysterious new media service called Oboe, due to launch pretty soon.

Also, the Motion Picture Association of America cut a deal with Bram Cohen, requiring Cohen to remove links to pirated movies from his BitTorrent.com, the online home of the popular BitTorrent peer-to-peer file sharing technology, which Cohen invented.

Good for Cohen for keeping his service honest. And good for Hollywood for exercising its legitimate right to prosecute people who steal their work. But:

Just prosecuting thieves isn't enough. Hollywood also needs to make a top priority out of creating and attracting customers to its own online movie services. A store that spends all its resources on prosecuting shoplifters, and fails to bring new customers in the door, won't be in business long.

From the article: "The agreement means bittorrent.com will comply with procedures outlined in the Digital Millennium Copyright Act. Cohen's site will not prevent links to illegal files from being posted. But after a studio complains about the file, BitTorrent will notify the offending computer owner and remove the link from its search engine."

Invoking the DMCA certainly raises my eyebrow: The DCMA gives companies the right to claim that there's copyrighted material being pirated on a Web site or network, and require the owner of that site or network to take the material down immediately. There's no due process, no attempt to find out who really owns the copyright. Sure, there's an appeal process--the owners of either the Web site or network, or the material that was taken down, can go to court to get their claims upheld, but that puts the burden of proof on accused party, rather than on the company claiming to own the copyright.