Sony Settles Rootkit CD Suit With Texas, California - InformationWeek
Software // Enterprise Applications
01:22 PM

Sony Settles Rootkit CD Suit With Texas, California

Under terms of the agreements, each state will receive $622,000 in damages and $128,000 to cover legal costs and fees, and Sony will refund up to $175 to people in those states who spent money to repair computers.

Sony BMG Music Entertainment settled lawsuits with California and Texas Tuesday that stemmed from the November 2005 disclosure that the company's audio CDs were planting spyware-style rootkits on users' PCs without their knowledge.

Under terms of the agreements, each state will receive $622,000 in damages and $128,000 to cover legal costs and fees. Sony BMG will also refund up to $175 to each resident of Texas and California who spent money to repair computers damaged by attempts to uninstall the rootkit code used to mask Sony's CD copy-protection software.

The Attorneys General of both states had filed lawsuits last year charging Sony with unfair business practices and/or violations of anti-spyware statutes.

"Texans deserve to be protected from harmful, hidden files that threaten their privacy or the integrity of their computer systems," said Texas Attorney General Greg Abbott in a statement. "Our first-in-the-nation action against Sony BMG shows that consumer privacy will be vigorously protected."

California's head law enforcement officer also weighed in. "Companies that want to load their CDs with software that limits the ability to copy music should fully inform consumers about it, not hide it, and make sure it doesn't inflict security vulnerabilities on computers," said Attorney General Bill Lockyer in a rival statement.

According to Lockyer, some 450,000 Californians purchased Sony BMG CDs that used rootkit technologies, but he didn't estimate the number eligible for refunds under the settlement. Texas estimates pegged the number of rootkit CD buyers at 130,000.

The brouhaha began in November 2005 when independent researcher Mark Russinovich, who has since gone on to work for Microsoft, disclosed that Sony BMG had used a rootkit to "cloak" digital rights management software on PCs that had played the company's CDs. Later analysis by Russinovich and others found that uninstalling the code could damage the computer, and that hackers could exploit the rootkit to plant other malicious code.

Sony's first attempt to deal with the problem was a debacle; the patch it issued made some computers crash.

Earlier this year, Sony settled several class-action lawsuits, including one filed by the Electronic Frontier Foundation.

The California settlement judgment can be downloaded as a PDF from here, while the Texas settlement is available here.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll