December 19, 2006 | By corynne mcsherry

State AGs Reach Settlement on Sony BMG Rootkit Debacle

Over a year since infecting CD purchasers' computers with flawed copy protection software, Sony BMG has reached a settlement with several state attorneys general (AGs) over the rootkit debacle. We've reviewed the Texas settlement agreement, which appears to be similar to agreements reached in other states, and it looks like the AGs used their investigatory and enforcement powers to obtain important additional relief for consumers.

Among other things, the settlement requires Sony BMG to compensate consumers whose computers were damaged by the XCP or Media Max software and to continue providing the settlement benefits obtained in the private litigation for an additional six months (through June 30, 2007).

Equally important are Sony BMG's future obligations. If Sony uses DRM on its CDs in the future, it will have to provide detailed pre- and post-sale disclosures to customers, provide an easy uninstaller, and notify consumers if it finds security flaws in the software.

Well done, AGs!

The Texas agreement is available here. Background regarding the Sony BMG litigation is available here.

UPDATE: The Federal Trade Commission has settled its case against Sony BMG as well, under terms similar to those of the state AG's agreements. The FTC agreement is available here.

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all:

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter:

Nov 25 @ 3:50pm

You've heard recent news about Securus, the prison phone service. It's also the proud owner of a very stupid patent.

Nov 25 @ 3:09pm
JavaScript license information