Fear of Legal Action Chills Computer Security Researchers
San Francisco - The Electronic Frontier Foundation (EFF) today sent an open letter to EMI Music -- the record label representing artists including Paul McCartney and Coldplay -- calling on it to agree not to pursue any legal action against computer security researchers who examine the copy-protection technologies used on some EMI CDs.
In late 2005, independent researchers uncovered security problems with Sony-BMG copy-protected CDs, forcing the label to issue patches and uninstallers to those customers who had played the CDs on Windows computers. Several record labels owned by EMI, including Virgin Records, Capitol Records, and Liberty Records, use similar copy-protection technologies supplied by Macrovision. On those CDs, an end user license agreement (EULA) forbids reverse engineering for any reason, including security testing. In addition, the Digital Millennium Copyright Act (DMCA) has chilled the efforts of computer security researchers interested in examining copy-protected CDs.
In the open letter published Wednesday, EFF urges EMI Music to publicly declare that it will not take legal action against computer security researchers who study copy-protected CDs released by record labels owned by EMI.
"Music fans deserve to know whether EMI's copy-protected CDs are exposing their computers to security risks," said Fred von Lohmann, senior staff attorney with EFF. "When it comes to computer security, it pays to have as many independent experts kick the tires as possible, and that can only happen if EMI assures those experts that they won't be sued for their trouble."
Full text of the open letter to EMI Music:
Fred von Lohmann
Senior Intellectual Property Attorney
Electronic Frontier Foundation