A California-based digital-rights group and the Texas attorney general sued Sony BMG Music Entertainment on Monday for selling compact discs with anti-piracy software that allegedly leaves computers vulnerable to hackers and viruses.
The cases highlight the narrow line walked by the recording industry as it experiments with ways to deter bootleggers. To be effective, copy-protection systems must be tough to crack. But software that's too intrusive risks alienating music buyers — as Sony BMG's so-called XCP technology has.
When discs with XCP are loaded onto a computer, they install a program that limits how many times the CDs can be copied. Critics allege that Sony BMG failed to warn buyers that XCP could potentially weaken a computer's defenses to attacks from malicious software or hackers, although few users experienced any problems.
Embarrassed executives at Sony BMG, the nation's second-largest record label, last week asked music retailers to pull the 52 albums that use the software and said the company would recall as many as 5 million CDs.
A similar lawsuit filed by the Electronic Frontier Foundation alleged that Sony BMG violated California's consumer protection and unfair business practice laws by not adequately disclosing the effects of XCP-enabled discs. In addition, two lawsuits against Sony BMG seeking class-action status are pending in California and New York.
Sony BMG's troubles began this month when a computer security expert publicized his discovery of the program on some of the company's CDs — including new bestselling albums by Neil Diamond and Celine Dion. Within days, a virus appeared that exploited some of the software's vulnerabilities, but it did not appear to spread widely.
Industry analysts said the negative publicity around Sony BMG was likely to influence how the recording industry proceeded.
Sony BMG had planned to impose copy protection on all of its albums by the end of this year. Now the company is rethinking that strategy, The Los Angeles Times reports.