Is your PC's security worth more than $150?

Is your PC's security worth more than $150?

Summary: The Federal Trade Commission (FTC) has announced that record label Sony BMG is to reimburse consumers up to $150 for damages caused to their PC by hidden anti-piracy software embedded into music CDs. Is this enough to protect consumers?

TOPICS: Security

The Federal Trade Commission (FTC) has announced that record label Sony BMG is to reimburse consumers up to $150 for damages caused to their PC by hidden anti-piracy software embedded into music CDs.  Is this enough to protect consumers?

Will this send a message to big companies that it's wrong to compromise customer's computers in the name of DRM?Back in 2005, Sony BMG shipped more than 12 million CDs from artists such as The Coral, Alicia Keys, Dido, the Foo Fighters and the Backstreet Boys (about 7 million of these CDs were sold), each loaded with either XCP or MediaMax anti-piracy programs which installed itself on consumers' computers without their knowledge or consent.  These programs installed a rootkit to cloak the copy-protection software on user's PCs which put them at risk from hackers.  To make things worse, the ActiveX uninstaller released for XCP (which was developed not by Sony but a company called First4Internet) contained a serious vulnerability.  The FTC said the anti-piracy software used by Sony "exposed consumers to significant security risks and was unreasonably difficult to uninstall".

[poll id=75]

The Sony BMG copy-protection fiasco bought home the fact that big companies are willing to go to extraordinary lengths to protect their property - even going as far as compromising user's PCs in the process.

Sony BMG, which agreed to the settlement figure but did not admit a law violation must allow consumers to exchange affected CDs bought before 31 December 2006, and compensate them up to $150 to repair damage to their PCs.

Is this enough?  Will this send a message to big companies that it's wrong to compromise customer's computers in the name of DRM?

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • If this had been done by and Individual

    He would be in Jail for a minimum of computer tampering.
  • Not according to the market

    From a market perspective, $150 is demonstrably more than the value of securing a PC for the average consumer. If it was a fair price, security software packages would cost that much and people would pay it. Since they barely fork over $50, Sony is paying more than the security of the PC is worth -- a good fine.
    • If I burn your $150k house down

      If I burn your $150k house down, do you think you should get $150k or $100 for the smoke alarms?
      • Well, you would get nothing unless you had fire insurance.

        The fire insurance is what pays. You may have to pay a lower monthly fee by installing a smoke alarm, but that's it.
    • Incorrect analysis of value to consumer.

      Your analysis would only hold water if 1) All PCs were guaranteed to be infected if they don't purchase security software. and 2) Once security software has been purchased, there is no longer [i]any[/i] risk of infection and 3) All computer users have [i]perfect knowledge[/i] of the above two factors relating to their risk of infection. Since [i]none[/i] of the above conditions are correct, you can't say that individuals who don't purchase security SW for $50 only perceive the cost of an infection at $50.

      People make decisions based on perceived likelihood of risk, not just the aversion to the risk itself. The same goes for physical safety. Those who don't wear a helmet when riding a motorcycle, wear a seatbelt, spring for the extra safety package when buying a car, aren't necessarily saying by those actions that they don't value their lives.
  • Sony walks away completely unscathed.... How nice.

    Sony commits a digital assault against who knows how many millions of PC's and for that offense, they may have to give $150 (maybe) to anyone who can prove they were affected. What a total friggin' joke.

    Sony is no better than those that distribute worms, trojans and spyware. Where is the punitive aspect in all this? Their "fines" are trivial for them. In my mind, the amount should be AT LEAST 10 times what it is now and it should be payable immediately to an escrow fund out of Sony's grasp.

    Our enforcement actions against corporations is a joke. They walk away from actions that would land an everyday citizen in jail. Pathetic.
    • I agree. Microsoft would be history if justice had teeth.

      But in the US corporations and business in general rule - sadly overtrumping the worker that actually pays into the government (i.e. companies usually get away with paying a pittance of their income compared to the real workers).
  • How about some real information instead of a flame bait article?

    WHO qualifies?
    HOW do they qualify?
    WHERE do you apply?
    WHEN will you get your money?
    IN what form are you reimbursed (coupons or cash?)?
    WHAT do you have to do to get the maximum amount?
    WHY did you not write a better article?
    • It's a blog.

      That's why.
      Grayson Peddie
  • Wrong compensation

    For anyone affected by the rootkit, they should be able to take their computer to CompUSA, BestBuy, or GeekSquad (in home service) and a professional be required/mandated to remove the rootkit or re-install. If it takes $250, the consumer should not be required to care. Instead of buying their way out, a make it right policy will send a much better message. Companies will not be able to create payoff slush funds for these events, they may be liable to make it right, no matter what the cost.