Did Sony hide behind the Digital Millennium Copyright Act? Bruce Schenier asks why the major anti-spyware vendors didn't detect and remove Sony's spyware from infected computers. In the end, he posits that because Sony had the cloak of respectability — a well-funded company with lots of well-paid lawyers — almost no anti-spyware vendor was willing to face up to Sony's behavior.
I'd like to propose a different explanation: Sony installed their "malware" — malicious software — under the guise of digital rights management.
Any software that implements digital rights management (DRM), no matter how terrible it is, is protected by the Digital Millennium Copyright Act (DMCA). Any attempt to circumvent that software, remove it, or otherwise tamper with the software can result in horrific penalties. No matter how silly the copy-protection scheme — whether the scheme is utterly ridiculous in terms of actual protection, or utterly vile in terms of the restrictions it imposes — is protected by the DMCA. Anyone who so much as reveals how to circumvent the DRM software can be prosecuted.
Given that Sony's rootkit was installed as a DRM measure, I speculate that anti-spyware companies backed off because of DMCA concerns.
Of course, need I say that spyware companies have yet to exploit this particular legal loophole? ("We put a one-pixel GIF image on your computer, and this rootkit prevents you from stealing that image.")
The fundamental problem of digital rights management remains. Digital media represent a truly revolutionary change in the nature of "content." Attempts by companies to legislate their old business models into the new era will lead to odd and foolish consequences — including, just possibly, this one.
Topics: · government · security
Link to this story · Leave comment or trackback
Comments are temporarily disabled while we work on anti-spam measures.
Trackbacks are closed for this story.
