Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Zone of Freedom
The recalls, exchanges, and apologies of November 2005 did not put the matter to rest. New York attorney general Eliot Spitzer criticized Sony in late November, after investigators found that discs carrying XCP had not yet been removed from stores. The Federal Trade Commission opened an inquiry, and Texas attorney general Greg Abbott sued Sony BMG for violating the state’s antispyware laws. Plaintiffs in at least five states filed suit, claiming damages against Sony BMG for impairing their computers.

Sony dealt with these suits quickly. Before December was out, the company had reached a tentative settlement with attorneys, who had consolidated the suits into a single complaint in the U.S. District Court for southern New York. The settlement provides anyone who owns a disc with XCP with a replacement disc, a $7.50 cash payment, and (ironically) free digital downloads of the music on the CD and up to three others. At press time, the court had not yet approved the full settlement, but the replacement program had begun.

But anger over the rootkit in the media and the blogosphere persisted even after news of the proposed settlement. What truly bothered consumers, it seemed, was not the damage done to their computers: the Troj/Stinx-E Trojan horse had not spread far, and there wasn’t time for a serious epidemic of other malware exploiting the XCP rootkit to emerge. Rather, CD buyers were upset that the software deliberately concealed its presence and contacted Sony BMG without their permission. They felt that XCP had trespassed against fundamental protections – the rights to privacy and private ownership and the freedoms of expression and access to information.

“I’m a music fan, and I’ve been watching with dismay the whole march of DRM, to the point that you practically have to sign a contract to open a CD box,” says Tim Jarrett, a Framingham, MA, Web developer and technology blogger. “So when I saw that Sony was not only including this DRM but doing it in such a way that it was opening up people’s computers to being exploited, I think something inside me just kind of snapped.” Jarrett decided to start the Sony Boycott Blog, which functioned for three months as one of the main clearinghouses for information about the rootkit saga. Judging from the comments they left, Jarrett’s -readers – who numbered up to 5,000 per day – were just as irked. “You have a zone of personal freedom – a personal space within which you can decide, for example, to read a book back to front, or read it 20 times, or make margin notes, or read it in the bathtub, or do a skit acting out the book to a friend,” says law professor Julie Cohen, who studies intellectual-property and data privacy law at the Georgetown University Law Center. “And having an automatic policeman or even just a flat-out architectural prohibition that appropriates that personal space is something that people experience as very intrusive.”

“I think we’re in this period where the content providers are trying to push the boundaries,” says Mark Russinovich. “They want to see just how far they can go to protect their content, and where that fine line is between protecting their content from casual piracy and annoying the consumer.”

7 comments. Share your thoughts »

Tagged: Business

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me