Last year, anonymous executives at Sony BMG Music Entertainment blundered. They hid a “rootkit” on around two million compact discs.
As senior editor Wade Roush explains in this month’s cover story, “Inside the Spyware Scandal,” rootkits are a kind of software more often exploited by mischievous hackers than by multinational media companies: a rootkit is capable of exposing an operating system’s core functions to worms, viruses, or other programs, without anyone knowing about the subterfuge. In this case, computer users were asked to launch a Sony music player when they tried to play a Sony CD; if they did, they unwittingly downloaded a rootkit intended to hide components of a digital rights management (DRM) program. The DRM program also secretly contacted Sony every time a user played copy-protected music.
Sony’s executives thought they were within their rights: they wanted to discourage piracy. But when security experts discovered the rootkit and blogged about it, a scandal followed. Many computer users said they felt “violated.” According to John Guarino, the computer consultant who first identified the rootkit, “It’s total lawlessness, and it’s unacceptable.”
Why were computer users so angry? In explaining themselves, most seemed to fret about trespasses upon their private property. But the complaints were much more heated than any damage to users’ computers warranted (until Sony provided an uninstall program, removing the rootkit disabled users’ CD-ROM drives). Sony’s customers felt that the company had abused an interest related to property but distinct: they thought their privacy had been invaded.
The ambiguity of their complaints should not surprise. Privacy resists easy description. Philosophers or jurists eager to champion privacy as a coherent interest have nonetheless struggled to define it; others, less friendly to the idea, have argued that any interest we might protect as private can be more usefully defended by appeal to other interests, such as property, without the inconvenience of creating a new right or providing a cloak for illicit behavior. And certainly, people use “privacy” to describe very various interests.
This general confusion about what constitutes privacy has been much exploited by companies and governments in recent years. Indeed, as Sony’s rootkit makes clear, much of our behavior in digital space is now potentially subject to observation, data collection, and coercion.
Yet privacy is real. There is a distinctive characteristic to all private experiences, although no one thing can be said to define privacy. But most of us recognize privacy when we experience it. Privacy is the space where we are free from interference. It is the neces-sary condition for intimacy, trust, and all contracts, including citizenship. And while the territory claimed for privacy will vary according to culture or historical circumstance, most feel aggrieved when we feel that territory shrink.
Sony’s rootkit was not a trivial irritation, of importance only to geeks. The harm computer users suffered was limited (perhaps because the rootkit was discovered), but the offense was actual and new. Sony’s customers objected on a point of principle: they believed they saw the chill expansion of corporate interests at the expense of privacy. They were right.
This new data poisoning tool lets artists fight back against generative AI
The tool, called Nightshade, messes up training data in ways that could cause serious damage to image-generating AI models.
The Biggest Questions: What is death?
New neuroscience is challenging our understanding of the dying process—bringing opportunities for the living.
Rogue superintelligence and merging with machines: Inside the mind of OpenAI’s chief scientist
An exclusive conversation with Ilya Sutskever on his fears for the future of AI and why they’ve made him change the focus of his life’s work.
How to fix the internet
If we want online discourse to improve, we need to move beyond the big platforms.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.