Sony BMG Music Entertainment has agreed to settle Federal Trade Commission charges that it violated federal law when it sold CDs without telling consumers that they contained digital rights management software.
According to the FTC, which announced the tentative settlement with Sony BMG, the anti-piracy software limited the devices on which the music could be played to those made by Sony Corp. or Microsoft Corp. It also restricted the number of copies that could be made and monitored consumers’ listening habits to send them marketing messages. The FTC said the software also exposed consumers to security risks and was unreasonably difficult to uninstall.
“Installations of secret software that create security risks are intrusive and unlawful,” FTC chairman Deborah Platt Majoras said in a statement. “Consumers’ computers belong to them, and companies must adequately disclose unexpected limitations on the customary use of their products so consumers can make informed decisions regarding whether to purchase and install that content.”
Sony BMG, New York, did not admit a law violation. The settlement is subject to public comment for 30 days, after which the FTC will decide whether to make it final. The company in January settled similar cases with more than 40 states, agreeing to pay more than $4 million and to reimburse customers.
The settlement requires Sony BMG to clearly disclose limitations on consumers’ use of music CDs, bars it from using collected information for marketing, prohibits it from installing software without consumer consent and requires it to provide a reasonable means of uninstalling that software.
The agreement also requires that Sony BMG let consumers exchange the CDs containing the concealed software purchased before Dec. 31, 2006, for new CDs that are not content-protected through June 31, 2007, as well as reimburse consumers up to $150 to repair damage that resulted directly from consumers’ attempts to remove the software installed without their consent.
Sony BMG also is to publish notices on its Web site describing the exchange and repair reimbursement programs.
Calls to Sony BMG were not returned.
According to the complaint, Sony BMG placed digital rights management software on more than 100 music CD titles, in addition to licensing and installing the programs on consumers’ computers. Sony BMG used three types of DRM software.
It first offered for sale CDs containing “XCP” software in April 2005 and has sold about 3 million XCP CDs. Then, a predecessor to Sony BMG first offered for sale CDs containing “MediaMax version 3.0” software in 2003, and in January 2005 Sony BMG offered for sale CDs containing “MediaMax version 5.0” software. Sony BMG has sold about 8.4 million MediaMax 3.0 CDs and 5.7 million MediaMax 5.0 CDs.
The settlement also requires clear and prominent disclosure on the packaging of Sony BMG’s future CDs of any limits on copying or restrictions on the use of playback devices. It bars the company from installing content protection software without obtaining consumers’ authorization. If Sony BMG conditions consumers’ use of its CDs on installation of the content protection software, it must disclose that requirement on the product packaging.
In addition, the agreement bars Sony BMG from using the information on consumers’ listening preferences that it already has gathered through the monitoring technology it installed, or delivering ads to those consumers based on the information.
For future CDs containing such technology, the agreement requires that, before transmitting information about consumers, their computers or their use of the CD, Sony BMG must clearly disclose on consumers’ computer screens what the technology will do, and obtain consumers’ consent. If it conditions consumers’ use of its CDs on their agreement to have information collected, Sony BMG must disclose that condition clearly on the CDs’ packaging.
The settlement bars Sony BMG from installing or hiding content protection software that prevents consumers from finding or removing the software, and requires that it provide a reasonable and effective way to uninstall any content protection software.
For two years, the company is to provide an uninstall tool and patches to repair the security vulnerabilities created on consumers’ computers by previously installed software. The company is required to advertise these free fixes on its Web site.
Sony BMG also is required to provide financial inducements to retailers to return the CDs that create security problems for consumers’ computers. For CDs already in its stock that are sold to retailers, Sony BMG is required to disclose on the product packaging the restrictions on use and the security vulnerabilities.
Finally, the settlement contains record-keeping and reporting provisions designed to let the FTC monitor compliance with its order.