The Teen View On SonyBMG DRM Woes

We’re really pleased to have Lawrence Dudley writing for us.

Digital-Lifestyles thinks that all too often articles about teenagers are written by people old enough to be their parents. What teenagers are thinking isn’t represented.

Lawrence will give you a point of view that you won’t find in other publications. You see Lawrence _is_ a teenager.

Sony DRM rootkitBecause Criminals Make the Best Police Officers
A while ago, another teen, Jon Lech Johansen, who was most likely one of those addicted to the Internet, did something that upset a lot of people: He cracked the encryption used to protect DVDs. His actions had a huge impact and a lot of the big movie companies were upset. So much so, that they filed a lawsuit against the then-19 year old.

Imagine then, after the scandal that was SonyBMG’s DRM software which was actually a rootkit, that SonyBMG actually incorporated some open source software (OSS) code in their CDs. And not just any OSS either: It was software written by Jon himself a few years ago.

This leaves SonyBMG in a tricky position: If proven to be correct, they have broken almost every rule in the LGPL, a license used for Open Source Software. This license states that a distributor may not distribute software containing LGPL code without revealing the code’s source. SonyBMG and the suppliers of the DRM software, First4Internet, appear to have failed in doing that, and could end up being penalised for it. My views? How about sending a cool million dollars over to our friend Jon Jen Johansen? I’m sure he could use it to research some new cracks.

Sony DRM rootkitThe other law other are saying have been broken by SonyBMG, and this is one that could land them in BIG legal difficulties, is The Computer Misuse Act, which contains the following clauses, all of which have been broken by SonyBMG in their keenes for DRM:

  • 3.(1) A person is guilty of an offence if
  • (a) he does any act which causes an unauthorised modification of the contents of any computer; and SonyBMG certainly caused an unauthorized modification of the computers on which its software was unknowingly installed on. It even installed a security risk.
  • (b) at the time when he does the act he has the requisite intent and the requisite knowledge. Well this obviously applies to a company like SonyBMG.
  • (2) For the purposes of subsection (1)(b) above the requisite intent is an intent to cause a modification of the contents of any computer and by so doing
  • (a) to impair the operation of any computer; it would appear that making it impossible to make legitimate, fair-use copies of CDs an impairment
  • (b) to prevent or hinder access to any program or data held in any computer; or to me it looks like SonyBMG followed the rule, thinking their program had to break every single clause. Preventing access to data, namely $sys$ named folders, is exactly what SonyBMG did.
  • (c) to impair the operation of any such program or the reliability of any such data. Again an impairment in the operation of the computer. Again a clause which SonyBMG broke.

There is one interesting little caveat though: The software wasn’t developed by SonyBMG, but by First4Internet, and was only deployed by SonyBMG on their CDs. Whether it will be SonyBMG or First4Internet who will get into trouble over this one remains to be seen, but from my point of view, Sony as a whole has done themselves a lot of damage with this one.