Sony Will Pay $150 to Consumers for Rootkit Says FTC

By Richard Menta 1/31/07

TheSony BMG rootkit scandal continues to plague the company over a year after it employed the dubious technology as part of its digital protection scheme. Yesterday, they settled charges levied by the Federal Trade Commission that the rootkit exposed consumers to serious security risks. As part of the settlement Sony BMG will reimburse afflicted consumers for up to $150 to repair damage to their systems.

The settlement also prohibits Sony from using an embedded CD for collecting information for marketing purposes, forbids the company from installing software in the future without consumer consent, and requires the company ro provide a reasonable means of uninstalling any software its CDs might load with consent. The company must also provide retailers with financial incentive to collect the CDs still out there.


The 8GB Sansa e280 is available on Amazon

“Installations of secret software that create security risks are intrusive and unlawful,” said FTC Chairman Deborah Platt Majoras. “Consumers’ computers belong to them, and companies must adequately disclose unexpected limitations on the customary use of their products so consumers can make informed decisions regarding whether to purchase and install that content.”

By a vote of 5-0 the Commission accepted the proposed consent agreement. As part of the settlement Sony did not admit to violating any law, though the FTC made it clear that it felt such activity did. The agreement is subject to public comment for 30 days. After that period the Commission will decide whether to make it final. Comments should be addressed to the FTC, Office of the Secretary, Room H-135, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580.

The agreement is not clear if the settlement is $150 per consumer total as opposed to $150 per PC if the the consumer purchased multiple CDs with the rootkit and them unknowingly loaded the rootkit onto several machines. Also, are corporations entitled to moneys if workers inadvertantly loaded the rootkit into a company's systems while listening to music on company PCs? Such details may be answered during the comment period.

It is estimated that somewhere between 4 and 8 million CDs were shipped with the rootkit. At a potential $150 per CD this settlement will most likely cost Sony in the hundreds-of-millions of dollars.

Other MP3 stories:
The Digital Media Winners of 2006
The Digital Media Losers of 2006


Archos 504 is available on Amazon

Back to