By: Spacelab Research Staff Sony BMG just settled their Rootkit fiasco with the Federal Trade Commission. For those that don't know, the Rootkit was a hidden piece of spyware that Sony put on a number of audio CD's that silently installed itself on user's computer when they popped in certain Sony CDs.
The spyware would then observe the listening habits of the user and transmit the infomation through the Internet to an unidentified location; it also controlled how people could copy the music from that CD. It never gave the user a choice or notice that this would happen, it just did it behind the user's back.
The unintended consequences soon started popping up. Saavy Internet citizens found out about it, started blogging about it, and Sony was forced to respond. They offered an apology and a fix, that sort of worked for some, but disabled features of other's computers. More unintended consequences.
So the whole thing just came to pass at the Federal Trade Commission, who said the whole thing voilated federal law, but agreed to let Sony pay a (relatively small) fine of $4.25 million in a class-action lawsuit while still not having to admit that it broke the law. Is that a non-denial denial? How can the FTC charge people with breaking the law while letting them say they didn't break the law?
Sony will also exchange the infected CDs with clean ones, and will pay up to $150 dollars for damages done to anyone's computer. One of the best outcomes of this settlement is that Sony now has to let us all know before it installs spyware on our computers, so we can agree to be spied on before being spied on.