When anti-virus software companies issue warnings about products from a major entertainment company, there’s something odd going on. But that’s what happened when word got out that a digital rights management scheme on audio CDs from Sony BMG Entertainment was installing software rootkits on its customers’ computers.
A rootkit is a nasty bit of software that hides itself on your computer. That’s right — deliberately conceals its presence and makes itself very difficult to uninstall. Sounds like a virus, right?
Sony’s rootkit isn’t really a virus, because it doesn’t directly harm your computer, but it does create a back door that a moderately astute virus-writer can use to install something even nastier. Even if it didn’t do that, hiding things on your customers’ computers isn’t the way we expect reputable companies to do business.
It shows how the entertainment industry’s paranoia about music copying is leading it to treat us more like enemies than customers.
You know it’s pretty bad when you see a call for a ban on digital rights management rootkits from the Border and Transportation Security Directorate, a branch of that noted advocate of the innocent-until-proven-guilty principle, the U.S. Department of Homeland Security.
Here in Canada, the federal privacy commissioner and a couple of her provincial counterparts have raised concerns about DRM. Ottawa is considering new copyright legislation, and one thing that legislation might include is tougher provisions against circumventing digital rights management technology.
DRM has a place. But if I buy and pay for music or video, I should have the right to listen to or watch that content when and where I want to, meaning for instance that I can copy music from a CD to my computer or other electronic device. And there is no excuse for secretly installing software on my computer or spying on what I’m listening to or watching.
“A central feature of DRM systems should be the ability of Canadians to anonymously acquire and enjoy copyrighted work through legitimate means using digital technology,” writes David Loukidelis, British Columbia’s information and privacy commissioner, in an open letter to the federal ministers of Industry and Canadian Heritage.
Even security companies are concerned about this issue. The Digital Security Coalition, a group of Canadian technology security companies, has sent an open letter to the same federal ministers, urging them not to make it illegal to circumvent DRM technology without the copyright-holder’s permission, because that could actually make some aspects of security research illegal.
The coalition says the Digital Millennium Copyright Act in the U.S. has had “a demonstrably negative impact upon academic researchers, and upon security research generally.” In fact, that infamous piece of legislation is an excellent model for what Canada’s copyright laws should not become.
The entertainment industry seems to be trying to paint consumer copying of music as a criminal conspiracy. Bull. My father was doing it 40 years ago — recording from vinyl records onto open reel tapes, both to exchange music with friends and to avoid having to get up every 20 minutes to turn the records over. We have always been able to do this and should continue to be able to do it. And we should be able to trust those who sell us music not to act like virus-writers.
Canada’s privacy commissioners are right to be concerned. The government should listen to them.