Philip Jong

In early November, reports surfaced that music CDs distributed by Sony BMG Music Entertainment had embedded hidden anti-piracy software known as Extended Copy Protection (ECP) inside personal computers used to play its CDs. The ECP software was installed in the form of a “rootkit” that were designed to evade detection by anti-virus or anti-spyware software. While the rootkit itself was not malicious, concerns quickly arose among security experts that other malware might easily exploit this rootkit to piggyback malicious codes. Initially, Sony BMG defended its policy on Digital Rights Management (DRM) by citing its disclosure on the use of such software in its End-User License Agreement (EULA). While I firmly support the need to protect copyrighted materials, I believe Sony BMG had acted in bad faith and not in the spirit of the EULA here. More importantly, such “big brother” mentality assumed an ignorance or indifference among its users that were quickly proven wrong in this case. Last week, the media conglomerate finally admitted to its wrongdoings and recalled all CDs using this copy-protection scheme. A removal tool had also been developed by the company to uninstall the unwanted software. Although its action may signal the beginning of an end to this DRM debacle, it also signals the beginning of a new threat in the era of digital living—the prospect of a big brother who is secretly watching every use of our digital media.