FTC, Sony BMG close CD case


Sony BMG Music and the Federal Trade Commission announced a deal Tuesday to settle federal charges that the company violated the law when it sold CDs without telling customers that the discs contained software that limited buyers' ability to play the music and could make have made their computers open to hackers.

The settlement, approved in a 5-0 vote, requires Sony BMG to clearly disclose limitations on consumers' use of music CDs, bars it from using collected information for marketing, prohibits it from installing software without consumer consent and requires it to provide a reasonable means of uninstalling that software.

The settlement also requires that Sony BMG allow consumers to exchange the CDs through June 31 and reimburse consumers for as much as $150 to repair damage to their computers caused by attempts to remove the software.

The FTC alleges that the installation of software without consumer consent that exposed consumers' computers to security risks was unfair and violated federal law. In addition, the complaint alleges that hiding the software from consumers and failing to provide a means to uninstall it are unfair practices in violation of federal law.

"Installations of secret software that create security risks are intrusive and unlawful," FTC chairman Deborah Platt Majoras said. "Consumers' computers belong to them, and companies must adequately disclose unexpected limitations on the customary use of their products so consumers can make informed decisions regarding whether to purchase and install that content."

The agency charged that it was deceptive for Sony BMG to fail to disclose adequately that software would be installed on consumers' computers and that the software would limit consumers' copying and use of the CDs on their computers. The FTC also alleged that it was deceptive, in violation of federal law, to fail to disclose that Sony BMG's technology, included on many of its CDs, monitored consumers' music listening preferences and sent targeted marketing ads to their computers.

While Sony officials declined comment on the settlement, officials at the company directed reporters to their settlement page, which cites a CyberTrust audit that claims the software was never used to monitor customers' listening habits.

For future CDs containing such technology, the agreement requires Sony BMG to tell consumers on their computer screens what the technology will do and to obtain consumers' consent. If it conditions consumers' use of its CDs on their agreement to have information collected, Sony BMG must disclose that condition clearly on the CDs' packaging.

The settlement bars Sony BMG from installing or hiding content protection software that prevents consumers from finding or removing the software and requires that it provide a reasonable and effective way to uninstalling any content protection software.

It requires that for two years, Sony BMG provide an uninstall tool and patches to repair the security vulnerabilities created on consumers' computers by previously installed software. The company is required to advertise these free fixes on its Web site.

"We are pleased to have reached this agreement with the Federal Trade Commission," the company said, but officials there declined further comment.

Under the deal, Sony BMG admits no guilt to violating any law. The settlement closely mirrors an earlier deal reached with 41 states and the District of Columbia.