Sony BMG Music Entertainment has entered into an agreement with the Federal Trade Commission settling both unfairness and deception charges that stemmed from software installed by the company’s CDs. The Commission alleged that Sony BMG engaged in a deceptive practice in selling music CDs without informing consumers that the CDs automatically installed software that limited their playability and monitored consumers’ listening habits for purposes of sending them marketing messages. In addition, the Commission alleged as unfair practices the security risks posed by the software and the lack of reasonable means to locate and remove it.
The Commission's action against Sony BMG highlights the importance of disclosure of material terms in connection with software downloads, and providing notice about any unexpected limitations on the customary use of products. In discussing this settlement, FTC Chairman Majoras stated that the focus of the FTC action was not on the limits of the products themselves, but on the lack of notice. She also noted that it is important to provide notice about unexpected product limitations so that consumers can make informed decisions regarding whether to purchase and install that content.
Under the terms of this settlement, Sony BMG must clearly disclose on CD packaging the limitations on usage of its CDs; it must give consumers notice and obtain their consent before installing any software; and it must give consumers a reasonable way to remove any software it installs. The settlement provides that consumers will be allowed to exchange the CDs through June 31, 2007, and it requires that Sony BMG pay consumers up to $150 for damage caused to their computers by the software. Sony BMG also is required to provide financial incentives to retailers to return CDs containing this software, and it must add all required disclosures to CDs it already has in stock. The Commission’s complaint alleged that Sony BMG’s music CDs carried content protection software that silently installed itself on consumers’ computers and prevented them from putting the music on portable music devices, such as iPods, as well as limiting the number of times it could be copied. FTC Chairman Deborah Platt Majoras explained that it is not permissible to conceal these limitations on product usage from consumers. Consequently, the settlement requires Sony BMG to disclose any such limitations clearly and prominently on CD packaging.
According to the FTC’s allegations, it was deceptive for Sony BMG to install the software on consumers’ computers without giving them notice. The CDs did present consumers with the opportunity to accept or reject an End User License Agreement ("EULA"), but the Commission alleged that this agreement did not provide sufficiently clear notice, and that some elements of the software were installed even if consumers rejected the EULA. Under the settlement, Sony BMG must provide consumers with clear and prominent notice on their computer screens of what the software will do and obtain their consent before proceeding with the installation. The settlement also requires that if Sony BMG conditions the use of its CDs on the installation of software, it must specifically disclose this on CD packaging.
The Commission alleged that Sony BMG concealed the software from consumers by giving it misleading filenames and employing a cloaking technology that made it invisible to the operating system. If consumers were able to locate the software and attempted to remove it manually, the complaint alleged, the software would respond by rendering the computer's CD drive inoperable. The settlement prohibits Sony BMG from hiding its software and requires that consumers be given a practical and effective method of uninstalling it.
The complaint also cited a lack of disclosure as to the software’s monitoring function. Allegedly, it tracked consumers’ music choices and sent this information to Sony BMG, which then transmitted targeted advertising to the consumer based on the collected data. The settlement requires that Sony BMG disclose on CD packaging that use of its CDs is conditioned on allowing Sony BMG to monitor and report consumer data, notify consumers on their computer screens that the software will transmit information to Sony BMG, and obtain their consent before transmitting any information. The settlement prohibits Sony BMG from using information collected using software that does not conform to the terms of the settlement.
Apart from the failure to disclose, the Commission alleged that Sony BMG’s software introduced security vulnerabilities into computers that carried it, which would enable hackers to access these computers. With respect to CDs already distributed with software that does not conform to the terms of the settlement, Sony BMG is required to provide consumers with an uninstall tool and patches for the security flaws created by the software, making them freely available on its web site.
This settlement follows those of similar cases with more than 40 states in which the company agreed to pay more than $4 million and to reimburse customers.