Sony DRM rootkit code (#3)
You would have most of the same causes of action alleged in the Sotelo v DirectRevenue case in Chicago--trespass to chattels, consumer fraud, negligence and computer tampering.
Consumer fraud is almost always going to be claimed, under the various state "little FTC" laws, because in most states a violation of the consumer protection statute provides for attorneys' fees and in many cases also provides treble damages (Michigan is one such state). That starts making litigation look economically feasible.
Sotelo is a case about spyware companies gathering info to facilitate directed advertising, where the raison d'etre for the software is to generate third-party advertising revenue for the spyware distributor when the software beams personal browsing data back to the mother ship. That's definitely unjust enrichment in my book--hey, my data must be valuable, because people keep selling it and paying each other lots of money to buy it!!!
I think it will be interesting to see if the common-law right to privacy and right to publicity laws change--used to be, you had to make a living at your celebrity, to get compensation for unjust enrichment through the use of your "identity". So, Dustin Hoffman gets $100K for having his face photoshopped onto a billboard in L.A. that features a mature woman dressed up a la Tootsie. If legislatures pass legislation that removes the presumption that you have to be a celebrity to get paid for use of your identity for money, then a lot of us start getting micropayments...of course, this scenario destroys the entire data mining industry, which some people would consider to be a Bad Thing.
With regard to Sony--their "spyware" is DRM software, correct? They at least can claim this is a legitimate activity--protection of copyrighted material under the DMCA.
So here's the really interesting question: whether DMCA anti-circumvention law federally preempts the computer owner's right to (a) remove something installed without his permission on his own computer, (b) sue Sony for trespass to chattels, consumer fraud, negligence and/or computer tampering.
Greg Broiles asks:
I wonder if this is a violation of CA's new anti-spyware legislation, at CA Business & Professions Code section 22947 et seq, specifically
"22947.4. (a) A person or entity, who is not an authorized user, as defined in Section 22947.1, shall not do any of the following with regard to the computer of a consumer in this state:
(1) Induce an authorized user to install a software component onto the computer by intentionally misrepresenting that installing software is necessary for security or privacy reasons or in order to open, view, or play a particular type of content.
(2) Deceptively causing the copying and execution on the computer of a computer software component with the intent of causing an authorized user to use the component in a way that violates any other
provision of this section. [...]"
Labels: Cyber/IP Law