This settlement is outrageous. Basically Sony has been found guilty of almost every claim, and given a penalty that isn't even a wrist slap. For some consumers, all that Sony is required to do is either replace the defective goods, or provide an equivalent digital download (which not only costs Sony absolutely nothing, but is from a restricted list of ~200 titles, most of them pop songs now several years past hit status). The EFF in its FAQ also claims that victims who were afflicted by one particular version (XCP) can also receive $7.50 cash. I'd like this to be confirmed by a lawyer, because as I read the settlement, it isn't quite true; only those who can prove they purchased an XCP-affected CD before February 2006 can get this (admittedly that is probably the great majority), and it need not be cash. Instead of cash Sony is allowed to offer a discount on further purchases. I would thoroughly expect them to do so, since, once again, this enables the true cost to them to be much less than its apparent (retail) benefit to the consumer. Users who were afflicted by either MediaMax version do not get any monetary compensation.
Oh yeah: they are also required to provide "uninstallers" for all their crap, but I would think that goes without saying. Note that the "uninstaller" doesn't remove anything, it just turns off cloaking.
Even sweeter for Sony, the method by which victims have to apply for their compensation will, in many cases, lose their proof of purchase so that they have no means to validate any further claims. Oh, and they also have to pay their own postage when mailing it in.
This isn't even a wrist slap. There are no punitive damages whatsoever, not even token ones. Judge Buchwald seems to have decided that Sony simply has a defective product to recall, and values at absolutely nothing all the damages that product already caused, the violation of people's rights, or the considerable costs of server repair to people who thought that they couldn't wait MONTHS to fix serious security holes, and so had to reinstall. (If you feel that you could get more in a private suit, then except for specific, somewhat unlikely classes of damage you are too late; you had to request an exemption from the class action by 1st of May. If you still want to sue privately you first have to appeal for special leave from the court to do so.)
What is a fair penalty? The $100,000 per victim suggested by some is ridiculous, but I would think somewhere around $70 per victim would compensate for actual losses, while punitive damages of another $50 per victim, donated to a charity selected by ballot, would be fair and reasonable. Victims should receive the compensation in the form of a voucher to pay for computer servicing to get their PC cleaned up and hardened after Sony's compromise. (Those who present receipts to indicate that this work has already been done could receive a cheque instead.)
Let's hope that the Texas Attorney General has greater moral fortitude and applies a more serious penalty.
Oh yeah: they are also required to provide "uninstallers" for all their crap, but I would think that goes without saying. Note that the "uninstaller" doesn't remove anything, it just turns off cloaking.
Even sweeter for Sony, the method by which victims have to apply for their compensation will, in many cases, lose their proof of purchase so that they have no means to validate any further claims. Oh, and they also have to pay their own postage when mailing it in.
This isn't even a wrist slap. There are no punitive damages whatsoever, not even token ones. Judge Buchwald seems to have decided that Sony simply has a defective product to recall, and values at absolutely nothing all the damages that product already caused, the violation of people's rights, or the considerable costs of server repair to people who thought that they couldn't wait MONTHS to fix serious security holes, and so had to reinstall. (If you feel that you could get more in a private suit, then except for specific, somewhat unlikely classes of damage you are too late; you had to request an exemption from the class action by 1st of May. If you still want to sue privately you first have to appeal for special leave from the court to do so.)
What is a fair penalty? The $100,000 per victim suggested by some is ridiculous, but I would think somewhere around $70 per victim would compensate for actual losses, while punitive damages of another $50 per victim, donated to a charity selected by ballot, would be fair and reasonable. Victims should receive the compensation in the form of a voucher to pay for computer servicing to get their PC cleaned up and hardened after Sony's compromise. (Those who present receipts to indicate that this work has already been done could receive a cheque instead.)
Let's hope that the Texas Attorney General has greater moral fortitude and applies a more serious penalty.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/214/1004#1004