Such risks include losing access to digital content if systems
are discontinued or devices fail or if players are replaced by
systems from a different manufacturer, according to the All Party
Parliamentary Internet Group (APIG) which released its report on
Digital Rights Management yesterday.
APIG exists to provide a discussion forum between new media
industries and parliamentarians. Its inquiry received over 80
written submissions from consumers, think tanks, libraries, print
media publishers, the film and music industries and lawyers
It also asked that the OFT makes it "crystal clear" to consumers
what they will and will not be able to do with digital content that
they purchase. APIG acknowledged that British consumers generally
do not know that when they buy a CD, they infringe copyright by
recording it to their computer or portable music player.
APIG also recommended that communications watchdog OFCOM publish
guidance to make it clear that companies distributing Technical
Protection Measures (TPMs) in the UK would, if they have features
such as those in Sony-BMG's MediaMax and XCP systems, "run a
significant risk of being prosecuted for criminal actions."
Sony-BMG caused an outcry when it shipped CDs in the US with
these TPMs last year. Designed to prevent unlawful copying, people
trying to play the CD on their computer unwittingly installed the
MediaMax software even when they refused permission. The device
driver was hidden from standard tools. Similarly, XCP contained
what was known as a 'rootkit' – a method of hiding programs so that
they did not appear in directory listings. Both systems also
contacted a website whenever the user inserted the protected disc –
described by APIG as "a gross invasion of privacy."
Consumers and rights-holders told APIG during its consultation
that these tools could breach the Computer Misuse Act and the Data
Protection Act.
APIG wrote that it was "shocked that a reputable company could
mislead purchasers in this blatant manner by ignoring a user's
request not to install; altering operating systems without
permission so as to hide their programs; and surreptitiously
collecting personal data."
