Texas Attorney General Greg Abbott expanded his lawsuit against Sony BMG Music Entertainment on Wednesday, alleging that a second form of anti-piracy technology used by the label violates the state's spyware and deceptive trade practices laws.
Abbott sued Sony BMG in November, saying the world's second-largest music label surreptitiously included spyware on millions of CDs through technology known as XCP. That technology, included on 52 Sony BMG titles, could leave computers vulnerable to hackers, he said.
The new allegations involve an unrelated CD copy-protection technology known as MediaMax, which was loaded on 27 Sony BMG titles, including Alicia Keys' "Unplugged" and Cassidy's "I'm a Hustla."
"We keep discovering additional methods Sony used to deceive Texas consumers who thought they were simply buying music," Abbott said in a statement.
BMG officials said in a statement that they are working with Abbott's office and believe they can prove they have responded appropriately to his concerns.
"The security issues with MediaMax are not uncommon and are completely addressed by a software update which we already have made available, as is standard practice when problems with consumer software are identified," the statement said.
Anti-piracy technology restricts the number of times a single disc can be copied and can make it extremely inconvenient to transfer songs into the format used by Apple Computer Inc.'s iPods.
The MediaMax technology limits how many backup copies can be made of the CD on a computer or how the tracks can be shared with other users.
The Electronic Frontier Foundation, an online civil liberty group, discovered that, like XCP, MediaMax could allow an outsider to gain unauthorized access to a computer. Two weeks ago, Sony BMG began urging consumers to download a patch that would plug the potential security breach. About 5.7 million CDs were shipped with the software.
Abbott said MediaMax violates Texas law because some versions secretly install files when the CD is inserted into a computer, before the consumer has a chance to accept or decline a license agreement. The files can lead to the security breach.
Sony BMG misleads consumers by saying no files will be installed if the agreement is rejected, Abbott said, when, in reality, the installation already has occurred. It is difficult for consumers to remove the files, he added.
Sony BMG, which rejects the spyware description, said it has provided consumers with a one-click "uninstall" application that lets them remove MediaMax from their computers.
The label recalled the discs with XCP in November and released a way to remove the files from users' computers. Some 4.7 million CDs had been made with the technology and 2.1 million had been sold.
The state can recover up to $100,000 in damages for each violation of the spyware law and $20,000 in damages for each violation of the deceptive trade practices law. Individuals whose computers were affected by the anti-piracy technology also can recover damages.
Abbott has said that any money recovered by the state would go to Texas' general revenue fund.
Sony BMG is a joint venture of Sony Corp. and Bertelsmann AG.