[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dvd-discuss] Dion's new CD crashing party for some users




IANAL but the problem would be damages. $5000 is a lot to prove on one 
computer. On 1M computers at minimum wage it's pretty.Maybe this might be a 
time for small claims court. How about 100,000 suits against them in small 
claims court?

Date sent:      	Thu, 4 Apr 2002 19:43:44 -0500
To:             	dvd-discuss@eon.law.harvard.edu
From:           	"Arnold G. Reinhold" <reinhold@world.std.com>
Subject:        	Re: [dvd-discuss] Dion's new CD crashing party for some users
Send reply to:  	dvd-discuss@eon.law.harvard.edu

> At 11:03 AM -0500 4/4/02, Dean Sanchez wrote:
> >Yahoo! News has an article about how Sony's new Celine Dion's cd can 
> >crash a user's computer and how Sony admits to this action.  I would 
> >think that this could be considered a "criminal hacking" action and 
> >subject them to civil and criminal legation, couldn't it?
> >http://story.news.yahoo.com/news?tmpl=story&u=/bpihw/20020403/en_bpih 
> >w/dion_s_new_cd_crashing_party_for_some_users&printer=1
> 
> I am not a lawyer, but my reading of Federal law (18 USC 1030, 
> excerpts below) suggests Sony should think twice before selling audio 
> disks (they certainly ought not be called CDs) with  crash-inducing 
> copy protection in the United States.
> 
> It's no sure thing that the Government would act, but there is this 
> interesting provision in subsection (g) that provides for injunctive 
> relief for any person that suffers damage or "loss."  Might it be 
> possible to seek a court order baring Sony  from introducing this 
> technology into the U.S.? There is the problem of showing damages 
> before the albums are sold here.  Perhaps a perceived need to perform 
> additional backups would do. So might an incident involving an Dion 
> album purchased in Europe and brought to the U.S.
> 
> A university would make an ideal plaintiff since they typically own 
> hundreds of computers that are used by students, who sometimes play 
> CDs (perfectly legally). Universities can easily document the cost of 
> crashes in terms of support staff time and the risk of lost data. 
> They also usually have Government research contracts, whose data 
> could be affected by by Sony-induced crashes. This brings them under 
> the protection of both subsections of (e)(2).
> 
> See also http://www.loundy.com/E-LAW/E-Law4-full.html#VII which 
> points out: "The civil provisions were first used in North Texas 
> Preventative Imaging v. Eisenberg,  which held that a "time bomb" 
> inserted into a software update to ensure payment could constitute a 
> violation of the Computer Fraud and Abuse Act." [i.e. 18USC1030]
> 
> Many states have laws on this as well.
> 
> 
> Arnold Reinhold
> 
> 
> =========================================
> 
> 18 USC 1030 Fraud and related activity in connection with computers
> 
> (a) Whoever -
> ...
> (5)(A)knowingly causes the transmission of a program, information, 
> code, or command, and as a result of such conduct, intentionally 
> causes damage without authorization, to a protected computer;
> 
> (B)intentionally accesses a protected computer without authorization, 
> and as a result of such conduct, recklessly causes damage; or
> 
> (C)intentionally accesses a protected computer without authorization, 
> and as a result of such conduct, causes damage;
> ...
> shall be punished as provided in subsection (c) of this section.
> 
> (b)Whoever attempts to commit an offense under subsection (a) of this 
> section shall be punished as provided in subsection (c) of this 
> section.
> 
> (c) The punishment for an offense under subsection (a) or (b) of this 
> section is -
> ...
> 
> (3) (A) a fine under this title or imprisonment for not more than 
> five years, or both, in the case of an offense under subsection 
> (a)(4), (a)(5)(A), (a)(5)(B), or (a)(7) of this section which does 
> not occur after a conviction for another offense under this section, 
> or an attempt to commit an offense punishable under this 
> subparagraph; and
> ...
> 
> (e)  As used in this section -
> ...
> 
> (2)the term ''protected computer'' means a computer -
> 
> (A)  exclusively for the use of a financial institution or the United 
> States Government, or, in the case of a computer not exclusively for 
> such use, used by or for a financial institution or the United States 
> Government and the conduct constituting the offense affects that use 
> by or for the financial institution or the Government; or
> 
> (B) which is used in interstate or foreign commerce or communication;
> ...
> 
> (8) the term ''damage'' means any impairment to the integrity or 
> availability of data, a program, a system, or information, that -
> 
> (A) causes loss aggregating at least $5,000 in value during any 
> 1-year period to one or more individuals;
> (B) modifies or impairs, or potentially modifies or impairs, the 
> medical examination, diagnosis, treatment, or care of one or more 
> individuals;
> (C) causes physical injury to any person; or
> (D) threatens public health or safety;
> ...
> 
> (g) Any person who suffers damage or loss by reason of a violation of 
> this section may maintain a civil action against the violator to 
> obtain compensatory damages and injunctive relief or other equitable 
> relief.  ...
> 
> [from http://www4.law.cornell.edu/uscode/ ]