A recent brouhaha over a bit of spyware Sony BMG included in some CDs to keep buyers from misappropriating the music raises important issues that will likely bleed out into your own development efforts. The backlash would have been avoidable of Sony had gotten its design goals and objectives straight and kept the legal department from meddling with of its Digital Rights Management (DRM) schema. It appears Sony failed to keep Legal from overstepping reasonable precautions, but its not alone in that; most large organizations maim themselves with repeatedly doing the same thing.
Legal departments, especially within publicly-traded companies, tend to wield power disproportionate to their duties—duties that are basically janitorial in that they are an overhead service intended to maintain tidiness and hygiene. Sadly, as management gets more cautious about legal repercussions, lawyers get a voice in decisions in which they not only have no expertise (such as IT), but in customer-facing initiatives, as well.
Sonys aggressive spyware approach to DRM smells to high hell of the kind of good-intentions-turned-cognitive-dirty-bomb so many Legal-inspired projects descend into.
Sonys objectives started out reasonably enough, propelled by an idea I support unrelentingly: They wanted to protect intellectual property they partially own. Cool. Protect it. But remember that protecting intellectual property doesnt mean ignoring fair use.
As Redmond, Washington intellectual property attorney Ron Grant says, “The problems arise when the law as written collides with what most of us intuitively know is the difference between right and wrong.”
While theres a certain infantile, self-serving view (common among the information-wants-to-be-free crowd) that just about anything one might want to do with others intellectual property is covered by fair use, the law bends pretty effectively to codify what Grant says the majority intuitively knows to be right.
Occasionally, there are practices we intuit as “right” that arent legal, such as someone with a 33-1/3rd LP recording a copy of select songs to a cassette to play in their car or at work.
I call that the “one purchase, one concurrent user” standard. I would call that “right” because it conforms to the intent of protecting a creators rights.
But it does not conform to a corporate lawyers idea of what it means to protect a clients interests to the absolute extent of the law. Lawyers rarely get sued for representing their clients interest too well, but underepresenting client interests can lead to suits.