NARM & RIAA: Don’t Block the Rock
This week, in an open letter titled “Don’t Block the Rock,” NARM and RIAA called on corporate IT officers to stop blocking lawful music services such as Pandora and Spotify in the workplace. DisCo previously covered a variation on this story, when it was revealed that the House of Representatives IT policy blocked access to Spotify on the House network, as it was not authorized under their blanket ban of P2P technology. (Several months later, Spotify became accessible again to the House, after they “modified some of their technology so the program no longer utilizes peer-to-peer technology.”)
Naturally, CIOs and other IT pros may be disinclined to grant access to services out of fears that this will consume bandwidth, but in-house IT officers should have an entirely self-interested reason for providing access to lawful music services: in the absence of lawful outlets, employees may attempt to bring their music into the workplace in other ways that can lead to liability and security risks.
Employers have been facing copyright liability for employee file-sharing in the office since people discovered digital music. This has to worry C-level IT people: the potential of enormous, statutory damage awards is a real business threat. Moreover, employees bringing music into the office on media (such as USB drives) creates an attractive attack vector for security intrusions. In fact, one of the most prominent security threats associated with music consumption to date arose not from unlawful streaming sites, but from a self-executing “rootkit” on music compact discs. Used by Sony BMG in 2005, the rootkit was originally intended to be a secret copy-protection scheme but compromised tens of thousands of servers (including in governments and militaries) around the world, and was subsequently exploited by computer hackers. If authorized web-based services had been more widely available in workplaces at the time, it might have mitigated the scope this debacle.
People like music, and if we’ve learned anything in the last decade of the war on piracy, it is that the “just say no” strategy is not particularly effective. Instead of trying to bolt down every possible means by which a user can do what they’re not supposed to do, IT officers can take away the motivation. Providing employees with a threat-free mechanism for lawfully accessing digital music while working could solve enough problems to outweigh bandwidth costs.