Canadian consumers are being handed a raw deal by entertainment giant Sony in the settlement over its controversial rootkit software, according to a watchdog.

The CIPPIC (Canadian Internet Policy and Public Interest Clinic) has criticised Sony for practicing "double standards" by withholding from Canadian consumers warnings and protections it had offered US customers.

According to CIPPIC director Phillipa Lawson, Sony is trying to remove key elements in a lawsuit settlement that would prevent the company from gathering personal data. "Sony BMG regularly sues consumers in the US on the basis of this information, and in the past has tried to do so in Canada," Lawson warned.

Several class action suits were filed in Canada against Sony over its practice of surreptitiously planting digital rights management technologies on music CDs, including a "rootkit" technology that left the users' computer vulnerable to malicious attackers.

An Ontario court approved a settlement deal late last week that had the music company offering $8.40, a replacement CD and free downloads of selected CDs to customers who purchased the CDs containing digital rights management (DRM) programs. But CIPPIC says the Canadian settlement falls short.

"There are clearly some double standards at play. Sony agreed to take a number of steps that protected US customers, but [the company] is not willing to provide the same to Canadian consumers," said Lawson.

Sony issued a statement simply saying, that it was "pleased that Justice Winkler approved the Ontario settlement".

In 2005, Sony BMG began installing XCP (Extended Copy Protection) software in some of its CDs. This digital rights management (DRM) software used rootkit cloaking techniques normally employed by hackers and was found to be a security risk as it is able to read and transmit IP addresses, thereby identifying the user and sending personal information back to Sony.