Alright, kids, listen up. Papa Ras is going to invite you into the classroom for a little one-on-one time.
Copy protection is a method of preventing you from making and/or using multiple copies of a single media unit.
A rootkit is one or more programs or processes that conceal themselves from the host operating system, ostensibly at a high enough level that it can access everything on the system (you know, ROOT level access, back when there were root users on computers).
SecuROM, in its current incarnation, is a copy protection scheme that installs a service that runs at Ring 3, the applications layer. It has no access to lower-level rings, like drivers or kernel-level resources.
In the case of Bioshock, according to the official 2K Games FAQ, "The only data collected is the serial being used for activation, the IP address used for activation, an identifier for the software being activated, and the hash of the machine ID. The ID cannot be read by any other system or operator. Its only purpose is for comparing future activations on a particular serial." Additionally, they later go on to mention that it "does place a folder and registry keys on your system. These folders are used only for storage of license information and information to assist with disc authentication. Please do not modify or delete these files. Tampering with these files may result in authentication issues."
The access level is the distinction, here: SecuROM runs at ring level 3. Rootkits, by definition and by nature, run at an equivalent level of 0. They are meant to be used to install more applications which the (h|cr)acker will use to further pwninate your box.
Now, you want to talk "bad Sony software," you're discussing the XCP bullshit that came packaged on audio CDs a few years ago. From Computer Associates, via Wiki:
XCP.Sony.Rootkit installs a DRM executable as a Windows service, but misleadingly names this service "Plug and Play Device Manager", employing a technique commonly used by malware authors to fool everyday users into believing this is a part of Windows. Approximately every 1.5 seconds this service queries the primary executables associated with all processes running on the machine, resulting in nearly continuous read attempts on the hard drive. This has been shown to shorten the drive's lifespan.
Furthermore, XCP.Sony.Rootkit installs a device driver, specifically a CD-ROM filter driver, which intercepts calls to the CD-ROM drive. If any process other than the included Music Player (player.exe) attempts to read the audio section of the CD, the filter driver inserts seemingly random noise into the returned data making the music unlistenable.
XCP.Sony.Rootkit loads a system filter driver which intercepts all calls for process, directory or registry listings, even those unrelated to the Sony BMG application. This rootkit driver modifies what information is visible to the operating system in order to cloak the Sony BMG software. This is commonly referred to as rootkit technology. Furthermore, the rootkit does not only affect XCP.Sony.Rootkit's files. This rootkit hides every file, process, or registry key beginning with $sys$. This represents a vulnerability, which has already been exploited to hide World of Warcraft RING0 hacks as of the time of this writing, and could potentially hide an attacker's files and processes once access to an infected system had been gained.
So let's go over it again, real quick. SecuROM, though it is DRM, and onerous, and requires online activation, does not install any device drivers, does not cloak anything, and doesn't allow other programs' files to be cloaked by it. If "installing device drivers" sounds familiar, that's because you're probably thinking about StarForce, which installed itself as a Ring 0 device that basically read everything your devices did.
So, no, Charlotte, despite what a fuckwit, sensationalist blogger and self-admitted SEO adwhore said, SecuROM is not a rootkit.
