Feeds

After hack nightmare, Sony bars lawsuits with new TOS

Class actions verboten

Internet Security Threat Report 2014

After getting the pants sued off it for security breaches that exposed personal information connected to more than 100 million online accounts, Sony is requiring subscribers to waive their right to wage class-action lawsuits for almost any reason.

Sony dropped the bombshell in an updated terms of service and user agreement (PDF) on one of its websites. It requires people with accounts on Sony's PlayStation Network or other online services to seek binding arbitration with an arbitrator of the company's choosing instead of exercising their right to have a judge or jury hear their case. Legal claims can only be filed if the dispute isn't resolved through arbitration in a timely manner.

The terms go on to state:

ANY DISPUTE RESOLUTION PROCEEDINGS, WHETHER IN ARBITRATION OR COURT, WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS OR REPRESENTATIVE ACTION OR AS A NAMED OR UNNAMED MEMBER IN A CLASS, CONSOLIDATED, REPRESENTATIVE OR PRIVATE ATTORNEY GENERAL LEGALACTION, UNLESS BOTH YOU AND THE SONY ENTITY WITH WHICH YOU HAVE A DISPUTE SPECIFICALLY AGREE TO DO SO IN WRITING FOLLOWING INITIATION OF THE ARBITRATION.

Sony subscribers will be required to agree to the terms the next time they sign into their accounts - effective Thursday - if they want to continue using the online services.

The changes come five months after an attack on the PlayStation Network exposed names, addresses, email addresses, passwords, and other sensitive data for 77 million accounts. Sony shuttered the service for 40 days while it cleaned up the mess. In the weeks following, attacks were found to hit Sony Online Entertainment, the company's computer games service, and the Sony Pictures website, exposing personal information for 25 million more accounts.

In July Sony's insurance company filed a lawsuit that argued its policy didn't apply to a raft of class-action lawsuits filed in response to the high-profile security breaches.

The terms of service give subscribers the ability of opt out of the class action require, but it will require them to do something many probably haven't done in years, if ever – write a letter on paper and send it to an address using the postal service.

The instructions:

YOUR WRITTEN NOTIFICATION MUST BE MAILED TO 6080 CENTER DRIVE, 10TH FLOOR, LOS ANGELES, CA 90045, ATTN: LEGAL DEPARTMENT/ARBITRATION AND MUST INCLUDE: (1) YOUR NAME, (2) YOUR ADDRESS, (3) YOUR PSN ACCOUNT NUMBER, IF YOU HAVE ONE, AND (4) A CLEAR STATEMENT THAT YOU DO NOT WISH TO RESOLVE DISPUTES WITH ANY SONY ENTITY THROUGH ARBITRATION.

Anyone got a stamp? ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.