In what feels like a turnaround in taking responsibility, Sony has updated their click-wrap End User License Agreement (EULA, or in this case also the Terms of Service orTOS) for people who use the PlayStation Network that will force those agree into arbitration by having them waive their right to file a class action lawsuit against Sony Corp over damages.
The new license will be displayed to users before they are able to log into the service.
According to an article from the BBC, the updated EULA has added a few new clauses, so-called the “Binding Individual Arbitration” clauses which compel the licensees (the customers) regarding “any Dispute Resolution Proceedings, whether in arbitration or court, will be conducted only on an individual basis and not in a class or representative action or as a named or unnamed member in a class, consolidated, representative or private attorney general action.”
As someone who has seen a clickwrap EULA or two (especially for online services) most of them are tediously long, unreadable leagalese, walls-of-text being displayed overlarge TV screens in the living room. Most people entirely ignore the content of the updated EULA (as there’s nothing to indicate what changed since last time anyway) and simply click the agree button.
According to Sony, customers will still be able to opt-out of the arbitration by sending a letter to Sony HQ stating that they’re opting out within 30 days; however, in a catch-22, customers still must agree to the EULA in order to use the PSN service. Meaning that even if they intend to use the service at all they must click the agree button anyway.
Looking at the nearly month-long loss of service after a hacker compromised over 1 million user accounts on PSN, it’s easy to see why Sony might be trying to head off future reactions from their customers. Even after digging themselves out from under that pile of dirt, however, Sony found themselves struck by a second hack. They’ve had a terrible track record of customer protection.
These faults landed them in front of a Congressional investigation of their security practices.
Suck it up, Jack Tretton
I listened to Jack Tretton’s barely-passable speech at E3 about the Play Station Network outages, but it was mostly flummery about how he appreciated the network engineers, the developers, and even the customers for sticking with his company through the crisis. He made very few concessions to what actually happened and how devastating having financial and personal information released into the wild might be for almost a million people.
He did cover it as if it were a sad loss of a month’s worth of time people could play on the PlayStation Network alongside their friends—which in fact it was but that’s only the insult added to the injury.
Sony has all-but-acknowledged that their poor security protocols led to the leak of all that customer data and even offered Identify Theft Insurance packages to those affected by the breach.
How exactly does that sort of taking responsibility in the wake of the hack translate into this sort of maneuver such as stuffing language into an updated EULA to make sure if it happens to Sony again they can escape civil justice at the hands of their customers. Sony cannot get out from under Congress peering down their blouse in the future in this fashion, so they won’t try, but their very lifeblood, the people who give them money to keep their network running have to suck it up?
Show us that you intend to harden your networks and make good on protecting your users from future breaches rather than hide behind legal language on a plasma screen, Sony.
[Attribution: Graphic incorporates "Playstation Network EULA Trophy Earned" by Tom Conder]