Sony Pictures, Which Hyped Up 'Harm' Of Hack, Now Tells Court No Harm Done To Employees

from the thread-that-needle,-sony... dept

In the wake of the Sony Pictures hack, the company went somewhat ballistic in trying to describe just how "harmful" the hack was. It brought on famed lawyer David Boies to threaten anyone who published any information from the hack, claiming that it was a violation of the First Amendment (yes, it told the media that publishing news was a violation of the First Amendment). The company also (ridiculously) threatened to sue Twitter, claiming that Twitter would be held "responsible for any damage or loss arising from such use or dissemination by Twitter." Thoughout it all, Sony kept arguing that this hack was a complete disaster and incredibly harmful.

However, now, in court, Sony is suddenly forced to tap dance around those claims and argue that there has been no harm at all done to the employees of the company, who have filed a class action lawsuit against Sony Pictures for failing to protect their data. In a filing first highlighted by Eriq Gardner at The Hollywood Reporter, Sony Pictures insists that basically there has been no harm whatsoever and mocks the employees who say otherwise, noting that their "PII" (Personally Identifiable Information) disclosed was not particularly private in the first place.
Plaintiffs’ experiences in the wake of the cyberattack are entirely consistent with the empirical consensus just discussed. To start, the PII disclosed for each Plaintiff varies widely.... For example, Mathis asserts only that her name, SSN, and former (not current) home address were disclosed.... (Even on that score, she appears to be wrong. Plaintiffs cite no evidence that her SSN was disclosed. The sole document they cite... has the SSN of a different Mathis.) For his part, Forster believes an array of his PII was disclosed, including his SSN and birthday, as well as outdated bank information, an invalid driver’s license, and former medical insurance information (which he admits are “useless” or “worthless”)....

What is more, some Plaintiffs maintain active online presences, which means that much of the PII they claim was disclosed in the cyberattack already had voluntarily been made available online. For example, while Forster complains that his title, place of work, and dates on which he joined and left SPE were disclosed, he acknowledges that he had posted that information to LinkedIn and thus could not be harmed by its disclosure.... Levine likewise admits that he has “put a lot of [his] life online.” ... For him and others, a wide range of PII was available online prior to the attack.
The other line of defense? If there is any harm, who can really say that it actually came from the Sony hack, rather than any other recent hack?
Plaintiffs (and, undoubtedly, unnamed classmembers) have been exposed to multiple breaches and incidents of identity theft involving various permutations of their PII.... To prove that any injury—or even risk of future injury—is attributable to the cyberattack, each classmember would have to show that this cyberattack, and not another event, caused any incident of identity fraud.
The other problem is that the only actual loss that any of the plaintiffs show right now was an unauthorized purchase on a credit card, but the filing points out, this employee was fully reimbursed (i.e., no loss) and it's also not at all clear that it happened because of the Sony hack.
Similarly, while Corona claims that somebody made an unauthorized purchase using his credit card after the cyberattack on SPE (for which he was fully reimbursed), he acknowledges that he also had unauthorized purchases on his credit card before the cyberattack, and that he could only “guess” at the connection, if any, between the more recent unauthorized purchase and the cyberattack.
To be honest, Sony's argument here is pretty strong. Courts have pretty consistently rejected class action lawsuits over data breaches when there are no actual losses, or where the losses are purely theoretical. It seems very likely that the former Sony employees here are going to lose.

But... it does seem rather amusing to see Sony -- which went on and on and on about all the "damage" the leak was going to cause -- now have to argue that its own employees experienced no harm at all...
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: class action, damages, emails, hack, harm, lawsuit, sony hack
Companies: sony, sony pictures


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 31 Aug 2015 @ 10:09pm

    Re: Re: Re: Impeach the witness, anyone?

    Maybe we need to differentiate between the Old Sony and the New Sony.

    Although Sony originally fought on the side of the consumer, their principled stance flip-flopped when the company acquired a Hollywood movie studio as well as a record label.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.