Sony T&C: No Liability For Data Loss
You did read the T&C before you clicked "I Agree"?
Published: 16:30, 27/04/2011 by Tuffcub.
28The Internet is awash with people demanding compensation as their personal data is now in the hands of hackers but they may be in for a shock if they take legal action against Sony. MCV has noted the following statement in the Sony Online Terms & Conditions:
We exclude all liability for loss of data or unauthorised access to your data, Sony Online Network account or Sony Online Network wallet and for damage caused to your software or hardware as a result of using or accessing Sony Online Network.
Sony may be liable to a fine from Information Commissioners Office (ICO) of up to £500,000 if they are found to have broken the UK Data Protection Act but it appears that individual PSN users will not be able to claim any financial compensation.
Source: MCV
Most Comments This Week
- Gaikai’s Streaming – Does This Mean No PS4? [65]
- PSN Store Update: 23/05/12 [55]
- First Party Vita Games Drop To £12 On PSN [52]
- PSN Store Hit With 80023163 Errors [51]
- Is Something Big Coming To PlayStation Plus Soon? [50]
- “Leap” Motion Controller Could Revolutionise Gaming [43]
- Ghost Recon: Future Soldier PS3 Install Is Huge [42]
- Australian & New Zealand D3 Players Suffer High Ping Rates [41]
- Sony Files Patent For Game-Interrupting Soda Adverts [40]
- Ghost Recon Future Soldier Review (PS3, Xbox 360) [39]
Latest Reader Comments
- NFS: Most Wanted Due Out In November
- Meet the Reader: KAMIKAZE-UK
- TSA Speculates: Why You Might Not Need To Buy A PS4
-
New Hardware, New Plus: All Eyes On Sony This E3
- 13:28 damoxuk: No thanks. I don;t want to stream games and have worst lag than when I played Atari 2600 games 30 years...
- 12:30 Radiitz: Its 2012. I can’t believe there are still people begging for PS2 compatibility with PS3....
- 12:28 Radiitz: Personally, I would like the PS4 (when/if it releases) to be like the Onlive console. You buy what is...
- Microsoft Job Offer Mentions “Next Generation” Of Xbox
TSAtv: Original Video Content
Batman book review
Kris Dancing, again
Joe Danger interview
Sonic Generations
27/04/2011 at 16:32
Member since: Sep 2010
Well I think we all saw that one coming.
27/04/2011 at 16:34
Member since: May 2010
shame they didnt see the hack coming
27/04/2011 at 16:38
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 16:50
Member since: Sep 2010
I am rubber you are glue.
27/04/2011 at 16:55
Member since: Nov 2009
This comment is hidden.
28/04/2011 at 00:13
Member since: Dec 2009
Erm, i’m ovine *looks sheepish*
28/04/2011 at 00:49
Member since: Mar 2011
*awkward silence* … anyone for some lamb kebabs?
27/04/2011 at 16:33
Member since: Jun 2009
what a surprise, hidden in the massive small text is something that covers them from everything, including, if they came round and smashed your PS3 with a hammer probably.
27/04/2011 at 16:46
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 17:19
Member since: Aug 2009
well we don’t know when they found out customer details were compromised, all they knew when they shutdown the psn was that there had been an intrusion. Look at that case with play.com, it took them 3 months after noticing an intrusion to realise email addresses had been taken. It’s perfectly possible that they only found out that user info was taken yesterday, there’s still no evidence whether or not credit card info has been compromised
27/04/2011 at 17:29
Member since: Nov 2009
This comment is hidden.
28/04/2011 at 01:21
Member since: Aug 2009
well for a start your dates are wrong, from the information from the eu blog the intrusion happened between the 17th and 19th, they found out on the 19th and closed down the service there and then, there was no 4 days wait like you mentioned. Secondly, they didn’t immediately know personal info was even targeted, let alone compromised, It could have been people trying to shut down the psn like anonymous did, or trying to access any industry sensitive data that could be on the servers or any number of other possible targets. They did the right thing and hired a private internet security firm to investigate and when they could confirm that personal data had been compromised, they let us know. They still don’t know if credit card data has been accessed and will tell us when the do. Ultimately, whether or not sony’s data was secure enough to begin with, I feel they have handled this pretty well and kept people updated without unnecessary panic, a difficult feat in this world of 24 hour news
28/04/2011 at 02:04
Member since: Forever
Since the horse bolted, they have shut the stable door extremely well & handled things just fine IMO… Questions still exist about what Sony was doing before the horse bolted.
If hackers were probing their system, why didn’t it flag up, did it take hours or days of probing to find the weak spots, again if so why didn’t it flag up. When the intrusion was taken place how come the security failed. 77 million accounts worth of day at maybe 1 or kilobytes per account means a 77GB to 154GB database was downloaded, this should have threw up some massive red flags, but didn’t. Within that database things weren’t as secure as they should be, passwords for example. There is also the issue of, exposed, seemingly unprotected servers (of some kind, I’m not technical enough to know what they are) running out of date software on an OS with known vulnerabilities, and many other questions which will probably surface in the coming days.
but yes, from the moment Sony flicked the off switch they’ve done everything supremely well (apart from lie initially (yet again) that it was maintainence). Lets just hope they’ve not been incompetent with everything from the networks design leading up to the 19th
27/04/2011 at 16:46
Member since: Aug 2008
That’s actually quite a pertinent point. Obviously your example is a joke but the very reason that they can’t say ‘we can come and smash your console with a hammer’ is because that is a criminal act.
If you handle credit card data you are legally obliged to protect it as far as reasonable. Failing to do so, as it appears is the case here, is a crime and is therefore excluded from and T&Cs just the same as your hammer example.
27/04/2011 at 16:52
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 16:57
Member since: Aug 2008
Um, I was agreeing with you.
27/04/2011 at 16:59
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 17:41
Member since: Sep 2008
It’s the reason that people always say “this does not effect your statutory rights”, because that would be an unfair contract term, as stated by the Unfair Contract Terms Act. In fact, IIRC (from a year of a barely attended Liability/Ethics Uni module) making claims like Sony has just done can in fact void the entire contract (ToS).
Rookie move by Sony here.
27/04/2011 at 16:33
Member since: May 2009
I’d rather they spent the money beefing up security.
27/04/2011 at 16:34
Member since: Dec 2009
Sony have lost consumer trust. That loss is incalculable.
27/04/2011 at 17:27
Member since: Jun 2009
they have lost mine, I will only use PSN cards from now on and I will change all my details when it comes back online. Hardly buy anything anyway
27/04/2011 at 17:30
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 17:42
Member since: Jun 2009
Pre paid CREDIT cards?? lol
27/04/2011 at 17:43
Member since: Sep 2008
Same. Plus, I have a 360, so guess which console I’ll be going with when DLC or downloadable games come out on both…
27/04/2011 at 17:47
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 18:48
Member since: Jun 2009
so not a credit card then
27/04/2011 at 19:42
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 21:17
Member since: Sep 2008
I think he’s trying to point out that what you’re describing is not a _credit_ card, the term debit card is more appropriate.
27/04/2011 at 16:35
Member since: May 2010
i can actually say that i have read through the terms and conditions all the way and i seriously should of taken it into more consideration
27/04/2011 at 16:36
Member since: Forever
Terms & conditions, just like End User Licence agreements, doesn’t preclude a company from complying with the law.
and whilst users may not be able to claim compensation from Sony directly it doesn’t mean there won’t be loads of class action cases from around the world happening, especially as an almost total lack of security on Sony’s part seems to be coming clearer and from increasingly reliable sources.
It’s popcorn time over the next few weeks, that’s for sure.
27/04/2011 at 16:46
Member since: Mar 2010
European law states companies can not pass on information but that implies knowingly. Hopefully an investigation will find SCE security lacking so we have some protection in future.
27/04/2011 at 17:32
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 16:38
Member since: Oct 2010
oh man! I had around £20 in my PSN wallet. God I hope it’s still there :/
27/04/2011 at 18:59
Member since: Aug 2008
No money has been taken. Card details. Oh and they might have raided PS store.
27/04/2011 at 16:39
Member since: Feb 2009
if sony are found to be criminally negligent in their security, then i doubt any license agreement will protect them.
as i’ve said numerous times, the law overrides any license agreement.
27/04/2011 at 16:41
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 16:43
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 16:55
Member since: Feb 2009
didn’t gamestation or some other retailer put a clause in that stated by signing their agreement they now owned your soul.
these license agreements are a joke, they know people never read the whole thing, face it, often they’re almost novel length documents, if you buy an audiobook on itunes, the license agreement can often be longer than the book.
they know a lot of the stuff they put in them is totally unenforceable, and they put other clause int that say if another part is not legal then it’s not their fault.
they have teams of laywers writing this crap so it’s as hard to read and understand as possible, not to mention long enough that you could spend days reading through it all.
legal mumbo jumbo and fancy language to hide the fact they’re just trying to make it look like they can do whatever the hell they want when they know they can’t.
they know that a lot of the time, people wont challenge it, many people will, incorrectly, assume that the license agreement is as good as a law.
that if it’s in the agreement, it’s legal.
well it’s not.
27/04/2011 at 17:00
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 17:42
Member since: Feb 2009
wow, that’s marathon runner level endurance there, i’m impressed. O_O
27/04/2011 at 17:48
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 17:48
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 19:47
Member since: Jan 2009
Yes, Gamestation: http://www.bit-tech.net/news/gaming/2010/04/15/gamestation-we-own-your-soul/1
27/04/2011 at 16:40
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 17:10
Member since: May 2010
Doesn’t ICO only apply to data held on UK servers? It will only cover a small margin of data leaked.
ICO did nothing about the unsecured data that was passed from BT to ACS LAW recently so if ICO won’t punish BT I can’t see them going after Sony with anything stronger than a wagging finger.
27/04/2011 at 17:14
Member since: Mar 2010
But the EU went after Google for doing the same.
27/04/2011 at 17:19
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 18:51
Member since: Aug 2008
ICO won’t do anything, he’s too busy ferrying Yorda about
27/04/2011 at 19:42
Member since: Nov 2009
This comment is hidden.
27/04/2011 at 16:41
Member since: Aug 2008
That is unenforceable because that statement would require Sony take ‘reasonable’ care to protect your information. It looks very much like thay have not done so
27/04/2011 at 16:50
Member since: Apr 2009
So say you.
I would say that up until now they’ve had a pretty good record with it. Or are you going to say that this is the first attempt anyone ever took at hacking it?
27/04/2011 at 17:11
Member since: Aug 2008
Absolutely, I admit that I am basing it on some of the info I have read which has come from reasonable but by no means 100% reliable sources.
27/04/2011 at 17:29
Member since: Jun 2009
first of all our passwords were never encrypted, thats a worry. Why weren’t they?
27/04/2011 at 20:33
Member since: Forever
@c1990
Unhashed passwords
an out of date apache installation
Running on a redhat server with known vulnerabilities… and much much more http://www.eurogamer.net/articles/digitalfoundry-psn-security-scandal
This info was known within a few hours, makes me wonder what will come to light over the next few days, especially if the hackers ever leak how they did it
It’s almost like Sony’s security consisted of ‘are you a PS3, if the answer is yes – here help yourself to whatever you want’