Today saw Sony Computer Entertainment begin the long and arduous process of rebuilding their customer’s faith. The PSN hack and subsequent down time has, regardless of what some would wish to believe, been an egregious mess of PR for the company. That press conference this morning began to set the company’s relationship with its consumers back on track.
For me, the most impressive thing about SCE’s conference today was the humility on show. I think that’s what I wanted more than any tokenism of compensation or assurances of beefed up security measures. After all, it really doesn’t matter to me personally if SCE promise that my details will be safe next month. The unfortunate fact is that they weren’t safe last month. No assurances for the future can change what happened in the past. Any promise of extra security is, using the tiring expression, locking the stable door after the horse has bolted.
Of course, there will always be the drum banging of the faithful tribe but I really can’t see any excuse for how our data was kept. You might say it wasn’t SCE’s fault because they didn’t ask to be hacked. There is certainly some truth in that but when we divulged our data to SCE, we were trusting them to look after it. Make all the excuses you want but the fact remains that we trusted them with something precious and they lost it.
Others may attempt to defend the loss by saying that other companies store data in a similar way so it could have happened to any one of them. That may also be true but it is completely irrelevant to the issue. The data we trusted in SCE’s hands was lost. If it had happened to any other company I would be just as annoyed and I sincerely hope that this fiasco will prompt anybody who stores our data to reevaluate their processes and take measures to ensure that this is as unlikely as possible to happen to them.
The question isn’t whether SCE did enough to keep our data safe (clearly the answer to that one is “no”). The question isn’t even whether they did anything less than other companies do with similar data. The question is: could they have done more? If the answer to that is “yes” then I think they sold their customers short. Judging from the ashen complexions and grave expressions on the faces of those apologising this morning, so do they.
It’s certainly true that SCE do not deserve to stand alone in shouldering the blame for this problem. Let’s not forget that any precious thing is perfectly safe as long as nobody is looking for it. Without the hacker, we wouldn’t have the problem. So it’s perfectly reasonable to want to level some blame in the direction of the person or persons who actually climbed in through the window and took the plate of cookies. But that doesn’t absolve SCE of the responsibility for making sure the window was locked properly.
I think that what the press conference held in Japan today proved was that SCE know they’re largely to blame for the loss and ensuing media furore. Despite what a small hardcore of fans have been attempting to claim around the internet, SCE admit that it’s their fault. For me, this is much more important than giving me some free store content. A genuine, honest apology was all I needed from the outset. Now they’ve offered one, I can happily forgive the issue and move on to rebuilding my own personal trust in the company.
The loss of data is upsetting but there is no system that is 100 percent secure. It is blatantly obvious that SCE wouldn’t have wished for this but it happened. The important thing is how it’s dealt with.
For the first week of the downtime I don’t think it was dealt with well at all. Several blog posts which all said essentially the same thing and even what they did divulge was very little. I was frustrated that a large company, so reliant on a faithful fan base, could be so opaque. I think the lack of communication only served to feed the rumours that people had no choice but to consider plausible – in varying degrees – simply because nobody was denying them and there was no concrete proof that they were incorrect.
The start of the second week wasn’t much more enlightening, although a slightly more detailed response was issued. It was still personally frustrating to see a company I admire being so closed to the fears of its customers. To my mind, that changed with today’s press conference. I would personally have been much more relaxed if SCE had come out a week ago and said “yes, we messed up a bit and we’re doing everything we can to find out exactly how badly. Sorry about that”. I could have forgiven the transgression immediately if they’d been a little more communicative and humble. Now they have held their hands up and apologised for the incident, I have no qualms in offering them my full support (such as it is).
Of course, the incident did still happen and attempting to ignore that would be profoundly foolish. SCE are not going to try ignoring it. There’ll be no papering over the cracks from them as they endeavour to show their existing and potential customers that theirs are safe hands once again. I believe that as responsible consumers, we have to take a small portion of blame for the loss of data too. Are we too quick to assume trustworthiness? We should certainly all use the incident to assess our own habits with our data and evaluate whether there’s anything more we can do to keep ourselves more secure.
Ultimately, it doesn’t matter that the incident occurred. What is done, is done. The horse is in the fields. All we can do now is attempt to ensure a more secure stable in the future. Oh, and look forward to Portal 2 online co-op, of course…
uuuhh
So basically what you’re saying is that if you don’t hate sony and kick up a stink because of some criminal stealing details from them, then you are a huge sony fanboy?
That’s what I got from this, and I didn’t have to put it into a million words like this article.
Seriously, this website and its writers seem to have had a huuuuuge chip on their shoulder about everything sony/playstation related for quite a while now.
colmshan1990
It’s less a matter of hating Sony as one of being angry with them.
You can be angry with your partner, yes? Doesn’t mean you hate them…
And you need some massive blindspot not be angry with them at least a little.
uuuhh
I am angry with them a little bit. But they didn’t purpously go out and think, ‘Duurrrr I know what’ll be fun! How about we give everyones card details to hackers’ did they?, that’s why I’m not throwing my toys out of the pram like everyone else.
colmshan1990
I’m still pissed at Sony.
The apology means nothing to me, actions speak louder than words.
I was quite happy with Sony not saying anything so long as everything got fixed, and I wasn’t cheated out of the currently €0.81 in my bank account. (If anybody thinking of buying colmshan1990’s details off of some dodgy hacker, don’t bother, it’s not worth it.)
Give me something decent and I won’t be as angry. But that’s not the most important bit.
Don’t let it happen again, and in time, I will be as happy as I was before all this shit went down.
Conversely, if I see something weird pop up in my bank statement, my anger at Sony will only be beaten by my anger at the hacker.
Jimbo
@YOURMUMANDME : Hakuna Matata. It sounds like it could be the African version of Hanna Montana (Only with Lions and lots and lots of blood shed!). Back to the article. I’ve no problems with Sony having my details again as I bet they take a hell of a lot more care with them this time.
TSBonyman
Good read Peter and i agree with almost everything you said but i can’t help drawing a comparison between this and what happened at Fukushima with the tsunami. They had preventative measures in place too and were unprepared for the scale of what happened.
I do hold Sony part responsible of course but i’m inclined to pin most of the blame on the perpetrator of the intrusion. (Whereas i hold Sony more responsible for the removal of OtherOs than GeoHotz – so you can see it’s not fanboyism that guides me. ;) )
I’ve read different reports which refer to the data as “lost”, “stolen” and “status unknown”. I don’t know if we’ll ever find out for sure which it was but that’s one detail i would really like to know.
AG2297
I’m not angry with Sony. Infact, apart from the first few days when I found it slightly annoying that hackers may have taken my details off Sony, I havnt really cared at all.
The PS+ free month dosnt really bother me either. Makes no difference to me, I’m not really interested in any of the content on PS+ but then free stuff is free stuff so I’m not complaining.
Basically, I’m completely indifferent to the whole situation and will be happy when PSN is back up and people just move on, as the article title says! :)
AG2297
Just to add to that. Sony is just another company, the PlayStation is just a games console, and a name and address is just a name and address. It all just feels so small and unimportant to me.
I’ll be glad (and I think the writers here will too) when all of this finally blows over, and we can get back to some normality.
Bring on E3!
uuuhh
That’s exactly the same as I feel. Especially as I never play online anyway. To me, all that’s happened is that I can now enjoy games without xxxxx is online, xxxxxx is offline popping up in the corner every 2 seconds :)
colmshan1990
You can turn that off, you know.
God knows, I was delighted when I figured that out for myself.
InternationalGamer
”2 Weeks ago, We lost 100’s of millions of data in the blink of an eye. And the world just fuckin’ watched. Tommorow there will be no shortages of firewalls, no shortages of encryption. I know you understand”
– Sony Computer Entertainment
BlueWolf
Could not agree more – Sony was hacked. End of. Of course it helps if you have an account in a different country than that which you live in … Anyway, just give me the full PSN back.
m61726b
One horse is bolting,
Two old lady muggings,
Three stolen wallets,
Four keys in doors,
Five golden trolls!
Anymore analogies, I need twelve to finish the song.
teflon
Sony presented a standing target for too long versus the hackers. There’s signs that they were aware that this kind of attack was coming, as this current downtime has brought forward plans for serious infrastructure changes, but they got caught with their pants down.
That’s their fault, and this might not have happened had they been on the ball a bit more. There’s parallels with terrorist attacks, and how security services are always adapting for the last attempted attack we saw, and military forces prepare for the last war they fought.
Whether Sony were actually deficient in certain areas is yet to be seen, really. I have no doubt that they could have done more, but I don’t think they were particularly negligent, nor that they contravened any data protection laws. If anything this simply means we need more stringent rules and regulations when it comes to data protection. When companies can simply buy the data from the census /we just took/ and use it for advertising, you can tell it’s not just big companies, but also the governments themselves that don’t really give a crap about individuals.
Once you get past that particular hang up that it’s happened, I think Sony’s reaction was pretty much spot on. Shut it down, call in investigators and get on with fixing things so it can’t happen again. The only thing they did poorly was handle PR where we now live in a 24/7 news cycle and people demand immediate answers and total transparency. Not revealing details that could impede and compromise their investigation had to come first, but I feel they could have announced stuff more comprehensively and clearly sooner and more efficiently.
hazelam
while most of the blame for this can be laid at the feet of the hackers, sony do have some responsibility.
it’s like that old saying about the man who builds his house on shifting sands, when his house collapses should he not take his share of the blame for choosing such a location.
the same sort of principal applies here, if sony didn’t encrypt the data, and maybe they didn’t have sufficient security, i would guess they did and the hackers used extraordinary measures to gain access, but given that their security was breached you have to admit the possibility that there was a weakness somewhere.
sony have to come out of this having learned some lessons.
about how they store our data, and how they protect it.
when all’s said and done though, i don’t see the way i deal with sony or the psn changing all that much.
i only ever used store cards on the psn, and i’ll continue to use them.
i generally have a reluctance to use debit or credit cards online anyway, having been a victim of online card fraud before it’s made me a little paranoid.
but then there are rare occasions like this where it’s actually turned out to have been a good thing.
i will be changing my password at the first opportunity though.
one thing i do that i think everybody should do is keep your email password unique, don’t use that password for any other service.
maybe i’m preaching to the converted on that one though.
because if there’s one online service that would be most damaging if it was hacked it’s your email.
i mean, if somebody had access to your email they could go to all your registered sites and do a password recovery.
lastly, the sooner they find those hackers the better.
sony made some bad decisions, maybe didn’t do all they could, but who would actually think they had any malicious intent?
not like these hackers.
there are some that view hackers as standing up for the little guy against the big faceless corporations, and maybe some are.
but not the people who did this, the people who did this are just criminals.
they’re not some modern day robin hood, they’re thieves.
i don’t buy that honour among thieves thing either, stealing from people is anything but honourable.