Add the Sony PlayStation Network to the list of companies
running into criticism from Washington
over online privacy.
The company revealed Wednesday that account information on
millions of users of its online gaming had been compromised,
leading privacy legislation backers on Capitol Hill wanting to know how it
happened and what the company was going to do about it.
Sony said the information included names, addresses, e-mail
addresses and birthdays, may have included billing addresses and purchase
histories, and that it could not rule out passwords and credit card
numbers and expiration dates (though not security codes).
Rep. Bobby Rush (D-Ill.) said he was disturbed that it
apparently took Sony a week between the breach and the announcement and said he
would re-introduce data security legislation similar to a bill he introduced
last Congress. "Violations of consumer privacy is no respecter of party
affiliation and, with all that is at stake, I continue to call upon the House
Republican leadership to hold legislative hearings, immediately, on privacy and
data security legislation," he said. That bill "requires 'for-profit'
entities holding data containing consumers' personal information to have
reasonable and appropriate security measures in place to protect that
"Sony touts its PlayStation platform's real-time and
networking capabilities to consumers," said Rush. "The laws of this
country should call, similarly, for consumers to be notified in as close to
real-time as possible-not according to Sony time-whenever their sensitive
information falls into the hands of intruders, hackers, thieves and information
resellers," he said Wednesday.
Ed Markey (D-Mass.), co-chair of the House bipartisan
privacy caucus (who never saw a phrase he couldn't or wouldn't turn) was
equally troubled. ""Hackers and data thieves shouldn't be able to play
â€˜Grand Theft Info' with millions of addresses, emails, and other sensitive
information, some of which belongs to children," he said.
Markey, who is teeing up a bill to prevent online tracking
of kids info, said he was concerned buy the identify theft risks and other
possible crimes. "Sony needs to explain how this incident occurred, why
this information does not appear to have been encrypted and what Sony is doing
to fix the problem and help consumers whose data was exposed."