US judge dismisses brunt of Sony breach lawsuit

A US District Court judge in California has absolved Sony of several charges in a class-action suit that followed the 2011 breach of its PlayStation Network (PSN) and on-demand entertainment service Qriocity.

Judge Anthony Battaglia this month dismissed claims against Sony, which include negligence, unjust enrichment, and bailment, noting in a court order that "none of [the] plaintiffs' current allegations assert willful, intentional, or reckless conduct on behalf of Sony".

The April 2011 breach affected around 77 million PSN users, which resulted a couple of weeks later in a class-action suit. Another was lawsuit filed two months later, with all of the actions consolidated in January.

The complaints alleged that Sony protected its proprietary information but failed to properly safeguard data related to its customers.

Plaintiffs now will have until November 9 to file an amended complaint for consideration, the court order said. But it seems unlikely the claimants will have much legal ground on which to stand.

The 36-page decision from Battaglia also made reference to Sony's privacy policy, which informed users that its security was not “perfect”. According to the filing, the plaintiffs failed to show that Sony misrepresented the quality of its network security.

“Before registering for the PSN, all plaintiffs had to agree to Sony's privacy policy, which states that ‘there is no such thing as perfect security,'” the court document said.

In the breach, user addresses, emails, birth dates, usernames and PSN/Qriocity credentials were compromised. Additional information, like billing addresses, purchase history and password-challenge answers, may also have been accessed.

This article originally appeared at scmagazineus.com