Credibility at risk in Sony hacking scandal

Technology companies lose the confidence of their customers at their peril. AAP

It has been a lousy few weeks for technology companies when it comes to maintaining both the privacy and confidence of their customers.

In the last few days, Sony had admitted a recent security breach had been larger than it previously thought.

Hackers who infiltrated its Sony Playstation Network several weeks ago had also gained access to the Sony Online Entertainment servers, which includes approximately 24.6 million customer accounts and 12,700 credit card and debit card numbers, it was revealed this week.

The massive breach has resulted in Sony shutting down its Sony Online Entertainment servers and website so it could upgrade its servers and add more protection to the service. Sony has apologised.

But it is reportedly being sued and declined to answer questions before a US Congressional hearing this week.

Pressing need

The breach highlights the pressing need for businesses to take seriously the increasing concerns with privacy, security, deception and identity theft.

But it also shows how important it is for technology companies to maintain the confidence of its customers or risk serious damage to their reputations.

The internet and mobile telecommunication technology have transformed how people work, play, communicate, consume, buy, sell and interact in general. As a result some of the tech companies have become billion dollar brand names.

Yet when doing business online customers must have enough confidence with the companies to give them their credit card and other personal details, and trust them to supply the goods or service requested.

This trust is very important and adds to a company’s brand credibility and reputation, which can encourage more business with new customers.

For tech companies, e-commerce comes with the added benefit of gathering hard-to-obtain information to profile their customers and formulate more effective marketing strategies.

A person’s digital footprint can be left online through a number of ways, including cookies that record websites visited; registering for an online service that requires the provision of a lot of personal information; and transaction records with EFTPOS or credit card details.

Trusting

The companies are trusted with this information and their customers assume their details are safe.

Collecting basic information is generally not an issue: but people are increasingly sensitive over what is done with the information and how it is used.

For example, unwanted marketing communications material, particularly from a third-party that has bought the customer information, may have been originally sourced from an unrelated online transaction.

This type of invasion of privacy can undermine a person’s trust in a company and in doing business online in general.

Hackers who infiltrated the Sony Playstation and Qriocity networks gained access to 77 million user accounts, including 715,000 in Australia, which included unencrypted personal details such as names, user names, addresses, birth-dates, passwords, logins, and security questions. Sony condemned the attack as illegal and malicious.

But it could not rule out whether credit card details were stolen and recommended that those potentially affected should change their usernames, passwords, PIN numbers and check their accounts for any unauthorised transactions.

And possibly the most concerning aspect was that the network was offline for a week before Sony admitted the major security breach. At first Sony indicated that there was only a “connection error” rather than disclosing the truth.

This was a massive breach of trust, as it left users in the dark as to what was really happening and cost several days in which account holders could have taken precautions against potential identity theft.

As a result there have been calls for more transparency, tighter privacy laws and even a boycott by some gamers.

Consumer anger

Apple have also recently felt the heat of public anger when it was discovered that software on its iPhone could track the movements of its iPhone users.

The software cached locations of wi-fi hotspots and cell towers nearest the phones and could map out a location history.

While location finding is not a new technology, other companies have asked their customers to opt-in to receive this app. Apple was doing this with all their phone users.

Although denying that it was tracking their customer, Apple has said that it will make software available that stores less location information in response to the public criticism.

These are just two recent examples; Facebook and Google have also been criticised in the past for privacy concerns.

Privacy legislation

So what can be done? While there are calls to increase privacy legislation, how can this work across international borders?

The global nature of the internet means that what is illegal in one country may be legal in another, and everyone can get equal access to the net globally.

Also, the culture of the internet is that it is, and should always be, a free medium, and so legislation, restrictions and censorship would not be welcomed.

Therefore, as new technology develops, tech companies must not lose sight of the privacy and security concerns of their customers.

Companies such as Sony have spent a great deal of time and money cultivating a well-known, brand name. Yet a privacy breach like this can result in a loss of trust which can take a long time to mend.

Related coverage

Is Steve Jobs right about iPhone tracking?