Monday, 30 May 2011

Sony and Epsilon Agree to Testify Before Congress



Sony has finally agreed to testify before a Congressional hearing that will be held by Representative Mary Bono Mack, the chairwoman of the House Subcommittee on Commerce, Manufacturing and Trade.



The hearing will address the massive data breach that occurred last month on Sony’s PlayStation Network and jeopardized millions of customers personal information.


Sony had declined to attend a previous hearing by the same subcommittee, saying it was currently involved in an “ongoing intensive investigation and management of this criminal cyberattack.” The previous hearing explored “The Threat of Data Theft to American Consumers” and the lack of privacy legislation to protect Americans.

Ken Johnson, senior adviser and spokesman for Ms. Mack, said in an e-mail that the new hearing would focus on data security in the United States. It is scheduled for Thursday, June 2nd.

Epsilon, a company who handled customer e-mails for many major corporations, has also agreed to testify before the subcommittee. A recent data breach at Epsilon exposed millions of people’s e-mail addresses and passwords.

“Both Sony and Epsilon have agreed to testify,” Mr. Johnson said. “Representing Sony will be Tim Schaaff, President of Sony Network Entertainment International as well as Epsilon General Counsel Jeanette Fitzgerald.”

Sony also finally answered a number of questions asked by the subcommittee in a May 17th letter pertaining to the data breach and the steps Sony took to protect its 77 million customers.

Since the massive cyber attack took place on Sony, the company has become the poster child for data and security reform in Congress.

“While Chairman Bono Mack remains critical of Sony’s initial handling of the data breaches, she also is appreciative that the company has now agreed to testify,” explained Mr. Johnson. “The Chairman firmly believes that the lessons learned from both the Sony and Epsilon experiences can be instructive and guide us as we develop comprehensive data protection legislation.”

Mr. Johnson said the subcommittee is expected to introduce new data and security legislation in the next few weeks.