Sony Pictures Attorney Strikes Back

Sony Pictures Entertainment sign

Image courtesy of Sony Pictures Entertainment

Sony Pictures Attorney Strikes Back
| published December 16, 2014 |

By R. Alan Clanton
Thursday Review editor

When containment doesn’t work by being polite, or by making no comment publicly—use high powered legal threats instead.

The recent Sony Pictures data breach, which has by most estimates turned out to be much worse than originally indicated, has gone from merely bad to being what some security analysts now consider to be one of the more intrusive hack jobs ever.

In late November hackers identifying themselves as Guardians of Peace broke into the data and computer network of Sony Pictures Entertainment in Hollywood. The hackers took over the company’s network—stealing emails, grabbing spreadsheets and corporate documents, pilfering digital versions of a half dozen movies, and downloading human resources files including salary information, addresses and phone numbers, and other personnel materials. In addition to the premature release of several movies, including Annie and Mr. Turner, the hackers have helped themselves to thousands of emails between producers, directors, agents, actors, marketers, and corporate folks—and many of those emails have been leaked to the press.

Among other things, the emails reveal Sony execs making racially-insensitive comments about President Obama and sometimes snarky, sarcastic exchanges between agents, actors and casting directors. Stolen spreadsheets display a disparity between the pay of female actors and their male counterparts. And the purloined personal data threatens to make available the social security numbers and personal cell phone numbers of actors and film crews.

In addition, the hack has unleashed lots of internal information about future projects and soon-to-be-released movies, such as the December 2015 scheduled premier of Star Wars 8 (also known as Star Wars: The Force Awakens). Hacked emails reveal lots of conversation within the studio about who will star in which of the famous sequels, and what direction certain pieces of the George Lucas storyline will follow—even which actors will portray certain characters. Principal filming for Star Wars 8 is—for the most part—now complete, and what is left is another ten months or so of editing. Studios often prefer to keep such chatter out of the mainstream as long as possible, preferring instead for the mystery to remain intact in order to generate as much fan excitement as possible. But hundreds of emails regarding the sci-fi franchise are now easily available on the internet, thanks to the hackers.

The data breach has been a catastrophe for Sony Pictures Entertainment, based in Culver City, California, and the meltdown may cost it millions of dollars in lost revenue from the stolen movies alone. The breach has also caused embarrassment. Major news services have been regularly posting and quoting some of those emails, and the events surrounding the hack have been covered hour-by-hour, day-by-day by CBS, NBC, ABC, Fox News and CNN.

Now, letters have arrived at the offices of scores of major publications and TV networks in the United States and in other countries—missives from high-profile attorney David Boies, who now represents Sony Pictures, to cease and desist from further revelations about the contents of the any of the data or files stolen from the computers at Sony. Sony Pictures, Boies says, will take legal action if necessary, even against major news organizations.

“SPE [Sony Pictures Entertainment],” Boies wrote in his letter, “does not consent to your possession, review, copying, dissemination, publication, uploading or downloading, or making any use of the stolen information, and [requests] your cooperation in destroying the stolen information.”

In other words, according to Boies, it is illegal to even possess any of the digital swag now out there in wide circulation on the internet. And those who have fallen into possession should disregard the stolen material and destroy what remains. Among the media outlets which received the letter: The New York Times, Variety magazine, Rolling Stone, CNN, Fox News, and The Hollywood Reporter.

Boies also stresses that the computer network attack is really part of a larger attack meant to discourage and dissuade Sony Pictures from the release of the movie The Interview, starring Seth Rogen and James Franco, a comedy-satire which depicts two amateur journalists being recruited by the CIA to assassinate North Korean leader Kim Jong-un. Boies calls the attack part of “an on-going campaign explicitly seeking to prevent SPE from distributing a motion picture.” Boies went on in the letter to add that the perpetrators of the data attack have threatened SPE and its staff.

Some of the material now in wide circulation among the media, says Boies, includes legal discussions, emails, and contracts clearly covered by attorney-client privilege. Other material being touted and exploited on the web includes intellectual property and financial data covered for protection under numerous Federal and state laws, according to Boies, and still more of the data being circulated falls under trademark and copyright protection. Boies has also requested that news and web companies who have already shared any of the stolen data to forward the letter to those individuals and entities as well.

From Boies’ perspective, none of the data stolen by hackers in November is part of the public domain, nor does any of it qualify for close dissemination by news agencies or publication.

But many legal scholars disagree with Boies’ assessment. The major television networks and the major newspapers have all already started dissecting Boies’ intention with the letter. Some scholars say that his letter is standard boilerplate language—meant only to convey traditional legal information about a turn of events for which the company he represents has little control; for comparison, think of the leaked documents and emails widely publicized in the wide wake of the General Motors ignition switch fiasco, or emails leaked which showed that top bankers at major mortgage institutions were aware just how dangerous the high risk home loans had become before the Great Recession.

Some savants and legal representatives of many major media outlets view it another way: the information being so widely disseminated and distributed on the web by the hackers is neither life-threatening nor, in truth, harmful monetarily (other than those stolen movies now being widely downloaded). The data may include things which qualify as salacious, tawdry, inappropriate, snarky, sarcastic, and at times even sexists and racist, but it hardly qualifies as The Pentagon Papers or The White House Transcripts. Nor will it cause the collapse of Sony Pictures.

And some news agencies regard critical snapshots of the purloined information to be newsworthy indeed: spreadsheets that demonstrate a disparity between male leads and female leads in films where the men and women share more-or-less equal screen time. Such disclosures seem to fit right into larger discussions of pay fairness—the same narrative commonplace in the corporate world. And in Hollywood, where being politically attuned to the ethos of liberal and progressive politics is di rigeur, snarky, foolishly-worded emails impugning President Obama’s choice of movies based on his skin color reveals a noteworthy trait of the entertainment business: hypocrisy and pompous double-standard-setting on a grand scale.

Still, Boies’ letter to all those news sources was meant to have a chilling effect. His message seemed to be that Sony Pictures—after weeks of waffling around with “no comment”—has finally found it most important counter-offensive: the vague legal threat. The question will remain as to who, if anyone, yields in the face of Sony’s legal missive.

In the meantime, Sony Pictures faces brand new legal skirmishes on its flanks—skimishes which could easily escalate into courtroom battles and lost cash. A class action lawsuit has taken form in Federal court in California: current and former Sony employees seeking a settlement over the theft of their personal data. The studio may be held liable for any stolen information which could prove demonstrable harm to its employees. Among the things stolen from Sony Pictures computer network were mountains of data about employees: pay, health and medical benefits, social security numbers, phone numbers, residential addresses, correspondence between agents and producers, personal health information, and banking data.

In their filings in Federal court, attorneys for the plaintiffs now suing Sony Pictures say that “Sony failed to secure its computer systems, servers, and databases (“network”), despite weaknesses that it has known about for years…”

Class action lawsuits were expected, according to some familiar with the case of Sony’s data breach, but that fact that the first major legal assault has occurred this early leads some to speculate that Sony’s problems may only grow worse with time. The perpetrators of the Sony cyber-attack have repeatedly promised “a Christmas surprise,” that is another major set of disclosures on or around the holidays.

In the meantime, Sony has indicated that it has no plans to curtail or limit the release of The Interview, scheduled for a Christmas Day open nationwide. Though law enforcement has been unusually tight-lipped about the Sony attack, many cyber-security experts say that the focus has been steadily sharpening on one culprit (or set of culprits): an elite division in North Korea charged with cyber-attacks and web disruptions. According to some who have examined the evidence in the Sony attack, the code used bears a strong resemblance to code previously used in attacks by North Korea onto banks and financial institutions in South Korea.

The government of North Korea has repeatedly stated that it considers The Interview to be an act of war, and when its complaints to the United Nations went unanswered earlier this year, some analysts believe that Pyongyang turned its full attention to finding ways to target Sony Pictures.

But far more chilling than Boies' letter to news outlets to cease reprinting Sony's private information and data: a not-so-cryptic warning issued by the hackers on Tuesday, a darkly-worded threat of another 9/11 style attack on a theaters if the roll-out of The Interview goes on as planned on December 25. The Department of Homeland Security and the FBI are both investigating the threat, though officially both agencies say that there is no credible evidence that the hackers have the ability to carry out violence against U.S. movie theaters. As a personal precaution, actors Rogen and Franco have cancelled a number of appearances for the next ten days--including appearances scheduled for this week on The Tonight Show with Jimmy Fallon. Rogen and Franco appeared as guests on Saturday Night Live this past weekend, but spokesman for both actor/comedians have indicated it will be their last public appearance for a few days.

Related Thursday Review articles:

Sony Pictures Cyber-Attack Worse Than First Thought; R. Alan Clanton; Thursday Review; December 7, 2014.

North Korea Cyber-Attack: Real, or Smokescreen?; Thursday Review; December 5, 2014.