Brussels has waded into the condemnation of Sony, after justice minister Viviane Reding slammed the week-long delay in telling customers about the data breach, blasting “seven days is much too long”.
The latest broadside follows widespread customer criticism of Sony, the threat of a class legal action in the US, a probe by the FBI and investigations by the Information Commissioners of the countries in which it operates.
As well as the 77 million customer records hacked into at Sony PlayStation Network, the company has been forced to admit 24.6 million records have been compromised at its online PC gaming division.
During a speech in Brussels, Reding also took issue with Apple, following reports that it was collecting location-based data on iPhone and iPad users; a move it has strenuously denied.
She said that both companies needed to rebuild customer trust, saying “those in charge have to take the relevant technical and organisational measures to guarantee protection against data loss or an unjustified access”.
Reding said that she would propose extending EU-wide rules about breaches of privacy to online banking, video games, shopping and social media. The rules require phone companies and Internet service providers to inform customers of any data breach “without undue delay”.
In a separate statement, Reding said: “European citizens care deeply about protecting their privacy and data protection rights. Any company operating in the EU or any online product that is targeted at EU consumers should comply with EU rules.”
Meanwhile, Sony Computer Entertainment has created a new chief security information officer position and plans to offer its customers free identity theft monitoring. Whether these moves will be enough to satisfy EU data protection officials remains to be seen.
Related stories:
New Sony breach as FBI probes
PlayStation hack hits credit cards
77m fear fraud in PlayStation hack