noname2200 said:
Again, I'm excluding the credit card information; the scenario I posted does not depend on that credit card information at all, and I only raised it to explain why it's not the focus. But the rest of the data were not encrypted. http://gamrfeed.vgchartz.com/story/85847/sony-credit-card-info-was-encrypted-personal-info-was-not/ "The bad news is your personal information such as your name, address and birthday are NOT encrypted." Presumably, your e-mail address and PSN password are also not encrypted, unless those are for some reason put under the credit card data table. Per Sony: http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/ "The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted."
Finally, the last sentence has no bearing I can see on whether this law applies. It is of course commendable that they are investigating what's happened, and I wish them the best of luck in finding and prosecuting the perpetrators. However, this statute requires immediate notice to consumers, yet a week passed before such notice was given. I ask again: do you know that this delay was at the behest of a law enforcement agency? |
But it needs to be a combination of the name and credit card and both need to be not encrypted in order for this to apply. It states in the law any public information is not considered personal information. That would mean name and address... PSN ID and password dont need to be encrypted as that cant be used to gain account information
