Sony the lonely: the hack that stole Christmas

The cyber attack on Sony Pictures Entertainment caused red faces as well as a possibly significant financial hit, but what did it say about the importance attached to the company’s IP? TBO investigates.

As few will need reminding, what was supposed to be one of Christmas 2014’s film hits became the talking point of the holiday season for all the wrong reasons as far as Sony Pictures Entertainment was concerned. Controversy surrounding its film The Interview resulted in several Sony titles being leaked online along with other confidential material.

The Interview, due for release in the US on Christmas Day, centred on a fictional plot in which two US journalists are granted an audience with North Korean leader Kim Jong-un, only to be instructed by CIA officials to assassinate him.

But just weeks before the film’s scheduled release, Sony was the victim of a cyber attack that targeted valuable intellectual property. A host of private emails and confidential information such as staff members’ salaries, and several of the company’s soon-to-be-released films (but not The Interview itself), were leaked online between November 22 and December 1.

News of the attack made the headlines worldwide, with some predicting it was the result of an increasingly fractious war of words between the US and the country it claimed was behind the attack, North Korea.

There was a promise of more to come unless Sony complied with the hackers’ demands to not screen The Interview. Although little is known of the group responsible for the initial attack, another group calling itself Guardians of Peace hinted at reprisals reminiscent of the 9/11 terrorist attacks on any cinemas that showed the film.

On December 17, Sony revealed that it now had no plans to release the film—a statement it later reneged on by releasing the film online (available at a small cost) and with a limited release at some cinemas, on December 25, its original intended release date.

Hillel Parness, founder of Parness Law Firm PLLC in New York, says that those responsible for the hack took a different approach from previous hacking cases.

“The hacking of Sony raises a combination of data privacy issues as well as IP and free speech rights,” he tells TBO.

This is in contrast to other hacking incidents, which have focused purely on IP and led to the dissemination online of unreleased musical works or films, he adds. One example of this came in November last year when two UK men were arrested for allegedly leaking The Expendables 3 online (they have been released on bail until May 2015).

David Fink, partner at law firm Kelley Drye & Warren in Los Angeles, notes that the Sony hackers released previously confidential IP in an effort to “diminish its value” and cause financial harm.

As part of the hack, Sony films including Still Alice, starring Julianne Moore, a re-make of the musical Annie, and Mr Turner, an exploration of the life of UK painter JMW Turner, were all leaked onto file-sharing websites ahead of their scheduled release dates.

Assessing the damage caused to Sony, Fink says that although content such as scripts, artwork and other materials may be protected by copyright, trademark and other IP laws before their official release, maintaining control over projects, including their development, marketing and exploitation, is essential to “achieving full artistic and financial potential”.     

Although threats following the online leaks were extreme, hinting at 9/11 style attacks, it was probably the projected loss in funds, as well as a high degree of embarrassment, that left Sony bosses angry.

"Speculation over how much money the film could have made in its current release format versus its intended format is a difficult question to answer."

The episode even reportedly prompted US President Barack Obama to push for tighter cybersecurity legislation in the US.

“We’ve got to stay ahead of those who would do us harm,” Obama was quoted as saying by the Reuters news agency in January, adding that “cyber threats are an urgent and growing danger”.

According to various news reports, the president is set to advocate legislation that would improve the way in which the government and the private sector share information about cyber threats, and would update the legal framework required to tackle cyber criminals.

But what impact could any legislative changes have on IP?

Fink says Obama’s response shows that the issue is recognised as a “national and international” one, but adds that it is “probably too early” to know how far any legislation would really go.

“I think we can assume that we are only at the beginning in terms of changes that will result from this incident,” Fink tells TBO.

Although some people thought Sony was bowing to pressure by initially shelving plans to release The Interview, its online release proved successful. According to a BBC news report, within two days of its release The Interview had been downloaded more than two million times and made back a third of its $44 million budget. In the four days after its online release, said the BBC, the film had become Sony’s most downloaded title of all time.

The film was made available through Google’s YouTube and Play services, and Microsoft’s Xbox Video. It cost $5 for a 48-hour rental or could be purchased for $14.99.

Could it be that a seemingly devastating assault on valuable IP and confidential information can actually have created good publicity for Sony?

Parness says this is “entirely possible” and that it is “perhaps even likely” that the hacking incident caused more people to know about and view the film. But he adds that even if the “intense publicity” surrounding the film’s online release helped to generate strong revenues, it is unlikely that companies will release films exclusively online in the future due to the “inevitable” impact of piracy. 

He adds: “The more complicated question is what impact the manner in which the film was ultimately released, versus how Sony originally intended it to be released, had upon its finances in both the near and the long term. It is possible—although less likely—that Sony and the other parties-in-interest made more money on the film than they would have in the absence of the breach.”

Fink says this was “not the kind of publicity anyone would wish for” and that speculation over how much money the film could have made in its current release format versus its intended format is a difficult question to answer.

“You can find a silver lining in every cloud,” he says, “but I do not think this is the kind of publicity that anyone wishes for, including Sony.”

Fink adds: “The Interview was slated for a full theatrical release, and significant resources must have been invested in the promotion of the film, pre-release. To have lost that investment by really downsizing the theatrical release is unfortunate.”

But, he says, the controversy over the film, even if unintended, served as an alternative promotional vehicle.

The Sony hack has not only shown us the vulnerable side of a big corporation but also the impact an assault on its IP can have. Although the company may soon get back on its feet, it may also have felt the negative effects of its forthcoming films being released ahead of schedule.

However, there are reasons for the company to be proud. Millions of people have seen the offending film who otherwise, perhaps, would not have. Nevertheless, the episode should stand as a reminder that prized assets can be targeted without warning.

Sony Pictures Entertainment did not respond to a request to comment on this piece.