Sony’s Framing of the Hack: Another Hollywood Story

Each day since the breach to Sony Picture’s systems was made public, the landscape of the story has shifted dramatically, almost as if it was written by Hollywood itself — a recent (if not predictable) plot twist being that, after pulling the film indefinitely, Sony would proceed with the release of “The Interview” in theaters on Christmas Day. And the public has watched the whole thing unfold with a morbid fascination, feeling both entertained and somehow reassured that our ill-defined fears about cyber security have been affirmed in a concrete way. Although the national discussion about this new kind of event and the precedent our response as a nation will set are undeniably important, we should take a closer look at the idea that this story is, in fact, being prescribed by the very people we should be scrutinizing. And through Sony’s savvy reframing of the events, what should be a much needed national discussion about corporate responsibility in Hollywood has turned into one of jingoism and freedom of speech.

From the beginning, Sony presented the attack in hyberbolic terms, releasing a statement from Kevin Mandia, the CEO of a company hired to investigate the breach, describing the attack as “unprecedented in nature” and “an unparalleled and well planned crime.” But it seems to be agreed upon by many experts that Sony has had a well-documented history of disregard for security and that this attack was not technically exceptional. While the malware itself that was used to initiate the breach may have been difficult to detect, the amount of data extracted over time is what made it so damaging. Former hacker and security expert Kevin Mitnick estimates that the group most likely had access to Sony’s systems for months and Sony’s failure to recognize that is their failure alone.

Although Sony also made overtures towards state-sponsored terrorism, it remains controversial as to whether the North Korean government was actually involved, with experts asserting that much of the evidence seems circumstantial. Some more recent reporting suggests it may have been the work of insiders and points to a specific former employee as a possible point of access for the hacking group. It seems safe to say it is still unclear who was responsible. But in drumming up terrorism-related fervor, Sony has side-stepped addressing the extent of its responsibility and is now safely in the “victim zone.” There are victims of this event to be sure, but they are the thousands of women and men who have had their personal financial safety compromised for the foreseeable future because as an institution, Sony displayed the same arrogance towards its security that its own internal emails reveal it applies to the whole of its business.

Although the financial crisis of 2008 was clearly more immediate and threatening to the average member of the public, there are undeniable parallels between that set of circumstances and this one, counter to the somewhat absurd claim by some that this a 9/11 moment. Over the past decade, those of us in the visual effects industry have watched Hollywood engage in race-to-the-bottom tactics, and have been forced into lives of perpetual instability as studios take advantage of globalization and chase subsidies around the world. This is a question of a multinational corporation reaping the benefits of operating outside of national regulations, yet demanding the support and protection of a specific government when its behavior lands it in trouble.

And the US government has indeed stepped in, offering its support in the investigation and pointing the finger at North Korea. Reports of multiple North Korean internet failures over the last week have left many speculating that President Obama has made good on his threats of proportional retaliation. Given the extent of Hollywood campaign contributions, one can’t help but wonder if this is a too-big-to-fail scenario: with the government’s promotion of the North Korean narrative, Sony’s reputation is protected — and that could be considered a bail-out of sorts.

Like the banks who refused to recognize the signs of an impending collapse until it was too late, Sony knew its systems had been compromised in February but chose to do nothing. And like the banks, Sony takes little responsibility for the damage. Many former employees say they have not been contacted by the company to be informed that their information has been compromised, much less been offered any kind of protection until they inquired themselves (the protection in question consists of one single year of an identity protection service, as if their social security numbers and bank account information will have ceased to interest criminals beyond that time.) So instead of taking authentic steps to support its own, Sony cried terrorism, pulled “The Interview” from theaters and effectively threw a censorship smoke bomb into the popular discourse.

Yes, it is more compelling to unite behind the idea that we must protect our American ideals about freedom of speech than it is to examine the failings and machinations of a corporation under duress. But when it comes down to it, the release of “The Interview” is hardly a watershed moment for censorship. More leaked emails reveal higher-ups at the company felt the film was “a misfire” and “desperately unfunny.” The wavering over the release of the film points towards a desire to use publicity to improve its dismal box office chances more than to legitimate fear over the consequences of releasing it.

Although a company making every effort to protect its reputation is not at all unexpected, what is somewhat extraordinary is the hubris with which Sony has behaved throughout — seeking the government’s help as racist emails about the President were coming to light, calling the attack too sophisticated for any company’s security to withstand as it was revealed that it kept unencrypted account passwords in a folder called “Passwords,” and encouraging public support for freedom of speech as their lawyers send threatening letters to news outlets who publish the contents of the hacked information. And what is somewhat extraordinary, too, is the extent to which the public is giving them a pass.

The hack was a terrible and worrying crime and we should not stop trying to find the criminals who did this and bring them to justice. But perhaps, like Sony, we should try to make the best of it too, and look at what the leaked contents have allowed us to see with our own eyes: gender disparity in salary, racism at a high level, and a culture of entitlement. If the public directs its attention toward these issues, rather than succumbing to fear and allowing ourselves to be distracted by another high-stakes narrative spun by Hollywood, then maybe the powerful people who influence our cultural discourse with their films will consider behaving with some measure of accountability in the future.