Hacking charge dropped against Nova Scotia teen who slurped public records from the web Cops in Halifax, Nova Scotia, Canada, will not pursue charges against a 19-year-old fella who had dared to download a cache of public documents. In a brief statement issued Monday, police said that, following nearly a month of investigation, there were "no grounds to lay charges" in a case that had drawn harsh criticism from …
This post has been deleted by its author
This is the link to the previous story.
There we will find this statement "A day later, an IT contractor behind the site, Unisys, dug through the logs, and let government officials know that 7,000 files has been slurped by a "non-authorized person.” Within 24 hours, police were tipped off . . ."
If that's indeed true then I think that IT contractor should be considered for swatting. There was nothing that would show them that this was a breach. They actually made that up, presumably to look clever or show that they were doing something. However, it was a lie and they should not have made such a dangerous statement for any reason.
The IT contractor probably just meant to draw attention to the possibility of slurping data in bulk, with the implied question "Is this really what you want?" They might have been banging on about it already, in which case this becomes "look, it's happened, we told you so".
That offers a perfectly innocent explanation of the contractor's actions. And the contractor would then be as flabbergasted as any of us at the bizarre reaction to it. It would also fit the scenario of a client who had completely failed to grasp what the contractor was talking about in the "is this really what you want?" memo.
@Nick Kew, I'll accept your explanation, as it is indeed possible and perhaps even likely. That said, I think they should know better than to characterise something in any way that can get an innocent person in trouble. I'm sure they read all the same stories that you and I do on the net about how these things are typically misunderstood by politicians in this current paranoid atmosphere.
My take is that they didn't act responsibly, but of course I don't have all the details and wasn't there.
your suggesting having people intent on killing, raid a family because YOU think there was malicious intent by an info sec person reporting anomalies to his supervisor. what a fucking asshole you are, I hope YOU get swatted, and shot. The world doesn't need people like you.
You've severely misread Ole Juul's post. He or she meant that the IT contractor's actions should be considered as swatting, with the unstated implication that legal consequences should follow. The contractor reported non-criminal automated downloads of publicly available information as a security breach, resulting in armed officers raiding the 19-year-old's home before ultimately arresting him.
Before telling someone that you hope he or she gets swatted and shot, think harder upon what you're about to say and why you're saying it.
Throughout the article, there are all the details of the fabricated alleged crime. Plus, as others have pointed out, there is also a link to El Reg's previous article on the subject.
I'm not sure why you're having such a rant. Did the story author radically change the article after your post to include all the missing background details?
Let's find someone using tee instead of > and prosecute them for terrorism, because when you can see output in stdout instead of just invisibly writing to a file it looks a lot scarier, like something a hacker terrorist would do to scare people. That makes about as much sense as this case.
Under English law you are innocent until/unless proven...
So no evidence to charge means to change in that innocent status. To say anything else would imply a presumption of guilt, which would clearly be wrong.
CRB checking runs a cart and horses through that, but that's what you get for having a government run by the tabloid press.
Even if you are innocent, when blokes with guns start shouting with you, best make no sudden moves and act as submissively as possible. Unfortunately Mr Menezes had no such opportunity. He was wrongly identified in advance and executed spontaneously on the basis of that identification. Or to frame it another way, Jean Charles de Menezes was murdered.
but it still shows as a an arrest on an enhanced DBS in UK, and you know what the say about smoke and fires eh?
Potentially more problematic is the inelligibility for the USA visa waiver program that is a requirement of many employers, including mine. In fairness to my employer, they utterly rely on that scheme due to poor planning at the admin tier.
"Insufficient evidence to provide a realistic prospect of conviction"
The current phrasing implies you're guilty, you just covered your tracks so well they couldn't find any evidence to prove it. Which is just the way they like it. Because *everyone* is guilty of something.
Looks like all the officials who made the "let's hang him" statements from the Premier on down out to be fined. Nothing like issuing "he's guilty, guilty, guilty" statements before the investigation is complete. Seems the officials' CYA attempts didn't pan out...
At least the cops were honest and thorough.
I agree about having no use for weasels who will never admit they screwed up. However, in defence of the public servants, in this case they were relying on information from a contractor by the name of Unisys. As it turns out Unisys lied about this being unauthorised access. Why they would do that, I don't know, but whatever the reason I think they're the ones who should be held responsible.
VGF : No, it's not an increase, it's my pay award.
Moi : So your pay has gone up? It's an increase in pay.
My colleagues in the govt dept cant get their heads around the fact that people in private industry have a salary , and not a scale of spine points to work their way up . And I cant see why they get that and normal people dont .
I guess it comes down to which way you look at it - are you working below your salary and working your way up to it once youve proved yourself? ( 8 years later ...)
Or are you getting random huge increases in salary every year for no apparent reason?
"I guess it comes down to which way you look at it - are you working below your salary and working your way up to it once youve proved yourself? ( 8 years later ...)"
Having worked in local gov. many years ago, I saw it as a way to reward people for staying on. The longer you are in the job, in theory the better and more experienced you are. The problems arise from strong unions making it almost impossible to fire the useless ones so it's just become a back-door pay rise for many these days. Having said that, when we went through The Great Job Re-grading Process, despite having doubled the team team under me, more qualifications, more responsibility, all boxes ticked, I got a feck all so I left.
re Mark 85
I'd go a step further than that, Simply fining them isn't enough. Time to have their actual employment put at risk.
That many documents were simply not redacted, or as stated should never have been on the list in the first place, is the real cause for concern and depending on local laws possibly unlawful.
If so, lay the criminal charges against those responsible.
Here in the UK i have a number of close relatives and a couple of good friends who work in local government as "managers". Almost without exception* they have one priority and one priority only, themselves.
And as for this zero pay rise malarkey. Total CRAP. Apparently, an increase in pay is NOT a pay increase.
Actual example :
VGF asks "will you look at my payslip (end September) , i've paid a lot more tax than normal.
Moi : Well yes, your Gross has gone up by a lot (five figures) so your tax has done so. Why has your Gross risen so much?
VGF ; That's my pay increase, back dated to April.
Moi : so you HAVE had a pay increase
VGF : No, it's not an increase, it's my pay award.
Moi : So your pay has gone up? It's an increase in pay.
VGF : No it's not. .
Moi : Thump, thump, thump,thump > Head meets wall.
Sounds like the old Civil Service incremental pay scales where your salary increased each year as you moved up the scale, and increases in the scale only mattered when you reached the maximum point.
This explians why the Unions used to campaign for any increase to be slanted towards increasing the maximum point not all points equally. All that really mattered to the punters was the minimum and maximum point.
So you get your contrsdictory statement where there has been a "pay freeze" for a few years but most of the punters get a nice salary increase. So the wage bill goes up but can be spun as "pay restraint" until too may people congregate on the max. Then the trouble really starts.
It is a corrupt, nepotistic, oligarchy which happens to have a perfect figure head premier who does exactly what helps his corporate masters and asks few questions except how can he help his allies getting even richer and more powerful. Unfortunately the other political parties are only a little better and lack clout in the legislative assembly (provincial parliament really) given the current government has a majority of seats and the premier has free reign (outside of court cases which are proceeding but take years). It's a beautiful place geographically (for now until pollution and deforestation ruins it) from May to Oct inclusive though so at least that is some small saving grace.
"At least the cops were honest and thorough."
Bull shit.
15 police sent to seize all computers in the house. Everyone arrested.
And no official word on when they get their computers back. According to CBC, the family's criminal lawyer says "that can be a lengthy process."
Absence of accountability means accountability is absent. The cops need to have some serious public accounting.
AC because challenging the cops in Canada can get you arrested.
It's the usual story. The process IS the punishment. Make the process so painful and disruptive to life that anyone watching will be scared of doing anything similar in future.
As most commonly seen where the Police are quicker to charge someone who beat up a burglar than the burglar himself. They see it as a form of Lèse-majesté against their police rights to beat the crap out of anyone who annoys them.
In short, never annoy those in power by doing their job better than they could.
Hold off on that repurpose the gofundme money.
And no official word on when they get their computers back. According to CBC, the family's criminal lawyer says "that can be a lengthy process."
I'm sure that the criminal lawyer hasn't been working for free. And perhaps use it to sue some of the officials for defamation as well.
AC because challenging the cops in Canada can get you arrested.
True 'nuff, but better than what happens only a short distance south of here.
Much like most other legal systems in the G10, the prosecution and enforcement are two different wings. And strangely, prosecutors up here are folks what have done a fair bit of court work *before* they became employees of the gummint. The cops in this case were working off the assurances that there was a crime committed, and doing what they are assigned to do. (sad really that they didn't have the wherewithal to look the IT group in the eye and call them idiots).
All said, this comes down to the fact that an alarm went off basically stating "someone slurped our documents', a tech went through the logs and said "Yup, we've been slurped, but why?" and then they reviewed what went out, found some $%@#$% that should NOT have been there in the first place and went AUUUUUGHH!!!! SICCEM! to the cops. And someone with a head on their shoulders in the prosecution said "Y'all are idiots. Get the f3$% out!".
Now hopefully all will go down the dock and beer it up on friday and there'll be no dead fish mailed about.
So, accessing public documents on a public server is a crime in Canada? Interesting. I will have to remember that. At least here in the U.S., it's not a crime.
Auernheimer was convicted and sentenced to three and a half years in prison. His conviction, however, was vacated on appeal over the issue of venue—the court ruled that New Jersey, where the case was tried, had no business charging him since none of his crimes occurred in that state. Unfortunately, this meant that the more significant issue addressed by his attorneys on appeal—challenging the government's claim that accessing data on a public website qualified as hacking—never got resolved. "
In reality that is pretty damn quick to persuade various senior people who went on record about this that there was no way to conceal that they had been talking out of their collective arses.
Alternatively/in addition there could also have been a lot of "Yes, I know, but you have his computer now. Surely there must be SOMETHING we can charge him with.". I'm guessing that he was lucky that he never chanced on anything looking even slightly like a dodgy porn site.
There are prosecutors here that would attempt to avoid embarrassment by going through those computers with a fine-toithed comb to find anything that could be used to charge them with a crime, even cyber-bullying for using the term 'snowflake' in an online comment. Show me the person, and I'll find you the crime.
The next step is to launch legal action against the police and anyone involved at the government department and this contractor Unisys, with the goal of seeking to extract a significant settlement and apology. Any good lawyer should take this on, as it would be in the public interest (to discourage such abuse in the future).
The settlement amount would be just enough to top up the scholarship fund, and pay the lawyer 30%.
If the police raid was SWAT Team style, then 6 figures. If they were gentle and polite, then 5-figures.
The Canadian teen had faced the possibility of jail time for alleged unauthorized access to a computer when, earlier this year, he automatically downloaded some 7,000 documents from the province's Freedom of Information and Protection of Privacy website.
Why would you want 7000 freedom of information requests?
no grounds to lay charges
No kidding, you can't charge someone for illegally accessing publicly available files.
A bunch of records – which contained thousands of people's addresses, social insurance numbers, and other sensitive details – had accidentally been placed online in non-redacted PDFs by officials.
This is the reason you when after the kid, to cover up your own stupidity.
Are they going to apologise to the kid they accused of hacking and to the people that may have lost personal information?
Someone—possibly several someones—needs to go soak their head for a while and then take a good, long look in the mirror.
Because this fiasco was the result of at best shockingly bad judgement and callous stupidity, and at worst it was a brazen, stinking, thoroughly rotten attempt to scapegoat an innocent kid for the incompetence, ignorance and laziness of one or more bureaucrats.
It beggars belief that none of the people involved in this seems to have said, after examining the facts for five minutes, "Woah. Wait a sec. Why are we doing this?"
If there's a lesson from this sordid little episode, it might be that more people should exercise the only real freedom they actually have in this world: to think for themselves.
Doesn't hacking imply that you've gotten past some layer of security? And they shit the bed when the forgot to redact the pdf's before posting them for download, freely, by the public.
As these things go, I have to think the kid's lawyer has a sue ball ready to be thrown?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
