Not suggesting anything as i do not know enough about this sort of thing. Just merely trying to come up with a comparable scenario to see how others might react if they encountered private information that’s not supposed to be there.
I’m of the mind that this gentleman did nothing wrong and they should be thanking him if anything.
That’s a better analogy, except one thing is missing. In this particular case, private information was unintentionally mixed in with the public. And really, the person or people who should be responsible for that are the bureaucrats who unintentionally allowed private information to become public. At the very least they are inept at their jobs. This will never happen, though. And they will never be held responsible.
I have a particular hatred for the Dumbo Circus one. It was always on for a whole hour block right after school and for a year or so there was nothing else on that was good so it was either Dumbo Circus or other junk i had even less interest in.
Well, according to the CBC article he has been charged with “unauthorized use of a computer”,
342.1 (1) Everyone is guilty of an indictable offence and liable to imprisonment for a term of not more than 10 years, or is guilty of an offence punishable on summary conviction who, fraudulently and without colour of right,
(a) obtains, directly or indirectly, any computer service;
(b) by means of an electro-magnetic, acoustic, mechanical or other device, intercepts or causes to be intercepted, directly or indirectly, any function of a computer system;
(c) uses or causes to be used, directly or indirectly, a computer system with intent to commit an offence under paragraph (a) or (b) or under section 430 in relation to computer data or a computer system; or
(d) uses, possesses, traffics in or permits another person to have access to a computer password that would enable a person to commit an offence under paragraph (a), (b) or (c).
“Computer service” is later defined as “includes data processing and the storage or retrieval of computer data”.
On the face of it, that seems to apply. But generally to be guilty of a crime, you have to intend to commit the crime. If he was intending to access public documents and only accidentally accessed the non-public documents, that might not stick.
People keep saying this. It’s not how it works. The bar is simply that you have to know what your actions are and intend your conduct to bring about a particular result, that is criminalized. Putting it that way makes it clear that ignorance of what exactly constitutes a violation is not a defense. (In the US, the case law says it is the access that must be knowing, not the fact that it’s unauthorized.) This is somebody getting hit with a technical violation of a badly written law.
There is only one set of criminal laws in Canada. Provinces can impose civil penalties and regulations but the Criminal Code of Canada is the only criminal code in Canada.
To be clear, you are proposing doxxing anyone whose documents were taken? These are court documents, could be everything from traffic offenses to sealed charges and/or records.
Why should this information be made available to everyone?
It’s a modest proposal, with the /s tag inherent in the “Mission Accomplished!” I presume that they’ve locked down that server until they fix it.
Sorry, you’d have to ask the government of Nova Scotia that question.
They’re the ones who put that information on the net, available for anyone who asked for it. Legit search engine crawlers probably didn’t stumble over it, but I wouldn’t give odds either way that some black hat crawler hasn’t already got it all.
If I was Nova Scotia’s privacy commissioner, I’d immediately move to secure that server and its logs with at least 15 police officers, pending a full investigation.
(I remember when doxing only rated one x. Are there new 733Tspeak definitions for doxing, doxxing, and doxxxing?)
Nova Scotia Freedom of Information hacker
The Nova Scotia government says a teenager stole data, but he says it was all publicly available — and a privacy lawyer says the province is scapegoating his young client for its own lousy security.
You’re right, I was pretty sloppy with how I described the standard. Thanks for correcting me.
But in this case, I don’t think it matters that much. Whichever sub-section the accused is being charged under, they have to have acted “fraudulently and without colour of right”. So there is a knowledge element to this particular charge - if the accused honestly believed they were authorized to access those documents, that would be a defense. Not being familiar with the analogous US federal or state crimes, I’m not sure whether they have this element but if they don’t, the US case law probably isn’t relevant.
Yeah, I assumed the legal issues would be the same for Canadian law as what I’m familiar with in the US. But that statute is much better than I thought.
I wasn’t familiar with the “colour of right” defense before. Turns out it’s just what is needed for this case!