Security

Hacking charge dropped against Nova Scotia teen who slurped public records from the web

Police opt to end charade over document download row


Cops in Halifax, Nova Scotia, Canada, will not pursue charges against a 19-year-old fella who had dared to download a cache of public documents.

In a brief statement issued Monday, police said that, following nearly a month of investigation, there were "no grounds to lay charges" in a case that had drawn harsh criticism from digital rights groups. The young man had shown no criminal intent in fetching freely available files that anyone could have slurped, the plod admitted.

"This was a high-profile case that potentially impacted many Nova Scotians," Superintendent Jim Perrin, Officer-in-Charge of Criminal Investigations said of the case.

"As the investigation evolved, we have determined that the 19-year-old who was arrested on April 11 did not have intent to commit a criminal offence by accessing the information."

The Canadian teen had faced the possibility of jail time for alleged unauthorized access to a computer when, earlier this year, he automatically downloaded some 7,000 documents from the province's Freedom of Information and Protection of Privacy website.

This website is an online database of documents published in response to freedom of information requests: if you request some info, and pay the fee, any documents ultimately dug up and handed over will eventually be popped onto the site for everyone on the planet to see.

Arguing that some of the files copied from the portal contained personal information on Canadian citizens, police tracked down the young man, and raided his home in early April on suspicion of hacking.

You're a govt official. You accidentally slap personal info on the web. Quick, blame a kid!

READ MORE

The case became an international story when digital rights groups criticized the Nova Scotia government for heavy-handed tactics against someone who was simply looking at publicly available data.

For many, the case was seen as red-faced bureaucrats trying to cover up their own data management blunders by blaming someone who had done little more than enter a curl command a pull down a collection of documents.

A bunch of records – which contained thousands of people's addresses, social insurance numbers, and other sensitive details – had accidentally been placed online in non-redacted PDFs by officials. These files were subsequently slurped by the teen after he ran through the document ID numbers from 1 to 7,000, drawing in hundreds of pages of released information as well as inadvertently pulling in data government staffers should never have dumped on the internet in the first place for all to see.

Shortly after the story took off, a GoFundMe page was set up for the teen to help cover legal bills. With the case now dropped, organizers say they are looking to repurpose the money into a scholarship fund. ®

Send us news
64 Comments

Serial extortionist of medical facilities pleads guilty to cybercrime charges

Robert Purbeck even went as far as threatening a dentist with the sale of his child’s data

SAP accused of age discrimination, retaliation by US whistleblower

Complainant moved to 'retire in place' role after Sarbanes Oxley Act report, filing alleges

Record breach of French government exposes up to 43 million people's data

Zut alors! Department for registering and helping unemployed people broken into

Cloud server host Vultr rips user data ownership clause from ToS after web outrage

We know the average customer doesn't have a law degree, CEO tells us

Street newspaper appears to have Big Issue with Qilin ransomware gang

The days of cybercriminals having something of a moral compass are over

Microsoft confirms memory leak in March Windows Server security update

ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns

Congress votes unanimously to ban brokers selling American data to enemies

At least we can all agree on something

Yacht dealer to the stars attacked by Rhysida ransomware gang

MarineMax may be in choppy waters after 'stolen data' given million-dollar price tag

Cop shop rapped for 'completely avoidable' web form blunder

Made public highly sensitive data on complaints about Metropolitan Police Service

UK tech titan Mike Lynch's US fraud trial begins today

13-year saga continues as jury set to hear claims on both sides of HP's Autonomy acquisition disaster

Stanford University failed to detect ransomware intruders for 4 months

27,000 individuals had data stolen, which for some included names and social security numbers

Rancher faces prison for trying to breed absolute unit of a sheep

Ewe-nique endeavor aimed to create Jurassic Baaa-rk experience for hunters