Concluding that his clever intentions did not justify his resolve to launch a cyberattack on Alberta’s COVID-19 vaccine portal, a provincial court handed down a verdict Tuesday and fined former Alberta NDP MP Thomas Dang $7,200.
“Mr. Dang used his abundant computer skills to disclose gaps in the portal’s security in a retrograde effort to protect the privacy of others,” Judge Michelle Doyle said in an Edmonton courtroom.
Sign up for news from the Edmonton Journal, a department of Postmedia Network Inc.
A welcome email is on the way. If you do not see it, please check your spam folder.
The next factor from Edmonton Journal Headline News will soon be in your inbox.
We found a challenge in your registration. Revisit
“He had no malicious intentions. However, their movements caused damage and their movements had the potential to cause greater damage than they caused. Mr. Dang’s movements should not be impulsive, but were planned and planned and continued for several days.
Dang pleaded guilty earlier this month to a common crime against the Health Information Act, a tax that, for now, has derailed the Edmonton South MP’s political career.
The $7,200 fine is right halfway between the defense’s $4,000 and the $10,000 sought through the Crown.
Dang resigned from the NDP caucus in December 2021 after NDP leader Rachel Notley revealed that the RCMP had raided her home as part of an investigation into a “COVID-19 files website. “Lately he feels like an independent and will seek re-election in 2023.
Dang, a 20-year-old computer science student at the time of his election in 2015, admitted earlier this month that he ran a computer script on the Alberta government’s new vaccination evidence portal after a voter raised concerns about potential security vulnerabilities.
Using Jason Kenney’s date of birth and COVID vaccine date, Dang used the hyphen to try to guess Kenney’s non-public fitness number. The script lasted 4 days before giving Dang vaccination records of an unidentified woman who shared a date. of birth and one month of vaccination with the former prime minister.
Dang then finalized the script and alerted two members of the Alberta NDP caucus, who sent the information to Alberta Health without revealing the source of the information. Human
Doyle said he needed to write a sentence denouncing Dang’s conduct and deterring others from taking similar action. He noted that while Dang was wrong to attack the site, it did not involve “extremely personal records,” given that members of the public provided evidence. of vaccination in various settings on a daily basis.
Leah Ward, a spokeswoman for Dang, said Dang’s idea is that the fine is “fair,” given that the maximum penalty is $200,000.
“Mr. Dang remains relieved that no fees have been charged for thieves and looks forward to presenting this case to him so he can focus on representing his constituents for the remainder of his term and begin making plans for the next bankruptcy of his career,” Ward said. , who is Notley’s. Former Director of Communications.
Brad Rutherford, UCP’s chief government, said Notley explained what he knew about the cyberattack and when.
“We know they knew about the hack the day it happened, and we know they lied about Dang’s identity,” he said.
“Dang left our caucus a year ago, so we have nothing to add to the story,” said NDP communications director Benjamin Alldritt.
While proponents of “ethical hacking” defended Dang, claiming he helped the Albertans data of malicious actors, Beauceron Security chief executive David Shipley described the MP’s moves as a “digital theft. “
“If you want to get into this box and help other people to their safety, you need their permission to verify those things,” he said. Look at vulnerabilities and that’s how you can locate them and report them, and that’s what we’re worried about and that’s what we’re going to pay for. “Establish the consent of that side. But when it doesn’t exist. . . What you’re doing is hacking, and it’s illegal.
Shipley, who is based in New Brunswick, said reporting privately or convening a news conference were more important aspects of Dang’s position.
He hopes an investigation through Alberta’s privacy commissioner will take a look at what the government could have done to better protect the site, but said there’s still a balance between speed and security. He said that in this case, the COVID portal did not involve much sensitive data, such as bank details or HIV status, that would have justified broader protections.
“We expect perfection from them,” he said. That said. . . Are there a number of apparent loopholes in this (website)?Yes. “
— With files via Anna Junker
jwakefield@postmedia. com
twitter. com/jonnywakefield
365 Bloor Street East, Toronto, ON M4W 3L4
© 2022 Edmonton Journal, a department of Postmedia Network Inc. All rights reserved. Dissemination, unauthorized transmission or is strictly prohibited.
This uses cookies to personalize your content (including ads) and allows us to analyze our traffic. Learn more about cookies here. By continuing to use our Array, you agree to our Terms of Use and Privacy Policy.