Forgot your password?
typodupeerror
Your Rights Online

Blogger Fined €3,000 for 'Publicizing' Files Found Through Google Search 248

Posted by Soulskill
from the you-crafty-hackers-and-your-keyword-searches dept.
mpicpp points out an article detailing the case of French blogger Olivier Laurelli, who had the misfortune to click links from search results. Laurelli stumbled upon a public link leading to documents from the French National Agency for Food Safety, Environment, and Labor. He downloaded them — over 7 Gb worth — and looked through them, eventually publishing a few slides to his website. When one of France's intelligence agencies found out, they took Laurelli into custody and indicted him, referring to him as a 'hacker.' In their own investigation, they said, "we then found that it was sufficient to have the full URL to access to the resource on the extranet in order to bypass the authentication rules on this server." The first court acquitted Laurelli of the charges against him. An appeals court affirmed part of the decision, but convicted him of "theft of documents and fraudulent retention of information." He was fined €3,000 (about $4,000).
This discussion has been archived. No new comments can be posted.

Blogger Fined €3,000 for 'Publicizing' Files Found Through Google Search

Comments Filter:
  • Hacker??!! (Score:5, Insightful)

    by bogidu (300637) on Tuesday February 11, 2014 @09:02PM (#46224577)

    You fsckup your own security then blame the guy for accessing and republishing something you posted for the world to see?! Stupid bureaucrats.

  • by EMG at MU (1194965) on Tuesday February 11, 2014 @09:12PM (#46224657)
    In this scenario the Law worked perfectly.

    Government sets rules on what you can and cannot do,
    Government interprets those rules,
    Government imposes punishments based on those interpretations.

    You piss off the government, they use the laws to make your life hell.
  • by Anonymous Coward on Tuesday February 11, 2014 @09:44PM (#46224873)

    If you left a book on the street out the front of your house, but didn't give anybody your address, is it somebodies fault if they read the book?

    There is no expectation of privacy here, it is a publicly accessible web page.

  • Re:Hacker??!! (Score:5, Insightful)

    by presidenteloco (659168) on Tuesday February 11, 2014 @09:59PM (#46224969)

    Hey!

    The world wide web was designed to make accessible via hyperlinks (URLs) a whole bunch of documents / generated content. Key word being accessible. If someone is stupid enough to put documents intended not to be public on the public world wide web, that's their issue.

    It is not a transgression on the part of the person who used the URL to access the content, doing nothing more than the technology is explicitly designed to do.

    This is just another example of judges who got an A in social studies and a C in technical subjects making asinine rulings about use of technology they don't understand.

  • Re:Reasonable (Score:2, Insightful)

    by Sabriel (134364) on Tuesday February 11, 2014 @10:09PM (#46225057)

    If someone leaves their door open, you don't walk in, copy their private shit and show it to the public.

    But if someone hangs "Public Entrance" over their door, then imprisons you and fines you after you show people what you saw inside, they might be the French government.

  • Re:Hacker??!! (Score:5, Insightful)

    by presidenteloco (659168) on Tuesday February 11, 2014 @10:24PM (#46225161)

    Ok I'l give you another analogy.

    This is pretty much like leaving a stack of pamphlets on a table in a train station, then arresting those who pick one up for possession of classified material.

    I can't make it any clearer: Content that is behind a URL in a publicly searchable server directory, with no password or secure session protection, has been placed in plain sight in public. There is no fault in accessing it, nor in republishing it (posting the pamphlet on the door of your house) unless it contained an explicit copyright restriction statement.

  • Re:Hacker??!! (Score:4, Insightful)

    by TapeCutter (624760) on Tuesday February 11, 2014 @11:26PM (#46225465) Journal

    and no copyright on the documents

    Copyright is automatic, you don't need to state it explicitly for it to apply. That's why downloading movies from TPB is perfectly legal but redistribution without permission is not.

  • by EnempE (709151) on Wednesday February 12, 2014 @12:18AM (#46225731)
    He admitted in court that he had been to the front page of the site where they were hosted and was aware that the documents were not intended to be available to the public. Finding them by accident on Google is one thing and not the point of contention here. Then downloading all of them and then republishing them knowing full well that what you are doing is definitely unethical and probably illegal is another matter. The blogger runs a security company and should have informed the company of the fault before blogging about it. This is not the kind of practice that is considered acceptable in the security community. Given that it could be considered as a criminal offence in Europe to access the documents without the requisite authorization you can take the fine (no prison time, no criminal conviction) as not a bad outcome. The issue here is that the court had no idea about the the online environment or what crime online is before the trial which speaks to a definite problem in regards to the training of judicial staff.

"Call immediately. Time is running out. We both need to do something monstrous before we die." -- Message from Ralph Steadman to Hunter Thompson

Working...