Follow Slashdot stories on Twitter


Forgot your password?
Your Rights Online

Blogger Fined €3,000 for 'Publicizing' Files Found Through Google Search 248

mpicpp points out an article detailing the case of French blogger Olivier Laurelli, who had the misfortune to click links from search results. Laurelli stumbled upon a public link leading to documents from the French National Agency for Food Safety, Environment, and Labor. He downloaded them — over 7 Gb worth — and looked through them, eventually publishing a few slides to his website. When one of France's intelligence agencies found out, they took Laurelli into custody and indicted him, referring to him as a 'hacker.' In their own investigation, they said, "we then found that it was sufficient to have the full URL to access to the resource on the extranet in order to bypass the authentication rules on this server." The first court acquitted Laurelli of the charges against him. An appeals court affirmed part of the decision, but convicted him of "theft of documents and fraudulent retention of information." He was fined €3,000 (about $4,000).
This discussion has been archived. No new comments can be posted.

Blogger Fined €3,000 for 'Publicizing' Files Found Through Google Search

Comments Filter:
  • Hacker??!! (Score:5, Insightful)

    by bogidu ( 300637 ) on Tuesday February 11, 2014 @09:02PM (#46224577)

    You fsckup your own security then blame the guy for accessing and republishing something you posted for the world to see?! Stupid bureaucrats.

    • Re:Hacker??!! (Score:4, Interesting)

      by Anonymous Coward on Tuesday February 11, 2014 @09:35PM (#46224813)

      French law and government is just simply fucked. There really isn't a better word to describe it.

      They try to legislate all kinds of stupidity and it nearly always backfires on them. Just take a look at all the laws they've passed to improve employment in their country. Laws that fine employers for layoffs (guess how that turned out? Hint: all sane companies just laid off a bunch of people before the law came into effect and have less desire to hire anyone else), price fixing of books in a futile attempt to save bookstores, taxing the shit out of any company in an effort to fund a spendthrift government, it goes on and on.

      http://globaleconomicanalysis.... []

      The constant meddling has driven so many companies from their country, it just puts them in the hole even further. Speak out against any of the stupidity and rather than attempting to smarten up, they'll try to fine you. What a disaster. It's no surprise they came up with this dreadful verdict.

    • A lot of the stuff in Bruce Sterling's "The Hacker Crackdown" comes under that category or close to it. The book can legally be read online.
    • Re: (Score:3, Interesting)

      by LoRdTAW ( 99712 )

      The mistake he made was knowingly publish documents that didn't belong to him and which he knew weren't supposed to be publicly available. If you read the article, the only information the authorities had in the beginning was that someone had documents they should have had and that the IP address used to access them was foreign (Panama, because of his VPN). They then traced that back to him which looked awfully suspicious. They had no idea he simply stumbled upon them through a Google search. So at first th

    • I don't understand why every business doesn't just pull out of France altogether. It can't be worth staying in a place where the government does everything in the absolute dumbest way possible. Whenever I hear of American government stupidity stories I remind myself that at least I don't have to live in France.

    • The situation is more complex than that. Basically, there are 4 things forbidden in the French law:
      A - Accessing a system fraudulently. That means that you know the system is protected and you don't have the rights to access it, but you still do
      B - Maintaining your access to the site while you know that you shouldn't access the site
      C - Preventing the site from working properly (deny of service)
      D - Modifying, adding or removing some data from the site

      The blogger was not indicted for A (he just clicked
    • by Fuzzums ( 250400 )

      So if I leave my front door open, that gives you the right to barge in and take stuff from my refrigerator?

      • A bad analogy: if I take a bottle of milk from the refrigerator then it is no longer in it. If I copy some pages from a web server they are still there for someone else to look at.

        A better analogy would be that I looked into the refrigerator and told the world what sort of cheeses you liked.

    • Republishing someone else's documents is copyright infringement at the least. News websites are freely accessible, but if you spider all their content and host it on your own website you'll be lucky to get away with a €3,000 fine!
  • by ZorinLynx ( 31751 ) on Tuesday February 11, 2014 @09:03PM (#46224579) Homepage

    I HATE it when governments do this. They can't simply admit to having made a mistake and made those files public (albeit difficult to find). They have to fine this poor person just for coming across something interesting and posting it.

    Fuck them. Fuck them hard with a chainsaw, every last one of them who pushed for this.

  • I guess my tech illiterate grandma is a hacker then because she can use Google too.
    If clicking a link on google is all it takes for you to be branded a hacker now why don't they just lock up everyone that is not Amish (who in turn act as our jailers as they are the only one that can't google things).

  • by EMG at MU ( 1194965 ) on Tuesday February 11, 2014 @09:12PM (#46224657)
    In this scenario the Law worked perfectly.

    Government sets rules on what you can and cannot do,
    Government interprets those rules,
    Government imposes punishments based on those interpretations.

    You piss off the government, they use the laws to make your life hell.
    • by treeves ( 963993 )

      If the law is "working" as it should, you know what you can and cannot do *before* you do it, and you are dissuaded from doing what you *know* you aren't supposed to do. This situation is nothing like that.

  • Can someone post enough info .. to generate a Streisand effect? Would love to know what they have to say.
  • by DoofusOfDeath ( 636671 ) on Tuesday February 11, 2014 @09:18PM (#46224687)

    Often I marvel at how banal the American government is. Then, occasionally, the UK or French governments make me feel a little better.

  • I've always referred to myself as a lowly grinder, far beneath the vaulted hacker. I'm feeling pretty high on the geek scale now.

  • Liberté, égalité, fraternité!

    tr. "Meet the new boss, same as the old boss." aka "Lèse-majesté"
  • Fortunately (Score:5, Funny)

    by Greyfox ( 87712 ) on Tuesday February 11, 2014 @10:29PM (#46225193) Homepage Journal
    Having learned from previous mistakes, the agency had taken the precaution of encrypting the documents using an incomprehensible standard known as "French," so no one really paid it any mind.
  • In this case, the "hacked" agency was not willing to sue, because they were ashamed of having published documents by mistake.

    The case happened anyway because the general attorney wanted it, despite he did not understand what it was about.

    The case will now probably move to the Cour de Cassation or the Conseil d'Etat, which are both french supreme courts.

  • by EnempE ( 709151 ) on Wednesday February 12, 2014 @12:18AM (#46225731)
    He admitted in court that he had been to the front page of the site where they were hosted and was aware that the documents were not intended to be available to the public. Finding them by accident on Google is one thing and not the point of contention here. Then downloading all of them and then republishing them knowing full well that what you are doing is definitely unethical and probably illegal is another matter. The blogger runs a security company and should have informed the company of the fault before blogging about it. This is not the kind of practice that is considered acceptable in the security community. Given that it could be considered as a criminal offence in Europe to access the documents without the requisite authorization you can take the fine (no prison time, no criminal conviction) as not a bad outcome. The issue here is that the court had no idea about the the online environment or what crime online is before the trial which speaks to a definite problem in regards to the training of judicial staff.
  • I'm finding it difficult to tie this to US policy somehow. Does anyone know how the US caused this? Was there some sort of US IP in the documents that were exposed?

    I'd appreciate any help. Thanks.

  • What would have happened if he would have instead made a blog post and then linked to the documents? Would that still have been unethical?
  • > Google makes links available, is not charged or fined
    > Guy clicks links on Google search engine, is fined
    Am I the only one who has a problem with this "logic"?

Can anyone remember when the times were not hard, and money not scarce?