Indictment by the governor of hacking journalist • Missouri Independent

0


I am writing this column after one of the most vicious and baseless attacks I have heard by a Missouri governor on a major Missouri news organization.

This is the St. Louis Post-Dispatch article published Thursday on how a state Department of Education website authorized access to teachers’ social security numbers.

Rather than praise the newspaper’s article identifying a major security breach in his administration, Gov. Mike Parson accused the reporter and the newspaper of violating state law.

After citing the law as well as the criminal and civil penalties, he announced “not only will we hold this individual accountable, but we will also hold accountable all those who have helped this individual and the media company that employs them.”

He even cited a state cost of $ 50 million, suggesting a civil penalty.

In more than five decades covering Missouri State House, I don’t recall a governor ever suggesting a criminal investigation against a reporter or media outlet because of a news story.

To Post-Dispatch’s credit, the newspaper actually delayed releasing the story to give the state time to fix the issue and shut down access to that data.

Moreover, the Ministry of Education should not have been surprised. As the Post-Dispatch noted in its article, the State Auditor on two occasions in previous years had warned of digital security issues involving education information.

Rather than praising the newspaper, Parson alleged that the information was acquired by illegally decoding encrypted information without authorization.

In more than five decades covering Missouri State House, I don’t recall a governor ever suggesting a criminal investigation against a reporter or media outlet because of a news story.

“It is illegal to access data and encrypted systems in order to examine people’s personal information,” Parson said.

“They had no permission to convert or decode, so it was clearly a hack.”

This reflects a blatant misunderstanding of digital information in the Internet environment.

Information provided on the web is automatically converted or “decoded” by browsers to display the information on your screen without any “permission”.

The websites you visit put their information in HTML.

It’s just a method of structuring plain text in a format that web browsers can display in a graphical presentation with links to other sites.

HTML stands for Hypertext Markup Language which you can easily view by clicking on the source-view tab of your browser.

In fact, anti-virus software installed on personal computers “decodes” HTML code to protect you from virus infections.

Sometimes HTML pages can include a link to a database with a password. This can be a huge security hole. But it is open to the global web.

Yes, the world is experiencing an explosion in personal data hacking.

But much of the problem stems from the failure of businesses, database systems, and even governments like Missouri to protect private personal data on their websites or not have password permission requirements. strict passwords to access data.

The identification of the education department’s failure to protect teachers’ personal information should have been welcomed by the governor, and not used as the basis for a criminal investigation against the reporter who reported it.

The governor cited a state law that criminalizes “tampering with computer data … without authorization … and intentionally examining information about another person.”

Putting information on the web for the world to see, I would say, is like permission to review.

I regularly review state government information provided on the web regarding campaign contributors, lawmakers, lobbyists and, yes, even the governor without any “permission”.

Obviously, I am biased as a journalist.

But it seems to me that a news agency that reported a major privacy vulnerability on a state government website, informed the agency about the problem, and did not release the story until the problem was not resolved should have been praised by the governor rather than threatened with civil suit. penal sanctions and prosecutions.

It struck me that neither the Education Department commissioner nor the administration IT director was available during the governor’s Facebook session to answer questions.


Leave A Reply

Your email address will not be published.