An (edited) report on data breach at British far-right party
By Noam Cohen
Monday, November 24, 2008
A small computer file appeared on the Internet last week, purporting to list the 13,000 members of the British National Party, a racist, far-right political organization. The text file contained not just the names of the party's supporters but also their home addresses, home phone numbers and, in some cases, hobbies (including a fair sampling of model airplane and train collectors) and professions (including a few lawyers, doctors and teachers).
And all the queen's horses and all the queen's men have not managed to make that list disappear.
Make no mistake, the Web sites of the large newspapers, frequent victims of strict libel laws in Britain, have done their part. Reporting on what cannot be reported is something in which the British have much more experience.
"In the U.S., the starting point is that you have the right of freedom of expression," said James Edelman, a law professor at Oxford. "There are ways it can be curtailed, but that is the starting point. It is almost the opposite in the U.K."
Raising the stakes, on Friday there was a suspected firebomb attack on a car parked outside the home of one of the people named on the list (but unnamed in the papers), though the police emphasized that the connection to the party was only one line of investigation.
But so far, the only people mentioned by name in news accounts are the few controversial discoveries from the rolls - a sports-talk radio host and a police officer; both are in danger of losing their jobs over their affiliation with the British National Party, or BNP.
Instead, the papers have to play coy. At the Web site of The Guardian, for example, there is an interactive map showing the distribution of the membership across Britain, itemized locality by locality, but, not, say, block by block, under a note: "A court injunction prevents the distribution of the names on the BNP membership leaked online."
Jon Henley, in his first-person account on The Guardian Web site, reported: "Colleagues have pored in amazement over the records for their hometowns." He added: "A university friend said she had discovered to her not-altogether-immense surprise that her parents' next-door neighbors in Windsor were members. 'Crusty,' she said. 'And very cheap sherry at Christmas."'
This stance seems almost quaint in a world where the database is widely and easily available online, as the newspapers have pointed out. A host for the list is Wikileaks, a site that has become a home for orphaned material, including the e-mail messages of the former vice presidential candidate Sarah Palin that were stolen by a hacker who obtained the password to her Yahoo account. (Palin and the British National Party confirmed that the material was genuine, though the party pointed out that its list, stolen by a disgruntled former member, was more than a year old and documented interaction with the party, not necessarily membership.)
Last week, when the interest in the British National Party membership list was most frenetic, servers at Wikileaks were overrun and inaccessible, despite 10 or so mirror sites worldwide replicating the material to lessen the traffic burden.
Wikileaks encouraged visitors to become supporters ($25 minimum for an individual and $1,280 for an organization) with the added benefit of being able "to access our subscriber priority servers for 12 months." (After much debate, the online encyclopedia Wikipedia, which is unrelated to Wikileaks, has not linked to the material.)
The party list was easily obtained at another site that revels in publishing secrets online, cryptome.org. The man who operates cryptome.org, John Young, wrote that as of Thursday, he had 2,000 to 3,000 downloads of the party list file.
Asked if he had any limits on what personal material he would publish, Young wrote that his site focused on addresses, e-mail addresses and phone numbers "of public, mostly government, figures, and spies especially" - but usually not Social Security numbers.
Young argues that organizations like the British National Party often leak such material to get sympathy and show that their membership is full of regular people. "I would guess the BNP leak at 80 percent orchestrated," he wrote. "The Brits are experts at this, perhaps the best."
And true to that theory, the BNP leader, Nick Griffin, was quoted as saying that one good thing from the leaking of the list was that it proved that the stereotype of his supporter as "a skinhead oik" was not true. (Oik is slang for an obnoxious or unpleasant person.)
The list included some 45 names of people living in America - some described as British, some not.
One of those Americans, in a telephone interview, said he had learned about the spread of the party list through an e-mail message from Wikileaks. He said he knew the list had been stolen and was resigned to the situation on the Web.
"Once the cow is out of the barn, you can't shut the door," he said. "It's like identity theft in that I feel violated. My name and address and phone number are probably already on the Internet. But having my name associated with what could be considered a controversial organization is a different story. There is no other reason you would be calling me at this time."
But he emphasized that the list was misleading. He said he was not a member but a one-time contributor two years ago.
"I had donated money to them because they were fighting a legal battle," he said, noting that he had only spent three hours in Britain in his life, when he was switching flights in July. "Two years ago, some of their members were arrested on a freedom-of-speech issue. They don't have the United States kind of freedom of speech. I don't think it is right for someone to go to prison for expressing their political views."
He added: "I think I will feel better as time goes on. I am not losing sleep over it. I am just one of 12,000 people."
Wednesday, 26 November 2008
A Place in the Auvergne, Tuesday, 25th November 2008