There's lots of stuff we know and lots we don't know following the latest round of Dirty Politics interviews... Here's my take on what we know so far and what it means

It's a matter, ultimately, for the courts. And voters. But the debate over Cameron Slater's accessing of the Labour Party website in 2011 has become a war of metaphors.

Here's what we know so far: In 2011 part of Labour's website was left without security, I'm told as it was in transition between internet providers. According to Nicky Hager's book Dirty Politics, Facebook messages between the two men show National Party member and former Auckland City Councillor Aaron Bhatnagar discovered the hole in security and told Whaleoil blogger Cameron Slater. Slater facebooked Bhatnagar at the time that he was "working with senior Nats" on the release, but today won't say which "Nats". 

Slater admits to having, as he put it on The Nation today, gone "into the back end of the Labour Party's website" but won't say who else joined him there.

From Labour's logs, four computers were shown to have entered the site and left an electronic fingerprint. One was Slater's. Another was a staff member at National Party headquarters. National's President Peter Goodfellow confirmed to NBR in 2011 that "a head office staffer" accessed the data out of concern that National's own website may have similar holes. What Hager's book claims is that the IP address was traced to national.org.nz and that person didn't just look, but downloaded the database.

Hager's book says Bhatnagar's was the third computer and the facebook messages, if accurate, show his discussions to Slater about accessing the site, the amount of data found ("18,000 emails and the credit card transations") and how the security lapse could be revealed to embarrass Labour. I've just spoken to Bhatnagar, however, and he says he's not in a position to confirm or deny he went into the Labour site. I asked if he can't remember or just doesn't want to say and he merely replied he was in no position to comment.

The biggest question is around the identity of the fourth computer. Hager alleges it was Key's staff member Jason Ede. The fourth person was using a "dynamic IP address". Hager doesn't have any proof that the fourth computer was Ede's, except that Ede emailed Slater saying Labour was chasing them by trying to match them to IP addresses and he was relieved he had a dynamic IP address.

Slater is refusing to confirm or deny whether he was working with Slater on all this, so with those peole choosing not to answer those questions, we can't know for sure who did what.

Slater, though, admits going into the website's "back end" and Goodfellow has admitted the same for his staff member.

This despite John Key's insistence this week that "National was nowhere near Labour's website" and this has "nothing to do with us". Goodfellow's own admission contradicts Key.

Indeed, Key went from denying it outright to saying "If Jason Ede went and had a look at it out of curiosity, fair enough. But it's  got nothing to do with the National Party."

That seems rather contradictory in itself, and frankly National's response to this over the past few days has been as off-message and erratic as I've seen. And crucially, Hager alleges Ede didn't just "look", he downloaded the data there.

So now one of the central questions in this issue has become whether what Slater and that unnamed National Party staff member did was illegal. And this is where the metaphors come in.

My first conversation with someone on the Labour side was that it was like walking into someone's unlocked house, poking around and taking documents you found there. Josie Pagani adapted that this morning, pointing out that the website was a public place, so it was more like walking into a shop and copying down documents you found there.

Matthew Hooton said no, it was more like picking up material on the side of the road and that it was no more than you'd expect that a political operative would grab it and use it to damage their opponent. Such is politics. Pagani agreed.

But on Twitter others have challenged that logic. The Green Party's 'Toad' tweeted, "If I leave TV on side of road for few minutes while moving house still not legal 4 someone to take" and New Zealand First's Tracey Martin tweeted "Public Place so ok to lift data? Ok so you take my handbag at the park? Better?"

If you compare it to entering a shop or home and taking stuff, it certainly sounds illegal. If you just pick it up off the road it sounds immoral and, well, dirty politics, but not criminal. So the metaphor you choose says a lot about how you see this issue.

The law in question seems to be the Crimes Act in section 252(1), which says:

"Everyone is liable to imprisonment for a term not exceeding two years who intentionally accesses, directly or indirectly, any computer system without authorisation, knowing that he or she is not authorised to access that computer system, or being reckless as to whether or not he or she is authorised to access that computer system.”

Yet at the time Labour chose not to press the issue, worried that it was a distraction in election year and not a good look for the party. But now, framed differently, Labour will again consider legal action. The Greens have already laid complaints, so it seems the courts will get to rule on this eventually.

But what about voters? Do they care? And more crucially, do they understand? Even if the actions were legal, are they moral and decent?

I don't think any New Zealander would be comfortable with Slater or the National Party staffer going into a website that wasn't theirs and downloading data, including emails and credit card details. They would ask how they'd feel if it was there credit card and they'd be angry.

If that angle gets reported clearly, I can see this damaging National. More, if Ede is shown to have been the fourth computer, then Key is certainly tarnished. Having a "senior advisor" downloading personal info without consent or authorisation may or may not be criminal, but it's certainly unethical.

And one final point: Judith Collins. We know that she passed on the name of civil servant Simon Pleasants to Slater and the next day he wrote a blog accusing Pleasants of being a snitch, leaking on Bill English's housing arrangements. Pleasants was a former Labour staffer but he denies the leaking, has never been disciplined and remains in a government job.

So what was Slater's question that prompted Collins' five word reply, "Simon Pleasants, Manager Ministerial Property"? Slater says he can't remember, Collins says she was just confirming a name already publically available. It all depends on that question. Was it 'who's that Labour guy again?' it's innocent. If it's 'who's the bugger you reckon is leaking the English stuff? I want to roast him', it's a sacking offence.

Because a roasting is what occurred. Pleasants was named by Slater and attacked as a snitch. Commenters on his site made death threats against him and his family and the police got involved. For a Police Minister, as Collins was at the time, to have helped spark that is arguably irresponsible, maybe worse. Going by Slater's past behaviour and the political context, you might assume he was not seeking the name for fun.

But equally, Collins might say she was confirming a detail to a friend with no idea how he meant to use it and how it might play out; neither she nor Slater are responsible for how people react to a story.

Which is a fascinating Journalism 101 ethics debate, but doesn't get us far in terms of ministerial responsibility. Key says he won't even look  into it, Opposition parties say she must go.

Then there's the Bronwyn Pullar angle and questions whether Collins told Slater things she only knew due to her role as minister. That's another complicated angle I'm less clear on, but I just thought I'd note that it's also being looked into.

And that, friends, is where we're at with Dirty Politics this weekend. As the Prime Minister has been saying for the past few days, I'll leave you to draw your own conclusions about all that.

 

Comments (19)

by Lee Churchman on August 16, 2014
Lee Churchman

Hager doesn't have any proof that the fourth computer was Ede's, except that Ede emailed Slater saying Labour was chasing them by trying to match them to IP addresses and he was relieved he had a dynamic IP address.

So Ede admitting what they are doing in an email isn't proof for you?

by Andrew Geddis on August 16, 2014
Andrew Geddis

Slater is refusing to confirm or deny whether he was working with Slater on all this, so with those peole choosing not to answer those questions, we can't know for sure who did what.

The funny thing is, given the refusal of Slater and those others involved to tell the truth about what has happened, this sentence actually could be true!!!!

by Andrew Geddis on August 16, 2014
Andrew Geddis

But equally, Collins might say she was confirming a detail to a friend with no idea how he meant to use it and how it might play out; neither she nor Slater are responsible for how people react to a story.

Seriously? Seriously? If Judith Collins tries to run the "how could I possibly know what Cameron Slater intended to do and what the result would be?" line, then she's claiming that she's too stupid to breathe, let alone be a Minister of the Crown.

by Lee Churchman on August 16, 2014
Lee Churchman

Sorry, Tim. I didn't read the next sentence properly. 

by stuart munro on August 16, 2014
stuart munro

The precipitous replacement of Helen Kelly on a recent panel shows that MSM remain biased and reluctant to explore the allegations in Dirty Politics critically.

I notice too that the SIS issues are being ellided from public view. The SIS leaks lead inescapably to Key - and no amount of jesuitry can dump them on the head of a skirmisher like Ede.

A disappointing performance Tim.

by Anne on August 16, 2014
Anne

Agree stuart munro.

The removal of the highly intelligent and astute Helen Kelly on today's The Nation does demand an explanation - a truthful one.

 

by Andrew Osborn on August 17, 2014
Andrew Osborn

I see a whole lot of stuff in this post about Slater wandering around the open Labour server - a thing he openly blogged about at the time.

But Tim I don't see anything here about the well orchestrated and funded DDOS attack on Slater's computer, hacking of his Google account and use of this material to do an attack job on National whilst making 20 pieces of silver at the same time.

Who is the real criminal here?

 

by Andrew Geddis on August 17, 2014
Andrew Geddis

Who is the real criminal here?

Quite possibly both sets of individuals. Certainly, whoever hacked Slater's system broke the law. Very bad, etc, etc. There's then a more than plausible argument that Slater (and maybe Ede, as implied by the messages between him and Slater) also did so.

Now, we don't know who the first lot are (boo! hiss! to them, anyway!!). We do know who the second lot are. And I really hope you're not going to make the argument that they should somehow be excused (possibly) criminal behaviour just because other people (who we don't know the identity of) also carried out criminal actions?

by Rab McDowell on August 17, 2014
Rab McDowell

A metaphor is a useful way of clarifying an issue.  But only if it is a good metaphor.
The ones used in the post above are not.

A website is not a room in your house, a TV on the side of the road or a bag left in the park. A website is a public bulletin board, like the notice board in your local supermarket but bigger and more available.
If you put a notice up on your local supermarket notice board or on a website it is because you want it to be public so people can look at it. If you have a notice that you don’t want all to see you do not put it up at the supermarket. You deliver it only to the people you want to see it.
You may put up half a dozen notices at the supermarket. If you happen to make a mistake and, in that half dozen, put up one you did not intend to then that is your mistake. It is now public and people can read it. It is no longer private. Some folks may suggest to you that it was not the best thing to make public but now it is.

Because the web is so much bigger, search engines have been developed so you can find the ‘notice’ you want to see. As I understand it, Google had the Labour website pages on its search log. Whether they were supposed to be in the ‘backend’ or not they were publicly available to Google and therefore to you and me. Slater posted a YouTube clip at the time showing how publicly available these pages were. In this metaphor, Slater was performing the duty of the person alerting you that it was not the best thing to make public but now it is. He just did it publicly.

by Andrew Geddis on August 17, 2014
Andrew Geddis

Slater posted a YouTube clip at the time showing how publicly available these pages were. In this metaphor, Slater was performing the duty of the person alerting you that it was not the best thing to make public but now it is. He just did it publicly.

Except that he downloaded from the website a whole swathe of data, which he then proceeded to use on his own site to embarrass Labour. So, to pick up your analogy, why can't we say this is like someone accidentally including their credit card details on a poster they've put up at a supermarket, and someone else then using those details to buy stuff on-line with the wide-eyed excuse "well, I thought was allowed to use them, seeing as they were posted in public!"

The problem, of course, is that any and every analogy fails to fully reflect the actual situation being discussed (because, by definition, an analogy says something is just "like" something else in some respect, which means it also may be "not like" it in another). What we're dealing with is the Crimes Act - did Slater (and, possibly, Ede) access a computer system without authorisation, knowing or being reckless that they didn't have such authorisation? The links in my comment above address that question directly, rather than through analogies.

by Andrew Osborn on August 17, 2014
Andrew Osborn

Andrew: Except that he downloaded from the website a whole swathe of data, which he then proceeded to use on his own site to embarrass Labour.

Indeed he did. But that is not criminal and not even particularly immoral. As Rab correctly pointed out, what Labour effectively did was pin data on to a public notice board on Queen Street. I'm not surprised Labour was embarassed because this was an own-goal!

Now, turning to the real criminals, Hager's hacker(s) stole intellectual property from David Farrar and broke into Slater's and others email accounts. What's the best way to proceed against them? Copyright breach? Privacy Act? Receiving stolen property? Accessing a computer for a dishonest purpose? Benefitting from a crime? Conspiracy to commit?

I'd better buy some popcorn.

by Megan Pledger on August 17, 2014
Megan Pledger

Tim, that was really interesting from a legal, moral and ethical perspective.  I think some people are just not going to see it because they don't want to see it.   it's just a waste of time and energy engaging with them on something they just want to use as distraction anyway.

Let's just hope it gets to court.  Let's hope a lot of this stuff gets to court.

 

by Andrew Geddis on August 17, 2014
Andrew Geddis

@Andrew,

The legality of Slater (and Ede's?) actions are debatable (see links provided) - Rab's analogy doesn't really advance the discussion. The morality? Well, not something we'll agree on, so no point going there.

In terms of "Hagers' hacker(s)" liability ... lots of ways to hold them legally accountable. Once you identify them, of course. So might want to wait before popping that corn.

by Rab McDowell on August 17, 2014
Rab McDowell

The problem, of course, is that any and every analogy fails to fully reflect the actual situation being discussed
Yours, I think, fails more than mine.
"why can't we say this is like someone accidentally including their credit card details on a poster they've put up at a supermarket, and someone else then using those details to buy stuff on-line with the wide-eyed excuse "well, I thought was allowed to use them, seeing as they were posted in public!"

If you were to use those credit card details in the way you suggest then you would be committing a separate financial crime. Slater, as you say, used the information to embarrass Labour. As far as I know, causing embarrassment is not a crime, although it does seem to be below the ethical standards many would naively wish politics is operated at.

Karl du Fresne put it this way on his blog, "Let me get this straight. Cameron Slater’s Whale Oil site is hacked in retaliation for a post that upset a lot of people and as a result, a great swag of incriminating emails ends up in the hands of Nicky Hager. Meanwhile, Labour’s enemies discover there are weaknesses in the Labour Party’s website that enable them to go poking around there for sensitive information, some of which ends up with Slater. I’m no lawyer, but it seems to me that if either of these acts was illegal, it’s more likely to have been the hacking of Whale Oil. So why, on Q+A and The Nation this morning, did the interviewers apply the blowtorch to Slater and go soft on Hager?"

by Andrew Geddis on August 17, 2014
Andrew Geddis

@Rab,

Sure - like I say ... all analogies ultimately fail. Which is why there's no point pressing them. So I won't.

Possibly the difference between how Hager and Slater were treated is that Slater may have committed a crime (as de Fresne says, he's no lawyer), while Hager hasn't. More probably, the folks at Q&A have read the book and seen what a truly terrible person Slater is (up to and including seeking sexual dirt on journalists to use to pressure them). So ... there's that.

by Tim Watkin on August 18, 2014
Tim Watkin

Andrew, you simply can't keep insisting Slater (and the National Party staff member, remember) did nothing illegal because we just don't know. It hasn't been tested in court and if you go back to stories in 2011 you'll find top lawyers opining that it could be illegal. But maybe not. We just don't know.

Rab, I'm afraid the notice board is a terrible analogy. Sure, some of the site is like that, but ordinary citizens were asked to donate money to this or that cause. When I give my name, address and credit card details to a website, it's nothing like pinning them up on a notice board. The credit card part of a website is certainly meant to be treated as private, even if the promotional parts aren't. I mean, would you argued TradeMe is a notice board? I agree it's not like he used the details to buy anything and purely for political purposes. But just because I take something that isn't mine and then don't profit from it doesn't make it any less theft, does it? So whether or not this act crosses a legal threshold, I think your principal is flawed. Bottom line, if you donated $20 to a cause online, would you be happy if a stranger got into that site by whatever means and took your details? Honestly.

As for the Slater and Hager interviews, I'd heard at least half a dozen interviews last week accusing Hager of theft. That was well-covered ground and indeed was covered from Wednesday night on. He's also responded to claims Slater will call in the police on him. What we hadn't heard was Slater's response to the claims of illegality against him directly in the context of the new information of the book (ie since 2011). That was news.

Mor specifically, what we did on The Nation was a more forensic line of questioning on the several stories in the book that have real substance. Slater hadn't been asked about those details, and certainly not pressed, so again that was news. It's our job to take the story on and check the claims from all those potentially involved (which is why I rang Bhatnagar, why someone needs to ring Tucker and why I hope someone asks Key the simple question that whatever Ede was doing that prompted the email to Slater about his relief at not being caught and his praise of dynamic IP addresses, is he going to check what the activity was. Because whether it was in Labour's website or not, it's the sort of thing a boss would normally want to check out, no?

 

by Tim Watkin on August 18, 2014
Tim Watkin

As for Hager's use of stolen material, it's a challenging one. The hacker should not have done what he did.

But as a journalist, if you're given such illegal material that goes beyond the personal to matters of public interest, do you publish or not? There's potentially debate whether these emails reached a satisfactory public interest threshold, but they certainly raise questions around the behaviour of the powerful. Second, there's the ethics of writing without those standing accused getting a right of reply. But when you know you will be injuncted if you offer that reply and know that the accused will get plenty of time to reply once the book is out, do you publish or not?

As for the fact he's getting paid for the book (30 pieces of silver etc), that's just a silly bit of spin. Slater is paid for his site, so are his criticisms of others for 30 pieces of silver etc? Is every newspaper sold a betrayal of those it's reporting on?

I think almost all journalists, editors, producers and others who had received that cache of emails would have published them. Hager is no unusual or unprecedented in doing so. Indeed, if you're arguing that the fact the files were illegally hacked is reason alone not to publish then I understand the ethics, but it's a hell of a call. Following that principle no-one would have seen the Snowden files. Or the Pentagon Papers. Are those arguing that ethical line ready to say reporters should have buried those stories?

by Steve F on August 18, 2014
Steve F

Tim......"   There's potentially debate whether these emails reached a satisfactory public interest....."


Perhaps the clearest articulation I have come across to to clear the air on the public interest defence comes from Dr Nicole Moreham, Associate Professor of Law at VUW in her Public Address post last Friday.....

“......so the question is: was Hager entitled to publish the emails he published?

The answer is yes, as long as the public interest in the emails outweighs the competing rights of those who wrote them. So how do we work that out? There is a pretty good argument that material in Dirty Politics is in the public interest. The public interest is particularly strong where information relates to the behaviour of elected politicians. Dirty Politics is making some serious allegations about that behaviour and it’s arguable that the public should hear them.

People also have no right to keep secret communications which reveal wrongdoing. This “iniquity” defence could justify many of Hager’s disclosures including, for example, the alleged exchange in which Slater and political commentator, Matthew Hooton, provide details of Hager’s address to lawyer, Cathy Ogders, who wants it made available to “vicious” individuals whom she appears to believe will have it in for him.

On the other side, though, are the emailers’ rights to privacy and confidentiality. There can be little question that the emails were confidential and that anyone reading them would have known that. Slater, Collins etc would probably also have a “reasonable expectation of privacy” in respect of the emails’ contents.

But how heavily does that weigh in the balance? The breach of privacy/confidentiality here is significant – the need to protect correspondence is widely recognised – but it is not at the worst end of the scale. Hager has not published information about the emailers’ health, sex lives, family lives, or financial position. And the emails disclosed were written by the parties in their professional capacity. This is not as serious as disclosing emails between, say, John Key and his wife or between David Cunliffe and his kids. In light of that, my money would be on the public interest prevailing......”


by Matthew Whitehead on August 20, 2014
Matthew Whitehead

@Rob: I'd suggest you're the one who's crafting false analogies. A website with a secure section is fundamentally not like a public bulletin board. It has a secure area and an insecure area. It's something like having a safe in a hotel. If you spot something that's dropped right by the safe, odds are you probably shouldn't take it. It might not be illegal, but it's wrong, and it would be evident to you it's wrong. That is why the earlier metaphors are still, in essence, correct. Those saying that this is fundamentally public information do not really understand secure web architecture, nor how easy it is for someone unfamiliar with it to accidentally make information insecure. The only time I would say anyone should do anything with information obtained that way is if someone has already decided to read it, and realises the information needs to be made public because there are facts here that are very important to the national debate.

No doubt National has had similar vulnerabilities at one time as well, and it's very strange to see this "all's fair in politics" attitude from them, given how often they cry wolf (or at least, "you're also a wolf!") at the Labour Party.

Post new comment

You must be logged in to post a comment.