top of page
Writer's pictureThe 2A Cafe

Yeah, we have trust issues here in California

“No, nothing to see here. Just the way we do things in Cali. Just move along”


The AG office has put away criminals with the same kind of circumstantial evidence that we are asked to just ignore here.

 

The California Attorney General’s Office released the results of an investigation, by an independent firm the California DOJ commissioned, to look into the massive leak of personal data from 190,000 concealed weapon permits a couple days after SCOTUS ruled in favor of concealed carry and struck down the “Good Cause” restriction.


Well, it wasn’t exactly a “leak”.

It was more like, “Hey, door’s open. Come on in. Take what you want.”

 

There was really no surprises as to what information was made available. I knew exactly how much of our privacy had been compromised.


What angered me was the timeline and the behind-the-scenes decision making that led to this fiasco.


“The investigation, conducted by the outside law firm Morrison Foerster, found that personal information for 192,000 people was downloaded 2,734 times by 507 unique IP addresses during a roughly 12-hour period in late June. All of those people had applied for a permit to carry a concealed gun.”

Downloaded 2734 times by 507 different IP adddresses? In 12 hours?

I guess word gets around pretty quick when personal data is left on the table. It’s interesting to note that the downloading of personal data of private citizens is an “unfortunate incident” but the naming of the 507 people that did the downloading can’t seem to happen.


“All of those people had applied for a permit to carry a concealed gun.”

When I say that the state of California is run like the Mafia what I really mean to say is that the state of California is run like the Mafia… just with better PR.

This is called, in criminal enterprises (and in politics too, I guess), SENDING A MESSAGE.

It's a subtle way of telling prospective CCW applicants that not only will they have every aspect of their lives probed and prodded in pursuit of exercising their 2nd Amendment rights, the state has the power to make all that information available to anyone they choose by choice or *cough* “by accident”.


“Investigators said they “did not uncover any evidence that the timing of the (data breach) was driven by a nefarious intent or was personally or politically motivated in any way.”

Oh, of course not. It was only 48 hours after SCOTUS struck down “good cause”. I think that kinda defines nefarious, personal and political.


Instead, they said state officials planned to publish what they thought was anonymous data “to meet anticipated heightened public interest in firearms-related data” following the court ruling.

This is where it starts to get to "head scratching" level.

They had “planned” to publish data to meet anticipated public interest in a court ruling that hadn’t even been handed down yet? Even if they expected (like every other person with a rudimentary knowledge of the constitution), that this is how the court would rule, the worst thing to do is sit back and react. You publish all the info you can to help your side win the public opinion wars, now.


And seriously, how could ANYONE consider data with names, addresses, birthdays and phone numbers be considered anonymous?

That’s sort of the exact opposite of anonymous.


Officials at the California Department of Justice did not know about the breach until someone sent Attorney General Rob Bonta a private message on Twitter that included screenshots of the personal information that was available to download from the state’s website, the investigation said. State officials at first thought the report was a hoax. Two unnamed employees — identified only as “Data Analyst 1″ and “Research Center Director” — investigated and mistakenly assured everyone that no personal information was publicly available.

Bonta found out about the leak from someone who messaged him on Twitter with screenshots?

A personal friend of the AG sends him a personal message and they dismiss it as a hoax? Two unnamed employees (TweedleDee and TweedleDum? Dumb and Dumber?) investigated and assured everyone that all is OK.


Now, I’m calling BS on this.

If my boss, the FREAKING ATTORNEY GENERAL OF CALIFORNIA gets a message from a personal friend that says something is funky with the website, odds are something is funky.


In the real world this is how a conversation like this would go down:


BONTA’S TWITTER BUDDY:

“Dude, you got a schload of personal info for the download on your site. You better check this out.”


BONTA:

“No way.”


BONTA’S TWITTER BUDDY:

“Here’s a screenshot. You might wanna deal with this.”


Bonta goes to the DOJ website and clicks “download”.


BONTA:

“DAMN! Not cool, Bro. Heads gonna roll. Get TweedleDee and TweedleDum on the phone.”


T&T:

“Yeah boss, we tried downloading and got a whole bunch of stuff we shouldn’t have.”


BONTA:

“TURN THIS !%!$#@$ OFF!”


Then again, that’s the real world, but we’re talking about California, though.


Meanwhile, the website crashed because so many people were trying to download the data. Another group of state officials worked to bring the website back online, unaware of the breach.

I’ve had a few sites crash before and the first rule of thumb is to find out what the hell crashed them so when we bring them back online it won’t crash again. So… officials knew what brought on the crash and it still didn’t throw up any red flags? Believe me, if you go to the CDOJ website there is nothing remotely interesting enough to download this much in such a short period of time...


UNLESS PEOPLE WERE NOTIFIED AHEAD OF TIME THAT THERE WOULD BE SOME JUICY STUFF TO BE HAD AND YOU HAVE A LIMITED TIME TO GET IT.


They got the website working again at about 9:30 p.m. State officials would not disable the website until about noon the next day. By then the information had already been downloaded thousands of times.

They found the problem, got the site back up but didn’t remove the link that caused all the problems until 12 noon the next day?

Having worked on eComm websites in the past, if this was my solution to the problem I would be looking for a new job around 12:05pm. Trust me, it it was a database of personal information of DOJ employees that site would have been down in minutes.


Other information was also mistakenly released, including data from firearms safety certificates, dealer record of sale and the state’s assault weapons registry. That data included dates of birth, gender and driver’s license numbers for more than 2 million people and 8.7 million gun transactions. But investigators said there wasn’t enough information in those datasets to identify anyone.

Let’s see: FSC info, DROS records, assault weapons registries that included birthdates, gender and driver’s license numbers for 2 million people and 8.7 million gun transactions but not enough info to identify anyone? That’s pretty much all you need to identify someone.


No one is believing this mess.


An intentional breach of personal information carries more stiff fines and penalties under California law, according to Chuck Michel, an attorney and president of the California Rifle & Pistol Association. Michel said his group is preparing a class action lawsuit against the state. He noted the leaked data likely included information from people in sensitive positions — including judges, law enforcement personnel and domestic violence victims — who had sought gun permits.
“There is a lot of gaps and unanswered questions, perhaps deliberately so, and some spin on this whole notion of whether this was an intentional release or not,” he said. “This is not the end of the inquiry.”

This is truth. This whole thing reeks.


“This was more than an exposure of data, it was a breach of trust that falls far short of my expectations and the expectations Californians have of our department,” Bonta, the attorney general, said in a news release. “I remain deeply angered that this incident occurred and extend my deepest apologies on behalf of the Department of Justice to those who were affected.”

Yes, it is possible that this was just a comedy of errors. Not willful, but insanely incompetent actions from an incompetent staff. It could happen. But it’s not that that angers and places so much doubt about what really happened.


It’s the actions of leadership, the “Top Cop” of the state. Blatant disregard and ambivalence toward the protection of basic rights of portion of the population in his state he serves speaks volumes. He saw a problem and didn't respond with urgency because it was a cause he was against and citizens of the state he doesn't care about. That's not civil service for all Californians.


That’s petty, vindictive, political and calculating.

That’s Bonta and that’s the state of politics in California.


LINKS:


504 views0 comments

Comments


bottom of page