I thought the Globe article hinted very broadly at some of these questions.
1) How was the data accessed? Was it just out there in the open, or was there a modicum of protection such that a reasonable person would know the owner was not granting authorization to access the data?
A technician hired by the new judiciary chairman, Patrick Leahy, Democrat of Vermont, apparently made a mistake that allowed anyone to access newly created accounts on a Judiciary Committee server shared by both parties -- even though the accounts were supposed to restrict access only to those with the right password. [Emphasis added]
We'll have to wait for the forensic analysis, but it sounds as if accounts were created with a poor default password. I don't see how someone could reasonably think they were authorized to access someone else's account.
2) Is there any direct evidence that the staffers knew they were not authorized to access the data? 3) Was it accessed with regularity, showing intent to continue to intrude?
"They had an obligation to tell each of the people whose files they were intruding upon -- assuming it was an accident -- that that was going on so those people could protect themselves," said one Senate staffer. "To keep on getting these files is just beyond the pale."
And, yes, I am offended that this is being handled as a congressional ethics issue instead of a big, steaming pile of federal felonies.
no subject
1) How was the data accessed? Was it just out there in the open, or was there a modicum of protection such that a reasonable person would know the owner was not granting authorization to access the data?
A technician hired by the new judiciary chairman, Patrick Leahy, Democrat of Vermont, apparently made a mistake that allowed anyone to access newly created accounts on a Judiciary Committee server shared by both parties -- even though the accounts were supposed to restrict access only to those with the right password. [Emphasis added]
We'll have to wait for the forensic analysis, but it sounds as if accounts were created with a poor default password. I don't see how someone could reasonably think they were authorized to access someone else's account.
2) Is there any direct evidence that the staffers knew they were not authorized to access the data?
3) Was it accessed with regularity, showing intent to continue to intrude?
"They had an obligation to tell each of the people whose files they were intruding upon -- assuming it was an accident -- that that was going on so those people could protect themselves," said one Senate staffer. "To keep on getting these files is just beyond the pale."
And, yes, I am offended that this is being handled as a congressional ethics issue instead of a big, steaming pile of federal felonies.