The email correspondence between Sabrina Agius and Joseph Muscat occurred between a g-mail account (Sabrina’s) and a private email account on josephmuscat.com (Joseph’s). At no point is there any correspondence from a work email address (rtk.com.mt). The most we can assume is that Sabrina accessed her gmail account during work hours using an internet connection on her workdesk at RTK’s offices and presumably via RTK’s servers. The Angela Lansbury of Maltese investigative journalism has applied a J’accuse favourite in order to reach an interesting but erroneous conclusion with regard to this correspondence:
No, it’s obvious what happened here. Occam’s Razor, remember. Organisations like the political parties and radio stations have their own internal server and don’t use an external service. The organisation or company bosses have full access to and control over anything passing through that server, because it is done on company time.
If Sabrina Agius sent and received her emails while at the office, they would have been recorded and retained by the office server. That would explain why there are apparent gaps in the information. Those would be the emails she sent and received while at home.
The second bit is obvious too, the way I see it. RTK never bothered to check through the server records to see what kinds of emails its employees sent out. But when Sabrina Agius decided to take legal action against them for not promoting her to editor, they did the first thing an employer does in these cases when preparing their case: go through her emails.
And some of those emails were made public, whether intentionally or not. Good luck to them. Most people would have done the same, faced with such contentious information about an employee making a very public case against them and talking about political discrimination. (the Runs – Mummy, they hacked me)
The impression given here is that it is normal for employers to have full access to and control over anything passing through their server. It’s not. Legally it is not. Let’s start with the recording bit. There are laws that prevent RTK from doing just that. In order to actually access the emails themselves, RTK would require the consent of the user. In certain cases, even attempting to enter an email account that is not your own is a crime – let alone actually using your facilities to open the emails. Technically RTK COULD use a device that allows “packet capture” that is the network equivalent of a phone tap but (and there is one hell of a but) it cannot do so without the consent of the employees. Consent is in fact crucial to both Data Protection law and the criminal law (here’s a hint – the Computer Misuse section of our Criminal Code).
I will not even go into the fact that the 14 page pdf containing the correspondence is very evidently a printout from a GMAIL account – not some garbled text retrieved from a server in the fashion of NCIS/CSI/Murder She Wrote Occam’s Razor fantasy. The signs seem to point more directly to someone accessing the gmail account either by obtaining Sabrina’s password and using it without her consent (see that ugly C word again) or by someone accessing her workdesk while she was away from the PC and without her knowledge (again lack of consent).
To put it simply. There is NO LEGAL WAY for RTK to have got its hands on this correspondence bar Joseph Muscat and Sabrina Agius expressly consenting to their having this information. As to the court case involving RTK and Sabrina… at most you might expect a motivated request by RTK for the court to consent a search of Sabrina’s accounts – and I doubt that a court may acquiesce to such a request simply on the basis of alleged collusion with a politician. (More about the ethics of the content in the next post).
If we eliminate RTK from the equation that leaves two possible other avenues. The first – a leak on Joseph’s side would still mean somebody accessing his account without express permission. Still illegal. Still a crime. Which leaves us with hacking. Personally, and I must say this on a hunch, I find the whole hacking business implausible -especially (and here I agree with the Angela Lansbury assessment) because I am quite sure a hacker would have found much better things to feast on.
CONCLUSION
While the nationalist media will definitely try to concentrate on the stinking content of the exchange there is no doubt that the issue of the correspondence and how it ended up in the hands of NET TV’s news team is an important issue of itself. We cannot think of a “legal” way for this to happen particularly since it is evident that the legality must perforce involve consent of one of the two parties who are the victims of this hack/leak. Concerns about the ability of one or other political party to circumvent laws designed to protect our privacy are legitimate.
Hackgate’s first baby: Your right to conduct private conversations has been placed in manifest jeopardy.
Note:
I am aware of the fact that I promised “a legal analysis” but only delivered legal conclusions. I had second thoughts about feeding the wannabe lawyers with the facts. feel free to look up the Data Protection Act, the Criminal Code (Computer Misuse), and subsidiary legislation. Also have a good look at the IDPC website.
4 replies on “Hack the Dog 2 – Possession”
Jacques,
I have some dilemmas regarding this leak. When Wikileaks provided us with the details of a correspondence between Gonzi and the US Ambassador, nobody cried foul. Nobody said that that was a private conversation and the leak was illegal. We only focused on the content of the leak.
In this case I’m afraid we’re giving too much importance as to how the leak happened and if it is legal or not. Why now?
My main concern is: Is the leak authentic? Was it fabricated? By Muscat’s reaction I can safely say that the leak is an authentic one for, if not, Muscat would not have complained because of the “hacking” involved, but he would have complained that someone is fabricating emails he did not send.
Therefore, why don’t we focus on the content of the leak after we make sure that it is authentic? If those emails were truly sent by Muscat, I’m afraid that the repercussions are very serious. We have a Prime Minister in waiting who behaves in such an abysmal manner. I never thought Muscat would stoop so low. For one, he was being so naive to have such conversations by email. I mean Sabrina herself could have used those emails to blackmail him. Secondly, the language used and the nonverbals (yes you can have nonverbals in an email correspondence) show the level of maturity (and political maturity) of Muscat. Apart from that, the content and the subject of the correspondence is very damning for Muscat.
I await with anticipation your take on the content of this correspondence.
What were these ‘second thoughts’? I love to read the type of blogs supported by the facts explained and not the “I am right, read these hyperlinks containing entire books to find out why” type.
The facts are explained Chris. I looked at the relevant laws and gave you my interpretation of their content. I am not writing a legal thesis but an opinion post. There’s no need to read the hyperlinks if you trust my judgement. What I AM saying is that before shouting “Hack” or “it’s legal” some should bother to think about looking at the law or bother asking someone who might know which law to look into. On the other hand do you ask your doctor which textbook he used to come up with his diagnosis of your illness? I doubt it.
It’s the principle of the thing. http://www.timesofmalta.com/articles/view/20111030/opinion/Particle-gardens.391384 Nathaniel Attard, had he some inkling of what esprit de corps is, would have acted differently. But – no disclosure, no scoop, no Party!