MeFi and data leaks? December 11, 2014 2:23 PM   Subscribe

So after sleeping on it, as far as making this post goes, i'm still really uncomfortable with this as an FPP. Many good points were brought up in thread about how it's basically the fappening with no nudes, rotten fruit from a poison tree, and how the data leak includes a whole bunch of random non-celebrity rank and file workers at sony who are now hosed.

Is this really best of the web? that's basically my question. There's more than a couple posts in there that point out that hollywood media has basically done this forever, but is the blue TMZ? Do we want it to be?

I posted this because i realized i had no further comment to write in there that wasn't MeTa material, and i should really take it here.

I just keep coming back to the comments by a couple posters here who actually know people whose info got leaked. And it feels pretty gross as an FPP even without that, but that makes it worse to me as something to be up on here.
posted by emptythought to Etiquette/Policy at 2:23 PM (144 comments total) 15 users marked this as a favorite

This seems like an excellent policy discussion to have. I don't have an off-the-cuff response but am very interested to see what people think on this topic in general.
posted by restless_nomad (staff) at 2:28 PM on December 11, 2014 [3 favorites]


I agree it's like the fappening without nudes but the fappening got a FPP too. Because it's newsworthy. I think it's like the post about the Pirate Bay getting raided and shut down (again). A simple link to a tracker saying "get free stuff here" wouldn't be appropriate. A post about the legal issues surrounding trackers would be appropriate. Similarly, a post which was "get the hacked emails/nudes here!" wouldn't be appropriate but "this thing happened and here's why it is interesting/important" is perfectly appropriate.
posted by Justinian at 2:29 PM on December 11, 2014 [22 favorites]


It did get flagged a few times and there are parallels with the celebrity nudes leak (in that sensitive info about famous people was leaked via data breach), but it's a huge story covered in hundreds of outlets. None of the links on the post go to direct data dumps, but mostly round-up news about what was revealed and how extensive it was. Some of it is embarrassing and damaging stuff, but for a story so big, after a string of giant data breaches this year, it seems weird to just ban this one instance from MeFi and delete it for being "beneath us" somehow.

I don't think it's lurid and gross to talk about what was a major security breach, in terms of security. I didn't see too many people pointing and laughing at famous people.
posted by mathowie (staff) at 2:29 PM on December 11, 2014 [14 favorites]


Obviously, people should be talking about it, because it happened and it's a huge news story. I'm less clear about talking about the actual things that were revealed in the leak. I mean, do we really want to facilitate North Korea intimidating and punishing people who make fun of them? (That's what this was, right? I haven't been paying too much attention.)
posted by ArbitraryAndCapricious at 2:34 PM on December 11, 2014


"Well, it's newsworthy" would be a disappointing reason to have the post stay.
posted by ChuraChura at 2:42 PM on December 11, 2014 [15 favorites]


This is an important news story, but that was a lousy framing, from title to details.
posted by Etrigan at 2:44 PM on December 11, 2014 [10 favorites]


I agree that discussing the actual nudie pics that got hacked in the fappening wouldn't have gone over well at all (as opposed to discussing the issue in general which was fine). Discussing the content of the hacked emails doesn't feel the same to me. I realize it's still an invasion of privacy. Enough of one to make discussing the content off limits? I dunno. "It doesn't feel nearly as bad" may not be a logical argument but its really all I got.
posted by Justinian at 2:44 PM on December 11, 2014 [2 favorites]


The data theft itself is fascinating, but the information revealed is none of our business. I'd rather we talked about the technological side -- and who did it -- and left the personal information out of it. We don't need to drive traffic to trashy sites.
posted by The corpse in the library at 2:48 PM on December 11, 2014 [9 favorites]


They're talking about the content on CNN right now. Since CNN is doing it I think it's clear that it's not OK.
posted by Justinian at 2:51 PM on December 11, 2014 [42 favorites]


The "Fappening with no nudes" argument bothers me, because I don't think you can strip out (no pun intended) the sexual harassment component to why the Fappening was shitty. There's arguably also a shared shittiness component about leaking people's personal/private communications, but...just say that, instead of making an emotionally charged and inapt comparison.

I would say that this is more similar to Cablegate, which did include passport/other sensitive information on individuals in the cables, and also had a very high profile in the news. I don't think that it wouldn't have made much sense to circumscribe discussion of the contents of the leak or insisted that the focus be primarily on reactions to the leak, but unless we find out that there's been some sort of Wag The Dog shenanigans going on at Sony, probably nothing in the contents of that leak are going to be as newsworthy as the contents of Cablegate, so maybe that's not a great comparison point either.

I agree that having a higher bar for security-leak posts than "lol look what was in these emails" is a good idea, but I'm not sure exactly how to draw that line, or even if there's a clear way to draw it.
posted by kagredon at 2:53 PM on December 11, 2014 [24 favorites]


The "Fappening with no nudes" argument bothers me, because I don't think you can strip out (no pun intended) the sexual harassment component to why the Fappening was shitty. There's arguably also a shared shittiness component about leaking people's personal/private communications, but...just say that, instead of making an emotionally charged and inapt comparison.

Yea, fair, i'm probably going to regret including that. I wasn't the first one to say it, i was just repeating it from the thread.

I think it's dangerous to go "well this isn't nearly as shitty because there's no sexual harassment angle" though, which is easy to read is "well it isn't that shitty".

I know that isn't what you were trying to do, but i've had this discussion before and that vibe seems to easily radiate from it.

I think the cablegate comparison isn't super great either. This isn't like, state secrets and stuff that involves the politics of one of the most powerful countries and the entire world, it's some stuff from a movie studio that also happens to have some movie stars being prissy. I think that comparison sucks about as much as the "fappening without nudes" one does, if you're gonna pick at that.

I'm not trying to start a fight here, i just feel you on the analogy thing. It's hard to come up with a good one. I probably should have forgone one at all, but i didn't want to make a meta that was basically "this makes me uncomfortable because it does". That's pretty much how i feel, though. Just felt like i had to qualify it a bit more, and i might have overdone it.
posted by emptythought at 2:57 PM on December 11, 2014 [3 favorites]


I'm looking at it for the first time and my initial feeling is I basically agree both with the sentiment that it feels like a significant, zeitgeist sort of thing as a story surrounding what happened and why and at a broad level the implications of having a public leak into some of the corporate machinations in question, and with the idea that the framing of the post is really not a good way to showcase why it's an interesting phenomenon rather than a chance for lulzy gossip.

I don't see any particularly solid through-line so far to either "this is definitely not problematic" or "this definitely should not be a post"; I agree that it's a weird situation, for sure.
posted by cortex (staff) at 3:29 PM on December 11, 2014 [5 favorites]


I think the actual substance of the stolen documents should not be up for discussion. It really isn't anyone's business what Paul Reiser or Kevin Hart or Joel McHale asked a studio for, or what the studio execs think of them. I don't think any public interest is served by discussing this kind of thing; it just seems to me like rubbernecking.

The only things I've seen that seem even arguably related to any legitimate public interest are (1) the apparent differences in compensation between male and female employees, (2) whether or not Sony had adequate security, and why, (3) who perpetrated the breach and why, and (4) the impact the breach will have on its victims. I think all of those topics can be discussed without reference to the salacious detail contained in individual emails.

On preview, I see that additional emails about Sony's IT security have been posted in the thread; posting those feels a lot more legitimate to me than posting the celebrity ones.
posted by burden at 3:39 PM on December 11, 2014 [8 favorites]


Paul Reiser has appeared in only two previous MeFi posts.
I think, if only for Paul Reiser's sake, the post should stay.
posted by Atom Eyes at 3:55 PM on December 11, 2014 [13 favorites]


emptythought, I've been reading about the leak (mostly the security implications) on this site and others and since that's the only interesting part to me, I was kind of glossing over how bad the post about this was. So I would concede that this is a big major data leak story being discussed everywhere that I think is perfectly fine here, but that it was a badly framed post with an awful title and I wished it was a better one. So I'd say the topic of the post doesn't seem off-limits or in bad taste for mefi, but this specific post about the topic could have been deleted with a "try harder" message.

In general, I think people do a good job making lackluster posts better by introducing more info in comments and I did enjoy the technical aspects discussed in comments on the post.
posted by mathowie (staff) at 4:23 PM on December 11, 2014 [5 favorites]


For those interested, there's a pretty thorough piece of writing on the messy ethics of covering the sony emails on BuzzFeed (who, it should be said, has like dozens of tabloidy articles about the contents of the articles, but that seems to be okay in this era of "one department didnt know what the other department was doing so its nobodys fault" era).

Personally I'm not sure there needs to be a discussion here. As an IT story, its vaguely interesting but probably better suited for InfoSec sites. As a political story, it isn't really anything until its confirmed that it was actually a retaliation by North Korea. As gossip, its pretty low.

Leak all of YOUR company's emails, and see how you look.
posted by softlord at 4:33 PM on December 11, 2014 [2 favorites]


As an IT story, its vaguely interesting but probably better suited for InfoSec sites.

I think infosec stories are fine here.
posted by the agents of KAOS at 4:41 PM on December 11, 2014 [19 favorites]


I don't think it's lurid and gross to talk about what was a major security breach, in terms of security.

Sure, but the actual FPP was presented in terms of the stolen content, including direct quotes, rather than about the security implications. The FPP was completely lurid and gross; I deliberately didn't click on any of the links or stay to read the comments because of that grossness. Maybe I should have flagged it, but it seemed like the kind of newsfilter post that I am seeing a lot of lately and people clearly like, so I just moved on.

Like so much of what is basically breaking news, this would be far more interesting if it was left alone for a week or two until there are interesting analytical articles or something other than the gross releases themselves.
posted by Dip Flash at 4:43 PM on December 11, 2014 [9 favorites]


This was a scummily-framed GossipFilter post, and should have been deleted. I can understand that a less salacious post about the leak that was merely NewsFilter would be allowed to stand, although I think the gleeful "look what leaked emails say about this jerk" type comments should be deleted.
posted by MoonOrb at 4:45 PM on December 11, 2014 [9 favorites]


We go to incredible lengths to try and protect the privacy of individuals here, especially in terms of doxxing, AskMe questions, links to real life, memail correspondence, etc. I think an excellent policy would be to treat stories as if they include people who could someday become members here. Because, that kind of thing actually does happen at times here. People show up from stories that we are discussing and say hey, and become members.

What if we extended the same policies to stories as if they actually are or actually could be potential members? What if we pretended that the innocent people in these stories were some of our favorite members here? What kind of respect would we extend the story? What links would we include or not? I think it would still allow us to discuss newsworthy stories, including references to real life people, in a way that is respectful; and it would highly discourage us from camping out on lurid details just for the fun of it.

I'm not sure how this would apply to notorious individuals where reveling information is for the public good. But to be honest, I'm more concerned with the innocent bystanders who continually get caught in the fire. I'd like to see us take the higher road on these issues for their benefit.
posted by SpacemanStix at 4:50 PM on December 11, 2014 [21 favorites]


I've been thinking about this a lot lately - it's that time of year when we do our security audits and penetration testing and so on - and...

Well, look, the history of humanity is rife with people having to get seriously hurt or killed before we decided to maybe stop doing some bad things.

So, yeah, it sucks for those people whose private information was exposed. And having been in that position (WI employee with SSN on her laptop stolen, Target, Home Depot, other breaches, etc etc) a few times, I'm sensitive to that.

Still, at some point, if this gets some CIO to look up from another line of blow off some hooker and say "maybe we should test the firewall this weekend" then it will have been a net win.

Because - seriously - network security is part of what I do for a living. It's not *that* hard. But those in charge at these companies don't care, and don't find it worth the money or time.

Maybe, perhaps, once it hurts enough people, they will.
posted by Pogo_Fuzzybutt at 4:55 PM on December 11, 2014 [1 favorite]


I don't buy it. The point of data security is to keep people from getting hurt. It makes no sense to participate in hurting people in order to draw attention to data security.

Besides, even if hurting people is somehow necessary, do we really need to be among those doing the hurting?
posted by burden at 5:03 PM on December 11, 2014 [6 favorites]


It makes no sense to participate in hurting people in order to draw attention to data security.

I didn't participate in the data breach. Talking about the breach isn't participating in the breach.

In fact, talking about the breach and in the implications and so on, may just help prevent more breaches. Those people whose data was released to the world can't be unhurt by anything we do. The best that can happen is that it doesn't happen again.

Which only comes from discussion about the hows and whys.

Otherwise, you're essentially asking for a ban on discussions about anything that hurts other people. Would you ban discussions about rapes and rape culture ? Gamergate and their history of harrassment ? The list goes on and it makes no sense.
posted by Pogo_Fuzzybutt at 5:28 PM on December 11, 2014 [11 favorites]


I agree that talking about the hows and whys of this breach and breaches in general is totally fine and a perfectly reasonable, even laudable, thing to do. I think that probing emails that are wholly unrelated to the hows and whys, and discussing their lurid details that have nothing to do with the hows and whys, is participating in the hurting caused by the breach, and hurts innocent people for no good reason.
posted by burden at 5:33 PM on December 11, 2014 [4 favorites]


"Maybe I should have flagged it, but it seemed like the kind of newsfilter post that I am seeing a lot of lately and people clearly like, so I just moved on."

Deleting poorly framed newsfiltery posts and telling folks to post a better FPP on the subject is something the mods have done in the past.

Flagging it might have been worthwhile. Despite the framing of the post, the actual discussion doesn't seem all that bad.
posted by el io at 5:33 PM on December 11, 2014


I think the argument there is that if you're talking about information learned during a data breach--like celebrity gossip that was aired during this one--under the guise of talking about the implications of the data breach, what you are doing is perpetuating the harm suffered by those people whose private information has been exposed. That is a situation that is largely unique to the publication of private stuff, since each time it's repeated, the harm is repeated, to a much greater extent then, say, discussing a crime against someone is revictimizing them--because it's the publication of the private information that is the victimization in the first place.

I think burden's argument assumed the discussion you were talking about having included discussing the private information that had been leaked.
posted by MoonOrb at 5:34 PM on December 11, 2014 [5 favorites]


"Leak all of YOUR company's emails, and see how you look."

Well, smart folks write all of their corporate emails with a consideration that the emails may be unearthed via the discovery process in some random lawsuit.

Look, folks should act professional in emails. They shouldn't conduct affairs, discuss gambling, lawbreaking, etc... It's not good for their company - corporate emails get out *all the time* (via legal means - the discovery process).

All that being said, discussing lurid stuff in email contents is not a good metafilter conversation, but most of the thread seems pretty reasonable.
posted by el io at 5:36 PM on December 11, 2014 [10 favorites]


The technical aspects are interesting.
So are lock picks.
posted by clavdivs at 5:38 PM on December 11, 2014 [1 favorite]


Anyone who took delight in this story is conscripted into Dirty Hollywood Underbelly Book Club. First book: Hit & Run: How Jon Peters and Peter Guber Took Sony for a Ride in Hollywood. I thought I had it on my Amazon wish list, but I already bought it! Sitting in a bin in my garage which is slowly being flooded by #hellastorm.
posted by morganw at 5:45 PM on December 11, 2014 [1 favorite]

Leak all of YOUR company's emails, and see how you look.
I take your point, but I work for a state university. You can file a Freedom of Information Act request tomorrow and get access to all the emails on my work account. You shouldn't do that, because my emails are super boring and it would be a pain in the ass for the lawyers to take out all the FERPA-covered student information, but you could. It has happened to at least one professor at my university.
posted by ArbitraryAndCapricious at 5:56 PM on December 11, 2014 [11 favorites]


Wow, that is a pretty gross and weird post.
posted by koeselitz at 5:59 PM on December 11, 2014 [2 favorites]


Yeah I think it's way too gossipy to be posted here. Celebrities are people too.
posted by dhruva at 6:10 PM on December 11, 2014 [1 favorite]


Yes too bad it was a flip post, there are a lot of really smart tech folk here and the right framing could have initiated a much better discussion of security and privacy issues.

[redacted trailing Jolie joke for just not being funny enough]
posted by sammyo at 6:26 PM on December 11, 2014


i know this has already been discussed upthread but i want to register my complaint as well - i am really uncomfortable by all the people, here and elsewhere - famous and not, suggesting that this is somehow like crimes of sexual harassment and assault. saying that they are not the same and should not be compared is in no way saying the data breech is acceptable or not a bad thing, but leaking or discussing financial and gossip-y documents is not the same as sexual violence, full stop.
posted by nadawi at 6:44 PM on December 11, 2014 [15 favorites]


I didn't comment in the Sony thread, but I favorited many of the comments that support this MeTa. I was vocal in the thread about the leaked/hacked home security camera footage and thought that was also bad.
posted by Room 641-A at 7:02 PM on December 11, 2014 [2 favorites]


Neither MetaFilter nor its members are facilitating anything by having this post. We are a tiny, backwater outpost of the web, and almost nobody sees or cares what happens here. It would have been a terrible deletion. The data wouldn't just go away because we held our noses in the air and refused to discuss it.

Also, the legal personhood status of celebrities has yet to be decided to my satisfaction.
posted by Steely-eyed Missile Man at 7:27 PM on December 11, 2014 [6 favorites]


You can file a Freedom of Information Act request tomorrow and get access to all the emails on my work account.

Generally, FOIA requests have to be narrowly constructed, so you really can't do that. I could though, ask for all emails that mention "LOLbutts" or "metafilter."

Also, these kinds of requests don't have to be free.

My former job we requested some various state emails and were charged $300 an hour for the IT guy's time, and they charge a couple bucks for the CD the emails came on.

One of the emails actually had a path in there that went like: C:users\shadypolitician\secretproject

So we turned around and asked for the documents in that directory related to the project.

I've filed a few FOIA requests in the last few years. A "give me everything" request would either result in a huge bill or just be denied.
posted by cjorgensen at 7:30 PM on December 11, 2014 [2 favorites]


Everything I thought has already been said. There's a good MetaFilter post to be made about this subject, but I don't think what we got is it. To the point that I took the unprecedented-for-me step of flagging before bed and using the contact form when I got up and the post was still there. Still, I'm fine with just scrolling past it just like any other thread I have no interest in participating in.
posted by ob1quixote at 7:31 PM on December 11, 2014 [2 favorites]


I take your point, but I work for a state university. You can file a Freedom of Information Act request tomorrow and get access to all the emails on my work account.

FOIA requests apply to the records of federal agencies, which a state university isn't. State government records can usually be produced upon request pursuant to that state's public records laws, which are often colloquial known as "open records/open government laws" or "sunshine laws". You may have noticed that an email from a state agency contained a notice that the email and any reply to it was subject to public records requests. I am sure that professor's records were requested pursuant to a state public records law.
posted by Tanizaki at 7:36 PM on December 11, 2014 [2 favorites]


Neither MetaFilter nor its members are facilitating anything by having this post. We are a tiny, backwater outpost of the web, and almost nobody sees or cares what happens here. It would have been a terrible deletion. The data wouldn't just go away because we held our noses in the air and refused to discuss it.

Also, the legal personhood status of celebrities has yet to be decided to my satisfaction.


I get this, hahaha celebrities, they're asking for it and they are abundantly rewarded by fame and fortune, but it's a disturbing idea if you actually think about it. I saw a picture of Bill Murray on some sporcle quiz the other day and there were tons of professional photographers in the background just waiting to take his picture, just TONS lined up staring at him. When Taylor Swift leaves the gym she has to look perfect because there are tons of people desperate to get a shot of her looking anything less (or so I am told by my husband who is a huge Taylor Swift fan). Yes, there are reasons their lives are more open, but they're still people and they deserve better than this. Everyone has the right to some personal space.

Relatedly, I also agree that it would be great if we didn't facilitate prying through people's private emails/pictures/whatever (not saying the post did that in this case). I mean, I'll acknowledge that we're a backwater (like Earth in the universe of Douglas Adams!) but not being important enough to have to do the right thing doesn't seem like such a great excuse to me.
posted by Mrs. Pterodactyl at 7:40 PM on December 11, 2014 [11 favorites]


Neither MetaFilter nor its members are facilitating anything by having this post. We are a tiny, backwater outpost of the web, and almost nobody sees or cares what happens here. It would have been a terrible deletion. The data wouldn't just go away because we held our noses in the air and refused to discuss it.

This is simply not true. It not only helps facilitates the proliferation of the data itself by pointing more people to it, it encourages the proliferation of the general attitude that this is okay, as long as it's done on a small enough scale. Add a lot of backwater outposts together, and before you know it, you have an internet.
posted by SpacemanStix at 7:44 PM on December 11, 2014 [8 favorites]


To me the more important objection to that line of reasoning is that it could be used to justify pretty much anything.
posted by Justinian at 7:46 PM on December 11, 2014 [8 favorites]


FOIA requests apply to the records of federal agencies, which a state university isn't.

You know, if you're going to be condescending and pedantic, it would help to be right:

"As a public institution in the state of Michigan, the University of Michigan is subject to provisions of the state's Freedom of Information Act (FOIA). " (From here.) (And it's not just Michigan.)
posted by asterix at 7:51 PM on December 11, 2014 [14 favorites]


pointing more people to it

If you hear about news or current events from basically anywhere else at all, you would have heard about it, so I don't think this is true.
posted by Steely-eyed Missile Man at 7:56 PM on December 11, 2014 [1 favorite]


A lot of pieces of straw make a haystack, and I don't think whether we are "backwater" makes any difference at all to whether or not a certain thing is okay. Also, I think you underestimate how many eyes come here to read.
posted by SpacemanStix at 8:03 PM on December 11, 2014 [2 favorites]


I didn't address my argument to whether it was "okay" but as to whether it was "facilitating". I think it's fine, though. I am really not seeing what the harm is.
posted by Steely-eyed Missile Man at 8:16 PM on December 11, 2014


FOIA requests aside, courts have long held that personal emails sent through work computers/networks/servers enjoy no expectations of privacy, anyway. An employer can read each and every email you send using their systems, and use that against you if they like.

(and I've worked for CEOs who would request just such a report.)

So, really, nobody's emails were exposed, except Sony's and Sony aint a person.

That said, lots of other encumbered info was - SSNs, health insurance info, etc. that surely had an expectation of privacy attached was exposed, and that will probably be the subject of a good many lawsuits by soon to be former Sony employees.

It would be if I was one.
posted by Pogo_Fuzzybutt at 8:20 PM on December 11, 2014 [4 favorites]


I concur with the OP here. Be the change we want.
posted by Dashy at 8:22 PM on December 11, 2014 [1 favorite]


I agree but sometimes, like zen, change comes to you.
posted by clavdivs at 8:27 PM on December 11, 2014


So, before I finish reading aalllll the comments, I will say this: I saw the report about the Steve Jobs movie dust up on one of the Gawker sites, then saw the post here. Neither one of those made clear that the information was from the Sony hack. I found that fact out in the thread itself. I then felt pretty uncomfortable, and didn't click on any further information in the OP.

So, to make it clear, I think the framing of the post wasn't good. Nonetheless, I think the post should stand as it is, since it has stayed for this long. I will come down as saying I don't like the coverage of individuals leaked info. Pretty creepy to me.
posted by annsunny at 8:38 PM on December 11, 2014


Neither MetaFilter nor its members are facilitating anything by having this post. We are a tiny, backwater outpost of the web, and almost nobody sees or cares what happens here. It would have been a terrible deletion. The data wouldn't just go away because we held our noses in the air and refused to discuss it.

Also, the legal personhood status of celebrities has yet to be decided to my satisfaction.


These are all very cogent points.
posted by a lungful of dragon at 8:56 PM on December 11, 2014


You guys aren't actually serious about celebrities not deserving the basic decency any other human being should expect?
posted by Justinian at 9:00 PM on December 11, 2014 [10 favorites]


I just wanted to weigh in that i'm uncomfortable with the argument that we need to shun all discussion of the content of these leaks. Obviously we shouldn't be disseminating people's SSNs or other things that will facilitate crimes but I think it's absolutely relevant to want to discuss racist emails from Sony executives, or pay differentials between male and female and white and non-white execs. I also think on a more mundane level these emails offer a fascinating window into how Hollywood sausage is made, and that could be relevant from a lot of different angles. Obviously it's very unseemly how the data was obtained, but it's out there now and it feels unnecessary to decree that we must not examine that data for relevant information going forward. I feel like it's much more like Cablegate than The Fappening, though I'll acknowledge that neither analogy is perfect--but we're talking about useful and socially relevant data even if it's from a corporation and not a nation-state.
posted by zeusianfog at 9:05 PM on December 11, 2014 [6 favorites]


I think the topic is fair to discuss, but wish the post leaned more on the security aspects of everything. The recent leak of celebrities' private photos was a bunch of perverted script kiddies aggregating cloud data; the hacking is much more significant than the leaking this time around. Even if that isn't your opinion, there are plenty of ways to talk about the content of what was stolen and released without revealing any specifically damaging information.
posted by Johann Georg Faust at 9:17 PM on December 11, 2014 [1 favorite]


I (obviously) am very happy that we're having this discussion - I'd love to weigh in more but I'm under deadline myself. Suffice it to say, and as I expressed in the thread, I think Metafilter is better than this. I'm glad so many have expressed disappointment in the initial framing of the FPP. I wish it'd been deleted and a different post focusing on the security aspect had been encouraged.

As for justifying the content of the FPP because so many press outlets have covered the substance of the leaks too - this is the most glaring breach of journalistic integrity in my recent memory. Never have I seen so many outlets so gleeful in pawing through what is essentially stolen materials. I was always impressed at how so many websites and papers refused to pander during the Fappening. No one is impressing me with restraint right now.
posted by incessant at 10:04 PM on December 11, 2014 [1 favorite]


You guys aren't actually serious about celebrities not deserving the basic decency any other human being should expect?
posted by Justinian


I don't read into that. But celebrities can afford better security...unless...
Holy smock the leak was a plot to a plot line!
posted by clavdivs at 10:05 PM on December 11, 2014 [1 favorite]


useful and socially relevant

That is not the metric by which we determine if it's ethical to discuss data.
posted by incessant at 10:05 PM on December 11, 2014 [3 favorites]


Data or stolen data.
posted by clavdivs at 10:08 PM on December 11, 2014


My interest in leaks pretty much peaked with 2up, but this one is still interesting.
posted by michaelh at 10:15 PM on December 11, 2014


Steely-eyed Missile Man: "I am really not seeing what the harm is."

The framing of the post is a shitty way to talk about people. You don't see the harm in talking about people in a shitty way?
posted by koeselitz at 10:24 PM on December 11, 2014 [5 favorites]


No smocking
posted by Joseph Gurl at 10:36 PM on December 11, 2014 [2 favorites]


gotta match
posted by clavdivs at 1:39 AM on December 12, 2014


The data wouldn't just go away because we held our noses in the air and refused to discuss it.

Nuremberg 2.0
posted by Ned G at 4:38 AM on December 12, 2014


I'm actually a bit uneasy about "well, it's newsworthy" being used to justify this post, when there have been plenty of instances in the past when "but it's newsworthy" was not sufficient to prevent other posts from being deleted.

That is, I'm uneasy if "it's newsworthy" is the sole reason it's being allowed to say. In the other cases where things being deleted, there was usually a subtext involved that trumped its newsworthiness ("It's newsworthy, but it's gonna cause a site-wide shitstorm" or "it's newsworthy, but it's still a situation very much under development and there's a lot of misinformation that we could be inadvertently spreading" or whatever). I guess I just want to know whether there's subtext is in this instance which is letting this one stand ("it's newsworthy, and it speaks to how week SONY'S system is", or something).

So, yeah, it's newsworthy, but what else about it? Is there a "what else"?
posted by EmpressCallipygos at 6:55 AM on December 12, 2014 [2 favorites]


I have to say that I'm finding the tone of the responses in this thread more and more disappointing as it goes on.

The framing of the post was about one degree removed from HA HA LOOK AT THESE ASSHOLES, and that encouraged the thread to go in that direction.

And, basically, I agree with justinian. We're better than this, and we should have been better on this as a community. There are humans behind this who are getting shafted, and a lot of them aren't celebrities.

I really find it distasteful that this basic idea is now considered risible here.

And, for fuck's sake, Nuremberg?
posted by scrump at 6:57 AM on December 12, 2014 [14 favorites]


Yeah you'd think there'd be a less clunky way of saying "hey I understand your point and it's no big deal but maybe not so much with the Nazis?" but if so I haven't figured it out, so here we are. Maybe not so much with the Nazis, is all.
posted by goodnewsfortheinsane (staff) at 7:03 AM on December 12, 2014 [9 favorites]


The framing of the post is a shitty way to talk about people. You don't see the harm in talking about people in a shitty way?

Well, no, I'm not seeing any demonstrable harm to the people in question from the post or its framing. The whole thing was well underway by the time the post was made, and as for the "shitty way to talk about people," as far as I can see those are just quotes from some of the principles, and I can't shed many tears over their own words coming back to haunt them (he says, looking nervously over his shoulder). Neither do I imagine it will come to much in the end.

There are humans behind this who are getting shafted, and a lot of them aren't celebrities.

I really find it distasteful that this basic idea is now considered risible here.


It really sucks that the rank and file folks had their personal data spewed into the world. I agree. Ideally this would lead to a smaller, less harmful data footprint for people, but I think we all know the world isn't heading in that direction. Your sentence structure and organization doesn't let me pinpoint exactly which idea you think is being found risible, so I will clarify that the idea I personally find risible is that any demonstrable harm is coming from this post or that it is somehow opposed to MetaFilter's high ideals, whatever those are supposed to be. I can appreciate that my viewpoint is in the minority among those who participate in MetaTalk. That's about all I have to say on this subject.
posted by Steely-eyed Missile Man at 7:37 AM on December 12, 2014 [1 favorite]


ctrl-F "wikileaks"

Match not found

Hmmm
posted by banshee at 7:54 AM on December 12, 2014


ctrl-F "wikileaks"

Match not found

Hmmm


I can tell you that the celebrity photo leak was a turning point for me in what I decided I personally had a right to view. Going forward I will judge whistle blowers and government leaks on a case-by-case basis but this free-for-all is not something I can personally justify taking part in. I'm not telling anyone else not to, but I am expressing my hope that MetaFilter take that into account next time (and there will be a next time) this happens, or as more info from this hack is released.
posted by Room 641-A at 8:18 AM on December 12, 2014 [3 favorites]


Room 641-A: The thing is, most folks didn't directly read the raw data from wikileaks... They read newspaper reports (NYTimes, Guardian, etc) that synthesized the 'interesting' parts of the leak, gave it some context, and then pointed to the raw data if people wanted to see that.

That's going on here as well. This post wasn't to a torrent of the raw data, it was to news reports about the data. In this case it was pretty gossipy celebrity stuff (which I think is dubious material for a FPP); thankfully much of the discussion on the blue was around data security and other larger issues.

I'm not sure if your going to avoid reading the next NYTimes article if it is about leaks, but I don't see what not. Journalism has a history of getting inside information from leakers. Historically it hasn't been mega-leaks, but that's what a ton of journalism is based on - inside information.
posted by el io at 8:23 AM on December 12, 2014 [1 favorite]


As an IT story, its vaguely interesting but probably better suited for InfoSec sites.

I think infosec stories are fine here.


I think so too, but I strongly disagree that this happening is an infosec story. It's that sort of thinking that leads to the bad priorities that allow this to happen. Info security should be seen as being as integral to keeping work happening as power and flushing toilets. Shrugging it off as some obscure specialty that's only interesting to the gearheads gets you disasters.

On the content of the leak I am more ambivalent. There's certainly no shortage of pointless salaciousness going on, but I almost sprained my eyes at "so many outlets so gleeful in pawing through what is essentially stolen materials." This ain't the Pentagon Papers or Wikileaks, but the idea that there's a black and white line to be drawn on an organizations' information just based on their not wanting it to get out flies in the face of a larger societal interest.

If documents came up from this showing that Sony execs helped, say, Mel Gibson insure he wasn't employing jews on a project would we be prepared to turn away? Tax fraud? I'm not sure if Sony has any technology divisions in medicine or any other industries where they could be making decisions that could harm lives, but would we condemn news media scrutinizing a car company's data dump for risk management documents? Haliburton dumps for evidence of covering up rape or assault cases?

I'd like to live in a world where media would opt not to publicize petty items that are just rubbernecking, but I'll take it over ones where they don't do the work of looking for real news when they are given the opportunity.
posted by phearlez at 8:33 AM on December 12, 2014


me: “The framing of the post is a shitty way to talk about people. You don't see the harm in talking about people in a shitty way?”

Steely-eyed Missile Man: “Well, no, I'm not seeing any demonstrable harm to the people in question from the post or its framing.”

Well, you're right about that as far as it goes. The demonstrable harm here is not to "the people in question." It's to Metafilter. Metafilter as a whole is harmed when we act like privacy and simple decency are stupid, silly things to be cast aside at a whim.

“The whole thing was well underway by the time the post was made, and as for the ‘shitty way to talk about people,’ as far as I can see those are just quotes from some of the principles, and I can't shed many tears over their own words coming back to haunt them (he says, looking nervously over his shoulder).”

That last parenthetical indicates that you know why it's a mistake to cast aside privacy as a tenet of common decency. You would rather people didn't open up your emails and laugh at them publicly. Why would it ever be okay to do this to other people?

Again: this is bad for Metafilter. Here, our site culture dictates that we do not reveal the contents of messages sent to us privately because, as much as people sometimes may annoy us, we don't want to violate their trust in such a fundamental way. But we're blithely jabbering about other people elsewhere in the world who have had their trust violated in the same way. It's a contradiction, and it's not a nice one.

If we really believe in our principles, we have to apply those principles to our interactions with people who aren't members of Metafilter. This is a problem that a number of internet communities have been struggling with: should non-members be afforded the same respect as members when it comes to things we will and won't do to people? I would hope that we'd be able to answer that question in the affirmative. Others elsewhere have answered it in the negative, and it hasn't turned out well for them.

“Your sentence structure and organization doesn't let me pinpoint exactly which idea you think is being found risible, so I will clarify that the idea I personally find risible is that any demonstrable harm is coming from this post or that it is somehow opposed to MetaFilter's high ideals, whatever those are supposed to be.”

This is not something we would allow on Metafilter. We would not allow people to publicly distribute other peoples' Mefi Mail without their consent. This has come up several times on this site, and we have always come down firmly on the side of not violating the trust of people who send us messages with the expectation of privacy.

So this is pretty obviously and blatantly opposed to Metafilter's ideals.
posted by koeselitz at 8:35 AM on December 12, 2014 [10 favorites]


emptythought: "Is this really best of the web? that's basically my question."

I know I am becoming That Guy about this, but "best of the web" was officially deprecated more than eight years ago now, and I think it would be great if we could stop using it as a stick to beat things with.

That said, my feelings are that a good post could be had about these leaks, but the post that was made was pretty lousy.
posted by Chrysostom at 8:35 AM on December 12, 2014 [9 favorites]


Room 641-A: The thing is, most folks didn't directly read the raw data from wikileaks...

Most folks aren't MeFites :) But I was only responding to the comment about not finding it mentioned in this thread.
posted by Room 641-A at 8:37 AM on December 12, 2014


Let me make myself clearer, then.

There are a whole lot of people getting screwed by this leak who aren't celebrities.

This is a shitty thing, and the framing and discussion around the post are contributing to it being shitty, by encouraging us to point and laugh.

From my perspective, it seems like a plurality of the MetaFilter community has decided that "hey, maybe we shouldn't be pointing and laughing at these people" is a risible idea.

That the notion of being better than that is silly and quaint, and that on the Internet, mocking the victims of misfortune is the done thing. Life sucks, get a fucking helmet, etcetera.

I'm not asking for MetaFilter to be some bastion of morality or an arbiter of appropriate behavior. But I think there's more than enough room between making fun of victims and sainthood for us to be better. Or, at least, compassionate. Better than this, at least.
posted by scrump at 8:51 AM on December 12, 2014 [7 favorites]


"hey I understand your point and it's no big deal but maybe not so much with the Nazis?"

The other problem is people like me that are unable to make the connection, so I don't get the point, all I get is the Nazis. Double plus fail.
posted by cjorgensen at 9:09 AM on December 12, 2014


That buzzfeed article about the ethics of this leak is on point. I wouldn't cry tears over a Newsfilter post getting the axe, but to compare this to a sex crime is at best tone deaf, and celebrities are public figures — including studio heads. There's no public interest served by fisking the emails of some schlub in order fulfillment, but there is in correspondence that determines a substantial share of the media available to the public. The fappening this ain't.
posted by klangklangston at 9:13 AM on December 12, 2014 [6 favorites]


And, for fuck's sake, Nuremberg?

Sorry people, I was trying to make the point that 'everyone else is doing it so it's fine that I'm doing it too' isn't a good moral basis to work from. But yeah, the way I tried to make that point wasn't the right one.
posted by Ned G at 9:14 AM on December 12, 2014 [1 favorite]


i do think it's important to note that people are getting hurt because of sony - they knew they had a problem and straight up said they weren't going to inform those originally affected because they weren't legally forced to do so. the choice to not inform and to not fix the issue is what ended up hurting sony's employees. i agree the post was framed poorly and there are some questions to be asked about the tabloid nature of this all, but sony is both the victim and partially responsible for the harm (especially of the lower level employees who would have never known about the original hack in february).

...and this is where the whistle blowing comparisons come in - the hackers absolutely shouldn't have obtained and dumped these documents, but sony shouldn't be shielded from critique since they thought keeping quiet and changing nothing was an acceptable risk - hopefully this amount of embarrassment for the higher ups will actually help safe guard employees' data in the future.
posted by nadawi at 9:16 AM on December 12, 2014 [3 favorites]


Remember folks, corporations are people too.
posted by el io at 9:17 AM on December 12, 2014 [1 favorite]


The fappening this ain't.

Unless someone likes fapping to email exchanges between Sony execs and actors who want a discount on merch.
posted by a lungful of dragon at 9:33 AM on December 12, 2014 [1 favorite]


the actual FPP was presented in terms of the stolen content, including direct quotes, rather than about the security implications. The FPP was completely lurid and gross

Terrible framing, should have been re-done as a good post for MetaFilter.
posted by jessamyn (retired) at 9:34 AM on December 12, 2014 [4 favorites]


The FPP framing reads to me as "Let's gawk at the embarrassing details of celebrities and the industry we love to hate."

It links to a couple pretty lightweight stories about the leak for background, but the rest of it, and the overall framing, appears to me to be nothing other than rubbernecking.

If there's a criterion to delete a front page post for "worthy subject, crappy framing, try again" then this seems like a prime instance where it ought to have been invoked.
posted by under_petticoat_rule at 9:43 AM on December 12, 2014


Metafilter should not discuss illegally leaked data.
posted by NSA at 9:50 AM on December 12, 2014 [18 favorites]


Maybe I should have flagged it, but it seemed like the kind of newsfilter post that I am seeing a lot of lately and people clearly like, so I just moved on.

If something bugs me on the site, I flag it. Doesn't matter if I think it's a big thing or small thing, I flag it because the mods have repeatedly communicated that flags are helpful for getting communication from the members.

Flag hard, flag (reasonably) often!
posted by Brandon Blatcher at 9:52 AM on December 12, 2014 [2 favorites]


I that that's my new favorite sock puppet.
posted by cjorgensen at 9:53 AM on December 12, 2014 [1 favorite]


Know what? Screw Sony. This is the second time they had a huge security problem like this (see the 2011 Playstation hack wherein my credit card information was stolen) and they still don't get security right.

I really don't see the comparisons between The Fappening and this. If this was Time Warner Cable's internal memos being leaked, I don't think people would feel as righteous about it.
posted by inturnaround at 9:57 AM on December 12, 2014 [1 favorite]


That is not the metric by which we determine if it's ethical to discuss data.


The problem is, you haven't demonstrated why you think it's unethical to discuss this data. I'll stipulate that if users were disseminating data that would help people commit crimes, like SSNs, bank account numbers or home addresses, that it would be unethical and should be removed. Or if people were bragging about committing crimes, including any of the aforementioned or assisting with the breach itself. But that's not what's happening here. In fact, it strikes me as unethical to try and shut down a conversation about the wage gap & racism in the corridors of power & the mechanics of an exploitative industry because it doesn't meet your evidentiary standard or whatever. It strikes me as unethical to argue that heads should be placed in sand around this issue in service to a system of ethics that doesn't take into account power differentials.

I also disagree with the pileon about this being a bad, poorly framed post. I think "this was poorly framed" or "this is not the best of the web" can be bludgeons that we use when we don't want to talk about the real reasons why something bothers us. Why is it bad that the stories linked to are gossipy? Some Metafilter users like gossip. I don't see why this particular game of insider baseball is less relevant than other conversations about the personal lives of athletes or politicians. I bristle at the suggestion that there's no intrinsic value to be had in a conversation about gossip. A few quick examples--is it not revealing that an actress of Angelina Jolie's power & stature is offhandedly dismissed as a "minimally talented spoiled brat" when she butts heads with a well-known male director because she'd rather see resources diverted to her project about a powerful Egyptian queen; and not to his project about yet another visionary white male capitalist? Especially since the moviegoing public already endured a biopic about said capitalist just last year? Or about how a black male comedian asking to be paid to do extra work is loaded with "chutzpah?" I realize that the post didn't actively draw attention to these issues, but I feel like if it had it would have been deleted for editorializing.

Contrary to what the above wall of text might suggest, I don't really have a horse in this race. When incessant was offering a full-throated takedown of an equal wage strawman in the thread and engaging in macho posturing about who would last how many seconds in whose job, I just rolled my eyes. When some other clown showed up to crow about how incessant's opinions were just the sort of radical truth that Metafilter can't handle and that would be silenced forever, I held my tongue (despite the fact that said radical truths still exist in the thread in front of God & Matt Haughey and everybody.) But when people start suggesting that we can't even have this conversation at all because it doesn't meet the high MF standard of decorum when it comes to calling out racists, that's when I reach for my revolver.
posted by zeusianfog at 9:59 AM on December 12, 2014 [18 favorites]


Metafilter should not discuss illegally leaked data.
posted by NSA at 9:50 AM


eponysterical
posted by zeusianfog at 9:59 AM on December 12, 2014


Yes, it's a joke account.
posted by Chrysostom at 10:03 AM on December 12, 2014 [1 favorite]


ThatsTheJoke.gif
posted by koeselitz at 10:04 AM on December 12, 2014 [4 favorites]


MetaTalk: if you're going to be condescending and pedantic, it would help to be right
posted by under_petticoat_rule at 10:04 AM on December 12, 2014 [6 favorites]


There are a whole lot of people getting screwed by this leak who aren't celebrities.

This is a shitty thing, and the framing and discussion around the post are contributing to it being shitty, by encouraging us to point and laugh.


It sucks that there are a lot of regular folks who got their SSNs and personal details leaked and have been severely screwed by that. It absolutely does.

However, the Venn Diagram of the two circles "people who are getting screwed by this leak who aren't celebrities"* and "people who Metafilter is pointing and laughing at" has, as far as I can tell, zero overlap. Nobody's sitting around talking about what a dumb social security number so-and-so has. There are, hopefully, very few identity thieves, stalkers, or con artists on Metafilter, but if there are I am pretty sure they are not going to be aided in their criminal activities by this FPP appearing on Metafilter, or hampered by it not being here.

I would be uncomfortable with the post if it was all about peoples' SSNs and a detailed discussion of how to hack a company like Sony and how the hackers might utilize those personal details for wrongdoing. It's precisely because the post is basically just rubbernecking gossip about a bunch of very powerful people that I think it's fine.

*or wealthy studio execs who I have not a lot of sympathy for
posted by mstokes650 at 10:16 AM on December 12, 2014 [3 favorites]


That is not the metric by which we determine if it's ethical to discuss data.

Reporting about this security breach is ethical, because it is in the public interest: a large and powerful entity has vast amounts of sensitive data about people, which is poorly protected.

After this and the 2011 PS3 credit card leak, people have the right to know if they should be reasonably wary of being a Sony customer or employee, or at least know what the risks are.

Journalism carries this information to the general public and allows that conversation to take place. Metafilter is just one among many venues where different aspects of that conversation are happening.

While the post in question may have been framed in a tabloid-like manner, the parties in question are celebrities and public figures, and they understand and have consented to the tradeoff made between financial gain and public exposure. This bargain existed long before Metafilter, and will likely exist long after the site is gone. Even so, the discussion in the post seems to be generally less interested in the celebrity aspect of this story, in any case.
posted by a lungful of dragon at 10:19 AM on December 12, 2014


Yeah, zeusianfog, I do think that often entertainment gossip is looked down on by people who see themselves as above it. It's classist.

Now, of course I'm not supporting the leaking of social security information or anything like that, but the racist emails from Sony execs? The email that showed that Maureen Dowd was letting the husband of the subject of a column read it before publication? I'm cool with that out there.
posted by inturnaround at 10:22 AM on December 12, 2014 [1 favorite]


metafilter: sitting around talking about what a dumb social security number so-and-so has
posted by el io at 10:35 AM on December 12, 2014 [2 favorites]


(seriously, what a loser that dude is, he has like three 5's in his SS number - fuck that guy)
posted by el io at 10:35 AM on December 12, 2014 [5 favorites]


Reporting about this security breach is ethical, because it is in the public interest: a large and powerful entity has vast amounts of sensitive data about people, which is poorly protected.

Most everyone here affirms this part. The discussion has never been about whether we should discuss the breach. Of course we should.

While the post in question may have been framed in a tabloid-like manner, the parties in question are celebrities and public figures, and they understand and have consented to the tradeoff made between financial gain and public exposure.

Most everyone here does, or should, disagree with this part. It is so wrong to affirm something like this that I'm genuinely concerned about you. No public figure has ever consented to this kind of public exposure trade-off. If you affirmed this kind of trade-off without qualifications or restrictions, it would lead to absurd conclusions. The question, then, is where you draw the line. The charitable thing to do would be to ask where you would draw the line if you were a celebrity, and treat others in a similar way.
posted by SpacemanStix at 10:51 AM on December 12, 2014 [3 favorites]


Celebrity status has always afforded fewer privacy protections. Celebrities who argue their privacy rights have been violated have higher legal hurdles to clear, at least in the United States. There is always debate about the privacy rights of public figures, but I think it is fair to say this is the reality of the situation as it is now, and it is unlikely to change without sweeping and substantive changes to privacy law that the current political climate is unlikely to endorse.

The idea that we should ignore the larger issues with the Sony leak (some of which are troubling from a civil liberties perspective, one of which I mention later in the original post) because this one particular aspect first needs resolution on this site seems troubling to me. Public figures have always had fewer privacy rights, and this story clearly has a public interest angle that goes beyond mere tabloid titillation that, even if it were merely that, would still be within the current bounds of what society deems acceptable (even if that aspect of society is "below" Metafilter).
posted by a lungful of dragon at 11:13 AM on December 12, 2014


Most everyone here does, or should, disagree with this part. It is so wrong to affirm something like this that I'm genuinely concerned about you. No public figure has ever consented to this kind of public exposure trade-off.

Oh please. aLoD didn't defend piloting drones over Celeb X's pool to take pictures. It was a simple statement completely in line with both our cultural attitude about info about public figures and a tremendous corpus of law about how different standards apply to people of interest when it comes to image rights and libel. Most every public figure ever - particularly ones who have set out to make their living as movie stars - absolutely made a conscious decision to be less able to get a cup of coffee without being recognized in exchange for people giving them money to slather their image on billboards.
posted by phearlez at 11:15 AM on December 12, 2014 [1 favorite]


I think everyone should understand this, because it's important.

Everything you put into a corporate email account should be thought of as public information. It's extremely likely to get hacked or subpoena'd or read by your IT security department or anyone else in the company. Corporate emails are not private, they belong to the corporation, its stakeholders and probably eventually opposition lawyers.
posted by empath at 12:18 PM on December 12, 2014 [8 favorites]


Oh please. aLoD didn't defend piloting drones over Celeb X's pool to take pictures. It was a simple statement completely in line with both our cultural attitude about info about public figures and a tremendous corpus of law about how different standards apply to people of interest when it comes to image rights and libel. Most every public figure ever - particularly ones who have set out to make their living as movie stars - absolutely made a conscious decision to be less able to get a cup of coffee without being recognized in exchange for people giving them money to slather their image on billboards.

That's not what I was referring to. I said,

No public figure has ever consented to this kind of public exposure trade-off.

The one where private information is attained illegally and displayed for everyone to see, somehow justified because they live a more public life. What they signed up for, this isn't it. And no one has ever signed up for that.

It's wrong to take an obvious byproduct of a chosen profession and using it as justification for something worse. And it's wrong for anyone to continue defending it.
posted by SpacemanStix at 12:21 PM on December 12, 2014 [3 favorites]


... do we really want to facilitate North Korea intimidating and punishing people who make fun of them? (That's what this was, right? I haven't been paying too much attention.)

FBI official says 'no attribution' to North Korea in Sony hack probe [Reuters]

At the point, no one knows who is responsible.
posted by ryanshepard at 12:23 PM on December 12, 2014


The idea that we should ignore the larger issues with the Sony leak

Again, no one has ever said that. Not even one time.
posted by SpacemanStix at 12:26 PM on December 12, 2014


Everything you put into a corporate email account should be thought of as public information.

This is perfect and true and the only thing I have to add is that this also goes for any instant messaging applications included in your corporate communications suite.
posted by winna at 12:29 PM on December 12, 2014 [1 favorite]


Well, if nothing else, we've reached Peak Godwin, between the Nuremberg reference and what appears to be a completely unironic use of "that's when I reach for my revolver".
posted by scrump at 12:31 PM on December 12, 2014


appears to be a completely unironic use of "that's when I reach for my revolver"

I think you might want to check your irony-meter and make sure it's working.
posted by RogerB at 1:46 PM on December 12, 2014


FBI official says 'no attribution' to North Korea in Sony hack probe [Reuters]

Interesting that the Sony hack and Pirate Bay takedown happened so close together in time.
posted by jamjam at 1:50 PM on December 12, 2014


Today I learned that quote *wasn't* by Hermann Göring, so something good came out of this.
posted by Chrysostom at 2:15 PM on December 12, 2014 [1 favorite]


Everything you put into a corporate email account should be thought of as public information.

This is perfect and true and the only thing I have to add is that this also goes for any instant messaging applications included in your corporate communications suite.


This is also true. The one thing I have to add is that your employer might be archiving all of your phone calls without telling you if you use any kind of VOIP system (if you are at a large org, you probably do).

Sony is probably pretty glad they didn't archive all of their telephone calls though - if they thought email would be embarrassing, imagine if all of their phone calls were leaked.
posted by el io at 3:08 PM on December 12, 2014 [1 favorite]


I don't understand why this discussion seems to exist in a universe where journalism hasn't been grappling with these issues for a long time. Basically, the standard is that revealing the contents of leaked, private information which, no, the press or the public don't have a legal right to, is acceptable in direct proportion to the degree to which it serves the public interests. Thus, tabloid reporting of the contents of a celebrity's hacked phone is wrong; reporting of the contents of the Pentagon Papers is right.

There are certainly aspects of the hacked Sony data that meet the standard for serving the public interest. Much of it does not. I don't think it's that hard to tell the difference.
posted by Ivan Fyodorovich at 3:10 PM on December 12, 2014 [11 favorites]


"As a public institution in the state of Michigan, the University of Michigan is subject to provisions of the state's Freedom of Information Act (FOIA). "

Emphasis added because it is apparently needed.

If you had read before Bing-ing, you might have noticed, "State government records can usually be produced upon request pursuant to that state's public records laws, which are often colloquial known as "open records/open government laws" or "sunshine laws". You may have noticed that an email from a state agency contained a notice that the email and any reply to it was subject to public records requests. I am sure that professor's records were requested pursuant to a state public records law." (more emphasis because it is still apparently needed)

(☞゚ヮ゚)☞
posted by Tanizaki at 7:17 PM on December 12, 2014


Then why did you bother pointing out that FOIA requests apply to Federal agencies?
posted by MoonOrb at 8:05 PM on December 12, 2014 [3 favorites]


I understand that you think you're scoring some major point here, but I'm not sure what it is?
posted by ArbitraryAndCapricious at 8:12 PM on December 12, 2014


I cannot buh-buh ingg that symbol Tanizaki. Seriously what is it, I see a large bing Crosby closeup
posted by clavdivs at 8:48 PM on December 12, 2014


Sorry but contraryandconspicuos, reading the "argument" moonorbit is correct and the reponse was quite to the point, something a lot of folks...stop(me)

I don't fucking understand why someone who posits a reasonable response to a question that was wrong in the first place gets asks if
You scoring points.
Wth?
posted by clavdivs at 8:59 PM on December 12, 2014


Wth?
posted by clavdivs at 8:59 PM on December 12 [+] [!]


Indeed.
posted by kagredon at 9:06 PM on December 12, 2014


clavdivs-
ArbitraryandCapricious was also responding to Tanizaki, it looks like.
posted by MoonOrb at 9:13 PM on December 12, 2014


Tanizaki apparently didn't know that state "Freedom of Information Acts" exist. Otherwise he might not have claimed that they were called "open government acts" or "sunshine laws" instead of "The Freedom of Information Act." This seems to be a common problem with lawyers: they tend to assume that their expertise is universal, whereas it's generally quite state- and even locale-specific.
posted by koeselitz at 10:23 PM on December 12, 2014 [5 favorites]


What I am opposed to is the concept of some ideal exactitude given us a priori, as it were.
Sorry to but in moonorbit.

Lawyers do smell that emotional blood though.
posted by clavdivs at 11:51 PM on December 12, 2014


If you had read before Bing-ing, you might have noticed

He did read. Your inability to properly define your terms or read in context is not his fault. "Freedom of Information Act," when used without specifying 5 U.S.C. § 552, may also be referring to any number of state laws where the exact same name is used. Virginia or Florida, for example, or perhaps Michigan.
(1) This act shall be known and may be cited as the “freedom of information act”.
Consequently, when he says
I take your point, but I work for a state university. You can file a Freedom of Information Act request tomorrow and get access to all the emails on my work account.
and you respond with
FOIA requests apply to the records of federal agencies, which a state university isn't.
Not only do you sound like an asshole, you also sound like you're not even a competent lawyer. That is something that can be discerned without even using Bing.
posted by phearlez at 6:31 AM on December 13, 2014 [9 favorites]


Yes, I was responding to Tanizaki.

Jesus fucking Christ. It actually isn't literally a FOIA request. It's an open records request under the state public records law. I'm pretty sure that everyone knew what I meant, and it doesn't change the substance of my point, but you sure did prove your superior intelligence and put me in my place. Yay you! You have shown us all that you have extensive legal knowledge and are a bit of an asshole!

My point is that when people say "how would your company look if everyone's emails were made public," they are discussing something that could happen. Journalists and other people request and are granted access to emails at my "company" all the time. Two weeks ago, some random guy filed a request for all of someone's emails. (Another thing that is public under our public records law is the log of every open records request that has been filed.) I try hard not to put anything in my work email that I would be embarrassed to have published in the newspaper, because I know my work email isn't private. This is not some nightmare scenario that is outside the realm of possibility.
posted by ArbitraryAndCapricious at 6:50 AM on December 13, 2014


Serious question that I don't really expect anyone to answer:

If you have moral qualms about the contents of these hacked e-mails even being discussed, how do you know so much about what was in them? Why did you keep reading articles and so forth when you realized they concerned hacked e-mails?

I say this because I read a comment way up in this thread, saying something about rank-and-file Sony employees being "totally hosed." How do you know this? I have not read ANY of the leaked e-mails; I read an article about the statement that Angelina Jolie is a minimally talented spoiled brat, and that is all I have seen. I am an example of someone who, having stopped reading (not due to scruples, just because I could not be arsed to read further) knows NOTHING about the leak past the Jolie thing, and therefore has no idea why any rank-and-file employees are "hosed."

It seems like your prurient interest led you to read beyond the point that you should have reasonably stopped, according to your own expressed scruples, if you know so much about the content of the leaked e-mails.

And if I am right, that makes you a hypocrite to be arguing that they should not be discussed here.
posted by jayder at 7:28 AM on December 13, 2014


the hosed line came from the topic and is likely referring to this comment from the thread -
I am also rather peeved that metafilter is trawling through this, and that's part of what's fueling my anger here. I have many many friends who have been affected by the leak, and lots of them are not doing well. While this thread "hurf durf corporate richies are jerks!" ad infinitum, this is having serious, sweeping ramifications among thousands of people, and it is apparently only going to get worse.
beyond that there has been reporting that doesn't include any of the leaked information and instead discusses the fact that addresses and ssns and the like of regular employees are out in the wild. really your whole comment comes off as you not really understanding what the leak was and that it wasn't just a few executive emails.
posted by nadawi at 7:35 AM on December 13, 2014 [4 favorites]


There have been enough headlines with enough details that it's not at all difficult to stitch together the fact that a lot of non-famous people have had their work emails and personal info tossed out into the world.
posted by Etrigan at 7:36 AM on December 13, 2014 [4 favorites]


I worked for a newspaper for 13 years and am currently employed by a university. I use FOIA and "open records requests" as interchangeable terms and have never had anyone misunderstand what I meant by this.

The fact that all one has to do is write a letter and ask for something kind of negates what you call it when the results are the same. Sunshine law, open meeting, whatever. When the request arrives you still have to follow the law (fortunately, that's what the lawyers decide).

On top of this, there's a lot of overlap between federal and state universities. The university I work for does a shitload of federal research and we have federal organizations housed within departments.

I can find a lot of example requests for FOIA requests aimed at universities, but I can't find any specific laws calling them such (in Iowa). Again though, it doesn't make a lot of difference what you call them if anyone can do one (you don't have to be a lawyer).
posted by cjorgensen at 8:17 AM on December 13, 2014 [1 favorite]


how do you know so much about what was in them?

I heard a story on the radio about the hack and the kind of information that had been released and that it wasn't just higher-ups and stars that were affected, but also ordinary employees. I've also seen some references on my fb because I know a couple of people who work in the industry, though not as far as I know for Sony.
posted by rtha at 8:24 AM on December 13, 2014 [2 favorites]


Tanizaki jumped the gun and was rude about it, but I think it's probably relevant that a) the federal FOIA and the various state equivalents vary in their scope and application, and b) IIRC, public university faculty email is not necessarily equivalent to other government employee email, nor equivalent to other workplace email. It's been years, but I vaguely recall a discussion on Crooked Timber about this -- something about faculty email having a different status directly related to how student account email has a different status. There was some case law on this, but of course it matters what the jurisdiction was. Still, ArbitraryAndCapricious made a sweeping assertion that, in my opinion, is just as misinformative as it is informative. I get the main point about not taking for granted the privacy of your work email, but making categorical statements in an authoritative manner, whether it's ArbitraryAndCapricious or Tanizaki doing so, is not so helpful.
posted by Ivan Fyodorovich at 11:28 AM on December 13, 2014


I absolutely did not make a categorical statement. Here is the post:
Leak all of YOUR company's emails, and see how you look.

I take your point, but I work for a state university. You can file a Freedom of Information Act request tomorrow and get access to all the emails on my work account. You shouldn't do that, because my emails are super boring and it would be a pain in the ass for the lawyers to take out all the FERPA-covered student information, but you could. It has happened to at least one professor at my university.
I was talking specifically about my situation, in response to a post that asked people to imagine that this applied to them, and everything I said about my situation is true, except that the thing is not technically a FOIA request. But I will certainly defer to your judgement and vague recollection of a random blog post.
posted by ArbitraryAndCapricious at 12:13 PM on December 13, 2014 [1 favorite]


"You can file a Freedom of Information Act request tomorrow and get access to all the emails on my work account."

That's pretty unequivocal. I wasn't the person who was rude to you; you don't need to be rude to me.

Anyway, are you sure that a single FOIA request will grant access to all the emails on your work account, or are you assuming that's the case? As I said, I think it depends upon your state, case law, and your university's admin's interpretation.

You might read "Section VII. FOIA and Electronic Communications" from the American Association of University Professors report, Academic Freedom and Electronic Communications.

Here's one relevant passage:
“The presumption of confidentiality is strongest with respect to individual privacy rights; the personal notes and files of teachers and scholars; and proposed and ongoing research, where the dangers of external pressures and publicity can be fatal to the necessary climate of academic freedom.

For example, in 2011, the Republican Party of Wisconsin filed a FOIA request with the University of Wisconsin, demanding that the university release e-mail messages from Professor William Cronon, then president of the American Historical Association, who had criticized the Republican governor’s “assault on collective bargaining rights.” The administration agreed to release some of Professor Cronon’s e-mail messages, excluding “private e-mail exchanges among scholars that fall within the orbit of academic freedom and all that is entailed by it.” The administration also excluded messages that contained student information and those “that could be considered personal pursuant to Wisconsin Supreme Court case law.”
Note that last sentence. In Wisconsin, at least, such a FOIA request would not automatically apply to purely personal communications.

The section concludes with advice that echoes your warning:
"In this light, faculty members should be advised to segregate, as much as possible, personal from professional correspondence and also segregate correspondence that concerns university business from other professional correspondence, such as work for scholarly publications and organizations. Moreover, given the uncertainty surrounding state FOIA laws, faculty members at public colleges and universities should consider the possibility that every e-mail message they send and receive might become public. Lastly, when such requests are made, faculty members should immediately seek the advice and support of their union (if one exists at their institution) or of legal counsel."
My impression from this particular source is that faculty should not take anything for granted with regard to their email account and FOIA requests in either direction. You can't be certain that complete access won't be given, but you can fight for limits and they may be respected and, furthermore, it's not clear that a FOIA will always grant access to personal communications that aren't within the purview of the public interest that FOIA laws are intended to protect.

Public university faculty are not just a regular kind of government worker, their work email intersects both issues of academic freedom and confidential information relating to students and, consequently, there are good reasons to assume that a FOIA request need not apply to anything and everything in an email account. But it might.
posted by Ivan Fyodorovich at 2:44 PM on December 13, 2014 [1 favorite]


Here's some "open carry" idiots filing a FOIA request in a police station. Someone should point out this would be an "open records" request.
posted by cjorgensen at 9:24 AM on December 14, 2014


There is some middle ground between “we shouldn’t discuss this” and “ha ha suck it famous people,” and although the post may not have engendered the most helpful kind of conversations, that doesn’t mean they aren’t worth having.

I think knowing that the most powerful people in our entertainment industry are actively racist is important. (We knew they were already, of course— but now we know they don’t just make racist media because it sells.)

I think it is worth considering what the effects in Hollywood will be now that many huge stars know their handlers are, well, handling them, not actually on their side at all. I am not glad that a huge number of people are being humiliated and exposed, but some of that exposure is of the toxic practices of a toxic culture, and I can’t help but feel that such exposure might be of interest to all of us living in the environment that such a culture helps create. I also think the fact that an enormous corporation that spends billions to prosecute individuals who download their proprietary files cannot be bothered to adequately protect the data of their own employees is important information.
posted by a fiendish thingy at 8:27 AM on December 15, 2014 [1 favorite]


WE'RE ALL WEARING THE HOLY SMOCK NOW
posted by quonsar II: smock fishpants and the temple of foon at 8:32 AM on December 15, 2014


Is this really best of the web? that's basically my question. There's more than a couple posts in there that point out that hollywood media has basically done this forever, but is the blue TMZ? Do we want it to be?

I'm not that interested in the topic itself - the North Korean angle is the most curious thing about it - but your questions are not ones that I want answered editorially, i.e. by deletion.
posted by topynate at 5:53 AM on December 16, 2014


I also think the fact that an enormous corporation that spends billions to prosecute individuals who download their proprietary files cannot be bothered to adequately protect the data of their own employees is important information.
Not only that, but in some countries these companies have been pushing for anti-piracy laws based on the concept that people are legally responsible for securing their internet connection.
posted by elgilito at 6:40 AM on December 16, 2014




Sony has attempted some barratry against media outlets that report on the leaks, but media outlets are protected by the first amendment.

I really hope the media doesn't cave. As more of it comes out, it becomes less and less about SSNs of everyday people, and more about the leaks that are in the public interest.
posted by a lungful of dragon at 10:17 AM on December 16, 2014


Aaron Sorkin is saying that the Sony leak is "worse" than the nudes leak. Eyeroll.
posted by discopolo at 11:40 AM on December 16, 2014


Worse for him I guess. What a dingus.
posted by jessamyn (retired) at 2:08 PM on December 16, 2014 [4 favorites]


Poynter has a good (and succinct) article on the ethics of reporting on hacked emails.
posted by el io at 3:36 PM on December 16, 2014 [2 favorites]


discopolo: Well, given that thousands of identities might be stolen because of this, the immediate (and lasting) impact of this will affect more people.

Also, the personal contact information of celebrities pretty much ensures harassment (yeah, everyone will change their phone numbers), but celebrity stalkers could use this information to put people in physical harms way.

Honestly, if the media thought they could get away with it, they would have totally published all the naked celebrity photos... They just knew they couldn't justify that (and they'd be sued out of existence).

I'm not taking a stance on which is 'worse', but I can understand his (self-serving) position.
posted by el io at 3:41 PM on December 16, 2014


Oh (I need to quit making successive comments in the same thread), his railing against the hack is directed at the media, not the hackers:
As demented and criminal as it is, at least the hackers are doing it for a cause. The press is doing it for a nickel.
posted by el io at 3:43 PM on December 16, 2014


If I wanted to hear a hacky and sanctimonious monologue on press ethics from Sorkin, I could be one of the five people who watch the Newsroom.
posted by klangklangston at 7:01 PM on December 16, 2014 [3 favorites]


"As with most episodes, this one is full of plotlines: a hurricane threatening the coast, a looming Teamsters strike and an armed standoff at a survivalist compound in Idaho. And, as C.J. wryly points out, the media is only interested in the First Lady’s shoes.
posted by clavdivs at 11:28 PM on December 17, 2014 [1 favorite]


« Older What is your favorite username?   |   What are some Spotify Playlists made by Mefis? Newer »

You are not logged in, either login or create an account to post comments