Story in a nutshell:
A technology journalist, Ben Grubb was arrested by police who thereafter seized his iPad, following Grubb’s interview with a security expert, Christian Heinrich, relating to how private Facebook photos can be publicly accessed through a couple of days of informed URL guessing, a method that was previously presented to some 20 people by Heinrich during the AusCERT security conference on the Gold Coast, which questionably publicised private photos of a fellow security expert without permission.
Opinion/Analysis outside of a nutshell:
The story is not about Fairfax journalist Ben Grubb being arrested by Queensland Police after writing an article about the vulnerabilities in Facebook’s privacy controls, as mainstream media presents it. The story is about why his iPad was seized, the love of iPads…, and more seriously, by what method or medium private information is made public.
It sounds like the police wanted a copy of Ben’s notes for determining if Heinrich provided the image via a method that was not public. The question they appear to be looking for is when, where and how was the secure photo made public.
If the presentation was in a private room (with 20 people inside), then the image was made public by Fairfax.
If the private room was open to the public, the the image was made public by Heinrich.
After reading the interview transcript, the only reason that I can understand why Grubb was arrested, was in order to gain access to his notes during his chat with Heinrich - notes that could prove that Heinrich provided Grubb directly with a copy of the photo in private. It couldn’t be to obtain a copy of the image itself, as the image is accessible via “the cloud”, ie via internet access - hosted at a remote location. These notes were indirectly offered to Detective Superintendent Errol Coultis when Grubb said, “I wrote notes. If that helps”. Coultis did not follow up on this offer, and may have indeed missed it. It was at this stage when notes were mentioned however, that Coultis had decided to seize Grubbs iPad, without any request to obtain a copy of the notes.
By my understanding, it was unfair that Coultis:
- placed Grubb under arrest after saying he is not expected to be under arrest,
- placed Grubb under arrest to obtain his notes after he had previously offered the notes (”I wrote notes. If that helps”).
- requested confiscation of an object without requesting to see or have a copy of his notes, and
- requested confiscation of an object and placed Grubb under arrest immediately after asking if he had been treated in any way unfairly or threatened on that day.
Coultis also got the complainant’s name incorrect, while QLD’s police twitter account incorrectly stated that he was never under arrest.
The confiscation was in a way related to the investigation, originally requested by Gatford, the complainant, who was also surprised at the chain of events.
“@bengrubb thank god you have been released I am annoyed a great conference is being hijacked like this.” - @ChrisGatford May 17, 2011 at 17:44
I’d like to know why they couldn’t approach Heinrich first. Probably waiting for his lawyer.
In any case, Facebook is at fault of not securing photos requested to be secure.
Via SHM:
http://www.smh.com.au/technology/technology-news/journalists-facebook-arrest-transcript-of-police-interview-20110518-1esrr.html
http://www.smh.com.au/technology/technology-news/grubbs-story-privacy-news-and-the-strong-arm-of-the-law-20110518-1esn9.html#ixzz1Mh1lbsuH
http://www.smh.com.au/technology/security/security-experts-go-to-war-wife-targeted-20110517-1eqsm.html