Dropbox Archives - Friends For Fullerton's Future

Akbar It's a Trap

Fullerton has a new(ish) online Public Records portal to view records requests made by the public. If you put in a Public Records Request, and I urge you to submit them often for fun and profit, you’ll get a response sometime within 10 days telling you to wait longer. When you finally get an actual response to your request the Assistant City Clerk will likely email you and in the email will include the following line;

“The City of Fullerton has reviewed its files and has located responsive records to your request. You can inspect these documents online in the Fullerton Public Records Center.”

Maybe you’ll get a link, maybe you won’t. But the “Public Records Center” looks like this:

PRR Portal — Admiral Ackbar is NOT amused

BE WARNED. This could be a trap.

If you, acting like a normal person on the internet, click on “Public Records Home” and navigate to the “Public Records Request Log” you will be able to see all current public record requests and their responses. This is where the trap comes into play. You see, the City of Fullerton has NOT given you “Expressed Authorized Permission” to view these publicly available public records and as such could be trying to entrap you into a legal case.

After all, that is EXACTLY what they’re claiming we did over on their former PRR portal (Dropbox) and we’ve been in court for over a year with City Hall calling us “hackers” and “thieves” for clicking links on a website (Dropbox) they told us about and sent us links to click.

Now they’re telling people about this new portal and sending people links to this GovQa powered portal as though everything is fine and on the up and up. It is not.

If, or more likely WHEN, the City screws up again and puts something on this new PRR Portal that they later claim shouldn’t be online, they’re likely to sue you under the Federal Computer Fraud and Abuse Act as well as the CA counterpart the CDAFA.

To drive the point home that this is serious and not just me trolling you, the hosting software is run by “GovQA” which is a private equity owned company that even tells you in their terms of service (TOS) that you are responsible if you are granted access to things by mistake;

“You must not retrieve information, or in any other way disclose information, for someone who does not have authority to access that information.”

This is precisely what the City of Fullerton claims happened with us on Dropbox.

But how will you know when you’ve been granted access to something you shouldn’t have access to? You won’t. That’s the point.

In our case Fullerton’s City Attorneys have been incapable of figuring out which records on Dropbox were public and which were allegedly not. In their court documents they’ve claimed AT LEAST 4 different lists of offending files.

That’s right. First the City claimed everything on Dropbox wasn’t public. Then some of it was public, then a different some of it was public and then a different some of it still. If City Hall and their small army of attorneys don’t know what’s public – how are you supposed to know what you’re allowed to look at?

This is how you risk getting blamed for City Hall’s screw-ups the way we’re getting blamed.

But wait, there's more! — But wait, there’s more!

It gets better. GovQa even EXPLICITLY references the CFAA in their TOS (emphasis added);

“You understand that any person or business entity who obtains information from a computer connected to the Internet in violation of computer-use restrictions is in violation of the Computer Fraud and Abuse Act.“

Fullerton, in court, is arguing that clicking on a link we weren’t explicitly told it was okay to click is a violation of the Computer Fraud and Abuse Act. That is their actual legal argument.

Consider yourself warned. Do not trust this new system in Fullerton as our case is ongoing with no end in sight. Fullerton City Hall & City Council have never taken responsibility for their own screw-ups so it is incumbent upon you to protect yourself from their litigious and corrupt nature.

Use TOR or a VPN if you need to access these systems. Set up a dummy email account. Do whatever you need to do to protect yourself because even though you have every right to view every document published on that public facing website – that they’ll tell you about – it doesn’t mean that the city won’t entrap you, slander you and play the victim with your own money.

Joshua Voice of OC — Photo by JULIE LEOPO, Voice of OC

I’ve been pretty quiet since the City of Fullerton decided to sue me, David Curlee and this blog. We were under a Temporary Restraining Order (TRO) so knowing what I could and could not post was up for legal debate. Yet at the same time the TRO was active, the City Attorney, Kim Barlow, was out in the open calling us hackers and thieves to our friends, neighbors and the world at large. Yay illegal prior restraints in violation of the 1st Amendment.

The basic issue here is that City Hall screwed up and then decided to smear and scapegoat us to cover their own bureaucratic hindquarters.

To this end they hired some experts to bloviate about BS in an attempt to confuse people and obscure the truth about what is actually being alleged against us and City Council bought it hook, line and sinker.

The ink on the City’s Press Release hit-piece was barely dry before The Fullerton Observer uncritically reprinted it and in an effort to attempt cover the story they brought in their own “expert” who copy and pasted the City’s nonsense in order to paint us as hackers and villains with malicious intentions and evil schemes.

But now I’ll tell you what is actually being alleged; The City is alleging that we went to it’s website and clicked links.

That’s it.

All of their preening about VPNs/TOR, link hashes, network security – All Of It – is a smokescreen. Despite the nonsense about needing to delay the lawsuit to secure the city’s network, the city never alleges that the their network was ever breached or hacked.

The real meat and substance of their argument and allegations is that we “exceeded authorized access” and are therefore “thieves” and “hackers” under the Computer Fraud and Abuse Act as well as the California Comprehensive Computer Data Access and Fraud Act.

We allegedly “exceeded access” because they say we went to a link on the city’s own website, a link they themselves claim that they told us about, and allegedly clicked on files and folders they put there for the whole world to see plain as day. The argument is that we should have known better and shouldn’t have clicked on the files they put on the internet at the website they told us about. That is literally their allegations. That’s it.

We’re apparently supposed to have known what a $1Million+/year worth of government employees & lawyers didn’t know – that some files the city put online shouldn’t have been accessible from the city’s own website.

To bypass the obvious First Amendment issues in this lawsuit and to obtain their TRO the city made the claim that we accessed files that contain privileged medical records of police and their families, etc.

This is why they claim to have needed the prior restraint against us publishing data – to mitigate financial risks to the city. But there is no evidence this blog has published any such information made in the city’s grand accusations. Information, mind you, that the City themselves claim to have put on the internet for the entire world to access. By their logic we shouldn’t be allowed to do as journalists what they themselves have already admitted to doing as incompetents.

The City is trying to unring a bell here and blaming those who allegedly heard it instead of admitting they caused the commotion when they bonked their own heads.

Even if what the city alleges is true, that we allegedly went to the city’s own website and clicked links, the liability and financial risks to the city are of their own doing by their own admissions. It is not the responsibility of journalists or even the public to safeguard the city’s corruption and secrecy after the city itself has put it on display for the entire world.

To call the allegation that we went to their website and clicked links “hacking” and “stealing” is absurd. To demand myself, David Curlee, my former co-worker, this blog at large and unnamed Does 1-50 turn over our entire digital lives (phones, computers, hard drives, flash drives, CDs/DVDs, etc) to the city to cure this alleged link clicking is ludicrous on top of the absurd. And frankly it’s insulting and malicious.

Fullerton is rotten to the core when it actively buries misconduct by employees and officers but attacks bloggers & journalists for revealing truths. That our council would vote 5-0 to pursue this lawsuit and then vote 4-1 to continue it says a lot about our supposed leadership.

Thankfully the TRO was stayed by the Appellate Court and we are free to resume publishing. This is going to continue at least until 21 November and we’ll keep you posted as to the status of this ridiculous lawsuit.

Meanwhile I’m now out of a job thanks to this lawsuit while bills and attorney fees stack up. A good friend and all around great guy, Erik Wehn, set up a GoFundMe account and I’ll incur his wrath if I don’t mention it [HERE] so there it is and thank you to all of the people who have supported myself and this blog financially, emotionally and spiritually in these trying times. Sincerely thank you.

Tag: Dropbox

Fullerton Could Sue You For Looking at Public Records

Joshua Speaks about Fullerton v FFFF Lawsuit