Nova Scotia FOIPOP website somewhat back online

Freedom of Information web portal partially returns, five months after the province discovered an obvious and massive security flaw.

[
        
          {
            "name": "Air - Inline Content - Upper",
            "component": "26908817",
            "insertPoint": "1/4",
            "requiredCountToDisplay": "8"
          },{
            "name": "Air - Inline Content - Middle",
            "component": "26908818",
            "insertPoint": "1/2",
            "requiredCountToDisplay": "8"
          },{
            "name": "Air - Inline Content - Lower",
            "component": "26908819",
            "insertPoint": "100",
            "requiredCountToDisplay": "1"
          }
        
        ]

click to enlarge

Nova Scotia FOIPOP website somewhat back online

VIA NOVA SCOTIA

A familiar site by now for the province's journalists.

Five months after being taken offline to address some basic security flaws, the province has finally brought back its Freedom of Information and Protection of Privacy web portal—albeit in a limited format.

The new-and-improved FOIPOP site provides previously completed Freedom of Information requests (used by the public, politicians, academics and journalists to access public data not routinely released by the government). But it doesn’t at this time accept any electronic submissions for filing a new FOIPOP request. That option will be rolled out later this fall, according to the province.

“Only publicly released access to information requests are available on the site,” reads a short press release announcing the relaunch. “The site does not host any personal information and is not connected to the case management ”

The site relaunched Wednesday, over 150 days after it was accidentally discovered that several thousand confidential documents had been downloaded without authorization.

Files on the site, often containing unredacted personal information, could be accessed by the general public simply by sequentially altering the numbers at the end of the HTML web address.

Over 7,000 documents were found to have been inappropriately downloaded because of the security flaw, a few hundred of which contained “highly sensitive” personal information.

A squadron of 15 Halifax Regional Police officers would end up arresting a 19-year-old for accessing the documents. Three weeks later and after international ridicule, the police announced via press release they would not be charging the teen.

Service provider Unisys—the company that maintains the FOIPOP site—had its contract with the province renewed over the summer, but only for a single year and with the restriction that Unisys will no longer be in charge of the public disclosure portion of the site.

Meanwhile, two separate investigations into the government's handling of the breach—headed up by the Office of the Information and Privacy Commissioner and auditor general Michael Pickup, respectively—are both still ongoing.

About The Author

Jacob Boon

The 25 stories of 2018

Glitter Beans, smoking bans and unkillable agaves: The year in review.

By Team Coast
Dec 13, 2018
Stephen McNeil's contempt for transparency

The premier has no interest in fixing the broken freedom of information system his government openly ignores.

By Jacob Boon
Sep 21, 2018
How “snooping” harms us all

The Sobeys pharmacy breach shows why the public needs to prioritize data privacy.

By Michael Karanicolas
Aug 9, 2018
Halifax police at high risk of cybersecurity threats

A letter from HRM's auditor general says there has been little improvement since significant IT problems were first identified 18 months ago.

By Jacob Boon
Jul 18, 2018
100 different ways to keep a government secret

The broken freedom of information system has dozens of exceptions, loopholes and bureaucratic tricks available to keep public information out of the public's hands.

By Michael Karanicolas
Jun 28, 2018
Civil servants lied to the police and that needs to be addressed

The province is hoping its FOIPOP blunder goes away and if it does, nothing will change.

By Evan d’Entremont
Jun 5, 2018
Breach teen is free!

Halifax police have no grounds to lay charges against the 19-year-old railroaded by the province for its lacklustre FOI site security.

By Jacob Boon
May 7, 2018
11 more security failures discovered in Freedom of Information database

Additional leaks from March were discovered two weeks ago by the province.

By Jacob Boon
Apr 30, 2018
Auditor General will investigate FOIPOP breach

Province calls in Michael Pickup’s office to help clean up its worsening cyber predicament.

By Jacob Boon
Apr 23, 2018
Nova Scotia’s FOIPOP site won't be back online anytime soon

Patch to fix the security flaw that caused a massive breach of personal data is still being tested, and there's no timeline for when it will be ready.

By Jacob Boon
Apr 20, 2018
The FOIPOP breach and the dangers of criminalizing research

By Michael Karanicolas
Apr 19, 2018
Province was warned about sloppy database security over a year ago

Weak passwords and weak oversight from Internal Services plagued the same computer system that recently allowed a massive data breach.

By Jacob Boon
Apr 13, 2018
Province just sort of stumbles across massive data breach

Personal information for thousands of Nova Scotians compromised thanks to paper-thin security standards.

By Jacob Boon
Apr 11, 2018