Over on DataBreaches.net, I noted the massive data breach of Mossack Fonseca, a Panamanian law firm. The Panama Papers, as the leak is being called, began when “John Doe” contacted a German newspaper and offered them data. Over the next year, they amassed a tremendous number of files that were investigated by a number of news outlets. The first reporting was released yesterday; other reports on other data will follow.
What was not clear from the original reporting was how “John Doe” came to acquire the information – whether this was an external hack or an insider job, or what. It now appears that it was a hack, and Elida Morena of Reuters reports that the co-founder of the law firm is describing this as a campaign against privacy:
Ramon Fonseca, the director of Panama-based law firm Mossack Fonseca, specialized in setting up offshore companies, said in a telephone interview with Reuters that his firm had suffered a successful but “limited” hack.
[…]
“We believe there’s an international campaign against privacy. Privacy is a sacred human right (but) there are people in the world who do not understand that and we definitely believe in privacy and will continue working so that legal privacy can work,” he said.
The law firm said in a separate statement published by the Guardian: “It appears that you have had unauthorized access to proprietary documents and information taken from our company and have presented and interpreted them out of context.”
Read more on Reuters.
It seems to me that this hack was not an attack on “legal privacy” as much as an attack and exposure of corruption – corruption that costs taxpayers and those who adhere to the law. But of course, hacking is criminal conduct, however much you may silently cheer the outcome.
As an aide: in the statement to The Guardian, the firm also suggested that reporting on/disclosing the papers could result in civil or criminal charges. Well, we’ve heard that threat before, of course. While Sony successfully scared some media outlets with it after their hack and data leak, most U.S. news outlets rely on the Supreme Court ruling in Bartnicki to argue that they can use the material as long as they didn’t engage in illegal conduct to obtain it and the material concerns a matter that is of public concern.