I haven’t explored this space in a while, but I have a couple of examples that could be helpful. A Clojure library of mine [0] has a decent README with some background reading on how to use operational transform.
I also reimplemented it in a surprisingly tiny amount of OCaml [1] which was a fun way to learn that language :)
The police in Canada are due plenty of scrutiny for how altruistic their departments might be [1]
> The Ontario government ended police access to a COVID-19 database on July 22 after a court challenge by civil rights groups.
> Information released during that legal process revealed Thunder Bay police had searched the database more than 150 times per day, on average, between April 17 and July 22, according to the CCLA. That amounts to 14,800 searches, or a rate ten times the average number of searches by other police forces across the province.
> Thunder Bay had fewer than 100 reported COVID-19 cases during the time the data was available to police.
Do you think that the fact Thunder Bay had fewer than 100 COVID cases might have been because of their access to the COVID database, and their ability to enforce the Quarantine Act?
The US is not Canada. Police in Canada need safeguards too, to be sure. It's not even close to the same thing. For every 1 person killed in Canada by police, 100 are killed in America, 10X per capita. People in Canada aren't really scared of the police, certainly not in the way Americans are scared of the police. Police in Canada are part of the community, not paramilitary belligerents.
Nope, the fact that the police was checking the database has nothing to do with the performance of Thunder Bay against COVID 19, their performance is pretty in line with any remote smaller cities across Canada. In fact they tried to know why they were using it so much, and they refuse to answer. It's the lack of accountability that is the problem. May be there was a real reason for them to use it (10x more than any other city???!), but since they refuse to tell people, anyone can guess.
Absolutely. It would be interesting to know what information was in this database. It doesn't make sense that it was just a list of people. Did it include known connections? Other medical information? Travel history? And why/how was it being used?
The accessed names, addresses and medical status. These are all PII and medical information has even higher level of privacy. You want people to use medical services in confidential, it is safer for everyone that if someone suspects that they have an infectious disease that they have the appropriate medical help.
This is why Drs records and the like are very difficult for people to get, even law enforcement.
No I get they shouldn’t have had access to the data, I’m just at a loss as to what harm they could have done with it. I haven’t heard even so much as a theory truth be told.
> Do you think that the fact Thunder Bay had fewer than 100 COVID cases might have been because of their access to the COVID database, and their ability to enforce the Quarantine Act?
The premise here is that the police force needed to search the COVID database 150 times a day to enforce the quarantine act and that when asked why they were searching so frequently they were afraid to tell the federal government that they were using the queries as a tool for enforcing the law.
I am pretty sceptical of that theory.
Of course since they lost their access more than a month ago there have been a handful of new cases.. so it seems like we also have some empirical evidence that undermines this theory.
I'd love to hear a plausible explanation for 150 searches of the COVID-19 database per day in community with just over 100K residents and a police force of around 320 employees for the purposes of genuine police work.
> I'd love to hear a plausible explanation for 150 searches of the COVID-19 database per day in community with just over 100K residents and a police force of around 320 employees for the purposes of genuine police work.
A dashboard that refreshes every 10 minutes.
I’d love to hear a plausible explanation for what malicious thing they could do with that data.
It does not seem very plausible that a small police force built themselves a dashboard that refreshes and then when asked why they were making so many requests by the federal agency didn't explain that they made a dashboard and instead refused to say what they were doing.
A plausible explanation for what they were doing with the data that was malicious was that they were looking up friends and neighbours to gossip about/harass for being COVID-19 positive. It seemed obvious to me that this was the most probable explanation from the start.
A number of years back, I wrote an OT implementation in Clojure/ClojureScript as a hobby project [1] and learned a lot along the way. I even extracting out the core client/server implementations to their own package [2].
It's an incredibly fun topic, and one that's also really challenging. It also gave me first-hand experience with fuzz-testing where I could simulate all kinds of concurrent-edit conflicts and ensure both clients came out with the same end-result. While the end client/server implementations are working, it was a lot more effort than I anticipated building a full-fledged editor on top. I was too stubborn at the time to attempt to integrate with existing RTEs though, so the most notable part of the project was the core lib, not the end product.
For those interested in implementing it for themselves, I can't recommend this piece [3] by @djspiewak enough.
I might be misunderstanding here, but going through the court transcript (p. 49–50), but it sounds like the gov't was entitled to installing a pen register[0] since (replace phone with email/internet):
"that because you knowingly expose phone numbers to the phone company when you dial them (you are voluntarily handing over the number so the phone company will connect you, and you know that the numbers you call may be monitored for billing purposes), the Fourth Amendment doesn't protect the privacy of those numbers against pen/trap surveillance by the government."
Since all of the network communication happens over SSL though, they are unable to read any of the data going into or out of the network without the encryption keys.
Shouldn't they only be able to access what's exposed to the outside network, or are they actually entitled to the unencrypted text, even if that's not available without being inside the connection? Forgive my lack of technical/legal understanding here.
The problem is that the email is still sent to the address in an unencrypted format. Lavabit, upon receiving an email, then encrypted it. Therefore, Lavabit itself was provided with an unencrypted version of the email. That means that the expectation of privacy does not exist and the government has a right to the information. Or at least, that is the argument that the government puts forth.
They're not entitled to the contents of the email because the service can operate without the contents. The service can not operate without the origin and destination details however.
That's what pen register metadata is - it's not email contents.
> They're not entitled to the contents of the email because the service can operate without the contents.
This is mistaken. It is not the case that the service must operate by law. The service can only operate if it does not infringe civil liberties. To be more specific, it must not violate the fourth amendment of the constitution. The reason that metadata does not violate the fourth amendment is that there exists an expectation for whomever you give the message to to actually read the metadata much in the same way that you expect the post office to read the mailing address.
As I was trying to say in the parent comment, Lavabit, upon receipt of an email encrypts the entire email including the metadata. This still falls short of relieving the expectation I previously discussed because it still receives the email unencrypted. Hence, the government will argue that it has a right to the entire contents (even though the headers may suffice in some cases).
Pen register metadata was deemed not protected by the Supreme Court, but privacy rights still protect the content of most communications from seizure without a warrant.
It all comes down to reasonable expectation: to send a letter, or make a phone call, you obviously have to tell the phone company the details of who you're calling. Therefore the information is not considered to have a reasonable expectation of privacy. Whereas you don't need to convey the content of your email or voice conversations to them for the service to operate - you could scramble your voice, or encrypt your email, and it wouldn't change a thing.
That's a great observation and it depends on how you define "exposed." Since it's technically feasible to capture the information, perhaps even retroactively, it's certainly been sent to a third party (Lavabit) for retention but they have just chosen to voluntarily put blinders on when it comes to that information.
So the question is whether it requires actual exposure or exposure in the regular course of business.
I also reimplemented it in a surprisingly tiny amount of OCaml [1] which was a fun way to learn that language :)
[0]: https://github.com/jahfer/othello [1]: https://github.com/jahfer/othello-ocaml