Nelly Hechme, the CHRC’s latest victim
The worst day in the Canadian Human Rights Commission’s 32-year history was March 25, 2008. That was when one of the CHRC’s targets, Marc Lemire, turned the tables on the CHRC, and had a day to examine the CHRC’s own conduct. The CHRC knew it would be ugly, so they tried to have the hearing closed to the press. When that didn’t work, they tried to suppress the transcript of the hearing. That didn’t work either -- it leaked out.
With professional journalists and volunteer bloggers packing the hearing room, the world heard about the CHRC’s corruption – how they illegally obtained evidence from police, to use against their targets; how they joined neo-Nazi groups as full members; how the CHRC laughed at its own rules, and refused to give disclosure of hundreds of pages of documents to its targets, as required by law; how Richard Warman, former CHRC investigator and now serial human rights complainant, would simply traipse back into the CHRC offices and meddle with investigations into his own complaints; etc.
But, of course, the biggest revelation was that the CHRC had hacked into a private citizen’s Internet account, in order to hide their tracks while they logged onto a neo-Nazi website, using their CHRC neo-Nazi membership (codename “Jadewarr”). That bizarre fact was calmly proved by Alain Monfette, Bell Canada’s security officer. You can read Monfette’s sworn, uncontradicted testimony at pages 5645 and 5646 of the transcript the CHRC tried to suppress. It’s not just uncontradicted testimony – it wasn’t even cross-examined. The CHRC didn’t object at all – other than to the fact that reporters were allowed in to hear it.
Monfette testified that the CHRC accessed their neo-Nazi membership using the Internet account of one Nelly Hechme, who just happened to live within a block or two of the CHRC offices.
In the late spring, I was delighted to learn that this gross violation of Hechme’s rights was investigated by both the RCMP and the Privacy Commissioner. Alas, the RCMP abandoned their investigation, claiming it was outside their jurisdiction, and now the Privacy Commissioner has abandoned the investigation, too. Heche sounds dejected:
Nelly Hechme said she had encountered "too many roadblocks" in trying to get answers about the apparent hijacking of her wireless connection.
"I am not one to fight hard; I merely wanted some answers and maybe a little justice but that doesn't seem to be the case," Hechme said from Ottawa.
"I feel like I'm basically being told to just accept it."
That’s exactly what she’s being told to do – just like the rest of the CHRC’s victims.
Here’s another news report of the Privacy Commissioner’s findings:
"We looked at it very carefully (and) we found no evidence that they ever accessed the individual's Internet connection during the course of their investigation," Valerie Lawton, a spokeswoman for privacy commissioner said from Ottawa.
Huh? No evidence? Alain Monfette of Bell Canada, the Internet Service Provider, gave sworn testimony before the Canadian Human Rights Tribunal.
"We also found no evidence that the (rights) commission had any knowledge of the individual before the allegations came up at the Canadian Human Rights Tribunal hearing."
Now that, I believe. Of course they had no clue who Hechme was. They didn’t target her in particular – she was just some dupe who was hacked. It could have been anyone, the CHRC didn’t care.
Here’s the most amazing line in the story:
The decision by the privacy commissioner still leaves unanswered how Hechme's Internet account became snared in the rights-commission's investigation.
"As for how this could have happened, this wasn't our focus," Lawton said.
How Hechme was hacked wasn’t her focus? Then what, exactly was her focus?
The Privacy Commissioner’s report on the incident is very vague, but it is clear that they only spoke to the CHRC. The Privacy Commissioner didn’t speak with anyone else involved in the matter, and refused to review 200 pages of technical data from Lemire, who had subpoenaed Bell Canada in the first place.
But for sheer bureaucratic virtuosity, nothing comes close to the official excuse offered by the Privacy Commissioner, in their report:
Technological experts have indicated that, most likely, but without certainty, the association of the complainant’s IP address to the CHRC was simply a mismatch on the part of a third party, which could have occurred in a variety of ways not involving the CHRC.
That is so precious.
“Technological experts”. Ah, yes. People who are experts in technology. Care to be more specific? Were they experts in Internet forensics? Or was it the Privacy Commissioner’s teenaged IT staffer? They don’t say. Perhaps it’s the CHRC’s own “experts”. But what did this expert say? (The Privacy Commissioner writes experts, plural, but I’m pretty sure they only talked with one “expert”, if at all. Hell, let’s call him a scientician.) What did the “expert” in “technology” tell them? That it was “most likely” a “mismatch… that could have occurred in a variety of ways not involving the CHRC”.
A mismatch? Coulda been anything, really? Wow. Those technological experts sure use a lot of jargon. Their scienticians don’t want to look at 200 pages of technical data. But apparently, now, on the Internet you run a risk – a variety of risks, actually – of being, uh, mismatched.
I’ve got to remember that one.
No, officer. I didn’t break into a stranger’s house. I just “mismatched” my address and his. Could have happened in a variety of ways. Nothing to see here.
Hechme’s no dummy. She got the message. As she told the Canadian Press:
For her part, Hechme has now resigned herself to the lack of real answers to what happened and sees little point in trying to pursue the matter further.
There were "too many signs" that pressing on wouldn't be worth it, she said.
"I don't see much use in dwelling (on it), I guess."
Of course, she’s right. She could appeal the Privacy Commissioner’s ruling. She could even sue the CHRC in civil court. But Hechme is just some young woman caught in the CHRC’s sloppy, illegal conduct – and she wasn’t even an official target. Dear reader, if it were you who had been hacked, would you spend your own money taking on these two collusive government agencies, with bottomless buckets of public money to stonewall you with? Or would you try to get on with your life, just shaking your head at the fact that the “human rights” industry is a prolific member of a U.S. based neo-Nazi group, and that you were just an innocent victim of their latest drive-by?
And at the end of the Privacy Commissioner’s report, there’s a final slap at Hechme:
While there is no evidence to support the allegations made in this instance, this Office cautions individuals to take appropriate measures to properly secure their Internet connections to avoid any unauthorized uses of their personal information
It’s Hechme’s fault. She didn’t “take appropriate measures” to protect herself from a hacking that Bell Canada swore happened, but that unnamed “experts” deny.
The only thing more shameful than this whitewash is Jennifer Lynch’s laughable press release about it. I’ll just focus on one paragraph:
“We are pleased with the Privacy Commission of Canada’s findings exonerating the CHRC of any wrongdoing in this case,” said CHRC Chief Commissioner Jennifer Lynch, Q.C. “The employees at the CHRC abide by the highest standards of professionalism and ethics in all aspects of their work.”
But that’s not true, is it? The Privacy Commissioner didn’t “exonerate[e] the CHRC of any wrongdoing”. They don’t have that mandate or scope. As the Privacy Commissioner made crystal clear, its investigation – however sloppy and incomplete – was narrowly focused on one single point:
… the Assistant Privacy Commissioner has concluded that there is no contravention of sections 4 to 8 of the Privacy Act and has determined that the complaint is not well-founded.
A few technical sections of a single act were assessed. There was no wholesale “exoneration” of the CHRC of “any wrongdoing”. A lawyer like Lynch knows that – it’s like the difference between being found “not guilty”, which criminal courts do, and being found “innocent”, which no court ever says. The Privacy Commissioner’s flawed report was limited to a few narrow sections of a single law, not to any broader legal rules, let alone ethics.
Let’s end on a humourous note – Lynch’s claim that “The employees at the CHRC abide by the highest standards of professionalism and ethics in all aspects of their work.”
My favourite example of this lawless, ethical Lord of the Flies environment is the CHRC’s hiring of corrupt ex-cop Sandy Kozak to be one of their investigators. She was fired from the Carleton Place police for corruption, but snapped up by the CHRC.
Kozak is a problem. Joining neo-Nazi groups is a problem. Hacking Internet accounts is a problem. No ethics code is a problem.
But Jennifer Lynch presiding over that whole swamp, and cheerily claiming that it’s all the “highest standards” -- that’s the biggest problem of all. The one person who should clean it up instead insists there’s nothing to clean up.
Fire. Them. All.