Yottabytes: Storage and Disaster Recovery

Jun 13 2019   9:38AM GMT

Hofeller Storage Case Fascinating Study in How Not to Protect Data

Sharon Fisher Sharon Fisher Profile: Sharon Fisher


If you saw it on tv you’d probably chide it for being a cliché: A guy who spends his whole life passing information on in phone calls so he doesn’t have anything written down in email or paper dies, and has all sorts of incriminating stuff on his un-password-protected, unencrypted computer storage.

Yet that’s apparently the situation with Thomas Hofeller, who died last August, and whose daughter discovered all sorts of information about manipulating the census and redistricting process on his storage devices.

We’re not going to get into the politics of it all. There’s plenty of that elsewhere. But it’s a fascinating study in storage.

We’re written before about the issues of the storage of people who’ve died. There’s two categories of data. One is the stuff the dead person has written to which the heirs would like access: financial records, medical records, photographs and videos, family history and so on.

The other is the stuff that the dead person really doesn’t want to get around, like browser histories, chatroom transcripts, and so on.

Finding a way to reveal the former while protecting the latter has always been a challenge, particularly if the person dies suddenly. Encrypt everything, and the heirs can’t get access to the material they need. Encrypt nothing, and all sorts of embarrassing stuff can come out.

It’s the latter case that’s coming up with Hofeller.

Ironically, he’d spent his whole life advising people to avoid putting things in writing. “Make sure your security is real.” “Make sure your computer is in a PRIVATE location.” “ ‘Emails are the tool of the devil.’ Use personal contact or a safe phone!” “Don’t reveal more than necessary.” “BEWARE of non­-partisan, or bi­-partisan, staff bearing gifts. They probably are not your friends.”

Yet when Hofeller died, he left four hard drives and 18 thumb drives of laptop backups, all in a convenient plastic bag. And apparently they weren’t password protected, or encrypted; none of the articles about this whole situation have indicated that the data was protected in any way.

His daughter, Stephanie Hofeller, had been estranged from him since 2014, writes Michael Wines in the New York Times. And that’s *really* estranged. Nobody in the family even told her that he’d died; she found out by accident by searching for him on the internet.

It’s not just the data itself that’s interesting. There’s also what the daughter did to get the data to the right people (as well as some luck).

The daughter happened to contact an organization called Common Cause to help find an attorney unrelated to her father to help settle the estate, Wines writes. As it happens, Common Cause was involved in a lawsuit regarding gerrymandering in North Carolina.

So that was Piece of Dumb Luck #1.

Moreover, the same law firm representing Common Cause in the gerrymandering lawsuit was also involved in a lawsuit regarding the citizenship question on the census.

So that was Piece of Dumb Luck #2.

Plus, the attorneys in question were smart. “They have been exceedingly careful to play by the rules,” writes Mark Joseph Stern in Slate. “Lizon offered her father’s drives to Common Cause directly, but its attorneys decided to issue a subpoena in February to obtain them formally and provide notice to third parties.”

Then came the potentially problematic part. “In February, attorneys challenging North Carolina’s legislative gerrymander notified the defendants, a group of Republican leaders in the legislature, that they’d issued a subpoena,” Stern writes. “The lawyers had asked Stephanie Hofeller Lizon to provide ‘any storage device’ containing redistricting-related documents left by her estranged father.”

And, for some reason, the attorneys defending the North Carolina gerrymandering case were asleep at the switch and didn’t think there was anything untoward about the request, and allowed it. By the time they realized something might be up, and tried to stop the process, opposing attorneys already had access to the data.

“At a hearing in April weeks after declining to challenge the subpoena, however, [attorney Phil] Strach attempted to block Common Cause’s attorneys from viewing the records they already had in their lawful possession,” Stern writes. “As Melissa Boughton reported at the time, Strach told Wake County Superior Court that he wanted the documents returned to Hofeller’s estate and implied that Lizon procured them improperly. Hofeller’s widow, Kathleen, expressly permitted Lizon to take the materials—but Strach claimed that Kathleen has been institutionalized and may not have been sufficiently competent to provide consent. (Stanton Jones, an Arnold & Porter attorney representing Common Cause, told the court that Kathleen has not been declared incompetent.) The court ignored Strach’s pleas, instead simply directing Common Cause’s attorneys to let the Republican defendants copy the Hofeller drives, pursuant to state law.”

That was Piece of Dumb Luck #3.

(Attorneys for the two sides have also been arguing over whether all the data is to be brought forth, or information that appears to be personal should be withheld.)

The result of finding the files is that people opposed to adding a citizenship question on the census were able to find out that there were other motives behind adding the question – just in time to file a motion about it before the Supreme Court, which is about to address the citizenship question, and just before the North Carolina gerrymandering case comes to trial in July.

Perry Mason would be proud.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: