Mega ordered to hand over alleged Kazakhstan hackers' info
Mega opposed the application because of the country's "unenviable" human rights record. With special feature audio.
Mega opposed the application because of the country's "unenviable" human rights record. With special feature audio.
File storage firm Mega has been ordered to provide the Republic of Kazakhstan with information that could identify alleged hackers despite protests against the country’s “unenviable” human rights record and fears of political reprisals.
But a High Court judge has noted Mega’s stance was “responsible and appropriate,” although the company’s chairman says it is too early to say whether an appeal is likely.
In March, NBR covered an Auckland High Court hearing in which the republic sought to obtain evidence from Mega, founded by Kim Dotcom.
It said this could help identify at least some alleged hackers, after the Kazakhstan government learned in January last year its computer systems and other accounts had been hacked.
More than 100,000 documents containing sensitive, proprietary, and highly confidential government documents were illegally obtained.
Some of the stolen material was then posted on to Mega’s website, apparently uploaded between August 2014 and April last year.
As Kazakhstan does not know who uploaded the documents, the country’s government made an application in the US for Mega to provide information but this was complicated by the fact Mega is based in New Zealand.
The republic' lawyer, Daniel Kalderimis, then sought an order for an appropriate Mega representative to present the information to the US .
Investigations had uncovered “unauthorised” IP addresses accessing government email accounts but, because they were just numbers, Mega accounts which matched them were needed to provide an inference as to the identity of the hackers.
Mega lawyer Fletcher Pilditch said Mega’s opposition was brought on a “principled basis,” in that as a company which “prides itself on privacy,” it would always challenge such applications.
Mega was concerned as to the “nature and tenor” of the application, brought by a country with an “unenviable” human rights record.
In a decision released last night, however, Justice Simon Moore has granted the orders Kazakhstan sought.
“I consider the public interest in disclosing the information outweighs the public interest in preventing harm to the hackers personally or Mega’s relationship with its users.
“To whatever extent a risk of harm actually exists, I am satisfied the imposition of appropriately worded protection orders can meet this risk.”
Responsible and appropriate
Justice Moore did not, however, award costs against Mega, despite it being the unsuccessful party.
“I am of the view that Mega’s opposition in protecting the privacy and other interests of its users was a responsible and appropriate course and, in the circumstances, I am inclined to order that costs should lie where they fall.”
Mega chairman Stephen Hall tells NBR the end result is “very disappointing,” but it is pleasing the court recognised it had valid privacy concerns.
It is too early to say whether the company will appeal the decision, he says.
Read the judgment here.
Follow NBR on Facebook, Twitter, LinkedIn and Instagram for the latest news and free on-demand audio from NBR Radio.