The other concerning aspect of this leak is the fact that the list was shared with a group of separatists, and the data on the list is basically everything you need to fraudulently sign someone up for the separatist referendum petition. Some separatists are claiming that certain ridings have had 92.9% of eligible voters sign the petition which is highly dubious: https://x.com/RiseOfAlberta/status/2049668987307303389.
Elections Alberta has now said they are going to check for this: "Verification after today’s date will include determining if any of the seeded names from the Republican Party of Alberta’s List of Electors are contained in any incoming petition." https://www.elections.ab.ca/resources/media/news-releases/me...
My understanding is that when Elections Alberta shares the voter list with legit users (ie: sitting members of the legislature), it includes unique fictitious entries in the data. That way if there is a leak of the data, they can trace the source of the leak. Which they apparently have done.
I guess it's a form of a canary trap.
It reminds me of mapmakers including fake towns or other features in their maps, in case someone leaked them.
> Each electoral list legitimately released by Elections Alberta includes a certain number of fictitious — or "seeded" — names. These unique entries on each electoral list allow investigators to trace each dataset back to their source in the event of a breach.
I can't wait for our full
biometrics to be leaked every week due to every website and app trying to meet the rampant rise of global age-verification legislation.
If you'rea domestic violence survivor and your info was just leaked. There are a lot of Private Investigators who look for this information for exes etc.
The phone numbers in these data sets are weird and problematic, but the equivalent data in the US is usually public, and available for free to any registered candidate.
It appears that they registered as a party to get access to the data and them disseminated it publicly through a vibecoded app.
While this data may generally be public in the US, it usually isn't in Canada, and there's an expectation that parties don't publish the data and it is seeded to detect that.
A bigger problem is that people in Canada sign up for this list with the expectation that this data will remain reasonably private so now with this leak you have people who were willing to share their personal information to participate in the democratic process now afraid that their domestic abusers will be able to find them.[0] That really sucks.
There's also the awkward aspect of this in that the Alberta separatists are seemingly backed by American interests.
Yes, Elections Alberta provided the list to the Republican Party of Alberta. Whenever they do this, they salt the list with fake names so that if it gets leaked, they can then determine which copy was leaked. That's how we know this republican group provided it to this "Centurion Group"
From what I've seen it appears that it was intentional in that their motivation was to give their canvassers for the separatism petition access to the data so that they could pad their numbers for the petition.[0]
They didn't mean for this to blow up in the public like this though. That part wasn't intentional. That part appears to be absolute incompetence or they just got sloppy after being treated with kid gloves by law enforcement for the past few years.
The whole thing is really suspicious. If you dig deeper on the Centurion Project, things start to get weird. The Centurion Project website has little to no information, archives of the site go back to just over a month ago, and the address and phone number are for a random UPS Store in Calgary.
I got really suspicious when I started looking into Parker himself. He spews the typical "right wing" rhetoric -- Globalists bad, COVID fake etc etc... but if he actually believes that, what was he doing on the board of directors for Ditchley, which contains various ambassadors to China and France, Editor in Chief of the Globe and Mail, CEO of Desjardins, etc?
In terms of "safety" this leak is a drop in the bucket. The greater concern would be that election systems are involved. If election information is unintentionally readable, it is also therefore potentially alterable.
>Security experts say a leak of Alberta’s provincial list of voters – nearly three million names, addresses and phone numbers – has created a potential public safety and political interference crisis that could have ramifications for decades.
Name, address and phone number is generally just public information here in Norway. You can literally just check the phone book for this. You can opt out of this but few people do.
How is any of this information leaking cause for concern?
Disaster? I remember when they would print up big books with everyone's address and telephone number. Then they would distribute these to everyone. While this wasn't exactly the same as the voting list, it was usually pretty close.
Other commentators are rightfully pointing out that this information is open public in other jurisdictions, and that Albertans' information is almost certainly already being shared and sold.
I believe the reason why this has become such a large news story is the tension between Alberta (and the west) and the rest of Canada. Alberta has rising separatist sentiment, a premiere who is extremely popular in Alberta and extremely unpopular outside of Alberta, and is on average more right wing compared to the rest of Canada. In both the media coverage and popular sentiment, this incident has been used to show Alberta and its government in a bad light, despite it not having anything to do with the party currently in power.
As long as it makes Alberta look bad it's an excuse to attack Danielle Smith and the UCP, and Albertians in general. Other Canadians eat up negative Alberta news like nothing else, and the media will no doubt provide them with the type of news that they crave. If this happened in any other province it would get 1/10th the coverage and outrage. Instead you have people online calling for Smith to face prison time for something she was not involved in. The media gets their views and the people get their ragebait.
It is, but that's not the route they took. Another registered party (the Republican Party of Alberta) received the information legally, then shared it all with this group (likely illegally or at least against some rules). There's now speculation that the separatist group used it to add names to their petition since they required X number of signatures. For example, the group has claimed some communities had over 90% of electors sign the petition. Which most people would claim is really hard to physically do and also counter to the general polling in the province that finds about 25% of citizens support separation.
While breaches like this should not continue to happen, almost everyone’s personal information has been leaked on the internet at this point. This article seems a bit alarmist on the potential harm.
I think that's a fair take for most people in the leak, but there are people who try to keep their address a secret for their safety (investigative journalists, witnesses of crimes, judges, lawyers, police officers, etc). They often have a PO box for situations when they have to enter an address (online purchases) or they buy everything in their partner's name (including their house). When their names are leaked elsewhere, their home address is not usually in those leaks. This is a unique type of leak that could be very harmful.
This data is just generally often available in the US, https://northcarolina.votermaps.org/?#16.76/35.78541/-78.779... (agree it is bad though!)
The other concerning aspect of this leak is the fact that the list was shared with a group of separatists, and the data on the list is basically everything you need to fraudulently sign someone up for the separatist referendum petition. Some separatists are claiming that certain ridings have had 92.9% of eligible voters sign the petition which is highly dubious: https://x.com/RiseOfAlberta/status/2049668987307303389.
Elections Alberta has now said they are going to check for this: "Verification after today’s date will include determining if any of the seeded names from the Republican Party of Alberta’s List of Electors are contained in any incoming petition." https://www.elections.ab.ca/resources/media/news-releases/me...
Sounds like an "active measures" operation.
My understanding is that when Elections Alberta shares the voter list with legit users (ie: sitting members of the legislature), it includes unique fictitious entries in the data. That way if there is a leak of the data, they can trace the source of the leak. Which they apparently have done.
I guess it's a form of a canary trap.
It reminds me of mapmakers including fake towns or other features in their maps, in case someone leaked them.
" reminds me of mapmakers including fake towns or other features in their maps, in case someone leaked them."
Sounds the same to me, but are you sure they are doing it like this, or you guess?
This practice was confirmed by Elections Alberta:
> Each electoral list legitimately released by Elections Alberta includes a certain number of fictitious — or "seeded" — names. These unique entries on each electoral list allow investigators to trace each dataset back to their source in the event of a breach.
https://www.cbc.ca/news/canada/edmonton/elections-alberta-vo...
I can't wait for our full biometrics to be leaked every week due to every website and app trying to meet the rampant rise of global age-verification legislation.
If you'rea domestic violence survivor and your info was just leaked. There are a lot of Private Investigators who look for this information for exes etc.
The phone numbers in these data sets are weird and problematic, but the equivalent data in the US is usually public, and available for free to any registered candidate.
It appears that they registered as a party to get access to the data and them disseminated it publicly through a vibecoded app.
While this data may generally be public in the US, it usually isn't in Canada, and there's an expectation that parties don't publish the data and it is seeded to detect that.
A bigger problem is that people in Canada sign up for this list with the expectation that this data will remain reasonably private so now with this leak you have people who were willing to share their personal information to participate in the democratic process now afraid that their domestic abusers will be able to find them.[0] That really sucks.
There's also the awkward aspect of this in that the Alberta separatists are seemingly backed by American interests.
[0] https://www.cbc.ca/news/canada/edmonton/edmonton-city-counci...
> and it is seeded to detect that.
Do you mean that there are "paper town"-like entries in the dataset to make it obvious when one has leaked?
Yes, Elections Alberta provided the list to the Republican Party of Alberta. Whenever they do this, they salt the list with fake names so that if it gets leaked, they can then determine which copy was leaked. That's how we know this republican group provided it to this "Centurion Group"
It was left up in an unprotected state by Alberta separatists. Intentional?
From what I've seen it appears that it was intentional in that their motivation was to give their canvassers for the separatism petition access to the data so that they could pad their numbers for the petition.[0]
They didn't mean for this to blow up in the public like this though. That part wasn't intentional. That part appears to be absolute incompetence or they just got sloppy after being treated with kid gloves by law enforcement for the past few years.
[0] https://imgur.com/a/JDltJg7
The whole thing is really suspicious. If you dig deeper on the Centurion Project, things start to get weird. The Centurion Project website has little to no information, archives of the site go back to just over a month ago, and the address and phone number are for a random UPS Store in Calgary.
I got really suspicious when I started looking into Parker himself. He spews the typical "right wing" rhetoric -- Globalists bad, COVID fake etc etc... but if he actually believes that, what was he doing on the board of directors for Ditchley, which contains various ambassadors to China and France, Editor in Chief of the Globe and Mail, CEO of Desjardins, etc?
https://web.archive.org/web/20230313213623/https://www.ditch...
Quite possibly all those other people believe something like that. The "elites" are vulnerable to Internet brain worms like everyone else.
That's a bit of a stretch, it's more plausible that Mr. Parker is a plant
In terms of "safety" this leak is a drop in the bucket. The greater concern would be that election systems are involved. If election information is unintentionally readable, it is also therefore potentially alterable.
>Security experts say a leak of Alberta’s provincial list of voters – nearly three million names, addresses and phone numbers – has created a potential public safety and political interference crisis that could have ramifications for decades.
Name, address and phone number is generally just public information here in Norway. You can literally just check the phone book for this. You can opt out of this but few people do.
How is any of this information leaking cause for concern?
This is not publicly available information in Canada. One very real concern here is that domestic abusers will now be able to find their victims: https://www.cbc.ca/news/canada/edmonton/edmonton-city-counci...
Disaster? I remember when they would print up big books with everyone's address and telephone number. Then they would distribute these to everyone. While this wasn't exactly the same as the voting list, it was usually pretty close.
Canadians generally think that buying and selling their information is illegal so it's not happening, which is why this is news.
They're right that it's illegal but definitely wrong about it not happening.
The damage to privacy from this is likely much less then the average person realizes.
(an American living in Canada's perspective)
Other commentators are rightfully pointing out that this information is open public in other jurisdictions, and that Albertans' information is almost certainly already being shared and sold.
I believe the reason why this has become such a large news story is the tension between Alberta (and the west) and the rest of Canada. Alberta has rising separatist sentiment, a premiere who is extremely popular in Alberta and extremely unpopular outside of Alberta, and is on average more right wing compared to the rest of Canada. In both the media coverage and popular sentiment, this incident has been used to show Alberta and its government in a bad light, despite it not having anything to do with the party currently in power.
As long as it makes Alberta look bad it's an excuse to attack Danielle Smith and the UCP, and Albertians in general. Other Canadians eat up negative Alberta news like nothing else, and the media will no doubt provide them with the type of news that they crave. If this happened in any other province it would get 1/10th the coverage and outrage. Instead you have people online calling for Smith to face prison time for something she was not involved in. The media gets their views and the people get their ragebait.
Smith was friendly with Parker.
Attended his wedding, did softball interviews with his wife who worked for a ring wing media site.
See this is what I mean. "She was friendly" therefore she must be responsible!! Lock her up!!!
So here in the Midwest USA, I can go to election commission and legally obtain the voter registration file.
It, by law, is public. Anybody who asks for it must be provided the file. Naturally the law is pre-internet and ignorant of abuses you can do.
But I'm not sure how this leak compares. Is it party affiliations and loads of PII to the point of impersonation?
Yeah, it almost sounds like the leaked information was... effectively the white pages for the area. ie name, address, and phone number
It is, but that's not the route they took. Another registered party (the Republican Party of Alberta) received the information legally, then shared it all with this group (likely illegally or at least against some rules). There's now speculation that the separatist group used it to add names to their petition since they required X number of signatures. For example, the group has claimed some communities had over 90% of electors sign the petition. Which most people would claim is really hard to physically do and also counter to the general polling in the province that finds about 25% of citizens support separation.
So... the far right pro-Trump separatists in Alberta suddenly have name , address and phone number of any "woke" they want to harass.
What can go wrong...
While breaches like this should not continue to happen, almost everyone’s personal information has been leaked on the internet at this point. This article seems a bit alarmist on the potential harm.
I think that's a fair take for most people in the leak, but there are people who try to keep their address a secret for their safety (investigative journalists, witnesses of crimes, judges, lawyers, police officers, etc). They often have a PO box for situations when they have to enter an address (online purchases) or they buy everything in their partner's name (including their house). When their names are leaked elsewhere, their home address is not usually in those leaks. This is a unique type of leak that could be very harmful.