A St. Louis Post-Dispatch reporter targeted by Missouri Gov. Mike Parson for uncovering a security flaw in a state-run website won’t face criminal charges.
The decision comes after the governor spent months publicly labelling the reporter a “hacker” for discovering the flaw and notifying the state about it. Parson asked the Missouri State Highway Patrol to investigate and repeatedly said the reporter had committed a crime.
In a statement released on Twitter late last week, Post-Dispatch reporter Josh Renaud confirmed the Cole County prosecutor has declined to file charges.
“This decision is a relief. But it does not repair the harm done to me and my family,”
Renaud said in his statement.
Cole County Prosecutor Locke Thompson did not respond to a request for comment Friday evening, though he released a statement to local media in Jefferson City confirming charges would not be filed.
In early October, Renaud discovered that Social Security numbers for teachers, administrators and counsellors were visible in the HTML code of a publicly accessible site operated by the state education department. HTML code is the programming that tells the computer how to display a webpage.
Emails obtained by the Independent show Renaud informed the state of the issue and promised to withhold publishing any story about it until the problem was fixed and the Social Security numbers were no longer exposed. He also laid out to state officials in an email the steps he’d taken to find and confirm the security flaw. That included contacting three teachers to verify the information in the HTML code was their Social Security number.
Yet despite the fact that officials within the Missouri Department of Elementary and Secondary Education initially wanted to thank Renaud for uncovering the flaw, and that an FBI agent told the department the incident “is not an actual network intrusion,” Parson labelled the reporter a hacker and called for criminal prosecution.
Renaud said his actions were
“entirely legal and consistent with established journalistic principles.”
“This was a political persecution of a journalist,” Renaud said, “plain and simple.”
Elad Gross, an attorney representing Shaji Khan, a cybersecurity professor who helped confirm the security flaw for the Post-Dispatch, released a statement saying the
“malicious prosecution pushed by the governor terrorized and silenced Mr. Renaud, Dr. Khan and their families for months.”
“No government in America should have the power to silence the press or its citizens through sham prosecutions and investigations,”
Gross said.
Renaud said he worried the governor’s threats against him would deter people from reporting security or privacy flaws in Missouri government websites in the future, decreasing the chance those flaws get fixed.
Now that the investigation has run its course,
“I pray Gov. Parson’s eyes will be opened, that he will see the harm he did to me and my family,” Renaud said, “that he will apologize and that he will show Missourians a better way.”
Parson’s spokeswoman, Kelli Jones, released a statement Friday night that continued to call the reporter a hacker.
Thompson, a Republican elected in 2018, said that while there is an argument to be made that there was a violation of law,
“the issues at the heart of the investigation have been resolved through nonlegal means.”
He didn’t respond to a request to clarify what he meant by “nonlegal means.”
Source:
Comments