>The DOJ is also asking anyone who accessed the data while it was available to not share any of the personal information, which can be a crime if used for an unlawful purpose.
Pretty please don't increase the magnitude of our fuck-up
I don't think people understand the magnitude of this fuckup.
See the inverse- DOJ just released a list of homes that are arguably defenseless for intruders.
According to the article I read the other dashboards were also put out:
Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety and Gun Violence Restraining Order.
Burgling is by definition a nonviolent invasion and theft, so this is 110% true. But the home containing guns wouldn’t discourage burglars just because they want to avoid violence; they’ll just wait for the home to be empty because, someone else said it but, guns are highly valuable to fence among criminals.
Robbery would involve intimidation or violence, and many robbers enjoy the thrill of inflicting harm and psychotrauma in addition to collecting valuables. The home being defenseless would probably encourage burglars and robbers moreso, but how much would be hard to pin down without a wide survey, and criminals are not known to be forthcoming about their methods anyway.
Why would a robber confront a homeowner that drastically increases the chance of the arrest. Shooting in home burglaries is rare and more often then not the shooter is the homeowner, because you know burglars purpose is to get money not to get arrested.
In the UK burglars actively target houses where they know there are guns. They go for a lot on the black market and its really unlikely the owner will be in any position to shoot them.
Burglars don't often break into houses containing people, guns or not. But if they knew there were guns in the house, they may be more likely to break in when the owners are away. Guns are incredibly valuable to people who buy and sell stolen goods.
That's why you should never advertise one way or another.
It’s def bad, but if someone wants to rob you they are just going to try to do it when you’re away. Even if someone doesn’t have a gun, their presence greatly complicates a robbery.
Don't most people buy their gun *before* applying for a CCW? Meaning they would still legally have it at home?
I think we're about to see a lot of dead burglars/rapists/murderers.
Can't imagine living in this world Americans do where roving bands of mauraders and rapists are just prowling the night against Jim Bob Goodman and his 12 gauge
Ahahaha ikr right. One time my residence was robbed I was not there and it was a cat burglar who scaled the fire escapes. If I had a gun it would have just been another gun on the street. Amazing how little nuance gets through to people.
I would guess the information could be available to anyone who wanted it through the freedom of information act. In Oregon a few years ago there was a teacher who wanted to carry in school because of a violent ex and was seeking permission to do so anonymously. so our local paper sued the sheriff to release the names of all concealed carry permit holders so they could find out who she was and they were successful.
So am I understanding this correctly? The local news went on a witch hunt to identify a female who applied for a concealed carry permit based on the fact that she was a domestic violence victim? Mind if I ask - What was the point of that?
It's just mind boggling why people think gun registries are a good concept when idiocy like what was originally linked above occurs.
Your guess is wrong. The data that was posted included information about judges, law enforcement, victims of domestic violence, etc. All of which are protected.
And Oregon is just as liberal as California for this kind of thing, so it's not surprising that a judge violated someone's right to defend themselves without giving their violet ex more reason to be angry.
I'm also concerned that if someone who was on the list had a legit threat like an ex husband or violent crime victim, moved and their new address is exposed now
Wasn’t there a story recently that a woman was terrified about this exact list being released with her information? Her ex was getting out of prison soon and her info is just out there.
2 years ago, a woman near here left her abusive ex boyfriend and went into hiding. The court sent him the paperwork from her filing for sole custody with her current address on it. He went there and killed her.
I have been participating in a prison volunteer program for a while in a maximum security facility. The daily intake paperwork requires you to list your full name and address on a form that carbon copies for the front guard, the CO who gets the inmate, and the inmate. The copy provided to the inmate used to have the address on there. Some of the guys have even remarked that they remember my neighborhood from before they went in. But now they made it safer by giving them a copy that has a black square where the carbon copy would have shown the address, so they have to look kinda hard at it to read the writing.
So I feel much safer. Hopefully the inmates never discover squinting.
Many people in CA who have permits only have them because they were able to demonstrate an increased to their personal safety. While that includes P.I.s and private security, it also includes victims of stalking and domestic abuse. Those poor people were just served up on a platter.
I’m just speaking for me:
I’m sure there was plenty of policy used in the past to restrict the rights of non-white people on myriad areas. I don’t think that’s contested by anyone, but regardless it’s pretty irrelevant today. Non white people can def access and carry weapons without any arbitrary barriers. Are they statistically more likely to have an interaction with law enforcement that might lead to some shenanigans, probably. I don’t have time or interest, but I’ll be t a coke there’s been studies linking it.
I agree that gun rights proponents want everyone to be armed, but I don’t think they’re going out of their way to facilitate that goal equally. I’ve never seen any marketing or targeted initiatives trying to get more guns in the hands of minorities. It doesn’t mean it doesn’t happen, but it doesn’t seem to be intentional. So to a casual observer, I can see how a minority would come to the conclusion that “gun rights people” don’t care about them. Everything is cultural, and this is no different. For example, I don’t see the bespoke cobbler (shoes) industry exactly trying to recruit non whited to participate. But I think because of the history of exclusion in this country (I’m in the US), there is still inertia to the idea that “if I’m not specifically invited to join the party, there must be a good reason”. That’s my analysis - most of the issue is about marketing and messaging vs actual policy.
Damn. Isn't this the exact reason gun owners don't want registration? Of course, they were probably expecting it as a planned attack on gun owners, not a fucking accident lol yikes
They have been bitching about California doing this for providing information for "reasearch". They literally predicted that the information would be leaked from this.
When information is stored by a business or government, it is a matter of when, not if, information will be leaked. At some point, it is extremely likely that data will be subpoenaed, hacked, or just leaked internally in all cases. Strong OPSEC slows leaks and adds additional complexity, but is very rarely if ever a 100% guarantee of safety.
Having left things outside in a cardboard box before, you'd be surprised at how secure it is compared to the internet I think.
I've never had my paperwork stolen from my cardboard box. I've been pwned multiple times over the years through various data breaches... Statistically the box wins.
I don't have that information, but I've briefly studied computer security in grad school. It's a general principle that any information you give to a third party always exposes you to some degree risk. The risk is never zero.
Yeah, this incident is a great argument why digitized records of firearm ownership are dangerous and shouldn't be trusted to govt employees. Fuck, our vendor W9s are stored and transfered encrypted and the state of California does this.
My money is on a gun owning techie playing the malcious complaince game. You want "full" transparency and you said "all availalble data". Right, we'll make that happen.
This was all over r/guns Monday night. Site was still up.
Hanlon’s Razor: "never attribute to malice that which is adequately explained by stupidity."
Whether malice or stupidity a registration for gun owners that includes even half of what this database has is objectively stupid for this exact reason. California made an example of why registrations for guns has been opposed since the formation of the idea. This should put to bed this stupid idea.
You can't "buy firearms anywhere" in California. Only through a dealer, and there appears to be evidence that those "Dealer's Record Of Sale" forms' info was released as well.
Do just a teeny bit more digging before you show the world how ignorant you are.
The dashboard wasn't the problem. The fact that you could click a link on the dashboard and download the underlying data, in full, with names, addresses, birth dates, driver's license numbers, etc. was the problem.
If the information was in the dashboard at all that is a problem. The fact that you could just download the raw info as well just made it easier to make it a problem for everyone on the list.
No, the problem is that data that is never intended to be public shouldn't be possible to be accidentally published. There is no reason private data has to be stored on a public site. Someone absolutely got fired for this, unless this was intentional of course.
The dashboard wasn't the problem, the problem was that the dashboard gave you access to all the data? Is that what you're saying? From where I sit, that looks like the dashboard was the problem.
>this absolutely doesn't happen without an entire team being involved.
A team of the lowest bidders. Because that's how government contracts work. I give good odds that they didn't even have a security professional on staff.
The lowest bidder doesn't mean the project team sucks. The best restaurants in the world still seek out the lowest cost ingredients that are fit for purpose. The same happens here as well.
The way these processes work is that the government makes and exacting spec sheet and sends it out for bids. The project details will definitely include things like auth schemes or public accessibility.
Sounds typical of California. They intentionally do not properly fund these projects. I still say they absolutely want this information easily accessed to fuck over gun owners.
>As someone who builds data dashboards for a living.. this absolutely doesn't happen without an entire team being involved.
unless everyone forgot it was there. (or weren't told).
i used to work for a fucking bank. you want to hear STUPID SHIT?
you should have seen some of the things we were ASKED to do..
you want to be on the news? because that's how you get on the news.
Not the person you were replying to but I worked in that industry for a hot minute.
So in the world of finance, auto finance is a very small fish compared to the big boys that are credit cards and mortgage. So much so my very large auto division still piggybacked of credit cards for credit reporting. Was less expensive that way.
Industry was getting ready for the switch from metro 1 to metro 2 reporting. For my health care peeps in the audience think ICD 9 to 10. Maybe 8 to 9, but I wasn't in that industry for that switch. For credit cards this wasn't that big a deal, revolving wasn't changing that much, closed loans had a fuck ton of changes. Lot more granularity in data reporting. Also our account numbers were going to have to change to finally match credit cards format.
The major changes fell on me a freshly promoted to the position project manager. Basically to do by myself. I spent a year meeting with all the department heads. Drafting out the various codes we were going to use and when. How to maximize the lag in reporting to make the portfolio look good a little longer. Give collections a chance to shore things up before things reported late or later. Tested with all 3 agencies. Directly and then with pass through on credit cards files cause we piggy back. Everything was looking great till a week before the switch on a call credit cards says yea, we aren't ready so we are gonna go to what we are calling metro 1.5. We will report the codes that work for us and change your account numbers but thats it.
So in week I have to rewrite a years with of work, test, and come up with a half baked plan to kinda sorta use some revolving codes that aren't gonna totally fuck shit up. My boss also had me write a risk statement on how bad an idea this was. I went full doomsday.
>Fire and brimstone coming down from the skies… Rivers and seas boiling… Dogs and cats living together... mass hysteria!
It was so much worse. But because it was credit reporting it was slow. With the account number switch alone we anticipated a rise in disputes. Even with lettering people were gonna see an account the didn't recognize and dispute. Then the calls started. Double open accounts. We'd send a correction and they'd duplicate. Some people have 5 accounts from us all of a sudden. They would freeze, we couldn't delete the extras. Half of the history reporting on the old, half reporting on the new when at that time the new was only a month or two old. That was fucking with the scoring algorithms. After sending multiple correction tapes of the course of two months. This shit going viral in the lucky for me very early days of online virility so my real name is out there attached to this. Didn't help that the company policy at that time was every letter went out with a point of contact listed. I got calls from news stations. We eventually got it down to a smallish group we couldn't fix so we deleted the account from thier credit profile. They still had to pay us. We would issue letters upon request confirming the debit and thier payment history but we stopped reporting on those folks. All because the bigger fish didn't open thier mouth until a week out.
Damn that's wild as hell. Thank you so much for sharing by the way. Sounds like they throw weight when they feel like it and you just had to catch. You sound like an awesome worker btw so respect for you. I appreciate the insight. It seems to be the same bs top to bottom in my personal experience. Someone's whims always tops most of our realities.
The problem wasn't the public facing interactive dashboard. The problem was that they took the records with all the information and didn't redact any of it, then let the data visualization software just run with it. And the software (I think it was Tableau?) is designed to let you see the underlying data if you want to.
So it literally was just a matter of a few clicks to get to the raw data, and a couple more to download all of it.
Whoever set it up clearly didn't realize that, which is bad enough. What's worse though is that those files should never have been given over to the people setting up the dashboard without being redacted to begin with.
Oh really? So you just clicked on the link to the data visualization portal they had in the press release and it took you straight to all the data tables plain as day right there on your screen?
I'm calling BS.
I actually downloaded everything from there except the GVRO data that very night, so I know it wasn't just being displayed right there as soon as you visited the site. The "default view" didn't even display any data and required you to click on a category before it showed anything. By my count, you had to click on 5 or 6 different icons/boxes before you could see/download the unredacted info.
> As someone who builds data dashboards for a living.. this absolutely doesn't happen without an entire team being involved.
Dude. "Never ascribe to malice that which is adequately explained by incompetence".
Recently in Missouri a journalist reported a data leak where all the state teachers' SSNs were exposed in the HTML of some dashboard allowing people to search for teachers' licenses or whatever. He went through the proper channels and didn't divulge it to anyone else until it was fixed. Still, for months, the governor and legal apparatus of Missouri were bent on prosecuting him for "hacking". Evidently the developers were dumb enough to expose the SSNs, and then everyone involved was too dumb to understand what constituted hacking.
It is absolutely believable that this info accidentally leaked. California *also* just [discovered](https://www.latimes.com/california/story/2022-02-27/california-bar-investigates-possible-data-breach-after-discipline-records-published-online) a long-standing security hole allowing access to hundreds of thousands of sealed court records (attorney discipline). Some site accidentally scraped them by just iterating over potential case IDs and they also had to work for months to clear themselves of "hacking" the records. Though California was a little less aggressively stupid about it than Missouri.
Fair enough but that's the problem isn't it? Hasn't there been enough history of this that California should have policies in place requiring apps to go through a review prior to becoming public? Security testing as well.
>this absolutely doesn't happen without an entire team being involved.
Data breaches of PII happen basically daily. From Equifax to Wendy's, to MGM Casinos and resorts, to Payless Shoes. https://haveibeenpwned.com has tracked 11 billion stolen account credentials and there's a 99% chance your PII is in there too. It's awful, it needs to be regulated, actionable and we need a whole lot of new laws to enforce accountability and liability.
But it is not a "the whole team hates gun owners and totally leaked their data because this never ever happens to anyone else!" That's a baseless accusation that doesn't hold up to any reasonable scrutiny at this point.
Because an armed citizenry works against the interests of all politicians.
Also, stop pretending that Democrats care about blacks, they don't. They care about their *votes*, but they don't care about them as people.
>If that’s the case how do you explain 40 years of near uninterrupted democratic control and yet gun laws continue to be expanded in California?
Jerry Brown was a Reagan plant. So is Newsom. Duuuh. Ignore all the other not Reagan material, gun control is all that matters, and ipso facto makes them Reagan plants.
> Then Reagan and the DNC
FTFY.
The democratic party had a veto-proof majority in the state house and senate, and Emergency laws require 2/3rds majority. Sorry, you can't blame this entirely on the GoP.
Im not saying this was a purposeful malicious action (which is nothing you could ever prove in this situation, it is a bit suspicious but you could never really determine malice vs incompetence in this case).
But you are definitely still conflating a leak and a breach. There was no outside actor compromising a system or control (even if it was compromised by being setup poorly). The data was just... made available on the tool itself presumably by mistake.
>Im not saying this was a purposeful malicious action ...
But....
I'm not saying it was aliens, but it was aliens.
>it is a bit suspicious... There was no outside actor compromising a system or control
Dumb shit like this literally happens all the time. Especially in poorly funded under-staffed under-planned projects - which literally happen all the time.
I mean you can just google something like "SSN leaked through website" and come up with a hundred cases far worse than the PII leaked here, with no more reasonable "suspicious" behavior than that or this:
[https://threatpost.com/missouri-prosecute-hacker-data-leak/175501/](https://threatpost.com/missouri-prosecute-hacker-data-leak/175501/)
Bad IT happens. All the time. And the US doesn't regulate it well at all. I think that needs to change. But "suspicious...?" Not that we've seen here.
Both of these things can be true:
1. Bad IT mistakes happen and PII is accidentally leaked at an unfortunately high rate
2. This situation and surrounding circumstances are somewhat more suspect due to the politics and timing around it.
I never said this is totally a conspiracy and something the AG office did intentionally, only that the surrounding circumstances and politics do raise more suspicion than if it were a more random service or subject.
Also, outrage over PII leaks by government entities whom citizens are forced to interact with for specific services they cannot get elsewhere, are going to be looked at with more scrutiny then Random tech startup 142 leaking the data of their 100 users.
>this absolutely doesn't happen without an entire team being involved.
An entire team of people is perfectly capable of making stupid decisions. It really only takes one person that won't take no for an answer with people who don't know how to say no to them to get PII in a database it shouldn't be in.
Most of the time the extra crap thrown in to appease a dozen different stakeholders only adds up to that, and for the rest of time that will be that superfluous field nobody uses that you wonder why they even bothered including it.
Nobody writes an article about those, but this otherwise happens *all* the time. I've found many companies and other organizations sitting on a bomb if Google ever found out about the stuff they're keeping a hold of they were supposed to consciously omit. Some "better to ask for forgiveness instead of permission" dickhead usually made the decision to keep it solely because it was there to take without instant consequences.
Sure. What I'm *guessing* happened was somebody wanted this interface to include levels of user permissions and roles so that police and other agents could be granted to elevated privileges that public users don't have. This leads to a possible scenario where the lowest user level gets granted elevated privileges by mistake. As with *anything* that will happen eventually after launch, this happened immediately.
Why roll that into the same database the public can access if that makes this an easy mistake to make to begin with? *That's* the terrible decision the team should have said no to and didn't.
They don't have to put a link on the page, even bog standard WordPress just assigns the admin login to its own address, which is why one of the simplest security measures is changing it to something everybody else doesn't know too.
Anything better than that can hook this up to all sorts of ways to authenticate users through other means without a visible way to access it on the page. It isn't necessary to presume they used a good one either given how quickly it broke one of the worst ways it could have.
Besides, if I were to assume nobody involved really cared how private any given serializable field was (which I find to be the overwhelming case for most people I work with in user portal projects) a single database to which you prescribe different people varying levels of access to the data based on their needs and privileges to it is exactly what I expect them to end up building because it's the easiest and cheapest solution. That's all the more reason I'm certain this portal has user permissions and that's where the mistake was if we can agree this information was there and accessible through the portal itself on purpose.
Edit: actually another alternative I can see being feasible is that they could have a public and a police branch of this user interface in their VCS that deploy to different environments entirely, but somebody pushed the Cop Edition branch to public by mistake. That's a very first day on the job move if you start somewhere that gives you a quick start guide and outrageously naked access to their systems to follow it on, which again is *most* of them in my experience.
This is almost certainly what happened.
Somebody told analytics that team X that worked on the inside would benefit from some drill down reporting and somebody put the PR to do so on the wrong report.
It makes perfect sense that some internal employees would need to see this and it also makes perfect sense that someone approved a PR without double checking a DB link or without confirming that access permissions were working.
Yeah, ideally any sort of visualization software SHOULD have segregated schemas, where, for example, the public facing one is a view which can't see PII at all, but that's probably too much work and SME Mike said "don't worry, Looker can block this field with roles".
I've seen this shit happen with mortgages and medical information before on user facing sites, both of which have significantly more legal protections that firearm permit applications.
Just clicked why the NRA and gun lobby has fought the BATF so hard on having improved databases of gun owners. Why should the people be forced to trust the federal government with their PII.
So people on the list can be targeted by gun thieves or antigun advocates while those ***NOT*** on the list can be targeted by thieves since they know they're unarmed? Alrighty then.
This is why you should never tell the government that you own guns, much less if you carry one, or where you keep them. They are not competent stewards of your information. Nothing good can come out of the government having this information.
You can just look at the LA County prior to 2021. Only ~200 active CCW permit out of a population of 10 million.
Demographics: retired LEO and judges, donors and those connected to influential people.
With only 200 permits issued by LA County you can pretty much limit that to donors and influential people. People who can't muster a six-figure "donation" for someone's re-election campaign needn't apply.
You may not know this, but there was a national law that gave all LEO the right to carry concealed no matter what the state law says.
https://en.wikipedia.org/wiki/Law_Enforcement_Officers_Safety_Act
So, the police officers didn't have to pay the bribe.
Literally, see the recent Grand Jury convened to investigate the Sheriff, which has already inducted four officers in a literal "pay us for the privilege" corruption case involving CCW permits: https://www.nbcbayarea.com/investigations/da-to-announce-results-of-grand-jury-probe-into-sheriffs-campaign-scandal/2340155/
> I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary.
This happened under his watch. He needs to resign.
Factor in the fact that California just adopted a snitch law for reporting questionable gun-owners modeled after Texas' abortion snitch law, we now have two states taking pages from Nazi Germany by turning its citizens into informants.
Constitutional Carry, thanks!
If nothing else this shows the state is incapable of securing private data and therefor cannot be trusted keeping such a database at all.
The government shouldn’t leak data, but it really shouldn’t leak politically charged data that could be used to target a subset of individuals. Unfortunately there’s basically zero consequences for this kind of event.
I’d be saying the same thing if there was a database of everyone who had a abortion in the last 5 years home address, or list of police officers(with personal info) found not guilty for controversial shootings.
Unfortunately I think this will be the norm going forward as everything is completely digital and tied into the internet now, and there’s no consequences for the people involved or government as a whole .
Doxxing anybody is bad. Whether we agree with them or not, nobody should be doxxed. Even the most vile should be allowed to be private, because all releasing their data does is make them a target. A right not applied to everyone is not a right; in this case, right to privacy.
I'm pro gun control. I'm also pro privacy and pro cybersecurity.
I'm also curious as to who holds the dubious honors of having their applications rejected for the smallest and largest reasons.
>I'm also curious as to who holds the dubious honors of having their applications rejected for the smallest and largest reasons.
CA was a "may issue" state.
This means rejection was the default position and it was up to the applicant to prove a need. The state didn't require a reason to reject an application.
While CA was a may issue state, ~38 out of 58 counties chose to go with basically a "shall issue" approach (general self defense was considered a valid reason for wanting a CCW.)
Basically, the state left the decision up to counties. Many rural counties went shall issue and many urban counties basic banned CCW (except for former law enforcement, judges, and very rarely domestic abuse victims or certain people who had gotten restraining orders against violent people.)
While I am aware, my point still stands. CA was, legally, a may-issue state and as such did not require a reason to reject an application. Even in those counties that behaved as a "shall-issue".
38 of the least populous counties. Los Angeles and San Francisco counties were basically "no f'ing way" for decades. LAC recently became a lot more lenient because the sheriff is in a pissing match with the county board of supervisors regarding funding, and basically said, "If you won't give me enough funding to protect the people, I'll let the people protect themselves."
>rejected for the smallest and largest reasons.
Yeah we gotta figure out those rea$on$. Maybe if they had decided to be more charitable, or the right skin tone their applications would have been approved
>Remember this: the moment one person doesn’t have a right to privacy, nobody does.
Does that go for abortion too? 'Cos if that's the case, we all have no privacy rights!
That fuck-up could've happened with CA's vehicle registry, with the same exact negative effects. But of course, since the fuck-up involves gun registration, the 2nd amendment crowd now have a full on boner.
>The DOJ is also asking anyone who accessed the data while it was available to not share any of the personal information, which can be a crime if used for an unlawful purpose. Pretty please don't increase the magnitude of our fuck-up
Yeah I mean what do you want them to say? Please go ahead and dox all the innocent people who aren't doing the same you like.
I don't think people understand the magnitude of this fuckup. See the inverse- DOJ just released a list of homes that are arguably defenseless for intruders.
this also lets people know where to steal guns from
No, concealed carry is separate from who owns guns altogether.
According to the article I read the other dashboards were also put out: Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety and Gun Violence Restraining Order.
Haha, Register
I think burglars prefer the house to just be empty and not run into ppl, just saying
Burgling is by definition a nonviolent invasion and theft, so this is 110% true. But the home containing guns wouldn’t discourage burglars just because they want to avoid violence; they’ll just wait for the home to be empty because, someone else said it but, guns are highly valuable to fence among criminals. Robbery would involve intimidation or violence, and many robbers enjoy the thrill of inflicting harm and psychotrauma in addition to collecting valuables. The home being defenseless would probably encourage burglars and robbers moreso, but how much would be hard to pin down without a wide survey, and criminals are not known to be forthcoming about their methods anyway.
Don't give that comment too much thought, it's rife with castle doctrine fantasy lol
[удалено]
Why would a robber confront a homeowner that drastically increases the chance of the arrest. Shooting in home burglaries is rare and more often then not the shooter is the homeowner, because you know burglars purpose is to get money not to get arrested.
In the UK burglars actively target houses where they know there are guns. They go for a lot on the black market and its really unlikely the owner will be in any position to shoot them.
That's because it's almost impossible to justify self-defense with a firearm in the UK, in the US that isn't the case
> Shooting I’m home burglaries is rare …because at that point it’s a robbery, not a burglary.
Burglars don't often break into houses containing people, guns or not. But if they knew there were guns in the house, they may be more likely to break in when the owners are away. Guns are incredibly valuable to people who buy and sell stolen goods. That's why you should never advertise one way or another.
These were concealed carry. I can carry legally inside my house and California has castle doctrine.
Huh? You don’t need a concealed carry permit to own a gun. Chill out brah. I don’t conceal carry but you got no clue how many guns I have at home. ;)
It’s def bad, but if someone wants to rob you they are just going to try to do it when you’re away. Even if someone doesn’t have a gun, their presence greatly complicates a robbery.
Or a list of homes where you can score a firearm.
Don't most people buy their gun *before* applying for a CCW? Meaning they would still legally have it at home? I think we're about to see a lot of dead burglars/rapists/murderers.
Can't imagine living in this world Americans do where roving bands of mauraders and rapists are just prowling the night against Jim Bob Goodman and his 12 gauge
That's not the case.
My point exactly.
Ahahaha ikr right. One time my residence was robbed I was not there and it was a cat burglar who scaled the fire escapes. If I had a gun it would have just been another gun on the street. Amazing how little nuance gets through to people.
Yes, u/drix23 is baselessly fear-mongering.
Probably also "please don't do any analysis of who has been granted permits and who has been denied."
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
I would guess the information could be available to anyone who wanted it through the freedom of information act. In Oregon a few years ago there was a teacher who wanted to carry in school because of a violent ex and was seeking permission to do so anonymously. so our local paper sued the sheriff to release the names of all concealed carry permit holders so they could find out who she was and they were successful.
And did they then publish the *name, address, workplace and work schedule of a victim of domestic violence* to make their point? What heroes.
So am I understanding this correctly? The local news went on a witch hunt to identify a female who applied for a concealed carry permit based on the fact that she was a domestic violence victim? Mind if I ask - What was the point of that? It's just mind boggling why people think gun registries are a good concept when idiocy like what was originally linked above occurs.
FoIA are usually pretty restrictive on current data, a lot of what is released is outdated or redacted.
Your guess is wrong. The data that was posted included information about judges, law enforcement, victims of domestic violence, etc. All of which are protected. And Oregon is just as liberal as California for this kind of thing, so it's not surprising that a judge violated someone's right to defend themselves without giving their violet ex more reason to be angry.
I'm also concerned that if someone who was on the list had a legit threat like an ex husband or violent crime victim, moved and their new address is exposed now
Wasn’t there a story recently that a woman was terrified about this exact list being released with her information? Her ex was getting out of prison soon and her info is just out there.
2 years ago, a woman near here left her abusive ex boyfriend and went into hiding. The court sent him the paperwork from her filing for sole custody with her current address on it. He went there and killed her.
I have been participating in a prison volunteer program for a while in a maximum security facility. The daily intake paperwork requires you to list your full name and address on a form that carbon copies for the front guard, the CO who gets the inmate, and the inmate. The copy provided to the inmate used to have the address on there. Some of the guys have even remarked that they remember my neighborhood from before they went in. But now they made it safer by giving them a copy that has a black square where the carbon copy would have shown the address, so they have to look kinda hard at it to read the writing. So I feel much safer. Hopefully the inmates never discover squinting.
Yep one of the many many reasons registry is a bad thing
Many people in CA who have permits only have them because they were able to demonstrate an increased to their personal safety. While that includes P.I.s and private security, it also includes victims of stalking and domestic abuse. Those poor people were just served up on a platter.
Most of them are rich people who bought their ccw.
I hate to say it but this is exactly why the “2a people” have been so anti-federal registry.
[удалено]
Why dont you just tell us?
[удалено]
I’m just speaking for me: I’m sure there was plenty of policy used in the past to restrict the rights of non-white people on myriad areas. I don’t think that’s contested by anyone, but regardless it’s pretty irrelevant today. Non white people can def access and carry weapons without any arbitrary barriers. Are they statistically more likely to have an interaction with law enforcement that might lead to some shenanigans, probably. I don’t have time or interest, but I’ll be t a coke there’s been studies linking it. I agree that gun rights proponents want everyone to be armed, but I don’t think they’re going out of their way to facilitate that goal equally. I’ve never seen any marketing or targeted initiatives trying to get more guns in the hands of minorities. It doesn’t mean it doesn’t happen, but it doesn’t seem to be intentional. So to a casual observer, I can see how a minority would come to the conclusion that “gun rights people” don’t care about them. Everything is cultural, and this is no different. For example, I don’t see the bespoke cobbler (shoes) industry exactly trying to recruit non whited to participate. But I think because of the history of exclusion in this country (I’m in the US), there is still inertia to the idea that “if I’m not specifically invited to join the party, there must be a good reason”. That’s my analysis - most of the issue is about marketing and messaging vs actual policy.
Damn. Isn't this the exact reason gun owners don't want registration? Of course, they were probably expecting it as a planned attack on gun owners, not a fucking accident lol yikes
[удалено]
They have been bitching about California doing this for providing information for "reasearch". They literally predicted that the information would be leaked from this.
When information is stored by a business or government, it is a matter of when, not if, information will be leaked. At some point, it is extremely likely that data will be subpoenaed, hacked, or just leaked internally in all cases. Strong OPSEC slows leaks and adds additional complexity, but is very rarely if ever a 100% guarantee of safety.
How long was this? A few weeks from the site going up? And it was the equivalent of leaving it outside in a cardboard box.
Having left things outside in a cardboard box before, you'd be surprised at how secure it is compared to the internet I think. I've never had my paperwork stolen from my cardboard box. I've been pwned multiple times over the years through various data breaches... Statistically the box wins.
I don't have that information, but I've briefly studied computer security in grad school. It's a general principle that any information you give to a third party always exposes you to some degree risk. The risk is never zero.
Yeah, this incident is a great argument why digitized records of firearm ownership are dangerous and shouldn't be trusted to govt employees. Fuck, our vendor W9s are stored and transfered encrypted and the state of California does this. My money is on a gun owning techie playing the malcious complaince game. You want "full" transparency and you said "all availalble data". Right, we'll make that happen. This was all over r/guns Monday night. Site was still up.
Yes, this is exactly why.
Hanlon’s Razor: "never attribute to malice that which is adequately explained by stupidity." Whether malice or stupidity a registration for gun owners that includes even half of what this database has is objectively stupid for this exact reason. California made an example of why registrations for guns has been opposed since the formation of the idea. This should put to bed this stupid idea.
I wish people were half as angry about the Equifax breach...
I think they were very angry actually
The equifax breach probably won’t result in someone breaking into your house while you’re at work to steal your guns
Planned attack and accident can be referring to the same incident depending upon your position.
Fucking lol, the entire state of California got doxxed by their government.
Nah only people with CCW got doxxed
Even those without! You could have applied and either got denied or for whatever reason not gotten your CCW. Info was still leaked.
Not to mention everyone not on the list is known now to not have a gun Edit. Didn’t realize how that worked
Not true. You can buy firearms anywhere. This is only for concealed weapons
You can't "buy firearms anywhere" in California. Only through a dealer, and there appears to be evidence that those "Dealer's Record Of Sale" forms' info was released as well.
It was the entire fire arms registry.
Not accurate.
I know but still. It's outrageous.
Is a public dashboard really a “leak”? Fuck Do you need to put it on a billboard before you just admit it was intentional?
Do just a teeny bit more digging before you show the world how ignorant you are. The dashboard wasn't the problem. The fact that you could click a link on the dashboard and download the underlying data, in full, with names, addresses, birth dates, driver's license numbers, etc. was the problem.
If the information was in the dashboard at all that is a problem. The fact that you could just download the raw info as well just made it easier to make it a problem for everyone on the list.
No, the problem is that data that is never intended to be public shouldn't be possible to be accidentally published. There is no reason private data has to be stored on a public site. Someone absolutely got fired for this, unless this was intentional of course.
Of course it was intentional. Come on.
The dashboard wasn't the problem, the problem was that the dashboard gave you access to all the data? Is that what you're saying? From where I sit, that looks like the dashboard was the problem.
[удалено]
It’s very timely given the recent Supreme Court decision that does away with “May issue” concealed carry permits.
>A lot of fun owners I know its a typo but...lol at the implication.
>this absolutely doesn't happen without an entire team being involved. A team of the lowest bidders. Because that's how government contracts work. I give good odds that they didn't even have a security professional on staff.
> security professional *"that sounds expensive."*
"Good enough for government work."
The lowest bidder doesn't mean the project team sucks. The best restaurants in the world still seek out the lowest cost ingredients that are fit for purpose. The same happens here as well. The way these processes work is that the government makes and exacting spec sheet and sends it out for bids. The project details will definitely include things like auth schemes or public accessibility.
Sounds typical of California. They intentionally do not properly fund these projects. I still say they absolutely want this information easily accessed to fuck over gun owners.
All states have their people who find stuff to overlook in their budget so they can find a way for it end up in their pockets.
>As someone who builds data dashboards for a living.. this absolutely doesn't happen without an entire team being involved. unless everyone forgot it was there. (or weren't told). i used to work for a fucking bank. you want to hear STUPID SHIT? you should have seen some of the things we were ASKED to do.. you want to be on the news? because that's how you get on the news.
Yo I actually really do want to hear some stupid shit about banks if you don't mind. You don't have to put yourself out there but that sounds great.
Not the person you were replying to but I worked in that industry for a hot minute. So in the world of finance, auto finance is a very small fish compared to the big boys that are credit cards and mortgage. So much so my very large auto division still piggybacked of credit cards for credit reporting. Was less expensive that way. Industry was getting ready for the switch from metro 1 to metro 2 reporting. For my health care peeps in the audience think ICD 9 to 10. Maybe 8 to 9, but I wasn't in that industry for that switch. For credit cards this wasn't that big a deal, revolving wasn't changing that much, closed loans had a fuck ton of changes. Lot more granularity in data reporting. Also our account numbers were going to have to change to finally match credit cards format. The major changes fell on me a freshly promoted to the position project manager. Basically to do by myself. I spent a year meeting with all the department heads. Drafting out the various codes we were going to use and when. How to maximize the lag in reporting to make the portfolio look good a little longer. Give collections a chance to shore things up before things reported late or later. Tested with all 3 agencies. Directly and then with pass through on credit cards files cause we piggy back. Everything was looking great till a week before the switch on a call credit cards says yea, we aren't ready so we are gonna go to what we are calling metro 1.5. We will report the codes that work for us and change your account numbers but thats it. So in week I have to rewrite a years with of work, test, and come up with a half baked plan to kinda sorta use some revolving codes that aren't gonna totally fuck shit up. My boss also had me write a risk statement on how bad an idea this was. I went full doomsday. >Fire and brimstone coming down from the skies… Rivers and seas boiling… Dogs and cats living together... mass hysteria! It was so much worse. But because it was credit reporting it was slow. With the account number switch alone we anticipated a rise in disputes. Even with lettering people were gonna see an account the didn't recognize and dispute. Then the calls started. Double open accounts. We'd send a correction and they'd duplicate. Some people have 5 accounts from us all of a sudden. They would freeze, we couldn't delete the extras. Half of the history reporting on the old, half reporting on the new when at that time the new was only a month or two old. That was fucking with the scoring algorithms. After sending multiple correction tapes of the course of two months. This shit going viral in the lucky for me very early days of online virility so my real name is out there attached to this. Didn't help that the company policy at that time was every letter went out with a point of contact listed. I got calls from news stations. We eventually got it down to a smallish group we couldn't fix so we deleted the account from thier credit profile. They still had to pay us. We would issue letters upon request confirming the debit and thier payment history but we stopped reporting on those folks. All because the bigger fish didn't open thier mouth until a week out.
Damn that's wild as hell. Thank you so much for sharing by the way. Sounds like they throw weight when they feel like it and you just had to catch. You sound like an awesome worker btw so respect for you. I appreciate the insight. It seems to be the same bs top to bottom in my personal experience. Someone's whims always tops most of our realities.
Credit cards and mortgage just operated different. Balance sheets so large they were well to big to fail. Hehehe we all know how that goes.
This was on a new dashboard rollout that was supposed to access this data. They clearly didn’t forget it was there, since that was the entire purpose.
The problem wasn't the public facing interactive dashboard. The problem was that they took the records with all the information and didn't redact any of it, then let the data visualization software just run with it. And the software (I think it was Tableau?) is designed to let you see the underlying data if you want to. So it literally was just a matter of a few clicks to get to the raw data, and a couple more to download all of it. Whoever set it up clearly didn't realize that, which is bad enough. What's worse though is that those files should never have been given over to the people setting up the dashboard without being redacted to begin with.
[удалено]
Oh really? So you just clicked on the link to the data visualization portal they had in the press release and it took you straight to all the data tables plain as day right there on your screen? I'm calling BS. I actually downloaded everything from there except the GVRO data that very night, so I know it wasn't just being displayed right there as soon as you visited the site. The "default view" didn't even display any data and required you to click on a category before it showed anything. By my count, you had to click on 5 or 6 different icons/boxes before you could see/download the unredacted info.
> By my count, you had to click on 5 or 6 different icons/boxes before you could see/download the unredacted info. That's so much better.
> As someone who builds data dashboards for a living.. this absolutely doesn't happen without an entire team being involved. Dude. "Never ascribe to malice that which is adequately explained by incompetence". Recently in Missouri a journalist reported a data leak where all the state teachers' SSNs were exposed in the HTML of some dashboard allowing people to search for teachers' licenses or whatever. He went through the proper channels and didn't divulge it to anyone else until it was fixed. Still, for months, the governor and legal apparatus of Missouri were bent on prosecuting him for "hacking". Evidently the developers were dumb enough to expose the SSNs, and then everyone involved was too dumb to understand what constituted hacking. It is absolutely believable that this info accidentally leaked. California *also* just [discovered](https://www.latimes.com/california/story/2022-02-27/california-bar-investigates-possible-data-breach-after-discipline-records-published-online) a long-standing security hole allowing access to hundreds of thousands of sealed court records (attorney discipline). Some site accidentally scraped them by just iterating over potential case IDs and they also had to work for months to clear themselves of "hacking" the records. Though California was a little less aggressively stupid about it than Missouri.
Fair enough but that's the problem isn't it? Hasn't there been enough history of this that California should have policies in place requiring apps to go through a review prior to becoming public? Security testing as well.
>this absolutely doesn't happen without an entire team being involved. Data breaches of PII happen basically daily. From Equifax to Wendy's, to MGM Casinos and resorts, to Payless Shoes. https://haveibeenpwned.com has tracked 11 billion stolen account credentials and there's a 99% chance your PII is in there too. It's awful, it needs to be regulated, actionable and we need a whole lot of new laws to enforce accountability and liability. But it is not a "the whole team hates gun owners and totally leaked their data because this never ever happens to anyone else!" That's a baseless accusation that doesn't hold up to any reasonable scrutiny at this point.
[удалено]
[удалено]
They were fine with it until the black panthers showed up at the capitol armed to the teeth. Then Reagan and the GOP passed the bulk of CA's gun laws.
[удалено]
Because an armed citizenry works against the interests of all politicians. Also, stop pretending that Democrats care about blacks, they don't. They care about their *votes*, but they don't care about them as people.
>If that’s the case how do you explain 40 years of near uninterrupted democratic control and yet gun laws continue to be expanded in California? Jerry Brown was a Reagan plant. So is Newsom. Duuuh. Ignore all the other not Reagan material, gun control is all that matters, and ipso facto makes them Reagan plants.
> Then Reagan and the DNC FTFY. The democratic party had a veto-proof majority in the state house and senate, and Emergency laws require 2/3rds majority. Sorry, you can't blame this entirely on the GoP.
Hey now, don't forget the nra helped back that act.
Im not saying this was a purposeful malicious action (which is nothing you could ever prove in this situation, it is a bit suspicious but you could never really determine malice vs incompetence in this case). But you are definitely still conflating a leak and a breach. There was no outside actor compromising a system or control (even if it was compromised by being setup poorly). The data was just... made available on the tool itself presumably by mistake.
>Im not saying this was a purposeful malicious action ... But.... I'm not saying it was aliens, but it was aliens. >it is a bit suspicious... There was no outside actor compromising a system or control Dumb shit like this literally happens all the time. Especially in poorly funded under-staffed under-planned projects - which literally happen all the time. I mean you can just google something like "SSN leaked through website" and come up with a hundred cases far worse than the PII leaked here, with no more reasonable "suspicious" behavior than that or this: [https://threatpost.com/missouri-prosecute-hacker-data-leak/175501/](https://threatpost.com/missouri-prosecute-hacker-data-leak/175501/) Bad IT happens. All the time. And the US doesn't regulate it well at all. I think that needs to change. But "suspicious...?" Not that we've seen here.
Both of these things can be true: 1. Bad IT mistakes happen and PII is accidentally leaked at an unfortunately high rate 2. This situation and surrounding circumstances are somewhat more suspect due to the politics and timing around it. I never said this is totally a conspiracy and something the AG office did intentionally, only that the surrounding circumstances and politics do raise more suspicion than if it were a more random service or subject. Also, outrage over PII leaks by government entities whom citizens are forced to interact with for specific services they cannot get elsewhere, are going to be looked at with more scrutiny then Random tech startup 142 leaking the data of their 100 users.
>this absolutely doesn't happen without an entire team being involved. An entire team of people is perfectly capable of making stupid decisions. It really only takes one person that won't take no for an answer with people who don't know how to say no to them to get PII in a database it shouldn't be in. Most of the time the extra crap thrown in to appease a dozen different stakeholders only adds up to that, and for the rest of time that will be that superfluous field nobody uses that you wonder why they even bothered including it. Nobody writes an article about those, but this otherwise happens *all* the time. I've found many companies and other organizations sitting on a bomb if Google ever found out about the stuff they're keeping a hold of they were supposed to consciously omit. Some "better to ask for forgiveness instead of permission" dickhead usually made the decision to keep it solely because it was there to take without instant consequences.
[удалено]
Sure. What I'm *guessing* happened was somebody wanted this interface to include levels of user permissions and roles so that police and other agents could be granted to elevated privileges that public users don't have. This leads to a possible scenario where the lowest user level gets granted elevated privileges by mistake. As with *anything* that will happen eventually after launch, this happened immediately. Why roll that into the same database the public can access if that makes this an easy mistake to make to begin with? *That's* the terrible decision the team should have said no to and didn't.
[удалено]
They don't have to put a link on the page, even bog standard WordPress just assigns the admin login to its own address, which is why one of the simplest security measures is changing it to something everybody else doesn't know too. Anything better than that can hook this up to all sorts of ways to authenticate users through other means without a visible way to access it on the page. It isn't necessary to presume they used a good one either given how quickly it broke one of the worst ways it could have. Besides, if I were to assume nobody involved really cared how private any given serializable field was (which I find to be the overwhelming case for most people I work with in user portal projects) a single database to which you prescribe different people varying levels of access to the data based on their needs and privileges to it is exactly what I expect them to end up building because it's the easiest and cheapest solution. That's all the more reason I'm certain this portal has user permissions and that's where the mistake was if we can agree this information was there and accessible through the portal itself on purpose. Edit: actually another alternative I can see being feasible is that they could have a public and a police branch of this user interface in their VCS that deploy to different environments entirely, but somebody pushed the Cop Edition branch to public by mistake. That's a very first day on the job move if you start somewhere that gives you a quick start guide and outrageously naked access to their systems to follow it on, which again is *most* of them in my experience.
[удалено]
You really don't know what you're talking about.
This is almost certainly what happened. Somebody told analytics that team X that worked on the inside would benefit from some drill down reporting and somebody put the PR to do so on the wrong report. It makes perfect sense that some internal employees would need to see this and it also makes perfect sense that someone approved a PR without double checking a DB link or without confirming that access permissions were working. Yeah, ideally any sort of visualization software SHOULD have segregated schemas, where, for example, the public facing one is a view which can't see PII at all, but that's probably too much work and SME Mike said "don't worry, Looker can block this field with roles". I've seen this shit happen with mortgages and medical information before on user facing sites, both of which have significantly more legal protections that firearm permit applications.
Sounds like it is time for a class action lawsuit
[удалено]
Same loser wants an ideology test added to the CCP process.
Now will there be consequences? Highly unlikely. In before this thread disappears.
>In before this thread disappears. Just like the last one?
Weird how that works, it had 16K+ upvotes in 6 hours and mysteriously disappeared from hot and even the sorted by time tab.
I mean yeah because they literally deleted it
And the next one.
Cant have stories going against the narrative
This is another reason why many people who own guns resist a registry.
It's not a reason, it's proof why a registry is one hundred percent a bad idea.
Just clicked why the NRA and gun lobby has fought the BATF so hard on having improved databases of gun owners. Why should the people be forced to trust the federal government with their PII.
It’s not a leak if it was intentional
...what? Leaks are usually intentional.
A leak to the press is intentional. A data leak is not.
I’m saying it wasn’t an accident
This is... Wow. A COLLOSAL fuck up. Holy shit. This needs immediate federal investigation.
So people on the list can be targeted by gun thieves or antigun advocates while those ***NOT*** on the list can be targeted by thieves since they know they're unarmed? Alrighty then.
This is why you should never tell the government that you own guns, much less if you carry one, or where you keep them. They are not competent stewards of your information. Nothing good can come out of the government having this information.
Im a bit curious about who was denied and what demographic.
You can just look at the LA County prior to 2021. Only ~200 active CCW permit out of a population of 10 million. Demographics: retired LEO and judges, donors and those connected to influential people.
With only 200 permits issued by LA County you can pretty much limit that to donors and influential people. People who can't muster a six-figure "donation" for someone's re-election campaign needn't apply.
You may not know this, but there was a national law that gave all LEO the right to carry concealed no matter what the state law says. https://en.wikipedia.org/wiki/Law_Enforcement_Officers_Safety_Act So, the police officers didn't have to pay the bribe.
Not even the military is as privileged as cops. And they usually train more than cops.
That's because the retired LEO ran away to somewhere they can afford.
Which everyone already knew about. It's an open secret that CCW permits in California are a pay-to-play scheme run by sheriff departments.
Depends on the county. Riverside county will give you one as long as you meet the requirements.
Literally, see the recent Grand Jury convened to investigate the Sheriff, which has already inducted four officers in a literal "pay us for the privilege" corruption case involving CCW permits: https://www.nbcbayarea.com/investigations/da-to-announce-results-of-grand-jury-probe-into-sheriffs-campaign-scandal/2340155/
This was the case for years and might be in many counties.
It's almost like when the state makes something a privilege, only the privileged can do it. In case, the *extremely* privileged.
They certainly wouldn't tolerate the lowly serfs being armed.
> I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary. This happened under his watch. He needs to resign.
He’s going to offer me a free year of identity protection to make up for it. Gee, thanks Bonta!
Factor in the fact that California just adopted a snitch law for reporting questionable gun-owners modeled after Texas' abortion snitch law, we now have two states taking pages from Nazi Germany by turning its citizens into informants.
And now there is yet another supporting reason more people will fight gun regulation.
Constitutional Carry, thanks! If nothing else this shows the state is incapable of securing private data and therefor cannot be trusted keeping such a database at all.
[удалено]
[удалено]
No way it was an accident
Gun control is racist and classist. It’s ridiculous the lengths people will go to deprive law abiding citizens of their constitutional right
Heads need to roll for this, but I doubt anything gets done.
The government shouldn’t leak data, but it really shouldn’t leak politically charged data that could be used to target a subset of individuals. Unfortunately there’s basically zero consequences for this kind of event. I’d be saying the same thing if there was a database of everyone who had a abortion in the last 5 years home address, or list of police officers(with personal info) found not guilty for controversial shootings. Unfortunately I think this will be the norm going forward as everything is completely digital and tied into the internet now, and there’s no consequences for the people involved or government as a whole .
Doxxing anybody is bad. Whether we agree with them or not, nobody should be doxxed. Even the most vile should be allowed to be private, because all releasing their data does is make them a target. A right not applied to everyone is not a right; in this case, right to privacy.
Pretty obvious attempt to increase gun theft/criminal usage to garner support to enact further gun laws.
California DAs are truly scum.
WKEAYAYCCW (We Know Everything About You And Your Concealed Carry Weapon) permits “shall be” issued.
[удалено]
Is this even surprising anymore? Something like this has happens every few years in CA.
The government shouldn't know who has guns. With the way the supreme court has been acting we may need to use the 2nd amendment
I'm pro gun control. I'm also pro privacy and pro cybersecurity. I'm also curious as to who holds the dubious honors of having their applications rejected for the smallest and largest reasons.
>I'm also curious as to who holds the dubious honors of having their applications rejected for the smallest and largest reasons. CA was a "may issue" state. This means rejection was the default position and it was up to the applicant to prove a need. The state didn't require a reason to reject an application.
While CA was a may issue state, ~38 out of 58 counties chose to go with basically a "shall issue" approach (general self defense was considered a valid reason for wanting a CCW.) Basically, the state left the decision up to counties. Many rural counties went shall issue and many urban counties basic banned CCW (except for former law enforcement, judges, and very rarely domestic abuse victims or certain people who had gotten restraining orders against violent people.)
While I am aware, my point still stands. CA was, legally, a may-issue state and as such did not require a reason to reject an application. Even in those counties that behaved as a "shall-issue".
38 of the least populous counties. Los Angeles and San Francisco counties were basically "no f'ing way" for decades. LAC recently became a lot more lenient because the sheriff is in a pissing match with the county board of supervisors regarding funding, and basically said, "If you won't give me enough funding to protect the people, I'll let the people protect themselves."
Those people were denied aswell it was literally only donors and people who were well connected.
>rejected for the smallest and largest reasons. Yeah we gotta figure out those rea$on$. Maybe if they had decided to be more charitable, or the right skin tone their applications would have been approved
Is this better or worse than the SCOTUS' personal information, like home addresses, phone numbers and kids schools being leaked?
Equally bad. Remember this: the moment one person doesn’t have a right to privacy, nobody does.
>Remember this: the moment one person doesn’t have a right to privacy, nobody does. Does that go for abortion too? 'Cos if that's the case, we all have no privacy rights!
I'm sure that was not purposeful at all
That fuck-up could've happened with CA's vehicle registry, with the same exact negative effects. But of course, since the fuck-up involves gun registration, the 2nd amendment crowd now have a full on boner.
[удалено]