MEGA VIOLATION
Kevin McKernan account on mega.io (AKA mega.nz) has been terminated due to a dataset he shared, and the cloud provider claimed it was a violation of the terms of use. But was it really?
The Kevin Experience
In 2021 I’ve published on twitter (AKA X) my first article that covered the usage of codon optimization by the COVID19 “vaccine” manufacturers, and the implication of implementing such a technology which was was known to both the manufacturers and the regulators as causing severe adverse responses. This was straight after I exposed the Pfizer/BionTech Manufacturing and supply agreements, and while I have a strong background in contracts, this topic represented a total new domain of knowledge for me, and I had no ability to know if my understanding of the implications of using such a risky technology was correct.
After I posted it, one of the replies was from Kevin, who stated that my analysis was correct. I’ve visited his profile and saw his background, and was really impressed. If you never heard of Kevin, who was the R&D lead Human Genome Project at MIT/WIBR, and has been leading the Cannabis Genome Project, see this video:
I decided to try and ask Kevin a few question, so I DM’d him via twitter, and he gracefully answered. For me, chatting with Kevin has been a wonderful and humbling experience, because his answers were so precise and so extremely technical, almost to a level of obscurity to a layman like me who barely studied biology in high school and had no academic background in biology it always led to do more reading and self exploration, which I cannot thank him enough for what it led me to learn. Over the last two years I’ve chatted with Kevin every once and a while, and I believe our last conversation was about the SV40 prompters, which the implication of this contamination with confirmed research by Pfizer (for the Japanese government) in 2020 that shown the Nano lipid particles (NLP) arrive to ovaries and the impact it could have on future human genome has terrified me.
Fast forward to today.
You’re Terminated
Today I discovered that Kevin has posted on his Twitter account a strange message, a response to Steve Kirsch post related to the New Zeeland dataset which he released as far as I understood as an excel spreadsheet.
So here’s what’s happened:
Kevin has mirrored the data Steve has anonymized, and shared it on Twitter.
Kevin woke up today to discover that his account has been terminated, which meant that has been denied access to ALL HIS DATA SINCE 2016, which also meant that all his posts on Substack which referenced data he has used mega.io/mega.nz to host has been broken.
The Privacy Thread
Since I’ve been working in the field of information security and privacy for many years, including handling contracts across multiple regions and states (for example, I was the Europe, Middle East and Africa (EMEA) head of security for Merck, Sharp & Dohme (MSD), AKA Merck in the US), I tried my best to see if I could help Kevin.
What you are about to read below is the thread of replies to from Twitter, which started here:
Kevin, as a privacy expert, I strongly advise you to take look at this, about the NZ Privacy Act 2020. I would love to help!
The most crucial point to start with - PRIVACY LAWS DO NO APPLY TO DEAD PEOPLE. Therefore, if the dataset included ONLY information on people who died, the NZ Privacy Act does not apply to them, even if data such as name was exposed!
Second, the real issue is that MEGA are located in NZ, and therefore the cause of termination could be other government legislations. However, for contract termination I believe MEGA has a legal obligation to provide you with the EXACT cause of termination.
I am extremely familiar with international privacy and information security regulations, as most my professional career was centred around them. I was also EMEA regional security officer of Merck/MSD. Therefore I offer you a free professional support to help you with this case!
Regardless of the reason of termination, according to the NZ Privacy Act 2020 MEGA has a legal obligation to provide you with data processing related to your personal data, and you can argue it includes the exchange with NZ government that led to your account termination.
I suggest to remind MEGA that their unilateral contract termination has incurred on you multiple damages and that in order for them to avoid a legal dispute that has a risk of leading to severe financial, reputational, and operational damages you want to backup your data!
MEGA - I put you on notice that the termination of Kevin's account has implications far beyond his personal damages, as the information you have taken off is a scientific evidence that will be used ongoing and future litigations. You will be wise to let him to back it up!
Let us look at the FIRST relevant Mega Limited Terms of Service ("Terms"):
"17.3 infringe anyone’s intellectual property (including copyright) or other rights in any data;"
Non applicable. There is no IP to this data.
The SECOND relevant Mega Limited Terms of Service ("Terms"):
"17.8.1 store, use, download, upload, share, access, transmit, or otherwise make available, Data in violation of any applicable law in any country..."
This is the term they probably have used.
HOWEVER, as stated above, if the data in a dataset is truly anonymized it does not contain information that could lead to the identification of individuals. In that case, the request to take down the data is based on false pretences, at least when it comes to privacy regulation.
Let us now look at MEGA takedown policy, and in particular, the "Emergency Response" section, which is most likely what the New Zeeland government has used.
According to MEGA takedown policy, the NZ government might have said there is "valid reasons to believe that disclosure or action is necessary to prevent or lessen a serious threat (as defined in section 7(1) of the Privacy Act 2020) to public health or public safety …"
However, since the exposure of the dataset is a direct attempt to prevent a serious threat to public health or public safety, it is arguable that in fact the removal of the data is in fact acting against the purpose of of the Privacy Act 2020!
MEGA takedown policy state that such emergency takedown can take place "where the person giving such assurance confirms in writing that the threat is of such urgency that there is not time to obtain a production order or other court order."
What assurances were given???
According to the MEGA takedown policy, they can claim that the dataset was "Objectionable material – child exploitation material, violent extremism, bestiality, zoophilia, gore, malware, hacked/stolen data, passwords".
AFAIK, This was public data that was exposed, NOT stolen!
Finally, the policy includes "Other cases": "MEGA will generally only take action when required to do so by applicable New Zealand law or a court or law enforcement authority with appropriate jurisdiction".
Criminal matters requires production order, civil matters - court order.
[COMMENT - a production order in the context of New Zealand law typically refers to a legal mechanism through which a court can compel the production of documents or information.]
The Follow Up
After I posted the above, I’ve started to receive multiple comments, to which I tried to reply. Here are some comments and replies:
“I guess they'll refer to public safety, knowing that if the data got out and were widely validated to prove what @stkirsch & co claim that it proves, this would lead to an uproar never before seen, and this in turn could be labelled a threat to national security.”
“Such an argument is valid only in a dystopian world such as Orwell's 1984, where Newspeak is being used to describe reality in a black mirror manner, where sickness is health. A totalitarian regime that use such arguments is the real threat to national security, not Kevin's work.”
“You mean illegally obtained data.”
“Based on your logic, all the newspapers that has received and publish @Snowden's revelations has illegally obtained the data, which is incorrect. Furthermore, the dataset has been anonymized, and therefore the publication followed the same principles of editorial responsibility.”
“Private personal medical information is not the same. "It was anonymized" proves one had (and still does have) the private medical info. It's not based on logic. It's simple law. Stealing a car and swapping plates with yours doesn't make the car your property.”
The document which was shared had been anonymized, therefore publishing it does not cause harm to a living person as define by the privacy act 2020, and therefore is should be legal to publish it. Discussions about the nature of the original dataset are irrelevant to this case.
“The crime isn't the publishing of anonymized information. The crime is obtaining and having unauthorized access initially. Like I said. Changing the stolen car plates doesn't erase the crime.”
Whatever alleged "crime" you refer to has NOTHING to do with the data shared by Kevin. According to @stkirsch own testimony (Substack) he anonymized the data. Again - sharing of the anonymised data does not constitute a crime, PERIOD. By your logic all journalists are criminals!
[THIS SECTION WILL BE UPDATED WITH FURTHER COMMENTS AND REPLIES IF ANYTHING IMPORTANT WILL POP UP. STAY TUNED!]
Black Mirror Privacy
What Kevin has gone through in the last 24 hours was a sharp and painful reminder to all of us that the censorship industrial complex has stretched it wings and now cover almost every corner of the internet. This is no longer a social media problem, it is a problem that has far and wide implications to each and every one of us who are using “the cloud”. The implementation of emergency takedown without even informing the living person who is the target of this takedown represent the black mirror edition of the privacy regulations, which were supposed to allow individuals to have rights to their data. The way in which a data processor (e.g. mega) implemented such draconian acts such as the removal of access to the personal data of an individual without even informing them empties the whole notion of privacy rights.
I will do everything in my power to help Kevin, and as I stated above, I will be more than happy to work on his case pro bono. Kevin is a real hero, he has given us so much, and we all should stand up for those who has dedicated so much of their time and effort to the good of humanity. It’s the least I can do.
Purrfection
I’ll end this thread with one of the latest photo of a cat that Kevin has posted, because IMHO Kevin is known for his love to cats almost as much as he is known for his work.
Meow to Kevin!
Ehden
as always your precision and compassion for humanity comes through in your writings.
That was my interpretation of the situation but I couldn't get confirmation that all entries listed were deceased.
I hope Kevin accepts your offer because this is going to happen a few more times in the com i ng months and they have the head start, because they are acting first, then checking afterwards to see if their actions were legally appropriate. That old argument that it's better to ask for forgiveness, than permission!😉
It wasn't Mega it was Steve Kirsch he gave the bait out and made it look good. So people downloaded it not realizing that Steve can track everyone that downloads off him. It was a bait and switch he took the guy's data and had Mega erase the guy's account. Steve Kirsch has 100s of millions of dollars. Steve is a computer genius a Low tier Bill Gates. How to you steal data from other people? By getting them to download something from him first. Lol