Pirate Party of Canada Evidence Based Policy Making

Time To Get Serious

Over the past month as leader, I have been attempting to bring our party back from the ashes and really turn it into a meaningful part of the Canadian political discussion. This isn’t an effort made alone, but through the hard work and dedication of our members and now it’s time to ramp it up.

Our platforms are currently in need of review. I am doing an in-depth look into our platforms and will be working within the rules of the party to ensure they are updated as quickly as possible to meet my standards. I have already started working with a team of francophone volunteers to ensure our website and platforms are properly translated into French.

It will now be an emphasis by the leadership of the party to focus at least a bit of energy into fundraising. This doesn’t mean harassing you with emails begging for money every day, that isn’t us. It does mean reminding our members when possible that it costs money to run a party, and it costs even more money to make sure other people hear about us.

Finally, no more passive Pirate Party, we are a legitimate option for Canadians looking for a party with real solutions for the 21st century. Basic Income is the solution to job automation, homelessness, and other issues Canadians face today and will face in the near future. We are the only party talking about that, and we need to remind people of this. We also need to call out other parties when they do wrong, or when they show their ignorance to technology and the future of Canada.

It’s the 21st century, it’s time for 21st century politics. The Pirate Party is here, and we are ready to serve you. Let’s do this!

– Travis McCrea

Pirate Party Privacy Mishap Notice

This is a notice to all old members of the Pirate Party who have used crm.pirateparty.ca / my.pirateparty.ca but have never signed into sso.pirateparty.ca.

At 0200 PSDT (actually due to time paradox of DST I am not sure if this is 0200 PST or PDST), an email was sent to all older members of our party who had not yet signed into our new SSO system. An email was written to inform them of the new system and to request they update their information in our backend. Sadly, due to a bug in the script which emails out the members, it iterated the list to each member who came after them in the database.

IE Member 1 got their email, then Member 1 got Member 2’s email, Member 1 AND Member 2 then got Member 3s email.

We tried to stop the emails from completing, as our email partner SendGrid has failsafes against this. Sadly, by the time we got ahold of SendGrid the emails had already cleared the queue and we have no way of knowing how many of the 315 people who were on this list actually received the emails. What we do know is 4,072 were sent, and the code has already been updated so this problem never happens again. The damage, however, has been done and for a party that prides itself on personal privacy this mishap is even worse.

Technical Details

Our codebase is PHP, the code which caused the problem was a loop where the array wasn’t reset between looping. This means for each additional member, instead of replacing the previous email, it added to it:

$sql = "SELECT email, name FROM users WHERE password = ''";
//$sql = "SELECT * FROM `users` WHERE `email` LIKE 'travis.mccrea@pirateparty.ca' ORDER BY `activateemail` DESC";

$result = mysqli_query($conn, $sql);
$json_string['category'] = 'welcomeemail';
if (mysqli_num_rows($result) > 0) {
    // output data of each row
    while($row = mysqli_fetch_assoc($result)) {
        $json_string['to'][] = $row["email"];
        $emailto = $row["email"];
        if($row['name'] == '') {
			$name='';
		} else {
			$name = ' '.$row['name'];
		}
		$textbody = "
Hello$name!

I try to keep emails to members a minimum but I wanted to ask that you come sign into our new member management system. As your account was rolled over from our old system you will need to create a new password. You can do that by using the password reset link below. Keeping an active account with the Pirate Party is just a tiny thing you can do to help us better organize and understand who our members are.

This may be the first time you are hearing from us in a long time, so let me just say we are rallying back after a few years of slacking. No more long meetings on insignificant internal bureaucratic policies, no more half baked projects that are not maintained, none of that. Just a simple website that tells you what we are about and better communication with the people who matter most (our members).  Welcome back to the Pirate Party! 

Reset your password: https://sso.pirateparty.ca/reset/$emailto

Thank you,

Travis McCrea - @TravisVancouver
Party Leader
604.500.4524 ";

//I have removed the CURL  as it didn't provide any help

    }
} else {
    echo "0 results";
}

This was purely sloppy coding, and it was my own fault. I had tested it, of course, but as you can see from my commented out test call it wasn’t enough to show this problem. It was a problem that could only show in a test of multiple emails.

How To Prevent This

There are many ways this can be prevented in the future, the most obvious one is sleeping and coming back to things in the morning just to double check it. It seems like a lousy excuse and maybe a pointless step, but at least for me this is the hour where many of these issues start popping up so I am going to stick to it more closely.

On the technical side, I have added multiple accounts under a dummy name that no one else will have and emails will be tested against this list before others.

Also, the proper code was put into place to reset the array.

I am truly sorry to anyone who was affected by this, there is no action you need to take… no password information was shared (and our passwords are encrypted using B_CRYPT with 12 rounds of strength anyway). This information is here because I screwed up, and one of the things we do in the Pirate Party is admit our failures, we try not to spin them, and we move forward. So far the people who were up at this hour and have responded have seemed fairly understanding, I appreciate that and all I can do is promise to do better next time.

EDIT: A previous version of this post refer to this as a “breach”, to avoid confusion between malicious intrusion and stupidity we are using the term “mishap”. Further we would like to remind everyone that we at no time have credit card data either in our servers or in our database. We use a secure payment gateway and your information is securely kept in their fully PCI compliant system

– Travis McCrea

Welcome New People!

Welcome New Supporters and Media (lots and lots of media),

Many of you (especially the media, apparently) might have never known that our party exists. While we have been around since 2009, we haven’t done the best at letting Canadians know that we are here and ready to work for them. So let’s do a brief introduction to The Pirate Party of Canada and why we are a real political party with real good ideas:

  • We have existed since 2009 run in both major elections since then as well as some by-elections.
  • We are a civil liberties party focusing on protection of the Internet, copyright reform, and evidence based policy making. Our flagship platform is Universal Basic Income, something we have been talking about since 2011.
  • We are currently the only party with a plan that addresses job automation and job losses associated with it. Basic Income being the cornerstone of that plan.
  • We call ourselves Pirates because it’s a great introduction in conversation, we could be the Purple Party or the Humanist Party but no one wants to be stopped on the street by someone who calls themselves “Purples” but everyone always wants to know why we are called Pirates. We were given this name by the copyright industry, our counterculture movement has always been called pirates and instead of trying to shy away from it, we have decided to embrace it and take empowerment from it.
  • We have caught members of Parliament, the RCMP, and Industry Canada all having IP addresses which were downloading torrent files.
  • We are free to join, and voting membership can be as little as $1 per year.

We are ramping this party up, no more sitting in the shadows and waiting for people to come to us. We are hopeful that Justin Trudeau passes meaningful and democratic election reform, but we are not waiting around for others to tell us how relevant we are in Canadian Politics, it’s time we make ourselves relevant.

People who are interested in evidence based policy making, progressive values, and a party whose leadership all know how to use technology… you should check out our platforms and then sign up for free

Downsizing

Everytime we get a new leader, new council members, new IT volunteers… everyone always wants to add to the services we offer, they want to show their own skills and their own taste and make our parties offering even better than before. What that has mainly lead to is a bunch of half completed projects, degraded services, extra expenses and generally no benefit to the party. So as one of my first big acts as leader of the Pirate Party of Canada is to roll back a lot of the things we have done and bring us to a more simple structure.

No more forums, no more heavy and overly complex CRM, no more Ryver, no more PiratePad, no more Pirate Linux, no more wordpress, no more $115 per month dedicated server, no more self hosted IRC (you can still connect to irc.pirateparty.ca it will just connect you to another Pirate Party’s server), no more any of that. Our blog will now be hosted on github, all of our changes can be tracked at Github and membership will be managed with https://sso.pirateparty.ca.

Some people might not like these changes, but I think every once in a while we need to just start fresh. I think this is the time to do it. Our party should be focused on advocating policy and rallying our members and not spending time and energy (we don’t have) on maintaining our own version of a live-editable pastebin. Going forward our energy is going to be spent on outreach to you, our members, and to the public in general. We are talking about important topics, and it’s time we start getting that message out there.

Thank you for your support, I am sorry if you are losing a service that you have been using, and fair winds.

– Travis McCrea

The Elections Canada Broadcast Arbitrator Is Trying to Make It Harder for You to Be Informed. Here’s What You Can Do.

Gatineau, QC – For the past 3 years I have attended the Elections Canada Broadcast Arbitrator meetings, where the current Arbitrator Peter S. Grant lays out his decision for how much air time political parties have the right to purchase during elections. In those 3 years almost every minor party has requested equal treatment and access to purchase airtime, just as the larger parties are allowed. These requests have gone ignored, with small parties being given 6 minutes of time while larger parties get around 100 minutes, but we have remained silent.

This year Mr. Grant has gone too far in a bid to silence minor parties by explicitly stating that Canadians should not have to listen to smaller parties because some have regional issues or limited platforms. Parties like mine, The Pirate Party, a general platform party that is on track to take a majority government in Iceland, holds MEP seats in the EU, and many other governmental positions around the world, have been deemed not worthy of having access to buy the same amount of air time as the Liberal or Conservative Party.

Courts have already ruled that Elections Canada cannot treat minor parties differently than the big parties, this was one of the benefits afforded to us in Figuroa vs Canada. Not only are his actions wrong, but they fly in the face of Canadians charter rights to be fully educated about their options and to play a meaningful role in the election process. Every citizen of Canada has the right to play a meaningful role in the election process, and a right to be educated about their options for who might represent them in Parliament. We’re not asking for special treatment, we’re asking for equal treatment.

In the past we let this issue go, however the possibility of election reform and even a push for proportional elections signals a chance at representing the thousands of Canadians who have supported us since we became an officially registered party in 2010. We can finally hold office and hold Parliament accountable for transparency and evidence based policy making.

However, by not giving us access to equal time Peter Grant says “Canadians don’t need to know about the Pirate Party.”

We live in a world where the media talks about the Conservatives, NDP, Liberals, and even the Greens every day, but our candidates are not invited to “all party” debates and functions. We have minimal free advertising compared to what the other groups get. The CPC, LPC, and NDP can always get more airtime than the minimum if they want it. Broadcasters are more reluctant to sell airtime to minor parties, so it’s essential that our parties have the equal opportunity to buy the airtime we need to be competitive against establishment parties.

Our party may be small, but we are not single issue and we are not a local party. We consistently meet the milestones that Elections Canada requires us to achieve to keep our party status. We are a real party, no different than others, and we should have equal opportunity to buy advertising time necessary to get our message out to the Canadians who might otherwise have never heard of us.

Have you heard of us? How many minor parties do you know exist in Canada? Give us the ability to spend the money and tell you about our platform by signing our petition demanding equal access to purchase advertising time:</p>

Click Here To Sign Our Petition</div>