BC Freedom of Information and Privacy Association
Your Data Your Rights
Fire Board Trustees of the Gabriola Fire Protection Improvement District (GFPID) say they are doing their best with the ongoing investigation into a privacy breach of personnel data. The breach was discussed at a December 3, 2025 meeting of the board and reported on in the Dec. 10 Sounder.
Chair Erik Johnson says a computer left the fire hall without authorization that contained past employee personal data information, calling it a theft, although other Trustees are quick to clarify the case has not been concluded as a theft.
The breach could affect any person that worked for the fire hall between 1996 and 2015, up to 57 people. GFPID say they are in regular contact with the Office of the Information and Privacy Commissioner (OIPC).
The district has the computer back in their possession and are investigating the scope of data and people affected. They say it has been a challenge tracking down contact information of each individual, including some now deceased.
They have also brought in past Administrator and former Corporate Officer and user of the computer Paula Mallinson, to help interim Corporate Officer Marjorie Colebrook assess the information on the computer.
“Her filing system was not what we consider good,” said Colebrook. “So she was helping us look where she had filed things.”
Jacqui Braid, a former employee of the GFPID and one of the 57 possibly affected, was in attendance and asked questions during the public question period.
She says she had spoken previously about not being comfortable with a past employee coming in to assess the breached computer, and is surprised to hear this already happened.
“I actually opposed that. She’s no longer an employee, and we’re talking about a privacy breach. Even though it was her computer it just seems odd to me,” she said.
Johnson says Mallinson had to sign a Non-Disclosure Agreement, and that she is the one who put the data there in the first place.
“What is your beef with Paula Mallinson?” Johnson said.
In response, Braid said she doesn’t “have beef with her,” but she does have concern about a past employee being brought into a privacy breach investigation, and seems like the Board is “falling into the old ways of doing things.”
Braid also asked for an updated timeline of the investigation, pointing to the general Board meeting held on December 3, where Trustees said the investigation would take a couple of days.
Johnson responded saying he doesn’t have to explain this to her because they are volunteers with a “a great big hot potato drop in [their] laps,” and this is the best they can do. We’ve got a report out to OIPC, which we have to do. The case isn’t closed until they tell us it’s closed.”
The Local Journalism Initiative (LJI) is a federally funded program to add coverage in under-covered areas or on under-covered issues. This content is created and submitted by participating publishers and is not edited. Access can also be gained by registering and logging in at: https://lji-ijl.ca
You can support trusted and verified news content like this.
FIPA’s news monitor subscribers, donors and funders help make these available to everyone rather than behind a paywall. We appreciate every contribution because it makes a difference.
If you found this article interesting and useful, please consider contributing here.
