Gun advocates are angry Sig Sauer P320 keeps shooting people without anyone pulling the trigger

1907 gun safety marketing boldly claied zero accidental shots with 1.6 million sold.

An old saw in America is that gun manufacturers are never to blame for anything, ever. Usually it’s phrased cynically as “guns don’t kill people”.

However, a growing number of highly trained and proficient shooters in America (e.g. the police) have been challenging that idea with… lawsuits blaming a gun manufacturer for people being shot by its guns.

The lawsuit comes after the Milwaukee Police Department reported on Sept. 10 that an officer’s holstered gun fired “inadvertently” as he searched a vehicle and injured another officer nearby. It’s the third time since July 2020 that a Milwaukee police officer’s gun fired without the trigger being pulled, according to Andrew Wagner, president of the Milwaukee Police Association. And it’s not the first time safety concerns have been raised about the model of firearm in question — the Sig Sauer P320. […] At least 22 lawsuits have been filed against Sig Sauer since 2018 alleging the P320 fired without anyone pulling the trigger. The lawsuits originate from Missouri, Massachusetts, Kentucky, Georgia and elsewhere. Eighteen have been filed since 2020.

It’s so bad, apparently, that even polite Canadians aren’t mincing words about the gun being at fault.

It recently became the official sidearm of Canada’s elite military unit, Joint Task Force 2, that is until one of the new guns fired on its own and shot a soldier…

“One of the new guns fired on its own” report coming from the Joint Task Force 2 certainly throws cold water on a “guns don’t kill people” theory.

The next twist to this story is that a judge very recently ruled in favor of the gun maker, using a rather technical and stupid premise.

…there was no evidence introduced at trial to show that SIG Sauer was aware of the Roscommon incident at the relevant time: in December 2016, when Guay purchased his P320 in reliance upon the advertisement. The evidence only established that SIG Sauer had seen the Roscommon video by January 10, 2019, more than three years after Guay purchased his gun.” In his lawsuit, Guay — who said he has “substantial firearms experience” — claims he was taking off his SIG Sauer holster with his SIG P320 secured in it on Jan. 28, 2020, “when the pistol fired and hit him in the right thigh without him ever touching the trigger. The hollow point bullet it discharged left a gaping wound…”

The last sentence brings up a small point (pun intended). Proponents of a hollow point bullet call for maximum possible damage, as if every round must be lethal. This expectation to cause extreme suffering was probably NOT meant for those being shot by their own P320 still in their holster. In context of predictable self-harm a hollow point seems rather… unnecessary and unwise.

A far bigger point obviously is that this unfortunate incident was in 2020, and the victim proved Sig Sauer was well aware of the problem since at least 2019. The court used a technicality to rule instead the victim couldn’t prove Sig Sauer knew about this problem way back in 2016 when he purchased the gun. Despite him not providing this evidence, it seems to be trivial to find.

What was the judge thinking?

The case somehow fixated on whether Sig Sauer knew about just one incident in particular at a very particular time. It reads like a very unintelligent and narrow burden, given what that case was really about.

Sig Sauer clearly knew at least since mid 2016 of Roscommon-like incidents given broad “class action” announcements in the news such as this one.

A prominent Kansas City plaintiffs attorney seeks class-action status for a lawsuit claiming that a Sig Sauer Inc. pistol has a defective design that creates a potentially lethal safety issue because it can fire when dropped. […] Sig Sauer already faces several other lawsuits related to premature discharge, including one by a sheriff’s deputy in Virginia, who claims her fully holstered Sig Sauer P320 discharged a bullet into her leg, even though she never touched the trigger. In addition, a lawsuit in Connecticut alleges that a police officer was shot [January 2017] when his P320 pistol fell as he loaded equipment into a vehicle. The pistol discharged when it hit the ground, and he was shot in the leg and knee.

Sig Sauer allegedly was knowingly misleading people with false advertising about safety in mid 2016, which many lawsuits seem to confirm repeatedly.

So again, what was the judge thinking?

Her ruling in 2022 that the plaintiff/victim couldn’t prove Sig Sauer was aware ten months later about a serious failure seems overly pedantic and disconnected from any reality of product safety.

Even though the Roscommon incident occurred in February 2016, there was no evidence that SIG Sauer became aware of the incident (or saw the video) close in time to the incident,” writes McCafferty in her ruling. …evidence at trial did not establish the date on which SIG Sauer first became aware of the incident, McCafferty writes.

Does this judge really want us all to believe that it’s up in the air whether Sig Sauer knew in 2016 their gun had shot a police officer?

I mean come on, here’s the 2021 Collette lawsuit text.

In February 2017, Sig Sauer sent an employee to Roscommon, Michigan, to investigate a possible defective discharge.

They knew. They knew in 2016.

In another 2021 very high-profile lawsuit, Sig Sauer gets called out for sticking their head in the sand for five years (e.g. since 2016) — very aware their marketing was false.

“Gun owners don’t want to think that their gun can just go off without the trigger being pulled. I picked up my bag, my keys were on top,” she said. “As I walked around my desk, my purse swings out and it shoots out the bottom of my bag.” […] Hilton’s $15 million lawsuit said, “there have been 54 reported uncommanded discharges of the P320,” meaning the gun went off by itself, over the last five years in 22 states and Washington, D.C.. […] “It’s not credible to claim that people with this amount of training, this amount of skill are all shooting themselves,” Bagnell said. “These are experts. It’s happening all over the country. … you would have to conclude there’s a problem with the product, not with the people.”

The very controversial phrase “guns kill people” apparently becomes more palatable among gun advocates if you say “there’s a problem with the product, not with the people”.

Ok, so clearly Sig Sauer knew they had a “problem with the product” by December 2016 despite the judge ruling it wasn’t obvious enough to her.

But wait, it gets even worse.

While Sig Sauer has continued to dispute that there is anything wrong with the P320, the company offered what it called a “voluntary upgrade” in 2017, saying, “These upgrades will enhance the protection against unintended discharges if the pistol is dropped.”

The protection should have been designed better and also should have been mandatory. Asking for volunteers to upgrade while saying there’s no need to upgrade makes zero sense. Even more to the point such an expensive upgrade in 2017 couldn’t have been on the books if the manufacturer hadn’t known by that time about the serious safety defect.

It’s obviously mixed messaging from the gun maker.

In late 2017, SIG SAUER implemented an upgraded design of the P320 pistol to enhance the safety and performance of its P320 model pistol. […] The SIG SAUER P320 pistol continues to meet and exceed all industry safety standards, and it is safe to carry and use in both the pre- and post-upgrade versions…

They released an enhanced safety fix while “all U.S. safety standards” say this fix isn’t needed to enhance safety.

Weasel words.

Do you know what is actually meant when Sig says ALL safety standards? None.

…the firearms industry self-polices its products, establishing its own design standards and initiating its own voluntary recalls…

And if that’s not proof enough for the court system to step up here and hold the manufacturer liable, the U.S. Army ran the P320 through significant testing (e.g. acted as a federal safety regulator) and by mid-2016 reported a major defect — discharge without trigger pull. BEFORE DECEMBER.

A modified trigger mechanism was implemented only for military sales, sending allegedly known defective guns into the general market exactly like all these lawsuits have been saying.

During its internal testing on April 20, 2016, the U.S. Army discovered that the SIG P320 pistol would fire unintentionally on its own when dropped, which the Army deemed to be a “deficiency.” […] The U.S. Department of Defense traced this “deficiency” to an issue with the trigger and sear. Recognizing the dangerous nature of the defect, the Department of Defense required SIG to correct the issue before continuing with the M17 / M18 contract (which it did successfully)

The gun maker by 2017 also was quoted as saying the commercial P320 would get the 2016 Army fix yet that doesn’t seem to have happened.

The Army’s M17 pistols, which came out of the Modular Handgun System trials, already have these upgrades and SIG reiterated that they were always planning to roll them out in the commercial P320s soon as well. […] SIG showed us high-speed footage of both the current commercial P320 version and the upgraded trigger version impacting the concrete. The difference was night and day.

You’d think regulators would step in at some point here, especially given how judges seem confused.

Going back to that small point above about packing hollow point bullets, lobbyists have refused all and any “safety” regulations in order to keep gun manufacturers unrestricted from selling maximum harm as a feature.

In reality gun products are exempted from regulation under the Consumer Product Safety Commission (CPSC), no matter how stupid that sounds. Gun safety is meant to be an absolutely critical step prior to owning and operating one, yet there are absolutely no safety standards for gun products. None.

The Remington 700 bolt-action rifle, the company’s most popular product, has been reported to fire without the trigger being pulled, which has resulted in the deaths of two dozen people and injuries to at least 100 others. The incidents spurred more than 75 lawsuits. Remington executives were reportedly made aware of the defects by engineers, but according to CNBC, the company held off on replacing the faulty trigger because it feared such a design change might be viewed as “an admission of guilt.” …a judge in 1983 found Remington in contempt of court, calling the company’s secrecy a “flagrant disregard of the law” and “obstructive and offensive … to justice.” Even a significant jury verdict can’t convince a manufacturer to fix a malfunctioning weapon [and] …even though an estimated 7 million defective firearms were sold, only 2,327 gun owners have submitted claims to Remington. The company’s recall process stands in stark contrast to how the federal government recalls dangerous products. For instance, the CPSC can mandate a recall of toy guns or crossbows that malfunction even if only one complaint has been filed with the agency.

No claims about product safety in Remington ads, just hints about murdering the safety regulators

In conclusion, this is a much wider problem than just one manufacturer. But Sig is an especially toxic brand as it markets their product specifically on the premise “safety isn’t negotiable”, which presumably is meant to taunt regulators.

Sig Sauer’s marketing has flagrantly contradicted its actual product safety record since 2016.

When their gun is repeatedly found to be unsafe in multiple complaints over multiple years Sig negotiates through settlements and court battles in an attempt to destroy any true standard of product safety.

The answer to this problem is obvious. Lawsuits and settlements aren’t even close to sufficient. Can you believe a lawsuit over the resale value for a used P320 (someone argued Sig’s poor product quality deflated profits in the $28bn gun market) was shot down by a judge?

Guns, especially those made by brands peddling “safety isn’t negotiable” as their message, need to go under federal safety regulation. The U.S. Army has already proven how well it works (for them).

FBI Arrests Pro-Russian “Patriot Hackers” from Colorado and Maryland

Recently I posed the thorny question of who should be classified a “patriot hacker”, especially when thinking about the mid-1990s.

I realized with the latest news stories, now might be a good time to poke this bear a little more.

We have to begin by admitting the term hacker sadly has come to mean computer crime. I hate that as much as anyone, but it’s a reality of the times. When someone uses even authorized access to misuse or abuse data protection (e.g. Snowden), then some or even most camps throw around the word hacker.

In that sense, I’m putting the phrase “patriot hackers” in quotes because I’m unconvinced people hitting the news today really are either, let alone both. But for the sake of argument please hear this out. I hope you appreciate where I’m going.

Also, when I talked about the term patriot in the other blog post about hacker history, I used a dubious definition from an old Yale rag: “defending one’s own country”.

This is even worse than the hacker definition one above. Yet it’s obviously taken seriously by Yale and I’ve seen it cited downstream by people trying to influence or set government policy on hacking. Thus I’m using it because it’s been used by others.

Now I’ll give two examples from current news to show how the phrase “patriot hacker” can play out in the present, as well as compare it with the past.

First, Jamie Lee Henry and Anna Gabrielian were just charged with conspiracy to disclose American health information to Russia. Check out some of the buried ledes in their wacky story:

Gabrielian told the FBI agent “she was motivated by patriotism toward Russia to provide any assistance she could to Russia, even if it meant being fired or going to jail,” the indictment says. […] Gabrielian told the agent that “though [U.S. Army Major] Henry was a ‘coward’ and concerned about violating HIPAA by providing records” to the agent, “Gabrielian had no such concerns and violated HIPAA ‘all the time.’

Ouch. “Violated HIPAA all the time”.

We’re hearing from the FBI that an American couple, one in active duty with secret security clearance, were motivated to steal and forward medical records… allegedly due to their patriotism toward Russia.

That’s not their own country, right?

And I can’t leave out this detail.

Gabrielian texted the undercover agent using coded language on August 25, according to the indictment, saying, “Jamie might have samples of his poetry laying around. He says he will look for them and decide if he has the bandwidth for another project over the weekend. I think it would be good for him to at least show you examples of his past work.”

Poetry. Why does it always have to be poetry?

Second, a former NSA staffer said he had an itch to treat Russia as his “own” country while trying to break American laws and stir up trouble

In his communications with the FBI’s undercover employee, Dalke allegedly reached out to what he thought was a Russian agent, saying he, “recently learned that my heritage ties back to your country, which is part of why I have come to you.” He goes on to explain his reasoning for wanting to share documents from the NSA and at least two other American federal agencies, saying he, “questioned our role in damage to the world in the past and by mixture of curiosity for secrets and a desire to cause change.”

Dalke clumsily admitted he wanted money in exchange for his Russian patriotism, but don’t let that distract from a core premise for all three people. They intentionally bypassed controls (computer crime — hacking) to serve a particular country that they only had a distant/romanticized affinity towards.

Again, to be fair to myself because I hate these definitions, these people seem about as patriotic as they are capable of hacking anything (not much, yet clearly enough to be willfully breaking laws). These stories are about “patriot hackers” being arrested because our definitions of those terms make it so.

And with that being the case, we should think back to the news of Hagbard’s death in 1989.

His role allegedly was to take the information stolen in Germany by three others and give it to the KGB on floppy discs. After he and the others were caught (Cuckoo’s Egg), Hagbard mysteriously died in a fire. It was called a suicide yet who really believes that?

History could be written about Hagbard had a drug habit (or any other habit really), that he was in need of money, or that he was curious about secrets and desiring to cause change. And that’s where many people leave things when talking about the 1989 hackers, omitting their sense of duty or affinity.

However, beneath the more superficial layers of human interest (e.g. highest bidder wins) is a more troubling connection to identity and power. A young German walked with floppy disks in hand to the KGB because, why?

We may never know whether Hagbard held affinity towards Russians when he went out of his way to meet with them, I mean more or less than Snowden does today.

Edward Snowden has been granted Russian citizenship. The news was confirmed in a decree by Russian President Vladimir Putin posted Monday to the Kremlin’s website.

Right under that decree it must also have some kind of poetry like “you too can call Russia your own if you question America’s role in the world and think you can hack to extend the tyranny of Putin”.

In conclusion, patriotic hacking as a phrase could be a LOT older than many people in U.S. government advisory roles are allowing themselves to think about. Patriotism is certainly more than a narrow sense of own country, which opens the discussion to many more hacking incidents.

After all, if we use this blog post as a lens to reconsider Robert Lee Johnson’s attacks in 1961, patriotic hacking may be as old as hacking itself.

An Early History of Politically Motivated Hacking

Years ago there was a “rise of hacktivism” paper at Georgetown, but it’s a PDF and mashes a lot of things together with no references. It seems like the Web needs something better.

One of the hard parts about documenting these events is a lack of agreement for terminology, such as “patriot” hacking. Anyone have a hacking dictionary handy? I’m kidding, of course, because the first thing it would say is “crackers”.

Some say being patriotic means defending one’s own country, yet of course that’s too simple. For example would a kid living in Holland with Russian parents who are from Iraq… going to identify along one or more of those lines? Or how many Russian patriots are actually Americans living in Beirut?

Here’s a good one: does an Italian organizing a global political protest to knock France offline (1995) seem less patriotic than the Chinese organizing a global political protest to knock Indonesia offline (1998)? It all depends on interpreting an Italian motive of defending one’s “own” assets versus interpreting the Chinese one.

Without getting into all that, here’s a quick and simple list of early politically motivated hacking:

1986 Patriot Hacking (although arguably corporate espionage for money, there’s definitely a power angle)

Three West German hackers were found guilty today of selling Western military computer codes to the Soviet KGB and given suspended sentences ranging from 14 months to two years. […] A fourth man, 30-year-old Karl Koch [tasked with handing floppy disks to the KGB], who was also arrested in the case, [mysteriously died in a fire] in May. At the trial, which began Jan. 11, all three admitted guilt in obtaining the codes to sell them to a Soviet KGB agent in East Berlin.

1989 Anti-science Hacking (disgruntled worker)

An evolutionary biologist named Joseph Popp came up with a computer-based questionnaire he said would help determine patients’ risk of contracting AIDS, and he distributed 20,000 copies of it to researchers in 90 countries. But the surveys on Popp’s floppy disks were a ruse. When participating scientists loaded the disk, their computers became infected with what would come to be known as a digital version of the AIDS virus.

1989 Anti-nuclear Hacking

Just as NASA began the launch of the Galileo space probe in October of 1989, a controversy began growing around the probe’s nuclear power. Amid this backdrop of international interest, NASA’s top scientists started noticed something odd happening with their work computers. Dr. Suelette Dreyfus, technologist at Melbourne University describes the scene in this way, “The scientists would come in in the morning and put down their cup of coffee and try and log in and they would find that instead of their scientific data, there was a screen that would appear that said “your system has been WANKED!”

1990 Patriot Hacking

Dutch computer hackers stole U.S. military secrets during the Persian Gulf War and offered them to Iraq, computer security experts for the United States said Monday.

1994 Civil Disobedience Hacking

…Guy Fawkes Day, a group of ravers and new-age ‘technopagans’ targeted the UK government with a kind of DDoS attack. “Email bombing” clogged up government PCs, while fax machines spat out sheet after sheet of spam. The act was a protest against Prime Minister John Major’s Criminal Justice Bill, which sought to crack down on raves by outlawing outdoor gatherings playing music “wholly or predominantly characterised by the emission of a succession of repetitive beats.”

1995 Anti-nuclear Hacking

A group in Italy called Strano Network led by Tommaso Tozzi used a “net-strike” to gather global protest against the French government.

1996 Civil Disobedience Hacking

Beginning Sept. 6 and continuing through at least last Tuesday, a hacker intent on shutting Panix down successfully did just that, by bombarding the service provider’s servers with a flood of phony connection requests that prevented real requests by legitimate customers from getting through.

1997 Civil Disobedience and Patriot Hacking

Chinese hacking group that last year claimed to have temporarily disabled a Chinese satellite is now forming a new global hacking organization to protest Western investment in the country. In an interview with the Boston-based hacking collective, the Cult of the Dead Cow, the hacker, who calls himself Blondie Wong, said the new group is forming in the US, Canada, and in Europe to take up the cause of fighting human rights abuses in China. […] “Blondie wants anyone who agrees with the strategy of attacking American companies doing business in China to get involved,” [UN consultant] Oxblood said.

1998 Civil Disobedience Hacking

On the eve of Sweden’s general election, Internet saboteurs targeted the Web site of that country’s right-wing Moderates political party, defacing pages and establishing links to the homepages of the left-wing party and a pornography site.

1998 Civil Disobedience Hacking

The hackers, who are part of groups called “Milw0rm” and “Ashtray Lumberjacks,” reportedly broke into the database of a British Web page hosting company called EasySpace. The perpetrators then hijacked the sites listed in the ISP’s database and redirected users to their protest page, which contains a strong antinuclear message along with an image of a nuclear mushroom cloud and a Milw0rm graphic.

1998 Terrorist Hacking

“In 1998, a terrorist guerrilla [the LTTE] organization flooded Sri Lankan embassies with 800 e-mails a day for a two-week period. The messages simply read “We are the Internet Black Tigers and we’re doing this to interrupt your communications.” Intelligence departments characterized it as the first known attack by terrorists against a country’s computer systems.

1998 “Hacktivism“, Civil Disobedience and Active Countermeasures

EDT planned a series of actions for 1998, starting with a response to the Chiapas massacre. In April, Dominguez sent out a series of notes alerting people to the plan: “FLOODNET: TACTICAL VERSION 1.0.” would target the website of President Zedillo, with the goal of bringing attention to the killings. The group bristles now at the idea it intended to bring down the site, but did foresee the possibility that access would be disrupted. […] …a Defense Department spokesperson obliquely took credit for shutting down the digital attack. “Our support personnel were aware of this planned electronic civil disobedience attack and were able to take appropriate countermeasures,” the spokesperson said.

1998 Patriot Hacking

The first Patriotic Hacker communities were established when individuals interested in “cracking,” organized into online communities to share interests and develop expertise. In 1997, a Shanghai hacker known as “Goodwill” founded the first Patriotic Hacker organization known as the “Green Army” from this online community of early hackers. In 1998, the first major Patriotic Hacker attack was triggered by anti-Chinese riots in Indonesia.

1999 Patriot Hacking

A concerted attack involving simultaneous hacking from five countries caused an Irish Internet Service Provider (ISP) to switch off its systems last month. Connect-Ireland, the company affected, believes the Indonesian government is behind the attack. The company has hosted the East Timorese domain–.tp–for the last year and posts material critical of Indonesia’s occupation of East Timor. […] A spokeswomen for the Indonesian embassy in London denied speculation that the Indonesian government was behind the attack. “How could we organise all those hackers? It is baseless,” she said.

Hitchens on US-Putin relations: “If you’re faith-based you get a KGB weasel as your partner”

The journalist Christopher Hitchens was asked in 2005 for his thoughts on US relations with Russia. He replied that the stupidest thing President Bush ever said was a faith-based endorsement of Putin, which opened the door to an oppressive “one-man one-party” Russia. Furthermore Hitchens accuses Putin of “intervening outrageously” in Ukraine’s self-determination.

Five years later in a 2010 interview (visibly suffering from cancer) Hitchens is asked a similar question. This time he decries Putin building a Tsarist-like nostalgia regime of personal power. Christopher warns Russia has become nationalist, expansionist and reactionary posing a clear threat to its neighboring states.

Sadly Christopher passed away in 2011.

His brother Peter picks up the thread in mid-February 2022. This other Hitchens (a former foreign correspondent from Moscow in the early 1990s) delivered a stark warning just weeks before Russia invaded Ukraine.

If Putin invaded Ukraine, he would establish beyond doubt that he is clinically insane. It would be a mad thing, do to Russia nothing but harm, and lead to his own overthrow.

The two Hitchens perhaps can be seen now as giving us similarly accurate predictive analysis of Putin’s danger and folly.