I would like to state unequivocally that I have no intention of harming anyone’s reputation. Rather, I believe that having this fact-based information is in the Saskatchewan public’s interest. Everything I publish is based on valid sources and evidence.
Furthermore, I assert my rights to freedom of speech and expression, which are fundamental rights protected by the Canadian Charter of Rights and Freedoms. I have the right to express my opinions and share my concerns about matters of public interest without fear of legal repercussions.
As with everything I have ever written, what I’m doing on Substack is justified within the bounds of the law and the principles of free speech.
Even if Doug Emsley’s business partner and apparent lawyer doesn’t feel the same way.
Cool?
Cool.
Right, where were we…
Ah yes. Input Capital.
You could say things were going well.
Until they weren’t.
In May of 2018 a class action lawsuit was filed in Regina Court of Queen’s Bench that alleged Input Capital Corp. was practising predatory lending.
“We completely deny all of the false allegations and accusations made in the statement of claim,” said president Doug Emsley in an emailed statement to the Western Producer, where excellent, longtime journalist Karen Briere broke the story. “It is our intention to defend this action vigorously in court where actual facts will matter.”
Doug seems fun, doesn’t he?
That same month a Saskatchewan Court of Queen's Bench Justice ruled a contract between Input Capital and one of its clients was unfair and "unconscionable." That ruling was set aside in Saskatchewan Court of Appeals in August of 2019. The farmer then lost his own appeal last year, with a Saskatchewan judge ruling that he now owes Input Capital $9-million, as opposed to the original $4.4-million.
"The Court of Appeal held that the conduct of Input did not reach the level of an 'unconscionable' transaction but that that's not a vindication of Input methods," said lawyer Tony Merchant in response, whose firm is handling the class action.
On May 14, 2019, Input Capital announced it would “postpone further capital deployment operations...”
In other words, Input Capital was no longer going to finance deals with canola farmers.
On August 12, 2020, Input Capital announced one hell of a deal.
Bridgeway Capital Corporation, under the leadership of Eric C. Blue, was going to buy Input Capital’s shareholders for twice what the stock had been trading for. Wahoo!
"Last year, our Board of Directors ran an exhaustive strategic review process, to seek out a partner with a source of scalable capital to grow our mortgage stream business…We are pleased to have met the team from Bridgeway and put together this proposed transaction that provides immediate liquidity and certainty of value that we believe to be in the best interest of all shareholders." - Doug Emsley, Chairman & CEO of Input Capital, August 12, 2020 news release.
Not everyone was as confident.
Ten months before Input Capital’s announcement, Eric C. Blue was sued for involuntary bankruptcy by creditors.
I’ll let Geoff Leo tell you the story. It explains how the man who said he would buy Input Capital ended up arrested in Washington DC on a federal bench warrant last summer.
Emsley rolled the Bridgeway deal back on October 29, 2020, then followed it up with another announcement on November 30, 2020:
“Input Capital Corp… is pleased to announce that it has entered into a non-binding term sheet…with SRG Security Resource Group Inc.. 100% of the common shares of SRG…” - Input Capital news release, November 30, 2020
By February 2021, Input Capital had absorbed SRG.
Then in September 14, 2021:
“Input Capital Corp… intends to change its name from "Input Capital Corp." to "SSC Security Services Corp."“ - Input Capital news release, September 14, 2021
And just like that, Input Capital was no more, replaced in our hearts and on the Toronto Stock Exchange by SSC Security Services Corporation.
SRG still operates. Its website clarifies that “SRG Security Resource Group Inc. is a wholly owned subsidiary of SSC Security Services Corp. (TSXV: SECU) (OTCQX: SECUF).”
Confusing right?
Maybe that’s why, in a February 8 2021 meeting in the Saskatchewan Legislature to discuss the latest Provincial Auditor’s report, Charlene Callander, vice-president of corporate services and gaming operations for SLGA, couldn’t remember the name of the company SLGA had contracted to monitor cybersecurity.
Really? You’re the vice-president and know that an “entire security program” has been implemented in your organization, but you don’t know how or by who?
Here is the section of the Provincial Auditor’s 2018 report Young was asking about (in 2021):
A month later someone’s memory returned, as per a letter submitted through the Legislature in March 2021 by SLGA president Susan Ross, where she answered Young’s question.
Available payee reports shows SRG was paid $276,000 by SLGA in 2019-20, then $371K for 2021-22. I cannot find any payee record for 2020-21.
On Christmas Day 2021, ten months after Callander couldn’t remember who was in charge of monitoring SLGA systems for IT security incidents, SLGA was hacked.
Both the provincial auditor and the SLGA refer to SRG solely as a “monitor” for IT security incidents. Therefore, I am presenting this information under the assumption that monitoring SLGA systems for IT security incidents was SRG’s one job.
In November 2022 the Office of the Information and Privacy Commissioner (OIPC) released a report on its investigation into the SLGA hack.
It details what happened and why, as well as some recommendations that the Sask Party will ignore, as usual, because to them the OIPC is a glorified suggestion box.
A few salient points from the report:
The report goes on to explain (pg 13) hackers spent at least a month undetected in SLGA’s IT systems, draining personal and financial data, including 40,000 people’s bank records, budgets, contracts, employee data, and supplier agreements, as well as a smaller amount of credit card numbers, expiry dates and security codes.
At no point does the OIPC report provide the identity of the “website technology vendor”, which most people call “software”, but whatever. The OIPC does not explain who was supposed to receive those critical vulnerability reports. Was it SLGA staff or a third-party monitor?
The OIPC report does make clear that the time from when SLGA should have known it could be hacked and when it actually knew it was hacked was almost three months.
Again, at no point does the OICP identify this “website technology vendor”, or who was supposed to know about the critical vulnerability but didn’t, or didn’t act on it. The only clue we get is that reference to an October 8, 2021 security bulletin.
Apache is one of the most widely used service providers of server software in the world and released a critical vulnerability fix on October 7, 2021. Oracle uses Apache, as does SalesForce; both are used by SLGA.
It doesn’t really matter who that vendor was, though, because that vendor did its job by issuing the security alert, almost three months before SLGA figured out someone was in the house.
So let’s be clear: news stories that opened with sentences like “The Saskatchewan Liquor and Gaming Authority is investigating a cyberattack, after it was hit on Christmas Day” are factually incorrect and need to be fixed.
I found one line, in one CBC story, buried at the very bottom, referencing this delay. No other media outlet even reported it.
The only thing that happened on Christmas Day in 2021 was the hackers, after stealing SLGA’s data and growing bored of no one knowing they were in the house, set the house on fire so somebody would be forced to look.
The hackers did it on Christmas Day just to be dicks.
Which I kind of think is hilarious.
Anyway, here’s a few of the OIPC’s recommendations from the end of the report.
Nowhere in the report does the OIPC address why the SLGA was not advised of this critical vulnerability in their systems, or why it didn’t receive emails on security bulletins from its software providers.
The report does not address how SLGA did not know about a critical vulnerability in their systems that was publicly identified (and broadly covered by tech writers) on October 8, 2021, until two and a half months later, when for 40,000 people it was far too late.
Instead, the SLGA blamed its staff.
That was Jason Shaw, a deputy provincial auditor, on February 6, 2023 in the Legislature speaking to the auditor’s followup report to SLGA’s cyberattack.
NDP critic Aleana Young then picked up that thread and ran with it.
Are you kidding me? Did Young even read the OIPC report before questioning SLGA? In no world did any investigation into the cyberattack place any blame on SLGA staff for anything.
And look who’s back!
Our forgetful SLGA vice-president Charlene Callander, making more bizarre statements about SLGA’s IT infrastructure and doubling down on the idea that SLGA staff were to blame.
This bullshit was not even challenged by Aleana Young.
I prepared former NDP Opposition MLA Cathy Sproule for years for these meetings. It’s a ton of incredibly necessary, important research, crucial to holding government officials and agencies accountable. It’s clearly not being done properly by Carla Beck’s caucus.
So here are the questions I’m left with about the hack:
Why was there a one to three month delay in identifying the existence of a threat to SLGA’s cybersecurity and the discovery that the SLGA had been breached?
What steps have been taken inside the government to ensure an extraordinary internal failure like that doesn’t happen again?
Given that the SLGA president and CEO identified SRG, in writing, just a few months prior to this hack as its “monitor” for cybersecurity attacks, what, if any, was SRG’s role in this incident?
Why did the OIPC blame the delay, in part, for SLGA’s hack, but not provide any information on the reason that delay happened?
Why did the Provincial Auditor not acknowledge the delay again either in their follow-up report? Why did they choose to focus on SLGA employees instead?
How much did this shitshow cost the Saskatchewan taxpayer?
Bottom line is I can’t answer those questions for you and neither can anyone else. The NDP Opposition scrutiny of the issue fell far short. Local media didn’t even try.
Today, Doug Emsley is a private shareholder of Information Services Corporation (ISC), which controls land titles and corporation registry information. He is also a longtime Sask Party government-appointed board member for ISC. Don’t ask me how that works, but I’m sure in Saskatchewan it’s all legit.
Emsley’s wife, Tamara, was appointed to the board of directors of the Saskatchewan Centre for the Arts less than three weeks after the Sask Party was elected in 2007. She was then appointed to SaskPower’s board of directors in 2013, alongside Joel Teal, who today sits beside Doug as the chair of the board of ISC. Tamara resigned from the SaskPower board about a year after she was appointed.
Shareholders and/or directors of SRG/SSC include or have included:
my new bestie Patricia Warsaba, senior partner at McKercher, who was appointed by the Sask Party in 2011 to the SIAST board of directors, then moved to the board of Creative Saskatchewan where she remained until last year.
Blair Ross, who has been appointed by the Sask Party to the board of the Saskatchewan Gaming Corporation since 2008.
Lorne Hepworth, a former Progressive Conservative Party of Saskatchewan MLA who spent nine years in Grant Devine’s Cabinet as Minister of Public Participation, Minister of Agriculture, Minister of Energy and Mines, Minister of Advanced Education and Manpower, Minister of Education and Minister of Finance.
Brad Farquhar, co-founder of Input Capital, former executive director of the Sask Party and executive assistant to Brad Wall.
Gord Nystuen, former president and CEO of SLGA, as well as chair of the board of Saskatchewan Crop Insurance Corporation and deputy minister for Saskatchewan Agriculture, Food and Rural Revitalization under Roy Romanow.
David Laidley, who was appointed to the Bank of Canada board of directors in 2007, the same time as Emsley.
David Brown, who I believe is this lawyer and busy businessman right here.
Bryan Kelly from Logixx, which was bought out by SSC.
There may be more, but that’s enough for today.
Doug Emsley is delusional if he thinks after forty years of either working in or doing business with the Government of Saskatchewan, when he is so closely connected today to the very top of today’s Government of Saskatchewan (I’m not even getting into Reg Downs in this one)… nobody’s going to have a single question for him.
Not ones he wants to answer, apparently, anyway.
Too bad pal.
What I’ve provided here is nothing more than 100% factual. If that makes Doug uncomfortable, that’s Doug’s problem, isn’t it.
I am the only person in Saskatchewan telling you these stories, which the public needs to know. Researching and writing this series is proving expensive, as every one of the hundreds of documents I need to write this series cost money to obtain from ISC’s corporate registry. It’s also proving risky, with rich, powerful players like Doug Emsley threatening to sue me for telling you these stories.
If you would like to chip in on this research so I can keep doing this work, you can etransfer me at tammyrobert0123@gmail.com.
Thank you so much to all of you again for your readership, subscriptions and support. I am so grateful - I have the best audience in Canada. T.
But here’s the deal - this isn’t about Doug Emsley, Grant Kook, Greg Yuel or any of these guys.
This series on Sask Party Donors and Insiders is about the Sask Party government and its total lack of transparency. Meanwhile its cronies have free reign, as wealthy individuals and corporations exert undue influence on the political process and the Government of Saskatchewan through their access to Sask Party.
Transparency in government and private business promotes accountability by providing information about how decisions are made and policies are implemented. It creates an atmosphere of openness, making it easier for citizens to participate in democracy.
Above all, it promotes ethical and responsible behavior by those in power.
Because leaders and officials can’t engage in corrupt practices or misuse public resources when they know that their actions are being monitored by citizens and the media.
Governments spending public money and to a certain extent, the private entities taking in those public dollars must be accountable and transparent, disclosing important information on decisions that affect your life.
Doug Emlsey’s security company has received:
$3.8mil from SaskEnergy since 2012
$2.4mil from SaskPower since 2015
$5.8mil from SaskTel (under 14-year chair Grant Kook) since 2017
$1.7mil from SGI since 2019
$1.3mil from the SGI Auto Fund since 2019
At least $600K from SLGA since 2019 (it’s higher, but I cannot find a SLGA payee report for 2020-21)
Meaning Emsley’s company has earned a grand total of at least $16-million from Saskatchewan’s public purse over the last decade.
So that’s a bit of the story of Doug Emsley, Sask Party Insider. I say “a bit” because I know there’s far more to dig into, including his connections to other unelected Sask party Insiders, but I need to move on cause we have a lot more ground to cover.
I guess we’ll see if he can stomach the truth, or if he still thinks he needs to take me to court for telling it. I’m fully prepared for the latter, because that’s how these people work. In an upcoming post I’ll link together and detail the efforts to destroy my life made by the Sask Party’s most vicious goons, all connected to people like Doug Emsley and Brad Wall, including various government agencies like the Saskatchewan Human Rights Commission (seriously), John Gormley and former Finance Minister Kevin Doherty.
It’s kind of stunning when I write it all out. It happened to me and I can barely believe it, but then I remember the trauma from that is one of the many reasons I live in exile today, thousands and thousands of miles away from Saskatchewan.
Talk soon,
PS: Speaking of exile - have you checked out my new Substack?
It’s quite a bit more personal, therefore you have to request approval to subscribe, but so far there’s just been a couple of psychos I’ve had to decline so don’t let that dissuade you! If I don’t recognize the email address or your handle, I will reach out to you.