By Karen Gullo
Ola Bini, the software developer acquitted last year of cybercrime charges in a unanimous verdict in Ecuador, was back in court last week in Quito as prosecutors, using the same evidence that helped clear him, asked an appeals court to overturn the decision with bogus allegations of unauthorized access of a telecommunications system.
Armed with a grainy image of a telnet session—which the lower court already ruled was not proof of criminal activity—and testimony of an expert witness to the lower—who never had access to the devices and systems involved in the alleged intrusion—prosecutors presented the theory that, by connecting to a router, Bini made partial unauthorized access in an attempt to break into a system provided by Ecuador’s national telecommunications company (CNT) to a presidency’s contingency center.
If this all sounds familiar, that’s because it is. In an unfounded criminal case plagued by irregularities, delays, and due process violations, Ecuadorian prosecutors have for the last five years sought to prove Bini violated the law by allegedly accessing an information system without authorization.
Bini, who resides in Ecuador, was arrested at the Quito airport in 2019 without being told why. He first learned about the charges from a TV news report depicting him as a criminal trying to destabilize the country. He spent 70 days in jail and cannot leave Ecuador or use his bank accounts.
Bini prevailed in a trial last year before a three-judge panel. The core evidence the Prosecutor’s Office and CNT’s lawyer presented to support the accusation of unauthorized access to a computer, telematic, or telecommunications system was a printed image of a telnet session allegedly taken from Bini’s mobile phone.
The image shows the user requesting a telnet connection to an open server using their computer’s command line. The open server warns that unauthorized access is prohibited and asks for a username. No username is entered. The connection then times out and closes. Rather than demonstrating that Bini intruded into the Ecuadorean telephone network system, it shows the trail of someone who paid a visit to a publicly accessible server—and then politely obeyed the server’s warnings about usage and access.
Bini’s acquittal was a major victory for him and the work of security researchers. By assessing the evidence presented, the court concluded that both the Prosecutor’s Office and CNT failed to demonstrate a crime had occurred. There was no evidence that unauthorized access had ever happened, nor anything to sustain the malicious intent that article 234 of Ecuador’s Penal Code requires to characterize the offense of unauthorized access.
Activist Post is Google-Free — We Need Your Support
Contribute Just $1 Per Month at Patreon or SubscribeStar
The court emphasized the necessity of proper evidence to prove that an alleged computer crime occurred and found that the image of a telnet session presented in Bini’s case is not fit for this purpose. The court explained that graphical representations, which can be altered, do not constitute evidence of cybercrime since an image cannot verify whether the commands illustrated in it were actually executed. Building on technical experts’ testimonies, the court said that what does not emerge, or what can’t be verified from digital forensics, is not proper digital evidence.
Prosecutors appealed the verdict and are back in court using the same image that didn’t prove any crime was committed. At the March 26 hearing, prosecutors said their expert witness’s analysis of the telnet image shows there was connectivity to the router. The witness compared it to entering the yard of someone’s property to see if the gate to the property is open or closed. Entering the yard is analogous to connecting to the router, the witness said.
Actually, no. Our interpretation of the image, which was leaked to the media before Bini’s trial, is that it’s the internet equivalent of seeing an open gate, walking up to it, seeing a “NO TRESPASSING” sign, and walking away. If this image could prove anything it is that no unauthorized access happened.
Yet, no expert analysis was conducted in the systems allegedly affected. The expert witness’s testimony was based on his analysis of a CNT report—he didn’t have access to the CNT router to verify its configuration. He didn’t digitally validate whether what was shown in the report actually happened and he was never asked to verify the existence of an IP address owned or managed by CNT.
That’s not the only problem with the appeal proceedings. Deciding the appeal is a panel of three judges, two of whom ruled to keep Bini in detention after his arrest in 2019 because there were allegedly sufficient elements to establish a suspicion against him. The detention was later considered illegal and arbitrary because of a lack of such elements. Bini filed a lawsuit against the Ecuadorian state, including the two judges, for violating his rights. Bini’s defense team has sought to remove these two judges from the appeals case, but his requests were denied.
The appeals court panel is expected to issue a final ruling in the coming days.
Source: EFF
Karen Gullo is an award-winning former journalist working as an analyst and senior media relations specialist at EFF, collaborating with the organization’s lawyers, activists, and technologists on strategic communications and messaging to amplify their amazing work defending civil liberties in the digital world. As a writer, editor, and former reporter with over two decades of experience at Bloomberg News and Associated Press in San Francisco, Washington D.C., and New York, Karen helps develop EFF’s responses to media inquiries, and writes press statements and releases and op-eds about EFF’s advocacy of online privacy and free speech, encryption, Fourth Amendment rights, copyright abuse, and much more. As an analyst, Karen writes blog posts and contributes to white papers on subjects ranging from student privacy and mass surveillance to private censorship, the First Amendment, and international surveillance and data protection treaties. She has worked on EFF activism projects holding social media platforms accountable for bad content moderation practices, exposing Amazon Ring’s cozy relationships with local law enforcement, and pushing for the inclusion of human rights safeguards in the Council of Europe’s revised Budapest Convention. She is also a contributing writer for feminism website SeismicSisters.com. Prior to joining EFF, Karen was a reporter at Bloomberg News from 2002 to 2015, where she broke stories about Google’s legal challenge to FBI national security letters. Before Bloomberg, Karen was a reporter for the Associated Press in New York and Washington, covering politics—including the 2000 presidential election—the Justice Department, campaign finance, federal contracting practices, and much more as a member of an investigative reporting team. Karen is the recipient of national and local journalism awards, including the Jesse H. Neal Award Business Journalism Award and the San Francisco Peninsula Press Club’s excellence in journalism awards. She grew up in Oak Park, Illinois, and resides in San Francisco.
Become a Patron!
Or support us at SubscribeStar
Donate cryptocurrency HERE
Subscribe to Activist Post for truth, peace, and freedom news. Follow us on SoMee, Telegram, HIVE, Minds, MeWe, Twitter – X, Gab, and What Really Happened.
Provide, Protect and Profit from what’s coming! Get a free issue of Counter Markets today.