Categories
Coders' Rights Project Commentary Intelwars International

The Slow-Motion Tragedy of Ola Bini’s Trial

EFF has been tracking the arrest, detention, and subsequent investigation of Ola Bini since its beginnings over 18 months ago. Bini, a Swedish-born open-source developer, was arrested in Ecuador’s Quito Airport in a flurry of media attention in April 2019. He was held without trial for ten weeks while prosecutors seized and pored over his technology, his business, and his private communications, looking for evidence attaching him to an alleged conspiracy to destabilize the Ecuadorean government.

Now, after months of delay, an Ecuadorean pre-trial judge has failed to dismiss the case – despite Bini’s defense documenting over hundred procedural and civil liberty violations made in the course of the investigation. EFF was one of the many human rights organizations, including Amnesty International, who were refused permission by the judge to act as observers at Wednesday’s hearing.

Bini, a Swedish-born open-source developer, was seized by police at Quito Airport shortly after Ecuador’s Interior Minister, Maria Paula Romo, held a press conference warning the country of an imminent cyber-attack. Romo spoke hours after the government had ejected Julian Assange from Ecuador’s London Embassy, and claimed that a group of Russians and Wikileaks-connected hackers were in the country, planning an attack in retaliation for the eviction. No further details of this sabotage plot were ever revealed, nor has it been explained how the Minister knew of the gangs’ plans in advance. Instead, only Bini was detained, imprisoned, and held in detention for 71 days without charge until a provincial court, facing a habeas corpus order, declared his imprisonment unlawful and released him to his friends and family. (Romo was dismissed as minister last month for ordering the use of tear gas against anti-government protestors.)

EFF visited Ecuador to investigate complaints of injustice in the case in August 2019. We concluded that the Bini affair had the sadly familiar hallmark of a politicized “hacker panic” where media depictions of hacking super-criminals and overbroad cyber-crime laws together encourage unjust prosecutions when the political and social atmosphere demands it. (EFF’s founding in 1990 was in part due to a notorious, and similar, case pursued in the United States by the Secret Service, documented in Bruce Sterling’s Hacker Crackdown.)

While the Ecuadorian government continues to portray him to journalists as a Wikileaks-employed malicious cybercriminal, his reputation outside the prosecution is very different. An advocate for a secure and open Internet and computer language expert, Bini is primarily known for his non-profit work on the secure communication protocol, OTP, and contributions to the Java implementation of the Ruby programming language. He has also contributed to EFF’s Certbot project, which provides easy-to-use security for millions of websites. He moved to Ecuador during his employment at the global consultancy ThoughtWorks, which has an office in the country’s capital.

After several months of poring over his devices, prosecutors have been able to provide only one piece of supposedly incriminating data: a copy of a screenshot, taken by Bini himself and sent to a colleague, that shows the telnet login screen of a router. From the context, it’s clear that Bini was expressing surprise that the telco router was not firewalled, and was seeking to draw attention to this potential security issue. Bini did not go further than the login prompt in his investigation of the open machine.

Defense and prosecution will now make arguments on the admissibility of this and other non-technical evidence, and the judge will determine if and when Bini’s case will progress to a full trial in the New Year.

We, once again, urge Ecuador’s judiciary to impartially consider the shaky grounds for this case, and divorce their deliberations from the politicized framing that has surrounded this prosecution from the start.

Share
Categories
announcement Coders' Rights Project Electronic Frontier Alliance Intelwars NSA spying

EFF Joins HOPE 2020

EFF staff members will present some of our latest work at 2600 Magazine’s biennial Hackers on Planet Earth (HOPE) conference beginning this weekend. HOPE is a diverse hacker event that has drawn thousands of tinkerers, security researchers, activists, artists, and makers since 1994. In a departure from the infamous Hotel Pennsylvania in New York, this first-ever virtual edition of HOPE will run an epic 9 days from July 25 through August 2.

EFF’s presentations will cover diverse online rights topics including facial recognition, government surveillance powers, digital identity standards and specifications, security dangers in Amazon’s Ring, and much more. HOPE registrants will also be able to participate in free-form question and answer sessions with EFF and members of the Electronic Frontier Alliance.

HOPE keynote speakers include EFF’s Executive Director Cindy Cohn speaking on August 2nd at 2pm EST, as well as author and EFF Special Advisor Cory Doctorow on July 25 at 4pm EST.

EFF Presentations

Meet the EFA: A Discussion on Grassroots Organizing for Digital Privacy, Security, Free Expression, Creativity, and Access to Knowledge
nash
Sunday July 26 at 1pm EST on the Public Talk Stream
Founded by EFF, the Electronic Frontier Alliance (EFA) is a grassroots network of community and campus organizations across the United States. Join representatives from the EFF, and EFA affiliated groups, for this panel discussion on community-based tech advocacy, and working within your community to educate and empower neighbors in the fight for data privacy and digital rights.

Reform or Expire? The Battle to Reauthorize FISA Programs
India McKinney, Andrew Crocker
Monday July 27 at 4pm EST on the Public Talk Stream
On March 15, 2020, Section 215 of the PATRIOT Act – a surveillance law with a rich history of government overreach and abuse – expired. Along with two other PATRIOT Act provisions, Section 215 lapsed after lawmakers failed to reach an agreement on a broader set of reforms to the Foreign Intelligence Surveillance Act (FISA).

In the week before the law expired, the House of Representatives passed the USA FREEDOM Reauthorization Act, which would have extended Section 215 for three more years, along with some modest reforms. After negotiations, the Senate passed a slightly amended version of the bill, but after a veto threat from the President, the House of Representatives failed to pass it. The bill currently remains expired, but the question remains – for how long? And what will reform look like?

In this discussion, India and Andrew will explain the political factors behind this unusual legislative journey, as well as the policy implications of these proposals.

Mobile First Digital Identities and Your Privacy
Alexis Hancock
Tuesday July 28 at 8pm EST on the Public Talk Stream
“Mobile First” is more than a web developer’s mantra chanted from 2010. It also means that many people now visit websites and use services from their mobile devices more than on laptops and desktops. Recently, several proposals and published models for establishing big parts of our lives through our mobile devices have been discussed. Big proposals include mobile driver’s licenses, mobile health credentials, and other forms of digitized documentation such as university degrees. Recently published and proposed standards include the W3C’s verifiable credentials data model and the ISO’s 18013-5 mobile driver’s license compliance. This talk discusses the privacy concerns that surround these ideas, test cases, and the trajectory of digitized identification.

Ring’s Wrongs: Surveillance Capitalism, Law Enforcement Contracts, and User Tracking
Bill Budington
Wednesday July 29 at 12pm EST on the Public Talk Stream
This talk is going to catalogue Ring’s Wrongs and EFF’s campaign against these practices – practices that not only facilitate the overreach of law enforcement and injure user privacy, but also provide the clearest example of surveillance capitalism, a new frontier of profiteering.

When Cops Get Hacked: Lessons (Un)Learned from a Decade of Law Enforcement Breaches
Dave MaassMadison Vialpando, Emma Best
Thursday July 30 at 3pm EST on the Public Talk Stream
More than 125 U.S. law enforcement agencies have suffered some form of hack or data breach over the last ten years. Journalism school graduate Madison Vialpando has been working with the Electronic Frontier Foundation to build a dataset compiling all the ransomware, DDOS attacks, physical data theft, and servers and surveillance technologies exposed online. In this talk, she will explain how the dataset works, the trends revealed by the data, some of the most interesting case studies, and whether law enforcement is actually learning anything from these incidents. Dave Maass will talk about the Electronic Frontier Foundation’s security research into automated license plate readers and other unsecured surveillance tech, while transparency activist Emma Best of Distributed Denial of Secrets will provide an overview of BlueLeaks – one of the largest dumps of internal police documents in history.

Who Has Your Face? The Fight Against U.S. Government Agencies’ Use of Face Recognition
Jason Kelley, Matthew Guariglia
Friday July 31 at 12pm EST on the Public Talk Stream
The fight against government use of face recognition technology is an important one, and one that civil liberties and other groups have come at from many different angles. Unfortunately, the technology is already out there – in use – and endangering people’s privacy. Due to differing laws, regulations, and data-sharing agreements between federal, state, and local agencies across the country, U.S. residents and visitors frequently have their image not only collected and stored for facial recognition purposes by the government, but often also secretively shared between dozens of agencies. Because of the complexity of these laws and agreements, it’s very difficult to learn who exactly has your image. It can take a hacker mindset to learn where your image is – FOIAs, online research, even contacting individuals directly at government agencies. Using all of these methods, EFF developed a new interactive website to explain to users which agencies might be using their image for face recognition – and to spur them to act. The speakers will explain issues with facial recognition technology; what sort of advocacy has been effective in the past; where we stand on federal, state, and local regulations; and discuss how they did the research, design, and creation of the whohasyourface.org website and its result on laws and advocacy, as well as suggest ways that others can build on this research.

Ask the EFF: The Year in Digital Civil Liberties
Alexis Hancock, India McKinney, Kurt Opsahl, Naomi Gilens, Rory Mir
Saturday August 1 at 12pm EST on the Public Talk Stream
Get the latest information about how the law is racing to catch up with technological change from staffers at the Electronic Frontier Foundation, the nation’s premiere digital civil liberties group fighting for freedom and privacy in the computer age.

Legal Inquiries for Security Researchers

EFF staff attorneys are committed to supporting the computer security community. If you have legal concerns regarding an upcoming presentation, or sensitive infosec research that you are conducting for HOPE or at any time, please email info@eff.org and we will do our best to get you the help that you need.

Share