Ecuadorian court acquits digital rights defender Ola Bini, four years on

The long-delayed trial of Swedish computer scientist and digital rights defender Ola Bini has ended in his unanimous acquittal by a panel of three Ecuadorian judges.

Ola Bini was arrested at Quito airport in April 2019, almost four years ago, and spent ten weeks detained in appalling conditions, before being released on a habeas corpus petition. At this point no charges or evidence had been laid against him.

Political interference in the judicial process was clear from the outset. Shortly before Bini's arrest, Ecuador's Interior Minister, Maria Paula Romo had held a press conference warning the country of an imminent cyber-attack, ostensibly in retaliation for the arrest of WikiLeaks publisher Julian Assange, which had happened in London hours before.

No further details of this supposed sabotage plot were ever forthcoming and the proceedings against Bini have been dogged by a constantly-changing charge sheet, numerous abuses of process and interminable delays, which were exacerbated by the Covid-19 pandemic.

Ola Bini's defence team recorded 65 abuses of process during the pre-trial phase of the case alone. Among many irregularities, a judge was removed from the case in September 2019 following a ruling acknowledging violations of due process and, later, a criminal case was opened against an expert witness who testified in support of Bini.

EFF, one of a number of organisations that has monitored proceedings against Ola Bini since 2019, concluded that "the Bini affair had the sadly familiar hallmark of a politicized "hacker panic" where media depictions of hacking super-criminals and overbroad cyber-crime laws together encourage unjust prosecutions when the political and social atmosphere demands it."

On 31 January in Quito, Bini's case finally came to trial, where he faced one charge of illegal access to a computer or communications system, based on flimsy evidence and a misunderstanding of the nature of security research.

As detailed by EFF:

““The core accusation against Bini relies mainly on a printed image of a telnet session (telnet is an insecure communication protocol that has largely been abandoned for public-facing technologies). This image, which was supposedly taken by Bini himself and sent to a colleague, shows the telnet login screen of a router. Although the image's authenticity is under debate, it is not even demonstrative of anything beyond the normal procedures that computer security professionals conduct as part of their work.

“Centro de Autonomía Digital, co-founded by Ola Bini, reported that expert witnesses on both sides of the case agreed the photo fails to sustain the prosecution's accusations. In fact, the prosecution’s technical expert reportedly told the court that the report issued by Ecuador’s national communications provider about the alleged attack didn’t include sufficient evidence that any access has ever happened. Expert witnesses on behalf of the defense, including Tor co-founder Roger Dingledine, reiterated the lack of evidence of non-authorized access to a computer system.”

In a development that appears to have come as a pleasant surprise to Bini's defence team, a panel of three judges decided unanimously that he had to case to answer. While this is an important moment for Bini and the wider security community in Latin America, it may not yet be the end of the story, as the prosecution may seek to appeal the ruling.