Home » Post Item » On the First Hacking Conviction

On the First Hacking Conviction

October 3, 2005

There’s been praise all around for the first hacking conviction under the E-Commerce Act.  I agree that this is a significant event and that it sends the right signal to would-be hackers.  But one aspect of JJ Maria Giner’s prosecution has always bothered me. 

In earlier reports, it seemed as if the basis for his prosecution was his own admission that he hacked into the NEDA website.  He defendend himself by saying that he was a white hat hacker who merely wanted to inform NEDA of the security hole in their site.  Instead of sending them an email they would have ignored, he thought it better to demonstrate the site’s weakness by breaking into the system and then informing them of this fact.  In other words, he had no evil intention behind his actions. 

The troubling part is the Department Justice’s response that intent is not an essential part in committing the crime of hacking.  In other words, it did not matter that he was motivated by the best of intentions, the fact of the matter is that he did commit the intrusion which constitutes the crime of hacking. Case closed.

I wish it were that simple.

Unfortunately, the DOJ’s position is grounded upon a line of Supreme Court cases that makes a distinction between crimes listed in the Revised Penal Code and those that are not.  For the latter, the Court characterizes them as malum prohibitum where intent is immaterial for a conviction. This is distinguished from crimes that are malum in se where the lack of criminal intent is a defense against liability.

But if one were to take the DOJ position seriously, it leads to absurd situations.  Note that the crime of hacking includes the introduction of viruses.  If intent were not material (as insisted by the DOJ), then if your computer sends out viruses as a result of being infected, you would be held responsible and could face up to 3 years in prison and/or a fine of at least P100K.  It doesn’t matter that you didn’t know or didn’t intend to commit that act.  It is, the DOJ says, immaterial in much the same way that the “noble intentions” of JJ Maria Giner did not reduce the extent of his criminal liability.

I had hoped Mr. Giner would raise this issue all the way to the Supreme Court but I suppose settling for a conviction was better in the long run.  He can get back his life and put this behind him.  For me, I’ll be keeping watch over this and hoping a good test case comes up soon.

Posted by JJ Disini at 7:16 am | permalink

Previous Comments

Geez, to think of all the n00bs I could send to jail with this…

Posted by Mike at October 4, 2005, 11:56 am

…not to mention how antivirus publishers could sell stuff with this.

"Get infected, go to jail!"

"Bawal magkavirus!"

Posted by Mike at October 4, 2005, 11:58 am

Well its a malum prohibitum- so the only question is whether you did it or not- case closed indeed.

Posted by Bikoyski at October 25, 2005, 1:49 pm

SAME ISSUE raised here

http://technews-isaw.blogspot.com/2005/10/of-mala-prohibita-and-computer-zombies.html…

Posted by Albert at October 25, 2005, 4:20 pm

how can i get a copy of the court/case report of jj maria giner?

Posted by alvin at November 24, 2007, 12:52 pm

it’s not reported. only cases resolved by the Supreme Court are reported.

but if you can get it, please post it and i’ll gladly link to it.

thanks!

Posted by disini at November 27, 2007, 9:16 pm

All comments are moderated. Your comments will not appear here unless approved by the blog owner. Thank you.

Add a comment