By Minka Klaudia Tiangco
A Manila Regional Trial Court (RTC) dismissed the cybercrime charges filed against Paul Biteng, who was accused of hacking the Commission on Elections (Comelec) website and leaking data in 2016.
Presiding Judge Thelma Bunyi-Medina of the Manila RTC Branch 32 acquitted Biteng of charges for violation of Republic Act 10175 or the Cybercrime Prevention Act of 2012 after the prosecution failed to categorically link him as the perpetrator for the crimes charged.
In 2016, Biteng, a security engineer and an Information Technology (IT) graduate, was tagged in the “Comeleak” incident where the Comelec website was hacked and defaced and voters’ data was leaked.
Operatives from the National Bureau of Investigation (NBI) linked him to the incident after seeing his name in one of the hacking video tutorials of a certain PhantomHacker Khalifax on YouTube. The term “kh4lifax” was also seen on the defaced Comelec website, that was made to look like a website of Anonymous Philippines.
A screenshot of the Comelec website was also uploaded to the Facebook group of Anonymous Philippines, where Paul Biteng was said to be an admin.
After he was arrested, remnants of the terms “kh4lifax” and “Comelec” were found on Biteng’s computer hard drive.
However, Medina said the NBI’s investigation failed to prove that Biteng was the one who defaced the Comelec website.
“Nowhere in these videos and posts were it convincingly shown that accused defaced the Comelec website. In fact, the bulk of the evidence only sought to prove that accused posted 1. hacking tutorials prior to the commission of the subject offenses; 2. a screenshot of the defaced Comelec website; and 3. comments regarding the Comelec hacking incident,” Medina said in her decision dated February 17 that was obtained by media on Friday.
“In the mind of this Court, the commission of these acts, even if coupled with a finding that accused is the author thereof, cannot convincingly prove the latter’s guilt with the requisite quantum of evidence required. In the same manner, the Court cannot discount the possibility that the author of the said posts is a different person, who somehow accessed accused’s social media accounts,” she added.
Although Biteng admitted to the media that he did hack the Comelec website, he testified that he did so due to stress from being detained. He later clarified that he conducted tests on the website to see vulnerabilities in the system after the poll body announced a P100,000 reward for anyone who can point them out.
Furthermore, Bayani Benjamin Lara, a researcher from the Department of Science and Technology-Advanced Science and Technology Institute, found that the Internet Protocol (IP) address of the computer used to hack the Comelec website was assigned to the NBI since 2015.
However, Atty. Noel Guivani Ramiscal, an expert in cybercrime, said an IP address, standing alone, does not establish anything since there are many factors to consider.