The administrator of the Facebook page called Pixel Offensive, which posts graphics containing statements against the Cybercrime law, woke up on Friday morning with a start: the Manila Bulletin website has been defaced the day prior and has been redirecting users to his page.
“Nagulat talaga ako, (I was surprised)” the page administrator told in a phone interview. “Ang concern namin, baka kami ang ituro na kami ang nag-hack (Our immediate concern is, they might think it was us), and that might indirectly trample on our right to freedom of expression.”
Pixel Offensive is a group of graphic artists which, in the past week, has been producing graphic materials and statements calling for the repeal of certain provisions in the Cybercrime Prevention Act.
One of their graphics, which parodies the popular Darwinian theory of evolution, has been used by torrent hosting site The Pirate Bay in expressing support for Filipinos rallying against the new law.
According to a report posted by a blogger named Bon Talampas, the Manila Bulletin homepage on Thursday automatically redirected to the Pixel Offensive page upon access. Based on his screenshot, the title bar also bore the words “Remove R.A. 10175.”
Other local media websites, such as that of Tempo and Balita, was also hacked and carried the same title bar but not the redirect.
The Pixel Offensive admin was adamant about the apparent frame-up, calling the move a “diversionary tactic” by people aiming to break up the Anti-Cybercrime Law protesters.
“We categorically deny the hacking. We support the media, and we fight for the freedom of expression, but that doesn’t mean that we’d hack into websites,” the admin said.
“Hacking is a form of resistance, but we only do graphics here in Pixel Offensive, we’re using visuals as a form of resistance,” he added.
The ‘prima facie’ problem
The Pixel Offensive incident succinctly highlights the danger of Sec. 19 of the Cybercrime law, according to lawyer and netizen Atty. Francis Acero, because it relies merely on prima facie evidence for the Department of Justice (DOJ) to issue a restrict or block order against a certain website.
Prima facie has been regarded as the lowest standard of evidence by legal experts, since it allows for assessment of evidence merely at face value. By merely appearing to have committed a cybercrime, the DOJ, which the new law has given the agency “powers already outside its usual jurisdiction”, can issue an order restricting or blocking access to a system or website.
“It’s a perfect illustration of the danger that could happen with that takedown provision,” Acero said. “Anyone who has an axe to grind with Pixel Offensive could have easily done that.”
In an earlier interview, digital forensics expert Drexx Laggui said prima facie evidence is easily faked particularly using computers, since the nature of the digital world is far more nebulous than the physical realm.
“A highly skilled person who wants to frame another person could just create a lot of prima facie evidence against him, or an entire community of people,” he pointed out, adding that computer crimes need more thorough investigation in order to pinpoint the perpetrators behind them.
With the new Cybercrime law, warrantless search and seizure of computer data and website can therefore become more widespread since the online environment allows for easy fabrication of prima facie evidence.
Recent incidents actually prove Laggui right. In July, the National Bureau of Investigation was able to uncover a “sophisticated, vicious, and concerted” cyber attack against a Canadian mining firm operating in Mindanao, which involved thorough fabrication of company documents to purport murder and other crimes against small-scale miners in Zamboanga del Sur.
In the case, the NBI concluded that “the purported emails could not have originated from TVIRD or any of its officers or employees,” and suggested the filing of libel and falsification of private documents charges against the suspects.
Just this week, the data-processing servers of the Department of Science and Technology’s Project NOAH (Nationwide Operational Assessment of Hazards) fell victim to a distributed denial-of-service (DDoS) attack, momentarily crippling its weather analysis operations.
The attack occurred at the same time that local hacktivists, in protest of the Cybercrime law, are launching massive DDoS offensives against several government websites , making them apparent culprits for the Project NOAH attack.
Local hacktivist groups, however, denied any involvement in the attack.
The DOJ had already ordered the NBI to go after the hacktivists involved in the string of defacements and DDoS attacks leveled against government websites, pursuant to the new Cybercrime law, which punishes hacking and misuse of hacking devices.
Laggui, however, pointed out that there could be wisdom in the inclusion of Section 19 in the Cybercrime law, but only in “exigent circumstances.”
“There are cases where data or evidence are in very real danger of being deleted or purged, or where somebody’s life is in danger, so [acting merely on prima facie evidence] in this case could be justified,” Laggui said.
“But it should be clarified in the implementing rules and regulations that it should only apply for those circumstances,” he added.