Over the past few days, the Nationalist Party went to great lengths to defend Daniel Meli, an individual accused of a litany of cybercrimes who is currently attempting to fend off extradition to the United States. The government is also reportedly considering legislation which would allow Meli to appeal his extradition.
Before delving into the severe implications of all this, we must first contextualise the crimes Meli is accused of committing.
Meli’s suite of hacking services
On 7 February, Meli was arrested following a sprawling cross-border investigation into his criminal activity. The Northern District of Georgia sought Meli’s extradition for serving as a broker for computer malware. In one reported instance, Meli was caught in the act – he sold Remote Access Trojan (RAT) malware to an undercover FBI agent for a measly $180.
Briefly explained to readers who may be unfamiliar, RAT malware is extremely dangerous. It allows a hacker to take over someone’s device from any location. A RAT malware operator can observe someone through their laptop’s camera, record keystrokes, and even steal passwords. The ‘Trojan’ bit is a reference to the fact that such malware is usually installed on a victim’s device through trickery (like getting them to click a link which surreptitiously downloads the malware onto the receiving device). For a malicious actor, it’s a goldmine.
Meli, who was operating with fellow hackers, sold particularly dangerous strains of RAT malware: Pegasus and Warzone. The former was the subject of a massive investigation published by Forbidden Stories, which revealed that at least 180 journalists and hundreds of other prominent figures were targeted by governments using malware for covert surveillance.
The unfettered access which both types of malware can provide has proven to be an absolute headache for cybersecurity efforts across the world, especially since more sophisticated iterations like the two cited above are usually designed to make malware code almost imperceptible. In other words, even if you had enough reasonable suspicion to ask a computer expert to scan your device, it is likely that scan may come up empty-handed.
For $180, Meli was willing to provide a total stranger on an internet forum with the kind of power that can destroy someone else’s life. Besides selling RAT malware, Meli is further accused of servicing the cybercrime industry by providing tuition and even customer support to his clients.
After consenting to his extradition to the US in the beginning of February, Meli changed lawyers and claimed he was in a poor mental state when he had made the decision. His lawyers, Marion Camilleri and Arthur Azzopardi, accused the first court of failing to contextualise Meli’s arraignment within the accused’s long-term history of mental health problems.
His former lawyer had suggested that Meli should consent to the extradition request. That lawyer turned out to be Nationalist MP and criminal lawyer Joe Giglio. As criminal lawyers involved in politics are wont to do, Giglio is now stating the opposite in his capacity as an MP, arguing that he was working with the extradition laws at hand at the time and that those “draconian” laws need to be changed.
After Meli’s appeal to overturn his own consent to the extradition request failed, his parents gave MaltaToday an interview in which they asked the government to block the extradition so Meli can face justice in Malta instead. Meli’s new lawyer tag-team – Arthur Azzopardi and Franco Debono – filed constitutional proceedings on the grounds that it is “unconstitutional” that, under Maltese law, individuals who consent to extradition cannot appeal the decision they consented to.
Online, there are no borders
So, let’s have a crack at it then – why on earth is the Opposition leading the charge to stave off Meli’s impending extradition and, by extension, push the Maltese government to possibly facilitate a breach of the US – Malta extradition treaty while they’re at it?
The Nationalist Party is arguing that since Meli is a Maltese citizen who committed these crimes within Malta’s jurisdiction, he should be subject to the local justice system. All well and good, except for the tiny little fact that we are talking about an individual who, together with his accomplices, facilitated crime on an international level.
Cybercrime does not have borders. The websites linked with Meli’s operations functioned as an online marketplace for basically anyone in the world who wished to purchase his digital wares. The same software which Meli sold – Warzone – was used to attack computers in the US, so there goes the argument that he may still be outside of the US’ jurisdiction. This, besides the already underscored fact that he was caught red-handed selling malware to an FBI officer in Georgia.
It all becomes even more mind-boggling when you consider that Article 11 of Malta’s Extradition Act states that “a person shall not be returned under this Act to any country, or committed to or kept in custody for the purposes of such return, if the Minister, in the exercise of any power conferred on or reserved by the government in or in respect of any arrangement, has so directed.” One of the instances in which the justice minister can do so is if “the person whose extradition is requested is a citizen of Malta.”
So, why the hell would we even need to introduce dubious legislation which needlessly tampers with the Extradition Act when it is entirely at the minister’s discretion whether to actually extradite a Maltese citizen? And why is the government blabbing on about adding legislation?
A cursory look at the US – Malta extradition treaty immediately reveals multiple references to instances in which the Maltese government used its discretion to refuse a request. The treaty anticipates this problem it by explicitly stating that extradition cannot be refused on the basis of nationality within the context of a list of thirty serious crimes, one of which is computer-related crime.
Article 3.1 of the US – Malta Extradition Treaty.
…and one more twist
Always keen to hop onto the populist bandwagon whenever it feels like the Opposition is outdoing it, in comes the government with more bogus legislation than you can shake a stick at.
According to Times of Malta’s sacred government whisperers, new legislation is being drafted, presumably to amend the Extradition Act. Besides including “procedural safeguards” which would allow wanted individuals facing extradition more time to decide, the legislation would also allow Meli to have his extradition case heard again.
Apologies in advance if that one left your jaw hanging. Egged on by an Opposition that has failed to explain why it is attaching so much importance to Meli’s case, the government is actually thinking about extending an olive branch to someone who spent at least a decade doing business in the most opaque corners of the internet.
This also begs the inevitable question – given that Malta was a crucial stepping stone for US-based Steward Healthcare’s operations and that the hospitals concession case involved some of Malta’s highest government officials, would legislation that seeks to limit the scope of the Extradition Act hamstring any future attempts by US prosecutors to extradite individuals like disgraced former prime minister Joseph Muscat?
While there has been plenty of online discourse about this – with the Opposition’s shadow minister for justice Karol Aquilina claiming that Muscat and co. could still be subject to extradition requests if they are found to have committed a US-based crime – it is not known whether there are ongoing investigations in the US which would lead to such requests.
Opposition shadow minister for justice Karol Aquilina defending his party’s stance on a Facebook post which suggested that the Nationalist Party “handed a gift” to Muscat and his associates.
What is certain is that Steward Healthcare themselves are facing a federal investigation in the US. According to CBS News, the now-bankrupt company is being investigated for potential violations of the US’ Foreign Corrupt Practices Act. The US Department of Justice’s website states that “the anti-bribery provisions of the FCPA…also apply to foreign firms and persons who cause, directly or through agents, an act in furtherance of such a corrupt payment to take place within the territory of the United States.”
Hypothetically, if anyone from among Muscat and his bedfellows – two of whom have already been permanently banned from entry to the US in relation to corruption surrounding the Electrogas deal – are at any point in time linked with any corrupt payments which occurred within US territory, it would be reasonable to argue that they are in breach of the FCPA. If that were to happen, then it is also possible that extradition requests would be filed accordingly.
What then of this bullshit legislation which the government is talking about now? Do they seriously think that some poorly written law that a) would serve to facilitate the refusal to extradite a known cyber crook and b) potentially violate a bilateral treaty by shielding Maltese citizens from foreign prosecutors is somehow going to hold any water?
