The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

THE PHILIPPINE QUARTERLY

IT Law Journal
what’s Inside

THE OFFICIAL PUBLICATION OF THE ARELLANO UNIVERSITY SCHOOL OF LAW E-LAW CENTER AND IT LAW SOCIETY VOLUME 3, N UMBER 1

THE PROPOSED ONLINE VOTING IN SINGAPORE

1 2E 5T V 6A L

THE PROPOSED ONLINE VOTING IN SINGAPORE
DITORIAL

by Carlyn Marie Bernadette C. Ocampo-Guerrero

HE VULNERABILITY OF INTERNET OTING

UTOMATED AW

ELECTION SYSTEM

7 12 T D 19 C V 20 IJ

DIGITAL COPYRIGHT

HE L EGALITY OWNLOADING MUSIC THE INTERNET ORPORATE IDEOCONFERENCING

I
OF

n a news article published on January 18, 2007, the Commission on Elections (COMELEC) has given word that, should Congress approve amendments to the Overseas Voting (OAV) Law to allow postal and online voting, it will test voting by way of the internet only in Singapore in the Philippines’ midterm election in May. [1]

4. The names of the candidates, with their pictures and affiliations, will be shown to the voter after they have encoded or typed in the right PIN code. 5. As soon as they have cast their votes, the voters will be given a printed receipt as proof that their votes have been registered at the Comelec’s database. By the use of this system of voting, instead of going to the embassies and consulates, the overseas Filipinos can vote in their houses as long as there is an Internet connection, thereby saving precious time and effort. [5] Consequently, if Internet voting in Singapore is proven successful, the commissioner says, the same system will be introduced to other countries with Filipino communities in the 2010 elections. [6] Manner of Award of Contract. Commissioner Florentino Tuason Jr. said that the Office of the Solicitor General approved the selection of Scytl.com as the software provider even without going through the public bidding as the HewlettPackard subsidiary has proven track record. The system being utilized has also safeguards against cheating. [7] He said that the bidding process could be bypassed because that it is the hindrance towards expediting the whole process, Filipino groups in the Middle East, particularly in Saudi Arabia, which has the largest Filipino community and number of registered absentee voters, have been clamoring, if not demanding, to be allowed to vote by mail and via the internet. [8]
>> [ 3 ] Proposed Online Voting

FROM

URISPRUDENCE IN CYBERLAW: NTERNET CONFIDENTIALITY OF CASES INVOLVING VIOLENCE AGAINST WOMEN AND CHILDREN

21 23 M I 24

WHEN THE P IN PRE-PAID MEANS PUNKED

OST VISITED PHILIPPINE DAILIES AND TV NETWORKS IN THE NTERNET

YOUR IDENTITY IN A COLORED PRINTER PRINTOUT
OT ON

28 D .C 35 W 38 . D 39 L I 40 A L P

Commissioner Florentino Tuason Jr., chairman of the Committee on Overseas Absentee Voting, said that the process has to undergo a trial first, and Singapore is the most appropriate place for testing online voting, because it has a well-developed information and communications technology industry. [2] Furthermore he adds: “The reason why we chose Singapore is according to our supplier and our own assessment, it’s easy for them to be educated, first through the website, then by training.” [3] Filipinos will be educated on Internet voting through local newspapers and Filipino groups in city-state. [4] The system of online voting appears to be practical due to financial and time constraints as well as distance barriers that our overseas workers are faced with. How the proposed system works. The following are the steps to make voting online possible: 1. An online site for Internet voting will be provided by Comelec. 2. Immediately after the voter opens or clicks the site, a video will automatically appear on screen to give detailed instructions on how to proceed with the voting. 3. Personal information or details will have to be keyed in by each voter in order to get a PIN (personal identification number) code.

HAT YOU SAY IN CYBERSPACE MIGHT INCRIMINATE YOU

WWW ASIANLII.ORG

ECLARATION ON TO AW

FREE ACCESS

SIAN EGAL I NFORMATION NSTITUTE L AUNCHED IN THE HILIPPINES

S UPREME C OURT’ S E-L IBRARY LAUNCHED
E -L AW E XECUTIVE D IRECTOR INITIATES VIRTUAL LAW CLASS

THE PHILIPPINE STRATEGIC ICT ROADMAP

1

Editorial

A

fter a lull of at least a year, a new issue of the IT Law Journal is hereby published. Most of the journal contributors in the past years have recently graduated from the Arellano University School of Law and also recently took the Philippine Bar exams. The primacy of such academic pursuit provided for a handicap for the continuing release of the Journal last year. Last 19 January 2007, upon the recommendation of the Atty. Jaime N. Soriano, Executive Director of the eLaw Center, the Arellano University School of Law, through Dean Mariano Magsalin Jr. and Mr. Florentino Cayco III, appointed me as the Deputy Executive Director of said Center. It is an honor to be given such responsibility and opportunity to help in the pursuit of the purpose and goals of the Center and of the school -- one of the goals of which is the publication of this Journal. In this issue, the slated Philippine national elections on 14 May 2007, for national and local elective officials except for the President and Vice President, provides the Journal to tackle “The Proposed Online Voting in Singapore,” and its related article “The Vulnerability of Internet Voting.” The recently enacted Automated Election System Law (Republic Act 9369) was also tackled.

On the issue involving copyright of electronic files, the viewpoints of a known e-law lecturer/practitioner in “Digital Copyright” and a law student enrolled in the Entertainment Law course under Dean Mariano Magsalin Jr. in “The Legality of Downloading Music From the Internet” are presented. Two other papers from the said course are slated to be published in the next issue. Developments relevant to IT law in Philippine jurisprudence are discussed in “Corporate Videoconferencing” and “Internet confidentiality of cases involving violence against women and children.” Articles written last year but which were not published due to circumstances articulated in the first paragraph -- “When the P in PrePaid means Punked,” “Your identity in a colored printer printout,” and “Dot.con” -- are finally published in this issue. Interesting reads from Atty. Jaime Soriano’s website (www.sorianoph.com) are also included herein, such as “Most visited Philippine dailies and TV networks in the Internet” and “What you say in cyberspace might incriminate you.” The featured website for this issue is “www.asianlii.org,” the website of the Asian Legal Information Institute. The Arellano Law Foundation was chosen as an Asian LII partner because of its “LawPhil Project“, one of the country’s

leading website that provides free access to useful Philippine legal information. The launching of the event “Asian Legal Information Institute Launched in the Philippines” is chronicled as to the latest about the Center and the Society. Past participations of the Center, which were also featured, were the launching of the Supreme Court’s E-Library and the participation in the forum involving the Philippine Strategic ICT Roadmap. It is also of great pride that the e-Law Executive Director has initiated a Virtual Law Class in his website, apparently the first of its kind in the country.

Editorial Board
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

C HAIRMAN Atty. Jaime N. Soriano, CPA, MNSA M EMBERS Carlyn Marie Bernadette C. OcampoGuerrero Michael Vernon M. Guerrero Christine A. Prado S PECIAL C ONTRIBUTOR Consuelo L. Cruz

The Philippine Quarterly IT Law Journal is the official publication of the eLaw Center and the IT Law Society of the Arellano University School of Law. It is published quarterly. Contributions to the Philippine Quarterly IT Law Journal express the views of their authors and not necessarily the views of the Arellano University School of Law. For subscriptions, contact: THE PHILIPPINE QUARTERLY It Law Journal e-Law Center 2/F Heilbronn Hall Arellano University School of Law Taft Avenue corner Menlo Street Pasay City 1300 Philippines Tels. +63 2 404-3089, 404-3090, 404-3091 http://www.arellanolaw.net itlawjournal@arellanolaw.net

IT Law Society
A new set of officers was elected for School year 2006-2007 on 6 January 2006, during the ITLS’s New Year’s party. Christine A. Prado was elected President, Kathleen Bentayen as Vice President-Seminar, Jessica Belen as Vice President-Publication; Sheila delos Santos as Secretary, and Kathrina Sulla as Treasurer.

E-Law Center
Michael Vernon M. Guerrero, former president of the IT Law Society (20042006) was designated as the Deputy Executive Director of the e-Law Center effective 19 January 2007.

Volume 3, Issue 1

©

2007. All Rights Reserved.

2

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

<<

[ 1 ] Proposed Online Voting

Abackground of Scytl proves its credibility and competence in providing electronic system--Scytl is a software company which focuses or specializes in application-level cryptography. [9] It is worldwide leader in the development of secure e-voting/ e-participation solutions. It has over 10 years of experience in research and development in the said field. When it comes to the electronic voting industry, Scytl is the company being referred to by most people. Scytl has developed Pnyx, a family of products that enable all kinds of electoral processes (elections, referendums, consultations, labor union elections, shareholders' meetings, etc.) to be carried out by electronic means with the same level of trust, security and privacy that exist in conventional paperbased elections, and with the advantages that electronic systems can offer: accessibility, flexibility, cost and speed in the tallying of votes. [10] Since its beginnings, Scytl has received numerous international awards for its innovative technology, including the prestigious 2005 IST Prize granted by the European Commission to the best technology companies in Europe. [11] Absentee Voting A Background. The Overseas Absentee Voting (OAV) Law (Republic Act 9189) was enacted on 13 February 2003 to enable the disenfranchised Filipinos to have the power to influence the way our government is run, by allowing them to exercise their right to suffrage. [12] The same law was enacted pursuant to the constitutional mandate provided under Section 2 of the 1987 Philippine Constitution that “The Congress shall, among others, provide a system for absentee voting by qualified Filipinos abroad.” [13]

In the 2004 elections, The Department of Foreign Affairs (DFA), Commission on Elections (COMELEC) and the Philippine Overseas Employment Agency (POEA) supervised the conduct of the 2004 overseas absentee voting. About sixty five percent (65%) of registered voters turned out to vote in the more than 100 precincts that were established in different parts of the world. [14] For the 2007 polls, according to Comelec data, only a few OFWs from Asian countries, Middle East, Africa, America and Europe registered for the elections. The pattern is the same in other parts of the world. [15] In order to strengthen the OAV law, COMELEC is thinking of ways to make the registration and voting process easier for Filipinos who are scattered all over the world. COMELEC has said that the introduction of internet voting is being contemplated in areas like Hong Kong, Singapore and Italy where it would cost about P25 million for every 500,000 voters compared to P52 million snail mail. [16] The System of Electronic Voting. We speak of electronic voting when the casting of voting is carried out by the voter through electronic means, thus obtaining an end-to-end digital vote. The use of paper is optional and auxiliary. [17] Electronic Voting can be classified in two categories: Poll-site voting and Remote Electronic Voting. Our concern is the second category which is the Remote Electronic Voting which takes place when voters cast their vote from any location with access to the Internet via mobile telephone, PCs, PDAs, etc. The methods used to identify the voter are via digital signature, biometrics, PIN codes, etc. [18] The process of electronic voting in elections, citizen consultations and/or other private consultations offer various advantages over their counterpart based on paper. Any type of electronic voting offers: greater speed and

accuracy in the tallying of votes, greater savings in material costs in the printing and distribution of paper ballots, greater accessibility for the disabled, flexibility in the modification of ballot layouts, support of multiple languages, better access to information regarding voting options, prevention of involuntary errors when filling the ballot. [19] When electronic vote is remote, in addition to the previous advantages, further benefits are provided, such as: economies of scale as the size of the electoral roll increases, greater mobility and convenience for voters, potential increase of participation in the voting process. [20] Implications of Electronic Voting. The use of electronic voting (poll-site or remote voting) presents new challenges that should be taken into account -- the digital nature of the votes in themselves, without any paperbased backup, the existence of a complex technological infrastructure between the voter and the electoral authorities, the existence of people with privileges in the voting systems, for example, technicians with total access to the systems they manage who could manipulate the process. [21] Types of Security Measures Necessary in Electronic Voting.The following are four levels of technological security measures that are required: a. Network and systems security - protection against nonauthorized access (firewalls, user management...), protection against DoS attacks, using faulttolerant and redundancy mechanisms, Protection of communications. [22] b. Voters' remote authentication - Digital signature, Biometrics, PIN codes plus personal data, Other systems. [23] c. Assurance of the electoral requirements, considering the existence of technicians with privileged access to the

3

voting system. Voter privacy has to be guaranteed. At the same time, voters have to be properly identified. The protection of the digital ballot box against external attacks (hackers) and internal attacks (administrators of the system) in order to guarantee the following: secrecy of partial results, integrity of the votes cast (neither elimination nor modification), prevention of addition of bogus votes, voter self-verification of the correct treatment of his/her vote without allowing vote-buying or coercion. [24] d. Holistic audit capability As a result, specific technological solutions are necessary to guarantee all the security requirements in an electronic voting process.[25] Pnyx.core, with the result of 10 years of research and development, provides an innovative solution in this field. [26] Reason for the Need for Standard Security Measures. The standard security measures provide control over the access to the servers, can ensure that all communications are secret and protected between the web browser and the server (by using SSL, for example), and offer other generic guarantees. [27] Even if these standard security measures are indisepensable in electronic voting, they are not adequate to guarantee the electoral requirements described in the previous point. [28] It is also essential to use specific security measures and application-level cryptography, to adequately address the risks associated with electronic voting. Pnyx.core, together with the know-how of Scytl, enable electronic voting to be carried out with the same assurance of security and trust that can be found in the customary paper–based electoral processes. [29] Conclusion There is empowerment of citizens who are thousands of miles away from

home in search for a better life, but remain Filipinos at heart, when they are allowed to exercise their right of suffrage in the country where they belong. Ideal it may seem, there still has to be an implementing law passed by Congress to make this vision come into a reality. In a very short telephone conversation with Atty. Kabaitan Guinhawa Valmonte, officer in charge of the Committee on Overseas Absentee Voting (COMELEC), she said that the basis for implementing the Online Voting System is none other than Republic Act No. 9189 (An Act Providing for a System of Overseas Absentee Voting by Qualified Citizens of the Philippines abroad, appropriating funds therefore, and for other purposes) and Section 52i of the Omnibus Election Code (Batas Pambansa, Bldg. 881). However, a reading of the Republic Act No. 9189 does not explain or even mention about providing for an online system of voting for the overseas workers. Section 52i of the Omnibus Election Code cites the powers and functions of the Commission on Election-- that is to “Prescribe the use or adoption of the latest technological and electronic devices, taking into account the situation prevailing in the area and the funds available for the purpose…” It is only in the Proposed Amendments to the Overseas Absentee Voting Law (R.A. 9189), where it specifically mentions the COMELEC’s recommendation of the use of electronic mail, internet, or other secured networks in the casting of votes: “Sec. 18. Personal Voting Casting and Submission of Ballots. – “18.10 The Commission shall continuously study, evaluate and recommend the adoption of the use of electronic mail, internet, or other secured networks in the casting of votes. It shall likewise develop and maintain the

appropriate software and hardware technologies for such purpose for submission of a report thereon to the Joint Congressional Oversight Committee.” Formal approval of the proposed amendments to the OAV law by Congress, not only in principle, is indispensable; and specific guidelines and implementing rules have yet to be provided before the system can be said to be feasible and practicable, taking into account the cost of the system, the security, reliability and until the legality of the whole process. Till then, this system should be put on hold because of its premature implementation and its lack of basis in law.
Endnotes 1. Philippines Plans to Test Online Voting for Singapore OFWs. Julie JavellanaSantos, Arab News <http:// www. arabnews.com/?page=4&section 0&article=91069&d=18&m=1&y=2007&pix= world.jpg&category=World> Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Scytl: Secure Electronic Voting. <http:/ /www.scytl.com/eng/acerca.htm> A call to revisit and strengthen the overseas absentee voting law. <http:// ettarosales.wordpress.com/2006/11/ 08/a-call-to-revisit-and-strengthen-theoverseas-absentee-voting-law/> Ibid. Ibid. Ibid. The System of Electronic Voting. <http:/ /www.scytl.com/eng/voto.htm> Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid. Ibid Ibid. Ibid.

2. 3. 4. 5. 6. 7. 8. 9.

10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28.

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

4

Features
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

THE VULNERABILITY

OF

INTERNET VOTING

By Jaime N. Soriano

T

he Commission on Elections (COMELEC) formally announced plans to pilot test Internet voting in Singapore that would allow registered overseas Filipino workers to electronically cast their votes during the 14 May 2007 midterm elections. With the implementation of Internet voting, Filipino absentee voters can conveniently vote in any Internet connected computers even at home, in Internet shops, or through the computers in Philippine embassies and consular offices abroad, declared COMELEC Commissioner Florentino Tuason. Here is how the system works according to the COMELEC: voters will have to log on to the Comelec website and be given a personal identification number (PIN) to be able to view a list of senatorial candidates and party-list organizations participating in the elections. Once the voter clicks the names of his chosen candidates, he click a button to send this information to the Comelec head office where his votes will be automatically counted. It makes sense to believe that the use of computer technology in the electoral process offers distinct advantages in terms of ensuring the integrity, security, and immediate outcome of the polls. But given my modest understanding of how the technology works, I believe that the intended system could just be a major tool to perpetuate electoral fraud. Electronic voting (or e-voting) encompasses several stages of the electoral process: voters’ registration, casting of votes, and counting of votes.

The system of e-voting may be done on site with the use of electronic voting machines or digital terminals or an electronic public kiosk found in authorized and designated polling places or stations, which could be offline or interconnected in a private computer network. E-voting can also be remote using the Internet. This means accessing and logging on to a designated site in cyberspace using any available means of Internet access to perform or complete a poll transaction in a virtual polling place or station, a website. The exercise of suffrage, at least in our jurisdiction, is a personal act. It cannot be assigned or delegated except in meritorious cases allowed by law, i.e. Sec. 196 of the Omnibus Election Code that permits the preparation of ballots by illiterate or physically handicapped voters by another person. Remote e-voting or the use of the Internet in counting and transmission of votes may be a sound proposition because it facilitates the timeliness, reasonable accuracy, and integrity of the poll results provided that adequate network security is in place. But this may not be true in Internet voting. Even if the Internet voting provides and requires for PINs, passwords, and other authentication using personal data, there is no assurance that the person executing the poll transaction is the registered voter himself. He can easily pass on this security information to another or worse to unscrupulous candidates who bought his vote. The set-up could even work well and better for the vote-buying candidates because in a manual voting the vote-buyer would not have the actual opportunity

to see the ballots cast by the voter. In Internet voting, payment for the vote may be withheld if access by the candidate’s cohorts is refused by the system. Perhaps, the only way to address this concern is to use biometric authentication such as fingerprints, DNA or retinal patterns. But this would require a separate and very expensive software and hardware. And it is close to impossible to expect on-line voters to have access to them on election day, unless the facilities for the biometric technology are installed and made available in government designated polling places or stations - but then the e-voting becomes on-site. Through some connivance or collusion, or utilizing the expertise of hackers and crackers, it might be easier to have virtual flying voters cast their votes on election day. All that is needed is to intrude into another’s private identity or produce fictitious personal identities and assign PINs, passwords and other authentication data for them to complete an on-line poll transaction in favor of a candidate. Of course, there are audit trails or system that could address this fraudulent act. But the process of investigation and verification could be more tedious and slow than the usual manual voting system. In Estonia, Internet voting was utilized during the 2005 local elections alternatively with the paper ballot. To cast an electronic vote days before the actual date of election, the voter needs a computer with Internet access, his nationally issued ID-card and a card reader. On Election Day, the voter
>> [ 3 5] Vulnerability of Internet Voting

5

Features

AUTOMATED ELECTION SYSTEM LAW
By Michael Vernon M. Guerrero

T
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

he Automated Election System Law or Republic Act No. 9369 was signed into law on 24 January 2007. The law amended Republic Act No. 8436 that provided for the automation of elections supposedly starting from the national and local elections of 1998. It authorized the partial implementation of the automated polls for the May 2007 midterm elections.

amending Sections 3 and 5, RA 8346, respectively.) The poll automation law amended Section 6 of RA 8436 as to the “Authority to Use an Automated Election System,” and Section 7 as to the “Minimum System Capabilities” of the automated election system. New provisions were inserted to provide for the Communication Channels for Electronic Transmission (Section 7, RA 8436 as provided by Sec. 8, RA 9369); the Advisory Council and the Technical Evaluation Committee (Secs. 8 and 10, RA 8436), their functions (Secs. 9 and 11, RA 8436). As to the procurement and maintenance of the AES itself, the law amended the provisions of RA 6436 as the Procurement of Equipment and Materials (Sec. 8, now 12), Continuity Plan (Sec. 9, now 13), and Examination and Testing of Equipment or Device of the AES and Opening of the Source Code for Review (Sec. 10, now 14). In light of the automation, the provisions of Official Ballot (Sec. 11, now 15), Ballot box (Sec. 13, now 17), Procedure in voting (Sec. 14, now 18), Closing of polls (Sec. 15, now 19), Notice of Designation of Counting Centers (Sec. 16, now 20), Counting Procedure (Sec. 17, now 21), Election Returns (Sec.18, now 22), Canvassing by Provincial, City, District and Municipal Boards of Canvassers (Sec. 21, now 25), Number of Copies of Certificates of Canvass of Votes and their distribution (Sec. 22, now 26), National Board of Canvassers for Senators and Party-List Representatives (Sec. 23, now 27), and Congress as the National Board of Canvassers for President and Vice President (Sec. 24, now 28) were amended. A new section 30 was created as to "Authentication of Electronically Transmitted Election

Results" (Sec. 25, RA 9369). These are some of the amendments made by the Automated Election System Law. For weeks after the law ’s promulgation, there was a heated debate whether Republic Act 9369 should be implemented for the 14 May 2007 elections. As of 14 February 2007, the Commission on Elections, and the Advisory Council, recommended against automating, even partially, the said polls. Lorenzo Formoso, advisory council spokesman, said the decision was "a question of prudence rather than possibility," and that "If poll automation is not properly tested, it would be vulnerable to hacking. A lot of bad things can come out if we will insist on pilot-testing poll automation." (Jaymalin, Mayen and Marvin Sy, The Philippine Star. It’s final: No law automation, http://www.abscbnnews.com/storypage.aspx? StoryId=66829) A clearer basis, however, for the non-implementation of the law is Section 26, RA 9369 amending Section 25 (now 31) of RA 8436 (Stakeholder education and training) which partly provides that "The Commission shall, not later than six months before the actual automated election exercise, undertale a widespread stakeholder education and training program, through newspapers of general circulation, radio, television and other media forms, as well as through seminars, symposia, fora and other nontraditional means, to educate the public and fully inform the electorate about the AES and inculcate values on honest, peaceful, orderly and informe elections." The law, being promulgated only four months prior to the election, cannot possibly comply with this mandate.

The law defined the ‘automated election system’ (AES) as a system using appropriate technology which has been demonstrated in the voting, counting, consolidating, canvassing, and transmission of election results and other electoral processes. (Section 2 [1], RA 8436, as amended by RA 9369) A ‘paper-based election system’ is defined, on the other hand, as a type of automated election system that uses paper ballots, records and counts votes, tabulates, consolidates/ canvasses and transmits electronically the results of the vote count, (Section 2 [7], RA 8436, as amended by RA 9369) while a ‘direct recording electronic election system’ is a type of automated election system that uses electronic ballots, records votes by means of a ballot display provided with mechanical or electro-optical components that can be activated by the voter, processes data by means of a computer program, records voting data and ballot images, and transmits voting results electronically (Section 2 [8], RA 8436, as amended by RA 9369). Under the said poll automation law, each Board of Canvassers shall be assisted by an information technologycapable person authorized to operate the equipment adopted for the elections. (Sections 3 and 5, RA 9369,

6

Computing
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

DIGITAL COPYRIGHT
By Jaime N. Soriano

I

Introduction

nternet technology made it possible to distribute, disseminate, share or exchange, or capture various information and data among all the computers interconnected in cyberspace in digital or electronic format. The technology is a huge success that it has also conquered the usual print and broadcast media within its domain. Digital information may be in the form of text, graphics, sounds, video, pictures, databases, or computer programs. This information can be easily uploaded to, downloaded, transmitted, copied or used electronically from, the Internet. With the convenience and accessibility of data in the network, people tend to assume that they are within the public domain and completely ignoring the legal reality that those digital materials are also within the ambit of copyright protection. Copyright is very much a part of the Internet. Works posted in cyberspace are considered published and therefore qualify for copyright protection. The Intellectual Property Code of the Philippines defines ‘communication to the public’ and ‘published works’ as making the work available to the public “by wires or wireless means”. This definition provides the legal recognition and basis of Internet copyright in this jurisdiction. The Essence of Copyright Copyright should literally mean the right to copy. But in legal parlance, the application of the right is applied

conversely by giving authors, artists and others the right to exclude others from using their works. Essentially, copyright is the legal right of the author to his intellectual creation or work. Under Philippine law and following the governing principles of the 1886 Berne Convention, copyright attaches to a work from the moment of its creation by the author without need of further registration. Obviously, the protection being served by copyright is two-fold: the protection of the author's general right how his work is used, and the protection of his economic rights for creating a valuable work. It is axiomatic that for the author to enjoy copyright protection for his work, he must satisfy three (3) requirements: Originality. Simply stated this means that the author did not copy the work from someone else’s work. While originality is the essence of copyright, it does not require that the work is novel, unlike patents. Creativity. An author can still claim copyright for a work as long as he created it himself, even after people already created a similar work before him. Even if only a part of the work is original, the work could still satisfy the requirement of originality because what is required of the work to enjoy protection is only a minimum amount of creativity. Hence, while reproduction in context is obviously a mere copy and should not enjoy copyright protection, if something is contributed to the final product and the variations between the original and the copy is more than

trivial, the requirements of originality and creativity are deemed satisfied. Fixation. Under this requirement, it is necessary that the original work is fixed as a tangible medium of expression. In short, the copyrighted work must have presence that is cognizable by the human senses. A work like a story, a picture, a sound, or a video is as much protected on a disk or in cyberspace (written in HTML for instance) in a similar fashion as when it is captured in paper, tape, on stage or similar medium of expression. There is no iota of doubt that these essential elements of what constitute copyright exist in cyberspace works and creation. Exclusive Rights Copyright carries with it the following exclusive rights: The Right to Privacy of Work. This simply means that the author or creator has the right to exclude all others or the public from reproducing the work in the form of a copy. Copyright connotes the right to exclude, or not to publish, the work. Websites that restrict access to information of works published in the Internet come within the purview of this right. The Right of Distribution. This pertains to the right of the author to distribute copies to the public by sale or other modes of transferring ownership or by rental or lease. This is also known as ‘economic rights’. “First sale” doctrine assures the author or creator of the work that until he parts with the ownership of his creation, his privacy rights remain. It

7

is only after the first sale that the new owner can treat the work also as his own. Copyright however is not a license to sell or distribute, for example, libelous email or on-line messages. Works and creation that invade the privacy rights of others or violate obscenity laws may not be published just because they happen to be covered by copyright. The uploading of works or making them available on line in cyberspace constitutes publication. But it does not diminish or necessarily result in the waiver of the author’s economic rights over the work. The Right to Create Adaptation. A work may be derived from an original work through translation, interpretation, arrangement, dramatizations, fictionalization, films, recordings, abridgment, condensations or any other form in which a work may be recast, transform or adapted. Subsequent works, independently created although appearing to be similar to earlier works, do not necessary constitute infringement. The cut, paste, copy and save-as function of the Internet makes it convenient for users to adapt the work of others as his own without realizing that it could result in copyright violations. The Right to Performance and Public Display. This pertains to the right to perform a protected work in public such as stage play, dramatization, and public performances. The multimedia capabilities of the Internet facilitate the expression of this right. Idea versus Expression Copyright covers only the specific form or the particular manner in which ideas or information have been manifested, or the so-called "form of material expression". It is not designed or intended to cover the actual idea, concepts, facts, styles, or techniques

embodied in or represented by the copyright work. Other intellectual property laws, like trademarks and patents, may be the basis though for legal restrictions on certain reproduction or use where copyright may not be available. In copyright, what is subject of the protection is the manner of expression, and not the idea itself. The Philippine Intellectual Property Code is clear on this matter when it provides that “no protection shall extend, under this law, to any idea, procedure, system method or operation, concept, principle, discovery or mere data as such, even if they are expressed, explained, illustrated or embodied in a work; news of the day and other miscellaneous facts having the character of mere items of press information; or any official text of a legislative, administrative or legal nature, as well as any official translation thereof. Works in the Public Domain There are certain works that does not enjoy copyright protection, in full or in part, because these works are deemed to be a part of public domain. These works especially when published in the Internet are free for everyone to use. A work will be part of the public domain if (a) the copyright protection expired, (b) or the copyright is lost or never acquired, (c) the work was published before there was a copyright law, (d) or the author dedicated the work to public domain, i.e. Creative Commons, Copyleft, or the GNU Public License (also known as ‘GPL’) (e) the work is not entitled to copyright protection, i.e. government work, laws, judicial decisions. All official Philippine texts of a "legislative, administrative, or judicial nature" or any official translation of those kinds of texts may not be copyrighted and are in the public domain. Aside from government

documents, no work of the Philippine government, as well as the works of government-owned and/or controlled corporations, can be copyrighted (images, documents, and the like). However, prior approval is needed if a government work will be used for making a profit . Types of Protected Work The Intellectual Property Code of the Philippines governs the following copyrighted works: 1. “Original Work ” consists of original intellectual creations in the literary and artistic domain protected from the moment, and by the sole fact, of their creation irrespective of the mode and manner of expression. In particular, it includes the following: (a) books, periodicals, newspapers, pamphlets, letters, articles and other writings; (b) lectures, sermons, addresses or dissertations prepared for oral delivery, whether or not reduced in writing or other material form; (c) dramatic or dramatico-musical compositions, choreographic works or entertainment in dumb shows; (d) musical compositions with or without words; (e) drawing, painting, architecture and other works of arts including models or designs for work of art; (f) original ornamental designs or models for articles of manufacture and other works of applied art; (g) illustrations, maps, plans, sketches, charts and threedimensional works relative to geography, topography, architecture or science; (h) drawings of a scientific or technical character; (i) photographic works; (j) audiovisual and cinematographic works; (k) pictorial illustrations and advertisements; (l) computer programs; and (m) other literary, scholarly, scientific and artistic works.

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

8

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

2. "Collective Work" means a work such as a periodical issue, anthology or encyclopedia, in which the work in its entirety in unmodified form, along with a number of other contributions, constituting separate and independent works in themselves, are assembled into a collective whole, or a work that has been created by two (2) or more natural persons at the initiative and under the direction of another with the understanding that it will be disclosed by the latter under his own name and that contributing natural persons will not be identified . 3. "Derivative Work" means a work based upon the work or upon the work and other pre-existing works, such as dramatizations, translations, adaptations, abridgments, arrangements, and other alterations of literary or artistic works including collections of literary, scholarly or artistic works, and compilations of data and other materials which are original by reason of the selection or coordination or arrangement of their contents. These works shall be protected as a new work provided that they do not affect the force of any subsisting copyright upon the original works employed or be construed to imply any right to such use of the original work, or to secure or extend the copyright in such original works. Obviously, the Internet is a haven for all of these types of work or intellectual property creation. But in the process many disregard the fact that the derivative work is part of the exclusive rights given to the author or creator of the original work under his right to create adaptation. Copyright Limitations The Doctrine of Fair Use: This is one of the most important limits to copyright. It permits some use of others' works even without approval. While

the words "fair" or "reasonable" use cannot be precisely defined, there are a few benchmarks. The fair use of a copyrighted work for criticism, comment, news reporting, teaching including multiple copies for classroom use, scholarship, research, and similar purposes, is not an infringement of copyright. Decompilation, which is understood to be the reproduction of the code and translation of the forms of the computer program to achieve the interoperability of an independently created computer program with other programs, may also constitute fair use. In determining whether the use made of a work in any particular case is fair use, the factors to be considered shall include: (a) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit education purposes; (b) the nature of the copyrighted work; (c) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and, (d) the effect of the use upon the potential market for or value of the copyrighted work. The fact that a work is unpublished shall not by itself bar a finding of fair use if such finding is made upon consideration of all the above factors. Usage intended to advance public interests such as criticism, education or scholarship is generally favored especially if only a little of another's work is copied. Uses however that generate income or interfere with a copyright owner's income are not. Fairness also means crediting original artists or authors. The use of another's work for commercial purposes or for profit is disfavored but not entirely forbidden. Hence, while magazines and newspapers are operated for profit, they are not automatically precluded from adopting the doctrine of fair use.

The principles behind fair use are equally applicable in the super information highway as a limitation to digital copyright. Moral Rights: Independent of any economic right, the author of a work has the right to require that the authorship of the works be attributed to him, in particular, the right that his name, as far as practicable be indicated in a prominent way on the copies, and in connection with the public use of his work; to make any alteration of his work prior to, or to withhold it from, publication; to object to any distortion, mutilation or other modification of, or other derogatory action in relation to, his work which would prejudice his honor or reputation; and, to restrain the use of his name with respect to any work not of his own creation, or in a distorted version of his work. The author however may waive these rights in writing, electronically or otherwise, but such waiver shall be ineffective where its effect is to permit another to use the name of the author with respect to a work he did not create or to use the name of the author, the title of his work, or his reputation with respect to any version or adaptation of his work which, because of the alterations therein, would substantially tend to injure the literary or artistic reputation of another author. Insofar as performers, as regards his live aural performances or performances fixed in a sound recordings, he shall have the right to claim to be identified as the performer of his performances independently of his economic rights. The exclusive rights of performers and producers shall not apply when the work is (1) used by a natural person exclusively for his own personal purposes, or (2) used as short excepts for reporting current events, or (3) used solely for the purpose of teaching or scientific research, or (4) under conditions of ‘fair use’ as defined herein.

9

When an author contributes to a collective work, his right to have his contribution attributed to him is deemed waived unless he expressly reserves it. Moral rights were first recognized in France and Germany before they were introduced in the Berne Convention. But not all countries recognize moral rights as part of their copyright laws. Notable among them is the United States. Hence, the application of the doctrine of moral rights in the web may vary from country to country and from jurisdiction to jurisdiction. Points of Copyright Attachment under Philippine Laws Copyright protection afforded by Philippine law shall apply to: 1. Works of authors who are Filipino citizens or have their habitual residence in the Philippines. 2. Audio-visual works the producer of which has his headquarters or habitual residence in the Philippines. 3. Works first published in the Philippines 4. Works first published in another country but also published in the Philippines within thirty days, irrespective of the nationality or residence of the authors. 5. Works that are to be protected by virtue of any international convention or other international agreement to which the Philippines is a party. 6. With respect to performers, the protection shall apply to (a) performers who are nationals of the Philippines; (b) the performance should have taken place in the Philippines, in case of non-Filipino citizens; or incorporated in sound recordings

or carried by broadcast where a copyright is attached. 7. In sound recordings, the protection applies where the producer is a Filipino citizen or the sound recording is first published in the Philippines. 8. In broadcast, the protection shall apply to broadcasts of broadcasting organization the headquarters of which are situated in the Philippines or for broadcasts transmitted from transmitters situated in the Philippines. These rules may be applied in works found in the Internet particularly if there is an issue as to the application of the Philippine Intellectual Property Code. Duration of Copyright Protection Original, derivative and posthumous works: lifetime of the author and for fifty (50) years after his death. Works of joint authorship: during the life of the last surviving author and for fifty (50) years after his death. Anonymous or pseudonymous works: for fifty (50) years from the date on which the work was first lawfully published unless before the expiration of this period, the identity of the author is revealed, the term as above stated (for original, derivative and joint authorship work as the case maybe) shall apply. If the work is not published, the fifty (50) years is counted from the making of the work. Works of applied art : twenty-five (25) years from the date of making of the art. Photographic works: fifty (50) years from publication of the work and, if unpublished, fifty (50) years from the making. Audio-visual works including those produced by process

analogous to photography or any process for making audio-visual recordings: fifty (50) years from date of publication and, if unpublished, from the date of making. Calculation of term for the above: the term of protection subsequent to the death of the author provided shall run from the date of his death or of publication, but such terms shall always be deemed to begin on the first day of January of the year following the event which gave rise to them. For the rights granted to performers and producers of sound recordings: (a) For performances not incorporated in recordings, fifty (50) years from the end of the year in which the performance took place; and (b) For sound or image and sound recordings and for performances incorporated therein, fifty (50) years from the end of the year in which the recording took place. For broadcasts: twenty (20) years from the date the broadcast took place. The extended term shall be applied only to old works with subsisting protection under the prior law. In determining whether or not a work in cyberspace with a point of attachment to Philippine laws falls outside copyright protection, and therefore already part of the public domain, a consideration of the foregoing period is imperative. Copyright Myths Many Internet users have the general tendency to assume certain beliefs that are in a real sense a myth insofar as digital copyright is concerned. Among these erroneous perceptions are: 1. If the work does not have copyright notice, it is not copyrighted. 2. If the user of the work does not charge for distributing, copying or selling the work, or if there is no

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

10

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

harm to the author, there is no infringement. 3. Any amount of copying for news, scholarship, education or commentary for as long as there is attribution falls within the fair use doctrine. 4. Trademark is the synonymous with copyright. 5. A work of fan fiction, or writing a story using settings or characters from another’s work, is derivative work that is beyond the ambit of copyright protection of the original author or creator. 6. To have a copy of the work does not necessarily mean that you have the copyright, especially if there is no commercial value. 7. Internet service providers are liable for copyright infringements. Due Diligence Copyright in Internet

Users surfing for some materials from a website that he would like to use should search for information about permissions to use, downloading, redistribution or reproduction. Many Internet sites have a page devoted to “terms of use” or a “privacy policy” that explain how the user can handle the materials obtained from the site. It is best to use the materials in accordance with the policies posted in the website. In certain cases, particularly when in doubt, it may be best to contact the individual or organization that holds the copyright and obtain permission, electronically or otherwise. If the user is invoking the doctrine of “fair use” in using the copyrighted materials from the Internet, it is always a sound policy to make an attribution or acknowledgement of the source and owner of the information in the users own work. The user must have a keen sense to distinguish between what is part of the public domain and which is not. It should be remembered that even in cyberspace, what is the subject of copyright is the expression of idea and not the idea itself. And it is always prudent to check whether works of art, literature, books, films, videos, or photographs culled from the Internet are already part of the public domain with the lapse of their copyright protection. Many times however this task is tedious and getting permission is still the easier route, something that can also be obtained on-line and in real-time. Noted Legal Controversies in eCopyright At present, there are no major law suits involving infringement of Internet copyright in the Philippines. But like most of the other countries, the world is keenly watching the development of legal controversies involving digital copyright especially in the United States.

Of late, the legal issue of copyright infringement was put into the limelight with the development of a file sharing technology called ‘peer-to-peer’ or P2P Using P2P as connecting nodes, . people in the Internet network can easily pass or share in real time content files, especially audio, video or data, for as long as they are in electronic format. The technology also allows multimedia streaming of video and audio. Thus, network sharing of music and movies, particularly in MP3 and DivX formats, has now become commonplace. Long before the Internet became a popular media, the US Supreme Court in the leading 1984 case of Sony Corporation of America vs. Universal City Studios Inc. , more popularly known as the Betamax case, held that making individual copies of television shows for purposes of time-shifting is fair use and does not constitute copyright infringement. The Betamax decision effectively provided a general test for determining whether a device with copying or recording capabilities ran afoul of copyright law. This test has created some interpretative challenges to courts in applying the case to more recent file sharing technologies available for use on home computers and over the Internet. Napster, a company founded by an 18 year old computer science student, provided a platform for users to upload and download music files in compressed digital format. Major recording companies led by A & M Records, Inc. were threatened and immediately sued Napster for contributory and vicarious copyright infringement. Napster argued on the principles of fair use. In 2001, the US Court of Appeals (9th Circuit), in the first major case to address the application of copyright in P2P file sharing, ruled that Napster could be liable for contributory infringement
>> [36] Digital Copyright

The fact that a work was posted in the Internet and is free for anyone to download a copy does not make the work automatically as part of the public domain. In the usual case, there is a need to ask permission from the site owner to publish any materials, including photographs, music, and artwork from the site. Infringement of digital copyright may occur when information is used and distributed without permission. Pirating software, downloading music, including an image or graphic in a document or presentation, or forwarding private electronic mails, are common copyright violations unless they fall within the purview of fair use. Unauthorized use of these files might result to prosecution and other legal obligations including civil penalties, damages and indemnification.

11

Feature

THE LEGALITY OF DOWNLOADING MUSIC FROM THE INTERNET
By Consuelo L. Cruz

O UTLINE Introduction Part I. Copyright Laws and Jurisprudence Copyright Laws in the United States I. The United States Copyright Act of 1978 II. The Digital Performance Rights in Sound Recording Act of 1995 III. The Digital Millennium Copyright Act of 1998 Copyright Laws in the Philippines Other Copyright Laws * The World Intellectual Property Organization Treaty (WIPO Copyright Treaty) Consuelo L. Cruz was a student in the Entertainment Law Class of Dean Mariano Magsalin Jr. in Arellano University School of Law during the first semester of School year 2006-2007. The following paper was submitted as part of the requirements in said course. * The European Directives Union * MGM Studios Inc. v. Grokster Ltd. [04-0480, 545 US 125, S.Ct. 2764 (2005)]

Jurisprudence * Sony Corp. of America v. Universal City Studios, Inc., 464 US 417, 449 (1984) * A&M Records Inc. v. Napster Inc, [2001 US App LEXIS 1941, No. 990164001, slip op. at 2206 (9th Cir., Feb. 12, 2001)] * MP3 Case [UMG Recordings, Inc. v. MP3 [92 F.Supp.2d 349 (S.D.N.Y. 2000)] * Diamond Rio Case (Recording Industry Association of America v. Diamond Multimedia Systems [180 F.3d 1072 (1999)] Introduction he Internet is not only a powerful source of information but also a very convenient source of entertainment. An Internet network for anyone with a computer to access a wide variety of information, and has made file sharing of copies of audios, videos, data or anything in digital format available to Internet users. The use of this file-sharing technology is currently at the core of legal controversies involving copyright infringement since most of the files shared by network providers using this technology, are copies of popular copyrighted music and movies. Some of these networks -- such as Napster, Kazaa, Grokster and Streamcast -have been the subject of lawsuits and have been found liable for contributory infringement. In most of these cases, individual Internetusers have been cast as the direct infringer.

Part II. Key Legal Issues * * * * * * * * * * What Acts are Involved Who Are Liable Infringement of Copyright Laws Should Users be Liable For Direct Infringement? Users Not Specifically Identified Particular Infringing Acts Cannot Be Determined Time-Shifting Suppression of Free Speech Current Developments The Philippine Setting

Conclusion Part One Copyright Laws and Jurisprudence The United States has one of the most relevant statutes covering digital audiovideo transmissions and has the most jurisprudence on copyright infringement involving file-sharing of music recordings. Other developed countries such as the Netherlads, France, Canada, and Japan are also enacting and enforcing copyright laws similar to that of the United States. The following are Copyright Laws covering music transmission in the Internet: Copyright Laws in the United States I. The United States Copyright Act of 1978 (USCA) It is relevant to understand some fundamental concepts of the USCA to which the exclusive rights of copyright

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

This paper shall discuss legal issues related to music transmission specifically copyright infringement and the probable liabilities of Internet network providers and individual users based on jurisprudence in the United States. Part One gives an overview of various copyright laws with a focus on a copyright holder’s exclusive rights, its exceptions and the concept of fair use. Part Two concentrates on the key legal issues and particularly tackles the acts involved in downloading of music from the Internet to determine whether or not individual Internet users should be held liable for copyright infringement.

T

12

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

owners apply. Section 106 of the USCA provides exclusive rights in copyrighted works, such as: (1) to reproduce the copyrighted work in copies or phonorecords, (2) to prepare derivative works based on copyrighted works, (3) to distribute copies to the public or transfer ownership, or by rental, lease or lending, (4) in case of musical works, to perform copyrighted works publicly, (5) to display the copyrighted work publicly by means of a digital audio transmission. The last exception is provided under the Digital Performance Rights in Sound Recording Act of 1995 which shall be discussed below. Section 101 of the USCA defines public performance as: (i) to perform or display a work at a place open to the public or at any place where a substantial number of persons outside of a normal circle of family and its social acquaintances is gathered; or (ii) to transmit or otherwise communicate a performace of a display of the work to a place specified by clause; or to the public, by means of any device or process, whether the members of the public capable of receiving the performance or display receive it in the same or in separate places and at the ssame time or different times. Section 107 of the USCA provides for an exception to the exclusive right of copyright owners. This exception applies to certain uses of copyrighted works that are considered “fair use” and do not require authorization of the copyright owner. To qualify as fair use, the following criteria must be complied with: (a) the purpose and character of the use, including whether such use is of commercial nature and is for nonprofit educational purpose; (b) the nature of the copyrighted work; (c) the amount and substance of the portion used in relation to the copyrighted work as a whole; and (d) the effect of the use upon the potential market for or upon the value of the copyrighted work. The law provides the purposes that may

be considered “fair use,” such as criticisms, comments, news reporting, teaching/instructions, and research. II. The Digital Performance Rights in Sound Recording Act of 1995 (DPRSA) The DPRSA amends Section 106 of the USC by adding public performance in digital audio transmissions of sound recording as an exclusive right of copyright owners. It covers cases where a compulsory license is imposed, such as: (1) the compulsory license affecting the mechanical reproduction of musical works; and (2) the compulsory license concerning the digital transmission of music. III. The Digital Millennium Copyright Act of 1998 (DMCA) The DMCA broadens the scope of copyright protection to music on the Internet. It provides for potection to online service providers particular safe harbors for certain types of works relating to infringement if they follow a particular procedure. Service providers shall not be liable for infringement under the following circumstances: (1) if they act merely as a data conduit, such as when an MP3 file is e-mailed from one subscriber to another; (2) in instances of systems caching when a copy of an MP3 is kept only for archival purposes; and (3) the service provider must not have the knowledge of an infringing activity, or upon knowledge of such infringing activity, he must take action to block access to the material, and he must not receive any financial benefit for such activity. One aspect of the DMCA was the establishment of a new statutory license for the public performance of sound recording. The DMCA also added “Streaming Audio” or listening on a streaming mode and Webcasting, which is essentially the re-transmission of AM/ FM radio signals through the Internet, as non-infringing activities.

Copyright Laws in the Philippines Philippine copyright laws pertinent to digital music transmission is contained under the section on Copyright Laws, in Part IV of the Intellectual Property Code of 1998 (IPC, Republic Act 8293). The law basically provides for the same exclusive rights to copyright holders similar to that in the US Copyright Act. However, the right to perform the copyrighted sound recordings by means of digital audio transmission, which was specifically provided in the US Law, is not provided for in the IPC. Relevant provisions pertitnent to digital music transmission, though inadequate, may be found in Sections 172, 184, and 185 of the IPC. Section 172, paragraphs (e) and (f), provide that dramatic or dramatico-musical compositions, choreographic works or entertainment in dumb shows and musical works, wth or without words, are copyrightable. Section 184 provides that acts, among others, which do not constitute infringement include: (1) the right of performance once a work has been made accessible to the public provided that it is done privately and free of charge or made strictly for a charitable or religious institution; (2) the right of reproduction and communication to the public as part of reports of current events, for teaching purposes, for ephemeral recordings by broadcasting organizations by means of its own facilities and for use in its own broadcast. Section 185 provides the factors that are to be considered in determining fair use which are essentially the same as those provided in the US Copyright Act. Other Copyright Laws Copyright Laws of some highly developed countries commonly provide the same exclusive rights to copyright owners. The Right of Reproduction. In Canada, France, and the United Kingdom, a reproduction on the server from which users -- “the public” -- can download music must be licensed. The

13

Canadian Copyright Act gives an adequate application of Reproduction Rights by providing “that a copyright owner is granted a right of reproduction in any material form, which includes reproduction in digital form, such as when a phonogram is converted in a specific digital format to be transmissible via Internet. A second reproduction takes place when the work is copied to a server. The user who requests the musical work from a website makes a third copy.” [1] The Right of Public Performance. The Right of Public Performance is aptly described in the WIPO Copyright Treaty of 1996 as such right granted to copyright owners to make available to the public their works in a way that the members of the public may access these works from a place and a time individually chosen by them. [2] However, applications of this right vary. In Canada, for example, “posting a copyrighted work on a publicly accessible server is a restricted act. In France, posting of a work on a website must be licensed. Under US and UK laws, a public performance occurs if the user listens in streaming mode.” [3] Tansmission Rights. An application of Conflict of Laws is relevant in determining transmission rights. It must be noted that transmission of music in the Internet involves transborder transactions. “Each country would like to control both servers located in its territory and users in its territory accessing material posted on foreign servers. Copyright collectives similarly want to be able to license transmissions from servers in their territory and users -- including end-users -- in their territory.” [4] In the course of transmission of music in the Internet, infringing events occur. Reproduction of copies which may occur at various stages of transmission or the work may be performed publicly. The World Intellectual Property Organization Copyright Treaty (WIPO Copyright Treaty). The WIPO Copyright Treaty is an

international treaty on copyright law adopted by member-states of the World Intellectual Property Organization in 1996. It provides for additional protections for copyright deemed necessary due to advances in information technology. It ensures protection for computer programs and arrangement and selection of material in databases. It provides authors of works with control over their rental and distribution and prohibits circumvention of technological measures for protection of works. The WIPO Copyright Treaty is implemented in the United States by the Digital Millennium Copyright Act of 1998, and in Europe by the European Union Copyright Directives of 2001. The European Union Directives. There are two directives in the European Union: (1) the Directive on Copyritght in the Information Society, and (2) the e-Commerce Directive. These directives, which serve as guides to copyright laws of its member-states, essentially provide the exclusive rights of copyright owners such as the right of communication to the public and limitations on transmission rights. The e-Commerce Directive particularly specifies that the service provider is subject to the copyright laws of the country wher the service provider is established. [5] Jurisprudence Sony Corp. of America v. Universal City Studios, Inc., 464 US 417, 449 (1984) This case, also known as the “Betamax case,” was a decision by the US Supreme Court which ruled that the making of individual copies of complete television shows for purposes of time-shifting does not constitute copyright infringement, but is fair use. The Court also ruled that the manufacturers of home video recording devices, such as Betamax or other VCRs (referred to as VTRs in the case), cannot be liable for infringement. The Court held that the

distribution of commercial product capable of substantial non-infringing uses could not give rise to contributory liability for infringement unless the distributor had actual knowledge of specific instances of infringement and failed to act on that knowledge. The Court’s decision established a general test for determining whether a device with copying or recording capabilities infringe copyright laws. This test has created some interpretative challenges to courts in applying the case to more recent file sharing technologies available for use on home computers and over the Internet. A&M Records, Inc. v. Napster, Inc [2001 US App. LEXIS 1941, No. 00-164001, slip op. at 2206 (9th Cir, Feb. 12, 2001)] Napster was the first widely-used peerto-peer online music sharing service which allowed music fans to easily share MP3 format song files with each other. The Ninth Circuit Court upheld the district court decision in holding that the recording company, A&M Records, presented a prima facie case of copyright infringement entitling them to a preliminary injunction. It found Napster liable for contributory infringement, having knowledge of infringing activity but had allowed its users to share music files despite having the technical capability to control such activity. In July 2001, Napster shut down its entire network in order to comply with the injunction. On 24 September 2001, the case was partially settled. Napster agreed to pay music creators and copyright owners a US$26 million settlement for past, unauthorized uses of music, as well as an advance against future licensing royalties of US$10 million. [6] MP3 Case [UMG Recordings, Inc. v. MP3, 92 F.Supp.2d 349 (S.D.N.Y. 2000)] The MP3 wensote provided for remote storage of sound recordings. The website was alleged to have copied

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

14

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

tracks from various commercial websites. [7] Plaintiffs asserted that MP3 was liable for infringement of reproduction rights by reproducing the CD on its own server. The case was settled for a purported sum of US$20M. [8] Diamond Rio Case [Recording Industry Association of America v. Diamond Multimedia Systems, 180 F.3d 1072 (1999)] In this case, the court did not find respondent liable by holding that respondent did not fit in the description of a digital audio recording device as defined by the Digital Home Recording Act. According to the statute, a digital audio recording device is one that is designed primarily for the purpose of making a digital audio recording for private use. Diamond Rio produced computer hard drives that were capable of storing various programs that were unrelated to sound recordings. [9] MGM Studios, Inc. v. Grokster, Ltd. (04-0480), 545 U.S. 125 S. Ct. 2764 (2005) United States Supreme Court in this case unanimously held that defendant P2P file sharing companies Grokster and Streamcast are liable for contributory infringement for marketing a file sharing software device. Unlike Napster, Grokster provides a decentralized software device allowing direct peer-to-peer file sharing withut passing through a “supernode.” This made it impossible for the service provider to monitor the content of the files. The Ninth Circuit Court, in applying the Sony “Betamax” Decision, considered Grokster’s decentralized architecture and absolved it from liability. The US Supreme Court, however, in holding that the ruling in Sony v. Universal Studios has been misapplied, held that “one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, going beyond

mere distribution with knowledge of third-party action, is liable for the resulting acts of infringement by third parties using the device, regardless of the device’s lawful uses.” On 7 November 2005, Grokster announced that it would no longer offer its peer-to-peer file sharing service. As part of a lawsuit permitted by the MGM Studios v. Grokster Supreme Court decision, Grokster was forced to pay US$50 million to the music and recording industries. [10] Part Two Key Legal Issues What Acts are Involved. In determining the key legal issues relative to transmission of music in the Internet, it is important to identify what acts are legal and what acts are illegal. The process of transmission of music in the Internet is legally allowed and downloading of music on the Internet is not outright illegal provided it is done within the parameters of the law. Legal acts would include those that are considered fair use and those which are authorized or licensed. Fair use includes use of copyrighted materials for purposes of news reporting, scholarship and research works, teaching, comment and criticism (Listening to music on a streaming mode is considered fair use). Questions of legality arise when music is downloaded from the Internet. To download means to receive information or a file from another computer via a modem, as distinguished from upload which means to send a file to another computer. There are three distinct acts that involves music transmission, the first two of which precedes downloading: (1) when music from a phonogram or CD is converted into digital format to be transmitted via the Internet; (2) when the work is copied onto a server; and (3) when the user who requests the musical work from a website saves the copy into his computer hard disk, a CD or any musical device.

Who are liable. The abovementioned acts are performed by the following persons, respectively: (1) the content providers; (2) the service providers or access providers; and (3) the end user, subscriber or account holder. Content providers determine whether their website will contain musical works, they select and post the works. They have knowledge whether the works they decide to post is protected or unprotected. Clearly, a content provider must obtain authorization from copyright owners for posting protected works. Without the required authorization, they may be liable for direct infringement. Service providers provide the server and the software to publish the musical works. Access providers provide the access to the Internet through online connection and accounts. Generally, as decided by US Courts in most cases, a service or access provider is not liable for direct infringement but may be liable for contributory infringement when they have knowledge that a musical work is protected and they are technically able to block the use of such content. The end user or account holder either listens to musical works in a streaming mode, or downloads the musical works commonly known as MP3 files into his computer. He is not liable provided that his acts fall within “fair use.” If the enduser records or saves the musical work in his phonorecord or CD or in his computer or other device, he must obtain an authorization. Such authorization is given by the transmitting organization, the content provider or the service provider who are likewise authorized or licensed by the copytright owner to allow recording of his musical works. In case the content or service provider is not authorized to transmit protected copyright works and is thus held liable for infringement, should the end-user be likewise held liable? This shall be further discussed in this paper.

15

Infringement of Copyright Laws. The key legal issue involve in downloading of music from the Internet is copyright infringement or the unauthorized use of copyrighted material in a manner that violates one of the original copyright owner’s exclusive rights such as the right to reproduce or perform the copyrighted work, or to make derivative works. [11] Copyright infringement in relation to transmission or downloading of music from the Internet was extensively discussed in the case of Napster. As a service provider, Napster provided a serachable database of all users of MP3 music files for which computers are at the same time connected to the Internet, allowing users to then seek out and download files from other users who are on the Internet at the same time. In effect, Napster created a temporary link to another computer and stayed connected during the downloading process. [12] In this case, the US Ninth Circuit Court gave three distinct types of infringement: direct, contributory, and vicarious. There is direct infringement if the act does not fall within “fair use” and the copyright owner’s exclusive rights are violated. The Court found Napster users directly infringed the copyright holder’s rights of reproduction and distribution. “Napster users who upload file names to the search index for others to copy violate plaintiff ’s distribution rights, while Napster users who download files containing copyrighted music violate plaintiff’s reproduction rights.” [13] There is contributory infringement on the part of Napster for encouraging and assisting its users to access and download MP3 music files. Contributory infringement is present when “one who, with knowledge of the infringing activity, induces, causes, or materially contributes to the infringing conduct of another.” [14]

The Court also held that Napster was potentially liable for vicarious infringement. The Court used the term vicarious in its broad sense and not in the limited context of employeremployee relationship. Vicarious liability in copyright infringement extends to a case where “defendant has the right and ability to supervise the infringing activity and also has a direct financial interest in such activity.”[15] Napster was found to have gained financial benefit “from revenues dependent upon increases in userbase,” [16] and Napster had the ability to supervise its users’ activities. Napster allowed its users to access MP3 files despite knowledge that authorization is required and despite having the technological means to prevent such access if done without the necessary authorization. While Napster was found liable by the Ninth Circuit Court, Grokster was absolved from any liability by the same court, although both have engaged in the same activity as service or access provider. In Grokster, the Court took the cognizance of the technology used by both defendants. Napster used the Fastrack network protocol while Grokster used the Gnutella protocol. Both protocols served the same end that is to enable Internet users to exchange music files. However, the Fastrack technology allowed file sharing through a “supernode” which would enable Napster to monitor the file sharing activities of its users; while the Gnutella technology did not have such a control device and allowed the direct interchange of files by its users. But in both cases, the Court held that Napster and Grokster users as direct infringers. Should Users be Liable for Direct Infringement? In the Napster case, the court held that Napster users are not fair users. Likewise, in the Grokster case, it was also held that users are liable for direct infringement. In Napster, the Ninth Circuit Court’s decision was based on the following grounds:

1. That the purpose and character of the use was not for personal use but commercial in nature. A user sending a file is not engaged in personal use when such file is distributed to another user who is anonymous. Napster users get something for free which they would ordinarily have to buy. 2. That there was wholesale copying of copyrighted works. There is fair use only if the protected work is used for sampling purposes, such as when only a portion of the work is copied; or for space-shifting purposes such as when a user downloads MP3 files in order to listen to music he already owns on audio CD or a portable player for his own private use. Napster users were allowed to download a full and free copy of the recording, which in turn, was shared and passed on to other users. 3. That the marketability of the copyrighted work is impaired. The fact that users may acquire copies of the works for free results to losss of sales for recording companies, which likewise necessarily harms the copyright holder’s right to royalty fees. Users not Specifically Identified. Although the court gave an objective analysis of fair use in its decision, Napster users were not adequately represented in court. Napster did interpose affirmative defenses by alleging in its answer that its users were engaged in fair use of copyrighted works by sampling and space-shifting. These defenses, however, seemed weak compared to the analysis given by the court when it cited in detail the factors involved in fair use and how these were violated. However, since not one Napster user was specifically named or identified, and considering that the main issue of the case is whether or not the issuance of an injunction is proper, being underrepresented was immaterial. The court’s decision in holding Napster

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

16

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

users liable for direct infringement gave basis to the finding that Napster was liable for contributory infringement because, as the court held, there can be no contributory infringement if there is no direct infringement. The court’s decision in holding users as direct infringers seemed rather unfair. Why not hold Napster as the direct infringer? The users or the persons who perform the act of downlooading music from the Internet are given the opportunity and given free access to perform such an act. When something is given for free, it is presumed that the giver or the person who allows access such as the service provider has the right or the authority to give it or to provide such service. Thus, it is the right and responsibility of the service provider to know whether or not a certain work is copyrighted or protected. The users who access a service provider’s website and uses such website to upload or download music files has a right to presume that the service provider has the authority to allow such access. Thus, it is the service provider who should be held as the direct infringers, especially Napster whose website which was purposely set up to provide its users access to MP3 music files. Particular Infringing Acts Cannot be Determined. Can users be held liable for infringement at all? In the Napster case, there are two types of users: (1) those who upload or allow their music files to be listened to by other users; and (2) those who download or listen to music files shared by other users. The persons who upload are presumed to have in their possession the hard copy known as the phonorecord or the compact disc (CD) of the music recording or have saved in their computer files or CDs a music recording. While persons who download search the website’s music data files, choose the title they wish to listen to and copy the recording into their hard disk or saves them in their own CD. At first glance, it may seem that the first type of user may be liable for infringement. However, it must be

noted that users who download may save music files and may also share such files with other users. Thus, “uploaders” may also be “downloaders,” and therefore difficult to distinguish which class should or should not be held liable for infringement. Time-Shifting/Space-Shifting. Another factor that should be considered is the concept of sharing music files. This must be analyzed in conjunction with the copyright holder’s right of public performance and the right of reproduction. Two acts are considered here: (1) the act of listening in a streaming mode; and (2) the act of copying or saving the music files in a computer hard disc or CD. When one listens in a streaming mode, there is a broadcasting or rending sounds that are immediately audible at the time the user accesses the music files. However, when the user merely copies or saves the music file into his computer hard disc or CD, without listening to the music, there is only a transmission of the music recording. As mentioned in Part I of this paper, and as described in Section 8 of the WIPO Treaty, public performance constitutes the making available to the public of their works in a way that the members of the public may access these works from a place and at a time individually chosen by them. In an explanatory note about the Treaty, WIPO stated that this covers ondemand, interactive communication throught the Internet. [17] Clearly, when a work is broadcast on the Internet and a user listens in streaming mode, there is public performance. However, it may be argued that when the user merely copies or saves the music files into a hard disc or CD, but does not listen to the music, there is merely a digital transmission of the sound recording and there is no public performance. It may be argued, further, that when a user copies or saves music files, he may listen to it at a later time. This is equivalent to timeshifting, which was held in Sony Corp.

v. Universal Studio (supra) as fair use.
[18]

“A communication is deemed public if it is intended for a number of persons, unless such persons form a clearly defined group and are interconnected personally by mutual relations or by a relationship to the organization of the communication.” [19] Thus, for liability to attach, the following requisites must concur: (1) a user or users, must be specifically named or identified; (2) he must be adequately classified as an “uploader” or one who has in his possession copyrighted music files and has intentionally and willfully transmitted such files via the Internet’ and (3) there must be proof that such user or users have knowledge or have been fully informed that musical works are copyrighted and proof that there is intent to share music recordings for commercial purposes. Suppression of Free Speech. In an Amicus Brief in support of the reversal of the ruling against Napster, the American Civil Liberties Union of Northern California, as Amici Curiae, claimed that the preliminary injunction is overboard and constitutes a prior restraint on constitutionally protected speech, based on the following grounds: 1. The court did not require pliantiffs to identify the copyrighted works but instead shifted such burden upon Napster. Thus, Napster had no choice but to prohibit the exchange of files even though some files were not copyrighted. This resulted in the needless suppression of protected speech; 2. By requiring the express permission of the copyright owner before any file is exchanged, the injunction “reverses the consttitutionally mandated burden to prove a particular speech is unprotected before it is suppressed, and thus imposes an unconstitutional prior restraint on protected speech”; Napster users

17

may not know whether or not a music file is copyrighted, which would deter them to exchange speech at all; 3. The injunction threatens the speech-enhancing decentralized nature of the Internet. “The Internet has achieved the most participatory marketplace of mass speech that the world has yet seen. xxx Court actions that enjoin online speech may indirectly affect the speech-enhancing architecture of the Internet.” Current Developments At present, the Recording Industry Association of America (RIAA) is actively pursuing a string of lawsuits against users or individuals who have Internet access accounts, and who have engaged in peer-to-peer file sharing. Some of these lawsuits, however, were dismissed based generally on grounds of insufficiency of the complaint for failure by RIAA to specifically identify particular infringing acts sufficient to establish probable cause to hold defendants liable for direct infringement and lack of evidentiary basis. Some pending cases have been challenged questioning the amount of damages alleging unconstitutionality on this ground. [20] However, RIAA continues to issue subpoenas and file lawsuits against hundreds of Internet users and thousands of service providers, and continues to achieve substantial settlement so far. [21] The entertainment industry in the United States is pushing Congress to approve a bill that could send thousands of Internet music and movie downloaders to jail, but the legislation faces opposition from groups that say it would unfairly punish consumers. The bill also would criminalize using a video recorder to copy films while they are still in the theater, and allow the Justice Department to file civil lawsuits against song-swappers. [22]

The Philippine Setting In the area involving issues of copyright infringement on digital music transmission, the Philippines is a neophyte as compared to the developments in the United States and Europe. There is only one statute, the Intellectual Property Code of 1998 (Republic Act 8293) that enforces intellectual property and copyright laws in the country. Most jurisprudence and litigations pending in Courts are those involving infringement of trademarks, trade names, patents and copyright of consumer and technological products. Jurisprudence on copyright infringement in digital music transmission is yet to be realized. There is at present a strong drive to enforce intellectual property laws with the formation of the Pilipinas AntiPiracy Team, composed of the National Bureau of Investigation (NBI), the Optical Media Board (OMB), the Philippine National Police (PNP), and the Business Software Alliance (BSA). The anti-piracy campaign is directed at trademark infringement and involves the confiscation of products bearing the labels of well-known international brands. In the case of copyright involving musicians, songwriters, and publishers, an organization known as the Filipino Songwriters, Composers, Authors and Publishers (FILSCAP) ensures that its members benefit from their copyrights. FILSCAP sees to it that public performance licenses and music royalties are adequately paid by music users like broadcasting companies, commercial establishments and telecommunication companies. It expects a rise in the earning potentials of composers and songwriters especially with music being used as cell phone ringtones, in mobile karaokes, and when digitalized compositions are being downloaded as full songs via the Internet. [23] With the developments in digital technology, the IPC is inadequate in protecting the rights of copyright

holders and vague on violations in the online medium. At present there are two pending bills in the House of Representatives that seek to reform the IPC. These bills, authored by Representatives Imee Marcos and Jose Clemente Salcedo, seek to give performers, record producers, and broadcasters the same right as authors of artistic and literary works. [24] Authorities are now holding consultations with concerned parties as a prerequisite to the drafting of a National Intellectual Property Policy Strategy which aims to outline bills needed to strengthen government and other bodies that protect and promote public awareness of intellectual property. [25] Conclusion At present, no individual user who has downloaded music from the Internet has been held liable for direct infringement. In the United States, although recording and movie industry groups, such as the Recording Industry Association of America (RIAA) and the Movie Producers Association of America (MPAA), are aggressively issuing subpoenas and filing lawsuits against individual users on the strength of the rulings in Napster and Grokster and under the Digital Millenium Copyrights Act (DMCA), no Internet user has been formally accused. It would be very difficult for the RIAA and the MPAA, though, to pursue these lawsuits primarily because of its limited capability to specifically identify these users and provide details of how, when or where the alleged infringement took place. Secondly, there are civic and business groups that are actively in defense of Internet user. Civic groups invoke the constitutionally protected right of free speech and expression while business groups especially those in the information technology have their business interests to protect. It seems, however, that all these legal actions have yielded favorable results
>> [37] Downloading Music

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

18

Computing
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

CORPORATE VIDEOCONFERENCING
By Christine A. Prado

I

n this age of modern technology, various communications in the field of education, medicine and health and even in business undertakings may be made through teleconferencing. As a consequence of high speed internet connectivity, personal video teleconference systems based on a webcam, personal computer system, software compression, and broadband internet connectivity has become more economical for the general public. It provides students an opportunity to learn by participating in a two-way communication program. It is an effective tool for telemedicine and telenursing applications with respect to diagnosis, consultations, transmission of medical images and others. It enables individuals from different locations to effectively conduct business transactions and meetings on short notice. What is teleconferencing? It may be said that teleconferencing is an interactive group communication through an electronic medium. It brings people together although they are in different locations. There are three types of teleconferencing, namely: First, videoconferencing, also known as video teleconferencing, which is a set of interactive telecommunication technologies which allows two or more locations to interact via two-way video and audio transmission simultaneously. Second, computer conferencing, which is the printedcommunication through keyboard materials.

Third, audio-conferencing-verbal communication through the telephone with the optional capacity for telewriting or telecopying. Indeed, teleconferencing is a highquality substitute to face-to-face (FTF) meetings. It has been found to be beneficial business undertakings and corporate governance. People who wouldn’t normally attend a distant FTF meeting can participate. Follow-up to earlier meetings can be done with relative ease and little expense. Socializing is minimal compared to an FTF meeting; therefore, meetings are shorter and more oriented to the primary purpose of the meeting. Some routine meetings are more effective since one can audio-conference from any location equipped with a telephone. Communication between the home office and field staff is maximized. Severe climate and/or unreliable transportation may necessitate teleconferencing. Participants are generally better prepared than for FTF meetings. It is particularly satisfactory for simple problem-solving, information exchange, and procedural tasks. Group members participate more equally in well-moderated teleconferences than an FTF meeting. However, other private corporations opt not to hold teleconferences because of technical failures with equipment (including connections that are not made), unsatisfactory for complex interpersonal communication (such as negotiation or bargaining), impersonal and less easy to create an atmosphere of group rapport, lack of participant familiarity with the equipment, the medium itself, and meeting skills, acoustical problems within the teleconferencing rooms,

difficulty in determining participant speaking order; frequently one person monopolizes the meeting, greater participant preparation time needed, informal, one-to-one, social interaction not possible. Board meetings Teleconferencing: Law Latest Jurisprudence by and

As technology significantly brings expediency and convenience with local and international undertakings, we are confronted with its admissibility in local courts with regards to the validity and legitimacy of cases such as in board meetings wherein the law requires that the directors or trustees and officers to be elected shall perform the duties enjoined on them by law and the bylaws of the corporation. Unless the articles of incorporation or the by-laws provide for a greater majority, a majority of the number of directors or trustees as fixed in the articles of incorporation shall constitute a quorum for the transaction of corporate business, and every decision of at least a majority of the directors or trustees present at a meeting at which there is a quorum shall be valid as a corporate act, except for the election of officers which shall require the vote of a majority of all the members of the board. As set in the case of Expertravel Tours versus the Court of Appeals, Korean Airlines, a foreign corporation doing business in the Philippines, through Atty. Aguinaldo, filed a complaint for the collection of sum of money against ETI. The case involved whether the board meeting held through videoconferencing was valid with corporate directors located in another country and a resident agent and

19

general manager located in the Philippines even without evidence to show its existence. Though the Supreme Court did not invalidate the board resolution passed through the said board meeting, the Court was not convinced that a meeting through videoconferencing indeed was held and that the resident agents and its general manager in the Philippines actually participated in the said meeting. The allegations failed to establish the identity of Atty. Aguinaldo as the corporation’s resident agent and was duly authorized to sign the verification and certification of nonforum shopping in behalf of the corporation. Antother was that the corporation nor members of the board meeting did not have a copy of the minutes of the said meeting negating the possibility that there was indeed a board meeting through videoconferencing that took place. Guidelines Promulgated by the Securities and Exchange Commission for the Use of Teleconferencing in Board Meetings Thus, the Securities and Exchange Commission issued Memorandum Circular No. 15 to set guidelines for board meetings of domestic and

foreign teleconferencing videoconferencing.

or

Absent these, it shall be presumed that the Director has chosen to physically attend the board meeting. At the meeting, the Secretary shall make a roll call and every director shall state their full name, location and confirm that he can completely and clearly hear the other directors, the fact that he has received all materials needed for the meeting, and specify the type of device used. After which, the Secretary will certify the existence of quorum. All participants are required to identify themselves before speaking or in objecting to a vote with regard to their discussion. Otherwise, it is the duty of the Secretary to specify the speaker. The Secretary shall require all directors in the meeting to sign the minutes to release all doubts on matters taken up during the meeting. Conclusion

The Secretary of the meeting has the responsibility to safeguard the integrity of the meeting, to find good equipment and facilities, to record the proceedings and prepare the minutes of the meeting, to store the tape recordings and other electronic mechanism used thereof as part of the corporate records. It shall be the duty of the Secretary to send out notices of the meeting to all directors as set in the corporate bylaws. The notice shall contain the inquiry with regard to the ability of a director to attend a particular meeting physically or through teleconferencing or videoconferencing, the contact numbers of the staff whom the director may get in touch with, the agenda of the meeting, and all necessary documents covering the meeting. In case teleconferencing or videoconferencing has been chosen, the director concerned shall notify the Secretary at least five days prior to the scheduled meeting. The latter, in turn, shall notify the other directors concerned, keep the records of the details and confirm and note the same as part of the corporate minutes.

The legal recognition of the SEC and the Supreme Court of Videoteleconferencing as an effective tool to pursue corporate functions is most welcome. Possibilities increase when the law embraces technology, and allow non-traditional avenues to achieve goals, including economic ones.

Jurisprudence in CyberLaw

INTERNET
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

CONFIDENTIALITY OF CASES
By Jaime N. Soriano

INVOLVING VIOLENCE AGAINST WOMEN AND CHILDREN

This section will be a regular feature of the journal to highlight significant cases decided in the Philippines and in foreign jurisdictions relating to information technology.

I
20

n an En Banc decision dated 19 September 2006 in the case entitled: “People of the Philippines vs. Melchor Cabalquinto“, G. R. No. 167693, the Supreme Court “resolved to refrain from posting in its Internet Web Page the full text of decisions in cases involving child sexual abuse” and declared that “. . .

henceforth, the Court shall withhold the real name of the victim-survivor and shall use fictitious initials instead to represent her. Likewise, the personal circumstances of the victims-survivors or any other information tending to establish or compromise their identities, as well those of their immediate family or household members, shall not be disclosed.” (italics supplied) The case was taken by the Supreme Court as an opportunity to adopt the

judicial policy in reply to a letter of a mother of a child abuse victim addressed to the Chief Justice expressing anxiety over the posting of full text decisions of the Supreme Court on its Internet Web Page. The mother argued “that confidentiality and the best interest of the child must prevail over public access to information and pleaded that her daughter’s case, as well as those of a similar nature, be excluded from the Web Page.“
>> [36] CyberLaw Jurisprudence

Telecommunications
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

WHEN THE P IN PRE-PAID MEANS PUNKED
By Michael Vernon M. Guerrero

“C

o n g r a t u l a t i o n’ s ! Pres.GMA’CHRTY FOUND.Ur Sim#have WON! W=680,000 Thousand DisDay 10/04/05,DTI PRMT#.0010 > 4 more info? Call now! Sec.LARRY C.AGUIRRE.” texted sender with phone number +639216727858 on 4 November 2005. Tempting as it may seem, a lot of questions come into mind, and they212 start with the spelling of “Congratulation’s!,” the grammar of “have WON!”, the inconsistency of “DisDay 10/04/05” and the actual date 4 November 2005, and the vagueness and implausibility of “DTI PRMT#.0010.” Then the questions continue to “Is it not a wastage of corporate assets if a charitable foundation would give out money to a certain person without any qualification, except that the latter is a SIM (Subscriber ’s Identification Module) holder?” or “Why would a non-mobile company give money to a bloke just for having a SIM number?” and “What political advantage can this text message give to ‘Pres. GMA?’ or this ‘Sec. Larry C. Aguirre’”? It is either a con artist one-peso investment, or a political destabilizer’s one-peso contribution. A pinch of cynicism exist to scrutinize the text message because of an earlier message was received by my wife allegedly from “SMART PADALA.” The text message, received 22 March 2005, reads “SMART PADALA: U won a nokia 7610 from our network. To claim your prize please call toll free no. 09282292317. DTI NCR permit #2838 series of 2005. God bless.” Three aspects of the message proved problematic, i.e. Smart Padala involves Overseas Filipino Workers (OFW) remittances from abroad to the Philippines through mobile accounts and my wife is not an OFW, but a senior law student as I am, to avail of the

Smart Padala service; another was the toll free no. 09282292317, which is a mobile phone number which is never toll free; and lastly, if Smart Communications would actually be giving away prizes of sorts, it would have sent it through the usual threedigit or four-digit numbers, where it sends account notifications and text spams/marketing offers. A call to a brother-in-law, who is an officer in Smart Communications, readily exposed the scam. Going back to the November text message involving the alleged GMA Charity Foundation, the text has been circulating even prior to November 2005. In August 2005, a certain person from Antipolo, Rizal even called up the texter’s number, and later posted a comment at the government’s dot-gov-dot-ph website. The comment reads: “I would just want to inquire about the text message that my brother got. It says that I won in a raffle by the GMA CHARITY FOUNDATION. What is this all about? Is this really true? Coz the amount they mentioned is quite big. We called up the number and we were told that they got the number from my service provider which is GLOBE. We called a certain ATTY. LARRY AGUIRRE and were told to call another person which is ATTY. MANUEL NANDING and he gave the address where we can go to give documents about us. #169 salcedo village, makati city. i just want to know if this is a valid promo coz they have a dti number (dti no. 00110). if not i want to let the government and the others

aware of this illegal operation. thank you and god bless!”1 The scam is similar to the scam reported by the Philippine Star on 16 June 2005. DFA Undersecretary for Migrant Workers’ Affairs Jose S. Brillantes said therein that the text messages name drop Bangko Sentral ng Pilipinas (BSP) Governor Rafael Buenaventura, and claim that the receiver has won two million Philippine pesos and has to remit 800 US dollars to be able to receive the prize money. The text message reads “Congrats your cell roaming no. had won P2 million during the electronic raffle drawn from the Central Bank of The Philippines. Call now Governor Rafael Buenaventura at this number: +639156907234,” according to Donnie Fetalino, Attaché and Communications Officer of the Philippine Embassy in Cairo. 2 Recently, the Department of Foreign Affairs (DFA) warned OFWs against a new text scam circulating in Canada. The Philippine Consulate General in Vancouver reported, resulting from the inquiry of two Filipinos as the veracity of the text message, that the text message reads: “This is an exclusive for OCWs and OFWs. Your roaming number was very lucky to receive $40,000 from CBP This is a new . project of GMA and Western Union.” The Consulate General contacted Western Union to verify the authenticity of the message and the bank informed the mission that there was no such promotion or project. 3 Simply, the would-be victim receives a text message announcing he has won in a raffle sponsored by BSP (or Pagcor or the Philippine Charity Sweepstakes Office) with prizes ranging from one million pesos to two million pesos. If the victim responds and calls a

21

telephone number given by the sender, an alleged Governor Buenaventura will reply. The victim will be instructed to first pay a ten-percent withholding tax before he can claim his prize.4 Calling the mobile numbers involved after a certain period of time would solicit network notification that “The number you have dialed is either unattended or out of the coverage area. Please try your call later.” Such fact is quite predictable as that the mobile numbers used in the scam would be using pre-paid SIMs. In the November text message, for example, the sender used a +63921 number; i.e. 63 is the Philippines’ country code, 921 involves Smart Buddy subscribers – a pre-paid class of mobile phone subscribers. For a measly sum of less than four United States Dollars (US$4) – the cost of the prepaid SIM being one hundred ninety (P190) pesos only – and the anonymity that is maintained in purchasing the pre-paid SIM, to perpetuate fraud in this manner would, for some, be lucrative. The scam works in the same manner as how an “advance fee fraud” works.5 It is the SMS-based equivalent of the Nigerian money transfer fraud, Nigerian scam or 419 scam, however it may be called. Herein, the con artist would send out text messages similar to those above. If any recipient would express his interest by texting back and/ or inquiring into the details of the promotion, the sender would cause the recipient to produce certain amounts of money – usually 10% of the total amount – for the sender to facilitate the release of the prize money or goods. One way of sending the amounts is through bank deposit or transfers. This method of payment, however, is risky to the con artist inasmuch as certain documents need to be presented by the con artist-bank account holder to the bank. Still, one victim was reported to have fallen to such scam. The victim, who comes from the province, said he was duped into depositing twenty thousand pesos

(P20,000), as tax for prize money, to a certain bank account number.6 The recipient could also cause the transfer of money by sending the PIN of pre-paid cards, as to credit loads, to the sender’s mobile phone. In a case reported by the Inquirer, “Victims are told to send the PIN codes of newly-purchased cellphone cards to join a raffle and get a chance to win 1.5 million pesos to 2.5 million pesos. A victim who complained to BSP admitted that he bought 3,000 pesos worth of pre-paid cards hoping it would increase his chances of winning. Needless to say, unsuspecting victims who divulged their PIN codes were not aware that the very same pre-paid cards were being used by the scam artists to send text messages to other would-be preys.” 7 Further, the sender can extend his fraudulent scheme by claiming only eight out of the ten PINs actually sent, for example, were ever received by him, or that two or three of the PINs sent do not work and that the recipient should substitute those PINs for him to actually facilitate the release of the prize. No amount of pre-paid credit loads or bank deposits would bring the sender to facilitate the release of the prize, as there is no actual prize existing. The con artist can dispose of his pre-paid SIM if it is apparent that no one else of potential victims would be interested in falling for the scam, or if he/she sensed that law enforcers, if ever, would be on his trail. Although the scam may be reported to the Anti-Money Laundering Council, the Philippine National Police, the National Bureau of investigation and the National Telecommunications Commission for their appropriate investigation and action, the capture of the fraudster would prove to be difficult as there are no records to determine the person behind the prepaid number used in the scam. Unlike in post-paid accounts, personal or

company ID cards, proof of billing, and other documents are necessary to establish capacity to pay pre-existing obligations. These documents form part of the records of a post-paid account. Although at least 200 million text or SMS messages are sent every day in the Philippines, – more than two for every Filipino and earns the country its reputation as the world’s SMS capital – Filipinos still do not have to give their identities when buying pre-paid phone cards.8 No document is required in purchasing pre-paid SIM. It can be bought off the shelf. There is no limitation from buying three SIMs from the three major mobile carriers in the Philippines, i.e. in alphabetical order, Globe, Smart, and Sun, even if the person purchasing has only one set of mobile phone. “The main attraction of pre-paid is that these are low-income countries and subscribers want to control their spending,” said Karen Ang, a Bangkok-based telecoms analyst for Citigroup. “But being able to buy a pre-paid card without giving up a lot of information about yourself is also an attraction.” 9 Text-based fraud can be reduced if regulation, not ban, of pre-paid SIM purchase is enforced. In other parts of the Asia-Pacific region, where similar incidents have occurred, governments have set up stringent requirements as to their registration. Last year, Taiwan, fed up with con-men using the cover of anonymity to separate gullible people from their money with scams ranging from simple credit-card tricks to bogus kidnappings, sought to identify pre-paid phone users. Thailand moved to register users of pre-paid phones in May, describing it as part of efforts to stop terrorists using mobile phones to set off bombs. Malaysia ordered phone companies to register all holders of pre-paid services after text-messaging gossip-mongers hit a raw nerve with false talk that the premier’s ailing wife had died. Shanghai, China’s richest city with 20 million people, required registration of pre-paid users last September to tackle text-message fraud.10 Most recently, and effective 1 November 2005, Singapore has

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

22

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

required new and existing prepaid card users to register their numbers. 11 Fraud through mobile phone text has been reported in the Philippines since 2003; and in light of the possibilities of text messaging in sowing wild rumors, perpetrating crime and possibly, triggering bombs; it is a big question why the Philippine government has not pursued any action towards the registration of pre-paid numbers. Unlike prior measure to regulate text messaging in itself – such as to regulation of content, and matters of taxation – that were subject to stiff opposition by consumers, a regulation of pre-paid numbers – not with the Government, but with the respective mobile phone service providers – has not been made, even if there is compulsive proof of the need to regulate such. The Philippines chronically lags behind its neighbors, and the matters involving consumer convenience and fraud prevention are not exempted from said statement. The Department of Trade Industry (DTI) permit numbers do not serve as a deterrent against consumer fraud as no one is aware of the official list of permits actually issued by the DTI as to promotions. There is no repository, like in the Internet, to check whether a promotion being floated to

the public is what it purports itself to be, or if State-sanctioned. The Government should provide for the prevention of fraud, not just to prosecute it when the fraudster make the mistake of making himself identifiable. Further, the Philippines boasts of its resolve to root out terrorism, but it has not, as apparent as it has been identified by its neighboring countries, there is no regulation that would reduce the mobility of malefactors / terrorists through the use of communication tools, or prevent malefactors from using communication devices as triggers for indiscriminate attacks against the civilian population. Its gestures towards anti-terrorism are confined in grand strokes towards a defective national legislation, intentionally oblivious to simple suppletory solutions such as that of registering pre-paid numbers. Until the simple regulation would occur, the “P” in pre-paid would more likely lean towards the possibility of being punked.
Endnotes 1 Gov.ph Home Forum. www.gov.ph, the Official Government Portal of the Republic

of the Philippines. Retrieved 4 November 2005. <http:// w w w. g o v. p h / f o r u m / thread.asp?rootID=68812&catID=5> 2 DFA warns Filipinos Abroad of Text Scam using Central Bank. 16 June 2005. Philippine Headline News Online. Retrieved 30 October 2005. <http://www.newsflash.org/2004/ 02/be/be003139.htm> 3 DFA warns OFWs on text scam in Canada. ABS-CBN News. Retrieved 30 November 2005. <http:// w w w. a b s - c b n n e w s . c o m / storypage.aspx?StoryId=22858> 4 Giron, Marietta Velasco. “Beware of text scams and their variants.” 9 July 2003. The Consumer, Inquirer News Service. Retrieved 4 November 2005. <http://www.inq7.net/lif/2003/jul/ 10/lif_32-1.htm> 5 See Dot.Con article, Philippine IT Law Journal, Vol. 2, No. 2. 6 Giron, Marietta Velasco. “Beware of text scams and their variants.” Ibid. 7 Ibid. 8 “Asia wants SMS genie back in its bottle.” 5 September 2005. Sydney Morning Herald. Retrieved 30 October 2005. <http:// www.smh.com.au/news/World/ Asia-wants-SMS-genie-back-in-itsbottle/2005/09/05/ 1125772446037.html> 9 Ibid. 10 Ibid. 11 Singapore to register pre-paid SIM cards. Philippine Star. 23 October 2005, pp. 1, 4.

MOST VISITED PHILIPPINE DAILIES ANDTV NETWORKS IN THE INTERNET
By Jaime N. Soriano

I

n November 2006, CNN reported that the world wide web reached a new and mammoth milestone with 100 million web sites during the month of October 2006 judging from the report of Netcraft, an Internet monitoring company that has tracked Web growth since 1995. Netcraft in its report noted that in “November 2006 survey we received responses from 101,435,253 sites, up from 97.9 million sites last month. The 100 million site milestone caps an extraordinary year in which the Internet has already added 27.4 million sites,

easily topping the previous full-year growth record of 17 million from 2005. The Internet has doubled in size since May 2004, when the survey hit 50 million.” If you are wondering how the major newspapers in the Philippine ranks in cyberspace as of today with respect to the number of visits of their on-line content by the netizens, below are their rank site as reported, monitored by, and using the toolbar of Netcraft. This is how they fared with their global ranking in parenthesis:

1st - Philippine Daily Inquirer (2,907); 2nd - Sunstar (3,634); 3rd - Philippine Star (8,786); 4th - Manila Bulletin (14,841); 5th - Manila Times (20,442); 6th - Business World (31,571); 7th - Malaya (32,830); 8th -Abante (49,879); 9th - Journal Publications (50,744); 10th - Manila Standard Today (55,316); 11th Abante Tonite (96,725); and, 12th Visayan Daily Star (214,902) And if you are also wondering which among the newspapers in the world rank first in terms of net clicks, it is the
>> [37] Most Visited Dailies

23

Computing

YOUR IDENTITY IN A COLORED PRINTER PRINTOUT
By Michael Vernon M. Guerrero

I
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

Identity in documents t has been some time since the bygone era of the typewriter. If one can still remember, the source of a typewritten document may be identified by fingerprint impressions on the paper to identify who handled the paper, by the distinct flaws of the typewriter’s typeface to identify the usual user of such specific typewriter, or both. These methods of identification were useful in identifying the principals in the commission of fraud, among other crimes. On the other hand, these methods can also be used in identifying the origins or authors of underground and prohibited self-published literature, whether under a repressive government regime or not. The forensic means, as said, can be used for both legitimate and illegitimate ends, but the consolation remains that the mechanical flaws in a certain typewriter were not made deliberately by the typewriter manufacturer to allow the identification of its ownerpossessor-user. Presently, with the proliferation of lowcost colored printers, and the declining cost of owning a colored laser printer, it is not uncommon that some counterfeiters try to forge legal tender through the use of colored printing technology, and to utter the printouts as money thereafter. Colored laser printers, combined with a reliable scanner, can also replicate other legal or commercial documents, and thus allow the forger to pass the printouts as the genuine documents. Researchers at Purdue University in West Lafayette, Indiana, United States of America, for one, have developed a technique to trace a document, i.e. by analyzing a document to identify

characteristics that are unique for each printer, and by designing printers to purposely embed individualized characteristics in documents. They detect, through software, slight variations in printed characters, which they call "intrinsic signatures," revealing subtle differences from one printer model to another. 1 Printer codes Another manner of detecting which printer a printout originated was reported on 26 October 2004, in the magazine PC World with an article therein entitled “Dutch track counterfeits via printer serial numbers.” The article pointed out that every printout contains a hidden code that contains information about the computer printer that it was printed on. Even if modern printers are of different brands, their print engines are made by only a few companies, such as Toshiba, Canon and Ricoh; and that it is the engine that has its own identity that can be traced. 2 Most consumers are unaware of this feature until recently, but most government agencies are aware of this for some time. Seth Schoen, a technologist who led the Electronic Frontier Foundation's (EFF) research, said he had seen the coding on documents produced by printers that were at least a decade old. 3 The built-in security is composed of dots. “The dots are yellow, less than one millimeter in diameter, and are typically repeated over each page of a document. In order to see the pattern, one needs a blue light, a magnifying glass, or a microscope,”4 Schoen revealed. The pattern indicates a unique number that is printed on every color page. The number determines to what country a specific

printer has been delivered, and to what dealer. The dealer then can lead investigators to the local computer store where the printer was sold. 5 The EFF has cracked the codes of a particular line of Xerox printers but has observed similar marking in Hewlett Packard (HP) printers, among others. EFF looked at printer output under a blue light, and found yellow dot markings in Brother HL-4200CN printer; Canon CLC 1000, CLC 2400, CLC 4000, Color imageRUNNER C3100CN, Color imageRUNNER C3200, and Color imageRUNNER C3220 printers; Dell 3000cn, 3100cn, and 5100cn printers; Epson AcuLaser C900, C1100, C1500, and C1900 printers; HP Color Laserjet 1500l, 2500, 2500n, 2550l, 2550n, 2600n, 2680, 2840, 3500, 3500n, 3600dn, 3700, 3700dn, 3700n, 4600, 4600dn, 4600hdn, 4600n, 4650, 4650dn, 4650dtn, 5100cn, 5500, 5500atn, 5500dn, 5500hdn, 5550, 5550dtn, 9500 printers; Konica/Minolta Bizhub C350, CF1501, Colorforce 8050, Desklaser 2200, DialtaColor CF 2001, Ikon CPP500E, Magicolor 2210, Magicolor 2300 DL, Magicolor 2430 DL, Magicolor 3300, Magicolor 7300 printers; Kyocera FS-C5016N printer; Lanier LD238C, and LP125cx/ LP126cn printers; Lexmark C510, C720, and C912 printers; Ricoh Aficio CL 3000, Aficio CL 6010, Aficio CL 7000, and AP 206 printers; Savin C3210 and CLP35 printers; Tektronix eStudio 3511 printer; Xerox DocuColor 12, DocuColor 40, DocuColor 2045, DocuColor 6060, WorkCentre M24. WorkCenter Pro 40, and WorkCenter Pro C2636 printers. On the other hand, the press report that Epson AcuLaser C1100 printer and all models of Xerox WorkCentre Pro print tracking codes.

24

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

Lastly, the manufacturer admitted that the following printers print tracking codes: Tektronix eStudio 210c, eStudio 310c, eStudio 311c, eStudio 211c, eStudio 2100c, eStudio 3100c, FC15i, FC15, FC22i, FC22, FC25Pi, FC25P FC70, printers; and Xerox , DocuColor 2000, and DocuColor 6060 printers. 6 The United States Secret Service acknowledged that the markings but played down its use for invading privacy. Agency spokesman Eric Zahren announced that the markings merely serve as “a countermeasure to prevent illegal activity specific to counterfeiting,” and " to protect our currency and to protect people's hardearned money." 7 On the other hand, EFF Senior Staff Attorney Lee Tien noted that "Underground democracy movements that produce political or religious pamphlets and flyers, like the Russian samizdat of the 1980s, will always need the anonymity of simple paper documents, but this technology makes it easier for governments to find dissenters, Even worse, it shows how the government and private industry make backroom deals to weaken our privacy by compromising everyday equipment like printers." 8 Right of privacy Privacy is the ability of an individual or group to stop information about themselves from becoming known to people other than those they choose to give the information to. The right against unsanctioned intrusion of privacy by the government, corporations or individuals is part of many countries' laws, and in some cases, constitutions (such as France's Declaration of the Rights of Man and of the Citizen). 9 Further, the Universal Declaration of Human Rights, in article 12, states that “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.”

In the Philippines, on the other hand, in the landmark case of Morfe v. Mutuc [130 Phil. 415 (1968), 22 SCRA 424], the Philippine Supreme Court, speaking through then Mr. Justice Fernando, stated that “The right to privacy is constitutionally protected. The right to privacy as such is accorded recognition independently of its identification with liberty; in itself, it is fully deserving of constitutional protection. The language of Prof. Emerson is particularly apt: ‘The concept of limited government has always included the idea that governmental powers stop short of certain intrusions into the personal life of the citizen. This is indeed one of the basic distinctions between absolute and limited government. Ultimate and pervasive control of the individual, in all aspects of his life, is the hallmark of the absolute state. In contrast, a system of limited government safeguards a private sector, which belongs to the individual, firmly distinguishing it from the public sector, which the state can control. Protection of this private sector —protection, in other words, of the dignity and integrity of the individual —has become increasingly important as modern society has developed. All the forces of technological age — industrialization, urbanization, and organization —operate to narrow the area of privacy and facilitate intrusion into it. In modern terms, the capacity to maintain and support this enclave of private life marks the difference between a democratic and a totalitarian society.’" 10 Consumer concerns Identification of the printer origin of a colored printout ultimate points to the identification of the owner of the printer. The means to identify a felon through certain encrypted codes in a printed output may be said to be legitimate, but the same means may

serve as a prior restraint against any other person from airing criticisms or other utterances against entities that may have the propensity to resort to extra-legal remedies to suppress such expression. Truly, although it may be clear that the means was in furtherance of an important government interest in the United States – and parallel to the government interest of other countries relating to counterfeit notes, i.e. including the Philippines – and that said interest is primarily unrelated to the suppression of freedom of expression, there may be controversy whether the incidental restriction on the freedom of expression is no greater than is essential to the furtherance of that interest. It may be contended that the government interest, sought to be promoted, can be achieved by means other than the suppression of freedom of expression. 11 By the way things are, one should be printing his legitimate criticisms against known political personalities in some other printer that does not print the encrypted yellow dots. On the other hand, leaving consumers in the dark as to marks that identify device purchasers is an insidious means to achieve a certain purpose without regard to its pregnant potential for abuse. Its continued practice, further, is contradictory to the current trend where sellers provide privacy terms in their products, to make the consumer aware of the pertinent personal information the latter is willing to divulge. Such insidious practice divests an ordinary person from consciously assuming risks – such as those made with the use of computers and mobile phones – and from limiting liabilities for ambiguous acts – such as currency printouts for a school report. Lastly, the words of EFF Senior Staff Attorney Lee Tien ring true when he said that "it shows that the government and private industry make backroom deals to weaken our privacy by compromising everyday equipment like printers. The logical next question is: what other deals have been or are being made to ensure that our

25

technology rats on us?" 12 Just imagine the possibility and effects of encrypted marks on digital photography and videography, if government would pursue such measure for a supposedly legitimate government interest. Conclusion The Consumer Act of the Philippines, promulgated on 13 April 1992, does not contain consumer protection as to privacy issues, although the powers of the National Consumer Affairs Commission include that which recommends new policies and legislation or amendments to existing ones, 13 i.e. pertaining to consumer protection. The Philippines has not pursued a path somehow oriented towards the protection of privacy and transborder flows of personal data – such as those embodied in the guidelines promulgated by the Organization for Economic Cooperation and Development (OECD), circa 1980 – or a path parallel to the initiatives of the United States, ironically as to this article, through its Federal Trade Commission and Department of Commerce, as to fair information practices. The Philippine government should now be addressing, as it should have had before, advanced consumer issues besides those directly related to usual items in store shelves. It cannot actively indulge itself in techno-rhetoric while being complacently backward in its policies as to matters of technology.
Endnotes 1 De Vries, Wilbert. “Dutch track counterfeits via printer serial numbers” WebWereld Netherlands. 26 October 2004, PC World | HTML Developer's Guide | Dutch track counterfeits via printer serial numbers PC World, © 2005 IDG Communications. Retrieved 20 October 2005. <http://www.pcworld.idg.com.au/index.php/ id;1002274598> Ibid. Musgrove, Mike. "Sleuths Crack Tracking Code Discovered in Color Printers," 19 October 2005. Washington Post Company. Retrieved 21 October 2005. <http://www.washingtonpost.com/wp-dyn/ content/article/2005/10/18/AR2005101801663.htm> Secret Code in Color Printers Lets Government Track You: Tiny Dots Show Where and When You Made Your Print 17 October 2005, EFF Breaking News: Electronic Frontier Foundation. Retrieved 21 October 2005. <http://www.eff.org/news/archives/ 2005_10.php#004063> De Vries, Wilbert. “Dutch track counterfeits via printer serial numbers”. Ibid. List of Printers Which Do or Don't Print Tracking Dots. Electronic Frontier Foundation. Retrieved 21 October 2005.<http:// www.eff.org/Privacy/printers/list.php> Musgrove, Mike. "Sleuths Crack Tracking Code Discovered in Color Printers," Ibid. Secret Code in Color Printers Lets Government Track You. Ibid. Privacy. Wikipedia, the free encyclopedia. Retrieved 25 October 2005. <http://en.wikipedia.org/wiki/Privacy> See also Griswold v. Connecticut, 381 U.S. 479 (1965) as to U.S. Supreme Court declaration regarding the right to privacy. See Social Weather Station vs. Comelec. GR 147571, 5 May 2001, citing U.S. vs. O’Brien, 391 US 365, as to the O’Brien test. Secret Code in Color Printers Lets Government Track You. Ibid. Article 153 (b), Republic Act 7394, The Consumer Act of the Philippines

Illustration of the encrypted dots
The Electronic Frontier Foundation (EFF) presented, in line of its Machine Identification Code Technology project, explained the manner of reading the forensic tracking codes in a Xerox DocuColor color laser printout, in the following images. The information is the result of research by Robert Lee, Seth Schoen, Patrick Murphy, Joel Alwen, and Andrew "bunnie" Huang. The forensic dots are not usually visible to the naked eye under white light because of their limited contrast with the background. They can be made visible by magnification (using a magnifying glass or microscope), and/or by illuminating the page with blue instead of white light. Pure blue light causes the yellow dots to appear black, such as in the image immediately below, which is an image of one repetition of the dot grid from the same Xerox DocuColor 12 page, magnified 10x and photographed by the QX5 microscope under illumination from a Photon blue LED flashlight. The illumination is from the lower right; to the upper and lower left of the image.

2 3

4

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

5 6

Overlaying the black dots in the microscope image with larger yellow dots for greater visibility (as a schematic representation of the relative position of the dots, through the use computer graphics software, the sample printout's marks look like the following:

7 8 9 10 11 12 13

26

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

Contributions are Welcome
Explanatory text were added to show the significance of the dots.

T
The topmost row and leftmost column are a parity row and column for error correction. They help verify that the forensic information has been read accurately (and, if a single dot has been read incorrectly, to identify the location of the error). The rows and columns all have odd parity, i.e. every column contains an odd number of dots, and every row (except the topmost row) contains an odd number of dots. Each column is read top-to-bottom as a single byte of seven bits (omitting the first parity bit); the bytes are then read right-to-left. The columns (numbered herein from left to right) have the following meanings: 15: unknown (often zero; constant for each individual printer; may convey some non-user-visible fact about the printer's model or configuration) 14, 13, 12, 11: printer serial number in binary-coded-decimal, two digits per byte (constant for each individual printer; see below) 10: separator (typically all ones; does not appear to code information) 9: unused 8: year that page was printed (without century; 2005 is coded as 5) 7: month that page was printed 6: day that page was printed 5: hour that page was printed (may be UTC time zone, or may be set inaccurately within printer) 4, 3: unused 2: minute that page was printed 1: row parity bit (set to guarantee an odd number of dots present per row) The printer serial number is a decimal number of six or eight digits; these digits are coded two at a time in columns 14, 13, 12, and 11 (or possibly just 13, 12, and 11); for instance, the serial number 00654321 would be coded with column values 00, 65, 43, and 21.
For a better view of the images and to find out more about how to detect the dots, see http://www.eff.org/Privacy/printers/docucolor/. As EFF is still working on cracking the codes from other printers, it needs the public's help. To find out more on how to make test pages to be included in EFF’s research, see http://www.eff.org/Privacy/printers/wp.php#testsheets.

he Philippine IT Law Journal welcomes the submission of contributions with a view to publication, which should be sent to: The Board of Editors The Philippine Quarterly IT Law Journal Arellano University School of Law Taft Avenue, corner Menlo Street Pasay City 1300 Philippines Tels. (2) 404-3089 to 91 Fax. (2) 521-4691 eMail: itlawjournal@arellanolaw.net

as should all correspondence, books for review, orders and other communications. The Board of Editors will only consider material which complies with the following: 1. The submission is an original, unpublished work which is not being submitted for publication elsewhere. The manuscript must be typed, double-spaced, on one side only of a uniform sized paper, and be accompanied by the text on floppy disk in a recognized software. Footnotes must be numbered consecutively throughout the article. Authors may use graphs, tables, figures, or mathematics only when its application is necessary for achieving the stated objective of the paper. When mathematics is used, the necessity for doing so should be explained, and the major steps in the argument and the conclusions made intelligible to a nonmathematical reader.

2.

3. 4.

Authors are asked to refer to a recent issue of the Philippine IT Law Journal for style. More detailed guidance will be sent on request. Authors are encouraged to carefully edit their own works.

27

Computing

DOT.CON
By Michael Vernon M. Guerrero

I
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

nternet fraud may use e-mail, chat rooms, websites and message boards to present solicitations to possible victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions. 1 Credit Card Fraud Credit Card Fraud is the most common of Internet fraud. Information used to pursue the same may be acquired from retailers, whether online or offline; from companies’ databases which have been compromised; from schemes like phishing; etc. Using credit cards online is inherently insecure, as information acquired in “secure transactions” are decrypted into plain text for processing. 2 Still, some would argue that the safest way to purchase items via the Internet is by credit card because one can often dispute the charges if something is wrong.3 Prevention. 1. Make sure you are purchasing merchandise from a reputable source. Do not judge a person/ company by their web sites. Just because an individual or company has a professional-looking web site does not mean it is legitimate. Web sites can be created in just a few days; and after a short period of taking money, a site can vanish without a trace. Do your homework on the individual or company to ensure that they are legitimate. Check out other web sites regarding the person/ company you plan to transact. 2. Try to obtain a physical address rather than merely a post office box and a phone number, call the seller to see if the number is

3.

4.

5.

6.

correct and working. Check with the Better Business Bureau from the seller’s area. Be cautious when dealing with individuals/ companies from outside your own country. Send the potential seller e-mail to see if they have an active e-mail address and be wary of sellers who use free e-mail services where a credit card was not required to open the account. Consider not purchasing from sellers who would not provide you with this type of information. Do not give out your credit card number(s) online unless the site is a secure and reputable site. Do not trust a site just because it claims to be secure. Sometimes a tiny icon of a padlock appears to symbolize a higher level of security to transmit data. This icon is not a guarantee of a secure site, but might provide you some assurance. Still, before using the site, check out the security/ encryption software it uses. Make sure the transaction is secure when you electronically send your credit card numbers. Be cautious when responding to special offers (especially through unsolicited e-mail). You should also keep a list of all your credit cards and account information along with the card issuer’s contact information. If anything looks suspicious or you lose your credit card(s) you should contact the card issuer immediately. 4

of the Nigerian Criminal Code that it violates), is a fraudulent scheme to extract money from victims after making them believe they will get an immense fortune. Victims are requested to pay an upfront fee before their purported fortune is released.5 Origin. Originally known as the “Spanish Prisoner Letter”, the scam is a confidence game dating back to 1588. In its original form, the con artist tells his victim (the mark) that he is in correspondence with a wealthy person of high estate who has been imprisoned in Spain under a false identity. The alleged prisoner cannot reveal his identity without serious repercussions, and thus supposedly rely on the con artist to raise money to secure his release. The con artist offers to let the mark supply some of the money, with a promise that he will be rewarded generously when the prisoner returns both financially and by being married to the prisoner’s beautiful daughter. However, once the mark has turned over his money, he learns that further difficulties have arisen, requiring more money, until the mark is cleaned out and the game ends.6 The association with Nigeria was due to the massive proliferation of such confidence tricks from that since the mid-eighties. In the latter form, the schemers contacted mainly heads of companies and church officials through ordinary postal mail. The use of e-mail spam, instant messaging, and even text messaging for the initial contacts has led to other persons also being targeted, as the cost to the scammers to make initial contact is much lower.7 The Nigerian Money Transfer Fraud operates in the following manner: The potential victim receives a letter or fax

Advance Fee Fraud Advance fee fraud (the Nigerian money transfer fraud, Nigerian scam or 419 scam after the relevant section

28

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

from an alleged “official” representing a foreign government or agency. An offer is made to transfer millions of dollars in “over invoiced contract” funds into the potential victim’s personal bank account. The potential victim is encouraged to travel overseas to complete the transaction; is requested to provide blank company letterhead forms, banking account information, telephone/fax numbers. The potential victim receives numerous documents with official looking stamps, seals and logo testifying to the authenticity of the proposal (electronic documents over Internet). Eventually potential victim must provide up-front or advance fees for various taxes, attorney fees, transaction fees or bribes. 8 The original medium for this scam was through mailers, it was in the late 1990s that the Internet was extensively used for the purpose. Variance. One variant involves an alleged lawyer-con artist, representing the estate of some long-lost relative of the potential victim that the latter never knew he or she had (as the potential victim’s surname will be inserted into the e-mail message). The con artist claims to have gone through a lot of trouble to find the victim in order to give him or her a share of the millions of dollars available if the potential victim will forward his or her bank account information to the con artist.
9

counterfeit check.

10

ready for payment. However, by virtue of our position as civil servants and members of this panel, we cannot acquire this money in our names. I have therefore, been delegated as a matter of trust by my colleagues of the panel to look for an overseas partner into whose account we would transfer the sum of us$21,320,000.00(twenty one million, three hundred and twenty thousand U.S dollars). Hence we are writing you this letter. We have agreed to share the money thus; 1. 20% for the account owner 2. 70% for us (the officials) 3. 10% to be used in settling taxation and all local and foreign expenses. It is from the 70% that we wish to commence the importation business. Please note that this transaction is 100% safe and we hope to commence the transfer latest seven (7) banking days from the date of the receipt of the following information by Tel/Fax; 234-17740449, your company’s signed, and stamped letterhead paper the above information will enable us write letters of claim and job description respectively. This way we will use your company’s name to apply for payment and re-award the contract in your company’s name. We are looking forward to doing this business with you and solicit your confidentiality in this transaction. Please acknowledge the receipt of this letter using the above Tel/fax numbers. I will send you detailed information of this pending project when I have heard from you. Yours faithfully, Dr. Clement Okon Note; please quote this reference number (ve/s/09/99) in all your responses.14

Another variant pretends to be a “winning notification” from a lottery company, requesting payment in advance to collect the sum that the potential victim has “won”.11 This variant is prevalent in the Philippines or against Filipinos12 through SMS text messaging. Other forms of 4-1-9 schemes include: c.o.d. of goods or services, real estate ventures, purchases of crude oil at reduced prices, beneficiary of a will, recipient of an award and paper currency conversion.13 Example. Request for urgent business relationship First, I must solicit your strictest confidence in this transaction. This is by virtue of its nature as being utterly confidential and ‘Top Secret’. I am sure and have confidence of your ability and reliability to prosecute a transaction of this great magnitude involving a pending transaction requiring maximum confidence. We are top official of the federal government contract review panel who are interested in importation of goods into our country with funds which are presently trapped in Nigeria. In order to commence this business we solicit your assistance to enable us to transfer into your account the said trapped funds. The source of this fund is as follows; during the last military regime here in Nigeria, the government officials set up companies and awarded themselves contracts which were grossly over-invoiced in various ministries. The present civilian government set up a contract review panel and we have identified a lot of inflated contract funds which are presently floating in the central bank of Nigeria

Another variant involves the offers of con artists to buy some expensive item which the potential victim has advertised, by official, certified, bank or cashier’s check. The check will have an “accidentally” or mutually agreed higher value than the price of the item, so the con artist can ask the victim to wire the extra money to some third party as soon as the check clears. The check typically clears after one or two days, but the fact that it is counterfeit is not detected until several days or weeks later, by which time the victim has sent the item and the “additional money” to the con artist and his representative. Most banks will hold the victim accountable for the value of the

29

Prevention. 1. Be skeptical of individuals representing themselves as Nigerian or foreign government officials asking for your help in placing large sums of money in overseas bank accounts. Be skeptical also of entities offering prizes that require you to shell out money or any equivalent to allow the processing of your winnings, among others. 2. Do not believe the promise of large sums of money for your cooperation. 3. Guard your account information carefully. 15 Phishing One of the popular fraudulent practices being done online today is “phishing.” Phishing (also “carding” and “spoofing”) is “a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message.” 16 Phishing attacks use both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. 17 Phishing is the art of getting personal information, usually in the form of usernames and passwords, from individuals. It is also a form of Social Engineering which is defined as “the art and science of getting people to comply to your wishes.” 18 Fraudsters behind the fishing use spam messages masquerading as banks or online payment facilities. They also generate pop-up messages – through a website or through certain software that was installed related to the service – that claims to be from the a business organization that one usually deals with. The message may ask one to “update,” “validate,” or “confirm” your account information. Some phishing emails threaten a dire consequence if one does not respond. 19 Some

fraudsters place the text of a legitimate site link in the email but actually links to their own fake site. The fraudster’s fake website replicates the legitimate web site as to its code and graphics, completely fooling a victim in navigating through a scam site. The scams rely more on persuasive psychological trickery than on technology. 20 The classic phishing scams seem to recur with little variation, such as “Your account is about to expire,” the sender of the email warns. “Click on the link and resubmit your credit card information to avoid any loss of service.” 21 The message may also provide the following messages: “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity”; or “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.” 22 Phishing may also be a means for a fraudster to commit identity theft. Origin. The term “phishing” arose from the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords. 23 It was coined by crackers attempting to steal AOL accounts during the mid 1990s. A cracker would mimic an AOL staff member then would send a message entitled, for example, “verify your account” or “confirm billing information”, to acquire the AOL’s user ’s password, among other information, so as to allow the former to use the AOL account for the former’s benefit or other criminal acts.
24

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

losing money because of phishing attacks. Victims said their banks and credit card companies took the biggest hits. Victims recovered 87 percent of their funds. Major U.S. Internet service providers reported 150 to 200 uniquely identifiable phishing attacks against their brands. Pay Pal and eBay are the top spoofed sites. Citibank is the primary bank target for phishing scams.” 25 As of September 2005, according to the Anti-Phishing Working Group (APWG), the number of unique phishing reports received in September was 13562, the number of unique phishing sites received in September was 5259, the number of brands hijacked by phishing campaigns in September was 106, the number of brands comprising the top 80% of phishing campaigns in September was 6, the country hosting the most phishing websites in September was the United States, Phishing which contains some form of target name in URL amounted to 50 % of total attacks, phishing which provides no hostname but only IP address amounted to 34 % of total attacks, percentage of sites not using port 80 amount to 8 % of total attacks. The United States remains on the top of the list of phishing hosts with 31.22%, with the top 10 breakdown as follows; China: 12.13%, Republic of Korea: 10.91%, Germany: 3.16%, Canada: 2.97%, Japan: 2.44%, France: 2.31%, Poland: 2.24%, Brazil: 1.98%, Romania: 1.98% . In September 2005, the APWG witnessed several new phishing attacks which utilized people’s willingness to assist during times of desperation; the attacks being against The Red Cross, The Salvation Army, Hurricane Katrina Donations, and Hurricane Rita Donations. 26 Variance. “Spear phishing,” targets members of a particular organization and the sender would claim to be its e-mail provider. The sender will prompt you to download special software, which could install spyware or adware. Spyware and adware would record personal information later. 27

Prevalence. Washington Post reported that “[s]ince May 2003, nearly 11 million recipients of phishing e-mail clicked on the links. Of those, 1.8 million recalled filling out the information requested. Phishing attacks grew 28 percent from May 2004 to May 2005. About 73 million adult email users reported more than 50 phishing e-mails during the 12-month period. 2.42 million adults reported

30

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

Examples. The following are examples of phishing e-mails. Date: Thu, 02 Dec 2004 07:35:28 -0300 From: Suntrust Billing Department <billing@suntrust.com> To: Abnelson Subject: Failure to confirm your records may result in your account suspension. Dear valued SunTrust member, Due to concerns, for the safety and integrity of the online banking community we have issued the following warning message. It has come to our attention that your account information needs to be confirmed due to inactive customers, fraud and spoof reports. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to confirm your records may result in your account suspension. You can confirm your account records by logging in to your internet banking account. Once you have confirmed your account records your internet banking service will not be interrupted and will continue as normal. To confirm your bank account records please click here. Thank you for your time, SunTrust Billing Department. —————————————— ———————————— © 2004 SunTrust Banks, Inc. All rights reserved. - Equal Housing Lender - Member FDIC or Subject: Verify your E-mail with Citibank

This email was sent by the Citibank server to verify your E-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection because some of our members no longer have access to their email addresses and we must verify it. To verify your E-mail address and access your bank account, click on the link below: https://web.da-us.citibank.com/ signin/citifi/scripts/email_verify.jsp —————————————— Thank you for using Citibank 28 The link however goes to a non-secure site at http://www.securecitibank.us. Said domain was registered to a certain Wayne Stanford of 3057 sunrise cir, marina CA, 93933, United States, and not to CitiBank itself.29 After the initial Citibank phishing attacks, another set of phishing emails were circulated on a different premise, to wit: Recently there have been a large number of identity theft attempts targeting Citibank customers. In order to safeguard your account, we require that you update your Citibank ATM/Debit card PIN. This update is requested of you as a precautionary measure against fraud. Please note that we have no particular indications that your details have been compromised in any way. This process is mandatory, and if not completed within the nearest time your account may be subject to temporary suspension. To securely update your Citibank ATM/Debit card PIN please go to:

https://www.citibank.com/signin/ citifi/scripts/login2/update_pin.jsp Please note that this update applies to your Citibank ATM/ Debit card - which is linked directly to your checking account, not Citibank credit cards. Thank you for your prompt attention to this matter and thank you for using Citibank! Regards, Riley Buckner Head of Citi® Identity Theft Solutions Copyright © 2004 Citicorp. All rights reserved. Do not reply to this email as it is an unmonitored alias. ozmpjdyvexo znrwvsowwvi utcbt vuqr

The link however ends up to a website in Asia. The genuine CitiBank page is forced to appear behind the scam’s pop-up web page.30 Prevention. Two of the basic clues in determining a phishing email are the email’s typographic errors and the sophistication of the email’s content and grammar. Misspellings and faulty grammar in the bogus email should bring alarm bells ringing in mind. 1. Use anti-virus software and a firewall, and keep them updated. Some emails may contain software or scripts that can harm your computer or track your activities on the Internet without your knowledge, by themselves or by unleashing viruses or spyware. 2. Be aware of corporate e-mails requesting or require personal financial information (credit card numbers, account usernames, passwords and social security numbers). Also be aware of emails coming from usual service providers requesting verification of certain account information (email

31

3.

4.

5.

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

6.

7.

addresses, passwords, credit card numbers, etc.) A sender may mimic an Internet service provider (ISP), bank, online payment service, or even a government agency. Phishers often convince e-mail recipients to respond when they hijack brand names of banks, credit card companies and eretailers. If you normally transact with the company requesting the information, and if the company’s office can be contacted by phone without incurring unwelcome charges, call to confirm. A potential fraudster would have difficulty taking over the company’s phone system to perpetuate his/her scheme. Do not reply, either querying/ confirming the sender’s need for the information or worse, sending the information requested through email. Legitimate companies do not ask for personal information via email. Further, e-mail is not a secure method of transmitting personal information. Updating information with the company’s website would be a better option, while updating information within company ’s premises and authorized personnel would be the best. Do not click on the e-mails link, even if you are curious where the link would lead you. Go directly to the company’s website by typing the website’s URL address in your browser’s address bar, if you need to. Do not openany attachment or downloading any files from emails you receive. These files may contain viruses or spyware. If you need to update your personal information in the company’s website, make sure that the site is secure by looking for signs in your browser that it is in fact secure; such as a “locked” yellow padlock at the lower right corner of your browser, or the “https://” in your browser’s address bar (the “s” appended to “http” to mean “secure”). Still,

these indications are not foolproof, as fraudsters may be technologically sophisticated to develop or mimic secure sites. 8. If the personal information shared that is vulnerable to fraud is of financial nature, be aware of or check your credit card or account activity, and report anomalous transactions to the concerned company or service provider, if they occur. If your statement is late, call your credit card company or bank to confirm your billing address, if not your account balances. Distinctions with other frauds 1. Online Credit Card Fraud. Online Credit Card Fraud is more geared towards the use of credit cards over the Internet. It is a direct act to utilize another person’s credit card information to pursue transactions online; the information being acquired through insidious schemes (through keylogging spyware, phishing, etc.) or by cracking the credit card account itself. Fraudulent use of credit cards (accounts) is governed by the Access Device Regulation Act of 1998 (Republic Act 8484) in the Philippines. The deterrence of the practice, especially if electronically pursued, is supplemented by the e-Commerce Act of 2000 (Republic Act 8792) and covered by A.M. 01-7-01-SC (Rules on Electronic Evidence). On the other hand, phishing is only the preliminary means to pursue actual online credit card fraud. As a technical subterfuge scheme, it plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Phishing, however, may also be utilized to acquire information to allow identity thefts, a springboard to the commission of estafa, and other crimes. It may also be pursued to gain access to nonfinancial accounts (such as email accounts) to pursue other frauds.

The scheme is not limited to aid the commission of violating the access device law. 2. Spyware utilizing spam. Both means of acquiring information uses e-mails extensively. The distinction exist in the kind of information being sought, the purpose for the information sought, and the method being pursued by the two schemes. Phishing is aimed primarily in acquiring specific personal information (similar to those in biodata), while spyware, besides this specie of information, may even pursue the determination of a victim’s online behavior patterns, among others. Phishing is necessarily related to the commission of fraud. On the other hand, while spyware’s gathering of information does not discount the possibility of the commission of fraud, it may be merely an insidious means to acquire consumer information for product development or marketing. Phishing does not necessarily need a software to acquire its objective, but merely the possible gullibility of its victim. The victim’s intervention is always present for it to occur. Spyware is a software, and it is installed either by the gullibility of the victim, by indiscriminate clicking of “ok” buttons, by agreeing to the terms of a contract of adhesion by another software where the spyware is bundled, or even by scripts or viruses without the victim’s intervention. Phishing emails may provide links towards a fake website to gather the information sought or to install spyware. Spyware through spam emails provide links to install spyware. Finally, some spyware are installed to get the victim to part with his money for an antidote, while some phishing attacks are made to get the victim to part with his money, period.

32

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

Pharming Pharming attacks are similar to phishing identity-theft attacks, but don’t require a “lure,” such as a Web link that victims must click on to be taken to the attack Web site. 31 Pharming combines phishing with domain spoofing/domain hijacking. The distinction lies with the exploitation of a vulnerability in the DNS server software by a hackerphisher to acquire the domain name for a website and to redirect that website’s traffic to the fake site attributed in phishing. 32 Hence, pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning. This is possible when the original site was not Secure Sockets Layer (SSL) 33 protected, or when the user is ignoring warnings about invalid server certificates. 34 Rather than spamming a potential victim, pharmers “poisons” one’s local DNS server by redirecting the Web request somewhere else, i.e. to a website purporting to be the website one intended to access. When a cracker poisons a DNS server, he or she changes the specific record for a domain, sending one to a Web site very different from the one one intended to access—without your knowledge. Usually, the cracker does this by posing as an official who has the authority to change the destination of a domain name. DNS poisoning is also possible via software vulnerability, however. 35 Prevalence. In 2004 a German teenager from from Helmstedt, Lower Saxony hijacked the eBay.de Domain Name. 36 In January 2005, the Domain Name for a large New York ISP Panix, was hijacked, the ownership , of which was attributed to a site in Australia. Requests to reach the panix.com server were redirected to the United Kingdom, and e-mail was redirected to Canada. Secure e-mail provider Hushmail experienced the attack on 24 April 2005 when the attacker rang up the domain registrar and gained enough information to redirect users to a defaced webpage. 37 On the other hand, e-mailed viruses

that rewrite local host files on individual PCs, like the Banker Trojan, have been used to conduct smaller-scale pharming attacks. 38 Prevention. Pharming could be combated if browsers would authenticate websites’ identities. 1. Server side. In order to remove pharming as a threat, servers would have to add another layer of authentication. To prove that the online merchants, banks, etc. are who they purport themselves to be, it might require them to obtain a certificate from a certificate authority, such as VeriSign. 2. Client side. a. Response to certificates. When one visit the websites of the online merchant, banks, etc., a dialog box appears, prompting one whether the latter would want to trust the certificate. If the name on the certificate does not match the website one tries to access, something is amiss. One should leave the website, as the website being accessed is not the actual electronic merchant, bank, etc. being sought. If the certificate corresponds to the website, one needs to save the certificate so that the browser would determine if it has reached the right URL address on the next visit. 39 b. Netcraft toolbar (http:// t o o l b a r. n e t c r a f t . c o m / ) . Another simple solution that works in some cases is a browser plug-in from Netcraft that displays information about the site being visited, such as its geographic location.40 Other Internet fraud There are other Internet fraud existing, and which are usually virtual extensions of frauds that occur in the normal routine of commerce. The anonymity of a person over the Internet is a reason why con artists can pursue frauds with more ease. Other kinds

would include frauds pertaining to Internet Auctions, Investment, and Merchandise Delivery, among others. Internet Auction Fraud may be prevented in the following manner: (1) Understand as much as possible about how the auction works, what your obligations are as a buyer, and what the seller’s obligations are before you bid. Understand that if a problem occurs with the auction transaction, it could be much more difficult if the seller is located outside the US because of the difference in laws. (2) Find out if shipping and delivery are included in the auction price or are additional costs so there are no unexpected costs. Find out what actions the web site/company takes if a problem occurs and consider insuring the transaction and shipment. (3) Learn as much as possible about the seller, especially if the only information you have is an e-mail address. If it is a business, check the Better Business Bureau where the seller/business is located. Examine the feedback on the seller. (4) Determine what method of payment the seller is asking from the buyer and where he/ she is asking to send payment. Also ask the seller about when delivery can be expected and if there is a problem with the merchandise is it covered by a warranty or can you exchange it. (5) There should be no reason to give out your social security number or driver’s license number to the seller. Investment fraud may be limited through observation of due diligence similar to the prevention of credit card fraud, and inquiry about all the terms and conditions of the investment proposal, taking into mind that “if it sounds too good to be true it probably is.’ On the matter of non-delivery of merchandise, to prevent so, (1) Observe due diligence similar to the prevention of credit card fraud; (2) Inquire about returns and warranties; and (3) Consider utilizing an escrow or alternate payment service. 41 The creativity of a con artist is unlimited. Centuries old scams can be revived to assume modern forms, through adoption of modern contexts and means. Be aware. A healthy dose of

33

cynicism once in a while may prove to be the major factor in keeping one’s pockets healthy, and one’s considerate social perception intact.
Endnotes 1 Internet Fraud. Wikipedia, the free encyclopedia. Retrieved 25 October 2005. <http://en.wikipedia.org/ wiki/Internet_fraud > 2 Ibid. 3 Internet Fraud Preventive Measures. Internet Fraud Complaint Center (IFFC). Retrieved 28 November 2005. <http://www1.ifccfbi.gov/ strategy/fraudtips.asp> 4 Ibid. 5 Advance fee fraud. Wikipedia, the free encyclopedia. Retrieved 30 November 2005. <http:// en.wikipedia.org/wiki/ Advance_fee_fraud> 6 Spanish Prisoner. Wikipedia, the free encyclopedia. Retrieved 30 November 2005. <http:// en.wikipedia.org/wiki/ Spanish_Prisoner> 7 Advance fee fraud. Wikipedia, the free encyclopedia. Ibid. 8 Public Awareness Advisory Regarding “4-1-9” or “Advance Fee Fraud” Schemes. United States Secret Service: Advance Fee Fraud Advisory. Retrieved 30 November 2005. <http:// w w w. s e c r e t s e r v i c e . g o v / alert419.shtml> 9 Advance Fee Fraud. Wikipedia, the free encyclopedia. Ibid. 10 Ibid. 11 Ibid. 12 DFA warns OFWs on text scam in Canada. ABS-CBN Interactive. Retrieved 30 November 2005. < w w w. a b s - c b n n e w s . c o m / storypage.aspx?StoryId=22858> 13 Public Awareness Advisory Regarding “4-1-9” or “Advance Fee Fraud” Schemes. United States Secret Service. Ibid. 14 Urban Legends Reference Pages: Crime (Nigerian Scam). Snopes.com. Retrieved 30 November 2005. <http://www.snopes.com/ crime/fraud/nigeria.asp>

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

15 Internet Fraud Preventive Measures. Ibid. 16 Phishing. Wikipedia, the free encyclopedia. Retrieved 25 October 2005. <http://en.wikipedia.org/ wiki/Phishing> 17 Anti-Phishing Working Group. “What is Phishing and Pharming?” Retrieved 28 November 2005. <http://www.antiphishing.org/> 18 E-mail Evils: Of Phishing, Spam and E-mail Scams. Microsoft Philippines – IT Professionals. Retrieved 28 November 2005. <http:// www.microsoft.com/philippines/ technet/article.asp?articleid= 20050628emailevils> 19 Federal Trade Commission, For the Consumer. FTC Consumer Alert. “How Not to Get Hooked by a ‘Phishing’ scam.” Retrieved 28 November 2005. <http:// www.ftc.gov/bcp/conline/pubs/ alerts/phishingalrt.htm> 20 Musgrove, Mike. ‘”Phishing’ Keeps Luring Victims,” 22 October 20005. Washington Post. Retrieved 23 October 2005. <http:// www.washingtonpost.com/wp-dyn/ content/article/2005/10/21/ AR2005102102113.html> 21 Musgrove, Mike. ‘”Phishing’ Keeps Luring Victims.” Ibid. 22 Federal Trade Commission, Ibid. 23 Phishing. Wikipedia, the free encyclopedia. Ibid. 24 Musgrove, Mike. ‘”Phishing’ Keeps Luring Victims.” Ibid. 25 Ibid. 26 Phishing Activity Trends Report, September 2005. Retrieved 28 November 2005. <http:// antiphishing.org/apwg_phishing_ activity_report_sept_05.pdf> 27 Musgrove, Mike. ‘”Phishing’ Keeps Luring Victims.” Ibid. 28 ESTec Security - Phishing Attacks. “Phishing Sample e-mail.” ESTec Systems Corporation. Retrieved 30 November 2005. <http:// www.security.estec.com/education/ phishingSample.htm> 29 Phishing Samples. Mortgage Investments.com. Retrieved 30 November 2005 <http:// www.mortgage-investments.com/

30 31

32

33

34

35

36

37 38

39

40

41

C r e d i t _ r e p o r t s / phishingsample.htm> Ibid. Roberts, Paul. “Pharming Attacks Target the Web.” 1 April 2005. PC World. <http://www.pcworld.com/ r e s o u r c e / a r t i c l e / 0,aid,120268,pg,1,RSS,RSS,00.asp> Pharming. Wikipedia, the free encyclopedia. Retrieved 25 October 2005. <http://en.wikipedia.org/ wiki/Pharming> ‘ Secure Sockets Layer (SSL) and Transport Layer Security (TLS), its successor, are cryptographic protocols which provide secure communications on the Internet. Transport Layer Security – Wikipedia, the free encyclopedia. Retrieved 28 November 2005 <http:// en.wikipedia.org/wiki/ Secure_Sockets_Layer> Anti-Phishing Working Group. “What is Phishing and Pharming?” Ibid. Vamosi, Robert. “Alarm over pharming attacks: identity theft made even easier.” 18 February 2005. Cnet.com, Security Watch. Retrieved 28 November 2005. <http://reviews.cnet.com/45203513_7-5670780-1.html> Fiutak, Martin. Teenager admits eBay domain hijack” 8 September 2004. C/net news.com. Retrieved 28 November 2005. <http:// news.com.com/Teenager+admits +eBay+domain+hijack/21001029_3-5355785.html> Pharming. Wikidepia, the free encyclopedia. Ibid. Delio, Michelle. “Pharming OutScams Phishing.” 14 March 2005. Wired News. Retrieved 28 November 2005. <http://www.wired.com/ news/infostructure/ 0,1377,66853,00.html> Vamosi, Robert. “Alarm over pharming attacks: identity theft made even easier.” Ibid. Coursey, David. “First Was Phishing, Next Is Pharming” 2 February 2005. eWeek.com. Retrieved 28 November 2005 <http://www.eweek.com/ article2/0,1759,1758874,00.asp> Internet Fraud Preventive Measures. Ibid.

The e-Law Center takes pride in the appointment of former Dean of the Arellano University School of Law and former Chairman of the Arellano Law Foundation

Hon. Antonio B. Nachura
as Associate Justice of the Philippine Supreme Court.

34

IT-Related News
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

WHAT YOU SAY IN CYBERSPACE MIGHT INCRIMINATE YOU
By Jaime N. Soriano

T
<<

his news report that hugged global headlines today should serve as a timely reminder to all netizens to be more circumspect and prudent in their conduct in cyberspace.

allegedly uses to communicate with Florida Governor Jeb Bush. ABC news released in its website nine pages of the alleged excerpts of Foley ’s messages (http:// abcnews.go.com/WNT/BrianRoss/ story?id=2509586&page=1; with a strong advisory for readers to exercise utmost discretion because of the sexually explicit language). In a report, Republican congressman, John Shimkus of Illinois, who oversees the legislative page program in the US Congress, said that he learned of Foley ’s inappropriate electronic messages in the late 2005 and took immediate action to investigate the matter. CNN reports that the page program, which brings young people from around the country to work on Capitol Hill, came under intense scrutiny in 1983, after two lawmakers — Rep. Gerry Studds, a Massachusetts Democrat, and Rep. Dan Crane, an Illinois Republican — were censured following their admission they had Switzerland developed test projects to allow citizens to vote via the Internet or by SMS. The tests in Geneva, in particular, have been controversial, because Internet voting might not satisfy the laws that ensure that any citizen can check how the vote is conducted, according to Wikipedia. Internet voting may work on an onsite and controlled basis. But I have serious doubts whether at the moment it will work well in a remote and uncontrolled environment. And the biggest hurdle still is that there is nothing in the Omnibus Election

consensual sexual relationships with 17-year-old pages. Neither lawmaker resigned, but Crane was defeated for re-election in 1984. Studds survived the scandal and continued to serve in the House until retiring in 1996. Ironically, Foley was the founder and co-chair of the Congressional Missing and Exploited Children’s Caucus. He did play key roles in passing recent legislation on child protection such as the “Volunteers for Children Act“ (that gives organizations working with youths access to FBI fingerprint checks to make sure that child molesters are not hired), the “Sex Offender Registration and Notification Act” (a bill already approved by the US Congress that seeks to overhaul the national monitoring system for predatory pedophiles by closing legal loopholes), and co-sponsored legislative measures to eliminate child pornography and exploitive child model sites on the Internet. So the next time you hit that keyboard in your computer to send on-line messages, think again. Code (Batas Pambansa Bilang 881, as amended), the Overseas Absentee Voting Act (Republic Act No. 9189), the Election Modernization Act (Republic Act No. 8436), or the newly signed Automated Election System Law (Republic Act No. 9369) that gives legal imprimatur to the COMELEC to implement Internet voting. I wish our poll body pushes through with election automation with the much more vigor and enthusiasm than it does with Internet voting. Otherwise, we could not be blamed if we perceive that there must be something fishy.

“I am deeply sorry and I apologize for letting down my family and the people of Florida I have had the privilege to represent.” This was the simple statement of American Republican congressman Mark Adam Foley, who served his legislative district in Florida for six terms, when he tendered his abrupt resignation last Friday (29 September 2006), thereby ending his flourishing legislative career, following the revelation of a scandal involving inappropriate e-mail exchanges between him and some teenage male legislative pages. Allegedly, Foley’s electronic messages included asking a page if he made him ‘horny’, and in another wanting to take off the teenager’s clothes, or asking for a photo of the boy. He transmitted the messages using his personal account in America On Line (AOL), “Maf54“, the same account he
[ 5 ] Vulnerability of Internet Voting

could override his Internet vote with his paper vote. In that election, the percentage of the e-vote as against the total votes cast was only 1.85% because the availability of card readers among the e-voters was not that common. Even if the same system is applied in the Philippine setting, the card reader does not effectively address the concerns on Internet voting. Beside the fact that we do not have the requisite ID for the card reader, what would prevent an e-voter from passing to another his identity card for a price?

35

<<

[40] Virtual Law Class

<<

[40] AsianLII Philippine Launch

legal literature as they are all made available in electronic form and integrated in the site on a per module basis, (d) could engage and indulge in healthy and stimulating on-line discussion with their professor and among themselves about legal issues involving the subject through the various fora and blogs found in the website, and (e) are able to view privately and confidentially their individual ratings in graded class activities, except their final grades, as well as suggested answers on examination questions to ensure better transparency in student performance. On the other hand, the on-line course also allows the professor: (1) to administer on line examinations, both objective and essay questions, (2) to view individual and over-all class performance on demand, (3) to answer on-line questions of my students on difficult or misunderstood or complicated legal issues about the subject, and (4) to control and monitor students activities in the interactive course, as each student is required to enrol, register and utilize their own secured username and password to be a part of the on-line community. The modules and the related reading literature were organized in such a way that would stimulate learning, understanding and analysis of the subject and that students are not simply spoon fed with legal information. The site also generates and sends, and automatically notifies the students of, updated information about on-line activities through their private e-mails. In the very near future or next semester perhaps, a podcast (audio and/or video) would be integrated in this virtual law class. The on-line course, which may be found at http://www.soriano-ph.com/ law-class/, was made possible using the open-source course management system of “Moodle.”

To know more about Asian LII, see the LegalWeb portion of this journal.
Endnotes 1. 2. http://www.arellanolaw.edu/ h t t p : / / w w w . supremecourt.gov.ph/justices/ cj.puno.php http://www2.austlii.edu.au/ ~graham/ http://www.unsw.edu.au/ http://www.austlii.edu.au/ h t t p : / / w w w. b a k e r c y b e r l a w centre.org/ http://www.lawphil.net/ [40] SC e-Library Launched

3. 4. 5. 6. 7. << [20] CyberLaw Jurisprudence <<

The Supreme Court took note of the legal mandate on the utmost confidentiality of proceedings involving violence against women and children set forth in Sec. 29 of Republic Act No. 7610 (“Special Protection of Children Against Child Abuse, Exploitation and Discrimination Act“), Sec. 44 of Republic Act No. 9262 (“Anti-Violence Against Women and Their Children Act of 2004“), and Sec. 40 of A.M. No. 04-10-11-SC (“Rule on Violence Against Women and Their Children“) effective November 15, 2004. This judicial pronouncement perhaps should serve as a useful guide to all other Internet domains and websites that provide a repository of legal information, case laws, and on-line reports of cases involving violence and abuse of women and children in the Philippines.
<< [11] Digital Copyright

Judicial Academy (Philja), Office of the Court Administrator (OCA), Judicial and Bar Council (JBC); Officials of the Action Program for Judicial Reform (APJR) partners of the SC; editors of law school journals published in the ELibrary; and law students. Upon prior arrangement with the SC E-Library Committee, other government personnel may access the E-Library. The E-Library may be accessed through http://elibrary.supremecourt. gov.ph. It is maintained by a staff led by Director Milagros S. Ong of the SC Library Services.
The information for this article was acquired primarily from Ivan M. Bandal’s article “SC E-Library Opened to Law Students,” 28 February 2006, Court News Flash February 2006 (http://www.supremecourt.gov.ph/ news/courtnews%20flash/2006/02/ 02280602.php)

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

of the US Supreme Court, said: "We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties." Legal controversies involving digital copyright are far from over especially with the way the Internet becoming a way of life for most people. In fact, the legal battle has just began.

In another legal challenge, dubbed as the most important intellectual property case in decades, lodged by a consortium of twenty-eight movie studios and record labels, the US Supreme Court held in the case of MGM Studios, Inc. v. Grokster, Ltd. that in the process of marketing file sharing software, the file swapping of P2P companies induces copyright infringement and may constitute piracy of intellectual property rights. The ponente in the Grokster case, Associate Justice David Hackett Souter

36

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

<<

[39] Declaration on Free Access

*

Wits University School of Law

Endnotes 1. 2. See <http://www.worldlii.org/worldlii/ declaration/montreal_en.html> The amendements were: (i) in the title of the Declaration, `public' was changed to `free'; (ii) the words `where possible' were deleted from the second bullet point `where possible, free of charge'; (iii) addition of the description of a legal information institute and the encouragement to participate in networks; and (iv) addition of the final bullet point about an annual meeting to the list of areas of agreed cooperation. The amendments were: (i) the words "It also includes legal documents created as a result of public funding." were added to the end of para 2 after 'boards of enquiry': (ii) the words "To provide to the end users of public legal information clear information concerning any conditions of re-use of that information, where this is feasible." were added to the final list of bullet points. << [23] Most Visited Dailies

Made at the 4th Law via the Internet Conference in Montreal on 3 October 2002 by representatives of the following legal information institutes: * Australasian Legal Information Institute * British and Irish Legal Information Institute * LexUM/Canadian Legal Information Institute * Hong Kong Legal Information Institute * Legal Information Institute (Cornell) * Pacific Islands Legal Information Institute * University of the West Indies Faculty of Law Library
<< [18] Downloading Music

As amended by the representatives of the following legal information institutes present at the 5th Law via the Internet Conference in Sydney, November 2003: * Australasian Legal Information Institute * British and Irish Legal Information Institute * LexUM/Canadian Legal Information Institute * Hong Kong Legal Information Institute * Pacific Islands Legal Information Institute * South African Legal Information Institute
2. 3. 4. 5. 6. Ibid. Ibid. Ibid. Ibid. Paul Supnik, Music on the Internet, United States Perspective (Retrieved from http://www.supnik.com) Ibid. Ibid. Ibid. Retrieved from “http:// en.wikipedia.org/wiki/ MGM_Studios%2C_Inc._v._Grokster %2C_Ltd. Supra, footnote 6, at 10 Ibid. A&M Records v. Napster, Inc. [2001 US App. LEXIS 1941, No. 00-153001, slip op. at 2206 (9th Cir., Feb. 12, 2001)] Ibid. Ibid. Ibid. Supra, footnote 1, at 6 Ibid. Ibid. Atty. Rey Beckerman, How the RIAA Litigation Process Works (Comments, Copyright 2006, retrieved from http:// www.findarticles.com, 11 July 2006) David McGuire, Comments (Retrieved from http://www.washingtonpost.com, 19 December 2003) David McGuire, Congress May Act on Internet Piracy Bill (Retrieved from http://www.washingtonpost.com, 16 November 2004) Atty. Adrian S. Cristobal Jr., For a Song (Retrieved from http://www.oped @businessmirror.com.ph, Business Mirror, 18 May 2006) Policymakers Press for Updates to Copyright Law (BusinessWorld, 14 September 2006, p. S1/17) In Search of a Clear National IP Strategy (BusinessWorld, 14 September 2006, p. S1/17)

3.

for the recording and motion picture industry. Content and service providers have become more prudent in complying with legal requirements such as the imposition of fees as imposed by the DMCA. Recent developments in technology have incorporated hardware and software control devices that would enable content and service providers to effectively monitor music transmission in the Internet. Internet users who log-on to music websites are provided notice though the websites’ “Terms of Use” disclosing to users strict compliance with copyright laws. The development of technology and the enforcement of copyright laws are pitted against each other. There must be a clear cut policy that would strike a balanced application of technology and copyright laws to give legal authorities adequate guidance in imposing liabilities. Otherwise, the lowly Internet user will continuously and conveniently be put at the crossroads.
Endnotes 1. Daniel J. Gervais, Transmission of Music in the Internet: an Analysis of Copyright Laws (Vanderbilt Journal of Transnational Law, Vanderbilt University Law School, November 2001; Retrieved from http:/ /aix1uottaa.ca/~dgervais/publications/ Transmissions.pdf)

New York Times that ranks 57 as of today based on Netcraft statistics of top 100 most visited websites. As to major Philippine television stations, and here is the result: 1st: ABS-CBN-2 (70,691*); 2nd: GMA-7 (82,046); 3rd: STUDIO-23 (909,866); 4th: ABC-5 (1,082,117); and, 5th: NET25 (1,441,341). All the other networks did not show any *global ranking. And if you are also wondering which among the television network in the world rank first in terms of net clicks, it is the BBC NEWS of the United Kingdom that ranks 8 as of today based on Netcraft statistics of top 100 most visited websites. US-based Fox News and CNN rank 11th and 15th, respectively.
<< [40] ICT Roadmap

7. 8. 9. 10.

11. 12. 13.

14. 15. 16. 17. 18. 19. 20.

21.

22.

23.

24.

25.

response of the Commission on Information and Communications Technology (CICT), through Sec. Ramon P Sales (Chair, CICT) to the . Civil Society Comments on the Draft Roadmap. Said comments were the result of a previous forum conducted 16 September 2006 at the ISO. The forum was hosted by the Foundation for Media Alternatives.

37

LegalWeb

WWW.ASIANLII.ORG
Asian LII Brochure, Version 20. Prof. G Greenleaf, Prof A. Mowbray, Mr P Chung, AustLII Co-Directors http://www.asianlii.org/asianlii/brochures/AsianLII_brochure.pdf

This section is a continuing series of articles featuring various websites which may be relevant to legal practitioners, legal researchers, and law students.

T
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

Free access & non-profit he Asian Legal Information Institute (AsianLII - www.asianlii.org) is a non-profit and free access website for legal information from all 27 countries and territories in Asia located from Japan in the east to Pakistan in the west, and from Mongolia in the north to Timor Leste in the south. Access to AsianLII is free. AsianLII will be launched for free public access on 8 December 2006 in Sydney. Launches in a number of Asian countries will take place in the first half of 2007, beginning with the Philippines.

legal information institutes (LIIs) belonging to the Free Access to Law Movement. AustLII provides the largest online facility for Australian legal research (www.austlii.edu.au) and coordinates the World Legal Information Institute ( W o r l d L I I ) <www.worldlii.org> and Commonwealth Legal Information Institute ( C o m m o n L I I ) <www.commonlii.org>. This experience is now being applied to access to Asian law.

AustLII receives funding support for development of AsianLII’s infrastructure from the Australian Research Council, for inclusion of The homepage of the Asian Legal Indformation Institute (http:// content from six jurisdictions www.asianlii.org). The website was launched in December 2006. from AusAID’s Public Sector Linkages Programme (PSLP) (Indonesia, Cambodia, Thailand, Vietnam, the Philippines, and Macau), For every country, AsianLII will also Facilities contain an extensive Catalog of lawand for inclusion of content from four related websites for that country (parts other jurisdictions from the Australian AsianLII provides for searching and of the largest law catalog on the Attorney-General’s Department (India, browsing databases of legislation, caseInternet), and a ‘Law on Google’ Singapore, Malaysia and China). PSLP law, law reform reports, law journals facility assisting users to search Google assists development linkages between and other legal information, where only for legal materials from that Australian public sector organisations available, from each country in the country. and those of Asian countries. AsianLII region. At launch it will provide access is also supported by APEC’s SELI to nearly 100 databases drawn from Developers, partners and (Strategic Economic Legal almost all 27 Asian countries. Over supporters Infrastructure) Coordinating Group. 140,000 cases from at least 15 Other regional institutions are countries, and over 15,000 pieces of welcome to join in supporting AsianLII. AsianLII is being developed by the legislation from at least 18 countries Australasian Legal Information Institute will be searchable. All databases can Development approach – AsianLII (AustLII), a joint facility of the Law be searched simultaneously, or Faculties at the University of searches can be limited to one Asia is a region of wide diversity of Technology, Sydney (UTS) and the country ’s databases or other languages. We will aim to include in University of New South Wales combinations. Search results can be AsianLII as much legal information as (UNSW), in cooperation with partner ordered by relevance, by date, or by possible in the English language, so as institutions in Asian countries and other database.

38

The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

to provide a common linguistic platform for comparative legal research. At the same time, we will obtain wherever available legal materials in national and local languages other than English and also make them accessible via AsianLII. AustLII’s own search engine (Sino) is being developed to allow it to search data in any language (via conversion into Unicode). Hypertext links between the versions of the same document in different languages will be provided wherever possible. User Guides will be available in various languages used in Asia. The databases searchable via AsianLII will in most cases be located on the AsianLII servers located at AustLII, where they will be converted into a common format. In many cases the same data will also be able to be obtained from the websites of our local partners. Where a local legal information institute with sufficient technical capacity already exists (such as HKLII for Hong Kong or PacLII in relation to Papua New Guinea law), a constantly synchronised mirror copy of the LII is located at AustLII for searching purposes, but search results from AsianLII searches return the user to the local LII. Encouraging local capacity One aim of the AsianLII project is to assist development of the local capacity of our partner organisations to develop and maintain independent local legal information to the standards of world’s best practice, and to integrate them into international free-access law networks such as AsianLII, CommoinLII and WorldLII. Where possible and requested, AustLII will provide technical assistance to our partner institutions to develop these capacities. This may include the provision of AustLII’s Sino search engine and other software for LII development. It may also include AustLII support for applications by local partners to obtain resources. Some incountry training will be provided for our AusAID partner institutions.

DECLARATION ON FREE ACCESS TO LAW
http://www.worldlii.org/worldlii/declaration/

In October 2002 the meeting of LIIs in Montreal at the 4th Law via Internet Conference, made the following declaration[1] as a joint statement of their philosophy of access to law. There were some further modifications of the Declaration at the Sydney meeting of LIIs in 2003[2] and at the Paris meeting in 2004[3]. Legal information institutes of the world, meeting in Montreal, declare that: * Public legal information from all countries and international institutions is part of the common heritage of humanity. Maximising access to this information promotes justice and the rule of law; * Public legal information is digital common property and should be accessible to all on a non-profit basis and free of charge; * Independent non-profit organisations have the right to publish public legal information and the government bodies that create or control that information should provide access to it so that it can be published. Public legal information means legal information produced by public bodies that have a duty to produce law and make it public. It includes primary sources of law, such as legislation, case law and treaties, as well as various secondary (interpretative) public sources, such as reports on preparatory work and law reform, and resulting from boards of inquiry. It also includes legal documents created as a result of public funding. A legal information institute: * Publishes via the internet public legal information originating from more than one public body; Provides free, full and anonymous public access to that information;

*

*

Does not impede others from publishing public legal information; and Supports the objectives set out in this Declaration.

All legal information institutes are encouraged to participate in regional or global free access to law networks. Therefore, the legal information institutes agree: * To promote and support free access to public legal information throughout the world, principally via the Internet; * To cooperate in order to achieve these goals and, in particular, to assist organisations in developing countries to achieve these goals, recognising the reciprocal advantages that all obtain from access to each other's law; * To help each other and to support, within their means, other organisations that share these goals with respect to: * Promotion, to governments and other organisations, of public policy conducive to the accessibility of public legal information; * Technical assistance, advice and training; * Development of open technical standards; * Academic exchange of research results. * To meet at least annually, and to invite other organisations who are legal information institutes to subscribe to this declaration and join those meetings, according to procedures to be established by the parties to this Declaration. * To provide to the end users of public legal information clear information concerning any conditions of re-use of that information, where this is feasible.
>> [37] Declaration on Free Access

*

39

The Center and the Society

ASIAN LEGAL INFORMATION INSTITUTE LAUNCHED IN THE PHILIPPINES
By Jaime N. Soriano

SUPREME COURT’S E-LIBRARY LAUNCHED

T
The Philippine Quarterly IT Law Journal :: Volume 3, Number 1

he Arellano Law Foundation[1] launched the Asian Legal Information Institute in the Philippines (http://www.asianlii.org) in simple ceremonies at the Century Park Hotel in Manila on 10 January 2007 with no less than Chief Justice Reynato S. Puno [2] of the Philippine Supreme Court as Guest of Honor and Speaker. The affair was also attended by legal luminaries, law deans and professors, government functionaries from the judiciary and the foreign affairs

department, the Australian embassy in the Philippines, and other personalities.

The launch was made possible through Law Professor Graham Greenleaf [3] of the University of New South Wales (UNSW) [4] and co-director of the Australasian Legal Information Institute (AustLII) [5] and the Cyberspace Law and Policy Centre. [6] Asian LII aims to facilitate and promote comparative research, make laws of Asia-Pacific countries more accessible, encourage international trade and investment, and provide the many other benefits of free access to law.

T
<<

The nationwide launching of the the Supreme Court E-Library was held at the Arellano University School of Law library in Pasay City on 20 February 2006, with live simulcast via the Internet with seven other law schools, which already have access to the E-Library, located in different parts of the country. The other participating schools, besides Arellano University School of Law, were Saint Louis University in Baguio City, Aquinas University in Legaspi City, University of San Carlos in Cebu City, Silliman University in Dumaguete City, Xavier University in Cagayan de Oro City, Mindanao State University in Marawi City, and Ateneo de Davao University in Davao City. The SC E-Library is the first fully searchable web-based digital library in the Philippines. Those currently authorized to access the E-Library are Justices; Judges; clerks of courts; court librarians; and officials of the Philippine
[36] SC e-Library Launched

The Arellano Law Foundation was chosen as Asian LII partner because of its “LawPhil Project“, [7] one of the country’s leading website that provides free access to useful Philippine legal information.
<< [36] AsianLII Philippine Launch

EXECUTIVE DIRECTOR INITIATES VIRTUAL LAW CLASS

E-LAW

THE PHILIPPINE STRATEGIC ICT ROADMAP

B
40

eginning Second Semester of School Year 2006-2007, Atty. Jaime N. Soriano’s law classes in Civil Procedure and Remedial Law Review at the Arellano University School of Law went interactive to complement his weekly class discussions. Said on-line course in law is the first of its kind in the country. Through the on-line phase of the course, his law students (a) could take

a diagnostic test upon enrolment to measure their readiness to take the subject, and other measurement and assessment tools as well during the duration of the course, (b) can view the course outline divided into modules as well the pertinent laws and cases that would be the subject of class discussion during our weekly meetings, (c) need not spend much time in libraries to read and study the assigned
<< [36] Virtual Law Class

O
<<

n 27 November 2006, Atty. Jaime N. Soriano, executive director of the e-Law Center, and Mr. Michael Vernon Guerrero, former president of the IT Law Society (2004-2006), attended a public forum at the Institute of Social Order (ISO) at the Ateneo de Manila University (AdMU), entitled “Civil Society Interrogates the Philippine Strategic ICT Roadmap.” The highlight of the forum was the
[37] ICT Roadmap

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.