Empowerment Technologies

Lesson 4: Cyber Law

Cyber law is the area of law that deals with the Internet's relationship to technological
and electronic elements, including

 Computers,
 Software,
 Hardware and
 Information systems (IS).
Cyber law is also known as Cyber Law or Internet Law. Cyber laws prevent or reduce large scale damage from
cybercriminal activities by protecting

 Information access,
 Privacy,
 Communications,
 Intellectual property (IP)
 And freedom of speech
related to the use of the

 Internet
 Websites
 Email
 Computers
 Cell phones
 Software
 And hardware, such as data storage devices.
The increase in Internet traffic has led to a higher proportion of legal issues worldwide.
Because cyber laws vary by jurisdiction and country, enforcement is challenging, and
restitution ranges from fines to imprisonment.
Needs for Cyber Law
In the recent years, many concerns and issues were raised on the integrity and security of information, legal
status of online transactions, privacy and confidentiality of information, intellectual property rights and
security of government data placed on the Internet.
The Cyber Law acts of the Philippines

Republic Act 10175 – Cybercrime Prevention Act was signed into law last September 12, 2012. This law is already in
effect as the Supreme Court uphold its constitutionality (February 18, 2014). Although some provisions were deemed as
unconstitutional (struck down) particularly Sections 4(c)(3), 7, 12, and 19.

It is a law considered to be 11 years in the making as various groups, organizations, and personalities lobbied for its
passage. It took a while for the law to be passed as legislators and various stakeholders need to understand the
magnitude of cybercrime and whether the penalty provisions indicated in the E-Commerce Law – Republic Act 8792 is
sufficient or not.

1. The law Penalizes (section 8) sixteen types of cybercrime (Section 4). They are:

Types of Cybercrime
1. Illegal access - Unauthorized access (without right) to a computer system or application
Illegal interception
2. Unauthorized interception - of any non-public transmission of computer data to, from, or within a computer
system.
3. Data Interference - Unauthorized alteration, damaging, deletion or deterioration of computer data, electronic
document, or electronic data message, and including the introduction or transmission of viruses.
4. System Interference - Unauthorized hindering or interference with the functioning of a computer or computer
network by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data or
program, electronic document, or electronic data messages, and including the introduction or transmission of
viruses.
5. Misuse of devices - The unauthorized use, possession, production, sale, procurement, importation, distribution,
or otherwise making available, of devices, computer program designed or adapted for the purpose of
committing any of the offenses stated in Republic Act 10175.
6. Cyber-squatting - Acquisition of domain name over the Internet in bad faith to profit, mislead, destroy
reputation, and deprive others from the registering the same. This includes those existing trademark at the time
of registration; names of persons other than the registrant; and acquired with intellectual property interests in
it.
7. Computer-related Forgery - Unauthorized input, alteration, or deletion of computer data resulting to
inauthentic data with the intent that it be considered or acted upon for legal purposes as if it were authentic,
regardless whether or not the data is directly readable and intelligible.
8. Computer-related Fraud - Unauthorized input, alteration, or deletion of computer data or program or
interference in the functioning of a computer system, causing damage thereby with fraudulent intent.
9. Computer-related Identity Theft - Unauthorized acquisition, use, misuse, transfer, possession, alteration or
deletion of identifying information belonging to another, whether natural or juridical.
10. Cybersex - Willful engagement, maintenance, control, or operation, directly or indirectly, of any lascivious
exhibition of sexual organs or sexual activity, with the aid of a computer system, for favor or consideration.
There is a discussion on this matter if it involves “couples” or “people in relationship” who engage in cybersex.
11. Child Pornography - Unlawful or prohibited acts defined and punishable by Republic Act No. 9775 or the Anti-
Child Pornography Act of 2009, committed through a computer system.
12. Unsolicited Commercial Communications (SPAMMING) THIS PROVISION WAS STRUCK DOWN BY THE SUPREME
COURT AS UNCONSTITUTIONAL.
13. Libel -l Unlawful or prohibited acts of libel as defined in Article 355 of the Revised Penal Code, as amended
committed through a computer system or any other similar means which may be devised in the future. Revised
Penal Code Art. 355 states Libel means by writings or similar means.
14. Aiding or Abetting in the commission of cybercrime – Any person who willfully abets or aids in the commission
of any of the offenses enumerated in this Act shall be held liable.
 15. Attempt in the commission of cybercrime - Any person who willfully attempts to commit any of the offenses
enumerated in this Act shall be held liable.
16. Corporate Liability. (Section 9) - When any of the punishable acts herein defined are knowingly committed on
behalf of or for the benefit of a juridical person, by a natural person acting either individually or as part of an
organ of the juridical person, who has a leading position within.

2. Liability on other laws

Section 7 was struck down by Supreme Court as it violated the provision on double jeopardy.

3. Jurisdiction

(a) The Regional Trial Court designated special cybercrime courts shall have jurisdiction over any violation of the
provisions of this Act including any violation committed by a Filipino national regardless of the place of commission.

Jurisdiction shall lie if any of the elements was committed within the Philippines or committed with the use of any
computer system wholly or partly situation in the country, or when by such commission any damage is caused to a
natural or juridical person who, at the time the offense was committed, was in the

Philippines. (Section 21)

(b) For international and trans-national cybercrime investigation and prosecution, all relevant international instruments
on international cooperation in criminal matters, arrangements agreed on the basis of uniform or reciprocal

legislation, and domestic laws, to the widest extent possible for the purposes of investigations or proceedings
concerning criminal offenses related to computer systems and data, or for the collection of evidence in electronic form
of a criminal offense shall be given full force and effect. (Section 21)

 This gives the Philippines the ability to participate in treaties and of mutual cooperation with countries that
have counterpart legislation effectively – especially – on cybercrime cases that have team members or victims
residing in the Philippines.

4. Responsibilities of the Philippine National Police (PNP) and National Bureau of Investigation (NBI)

The law gave police authorities the mandate it needs to initiate investigation to process the various complaints / report
it gets from citizens. There are instances of online attacks, done anonymously, where victims approach police authorities
for help.

The PNP and NBI shall be responsible for the enforcement of this law. This includes:

(a) The PNP and NBI are mandated to organize a cybercrime unit or center manned by special investigators to exclusively
handle cases involving violations of this Act. (Section 10).

(b) The PNP and NBI are required to submit timely and regular reports including pre-operation, post operation, and
investigation results and such other documents as may be required to the Department of Justice for review and
monitoring. (Section 11)

(c) THE SUPREME COURT STRUCK DOWN SECTION 12 THAT IS SUPPOSED TO authorize law enforcement authorities,
without court warrant, to collect or record by technical or electronic means traffic data in real time associated with
specified communications transmitted by means of a computer system. (Section 12) Getting a COURT WARRANT is a
must.

(d) May order a one-time extension of another six (6) months on computer data requested for preservation. Provided,
that once computer data preserved, transmitted or stored by service provider is used as evidence in a case, the mere
furnishing to such service provider of the transmittal document to the Office of the Prosecutor shall be deemed a
notification to preserve the computer data until the termination of the case. (Section 13)
(e) Carry out search and seizure warrants on computer data. (Section 15) Once done, turn-over custody in a sealed
manner to courts within 48 hours (section 16) unless extension for no more than 30 days was given by the courts
(section 15).

(f) Upon expiration of time required to preserve data, police authorities shall immediately and completely destroy the
computer data subject of a preservation and examination. (Section 17)

5. Responsibility of service providers (SP)

Service provider refers any public or private entity that provides to users of its service the ability to communicate by
means of a computer system, and processes or stores computer data on behalf of such communication

service or users of such service. (Section 3(n).

(a) SP upon receipt of a court warrant from police authorities to disclose or submit subscriber’s information, traffic data
or relevant data in its possession or control shall comply within seventy-two (72) hours from receipt of the order

in relation to a valid complaint officially docketed and assigned for investigation and the disclosure is necessary and
relevant for the purpose of investigation. (section 14)

(b) The integrity of traffic data and subscriber information relating to communication services provided by a service
provider shall be preserved for a minimum of six (6) months period from the date of the transaction. Content

data shall be similarly preserved for six (6) months from the date of receipt of the order from law enforcement
authorities requiring its preservation. (Section 13)

(c) Once computer data preserved, transmitted or stored by service provider is used as evidence in a case, the mere
furnishing to such service provider of the transmittal document to the Office of the Prosecutor shall be deemed a

notification to preserve the computer data until the termination of the case. (Section 13)

(d) Upon expiration of time required to preserve data, SP shall immediately and

completely destroy the computer data subject of a preservation and

examination. (Section 17)

(e) Failure to comply with the provisions of Chapter IV specifically the orders from law enforcement authorities shall be
punished as a violation of Presidential Decree No. 1829 with imprisonment of prison correctional in its maximum period
or a fine of One hundred thousand pesos (P100,000) or both for each and every non-compliance with an order issued by
law enforcement authorities. Service Provider protection insofar as liability is concern is already covered under the E-
Commerce Law.

6. Responsibility of individuals

(a) Individuals upon receipt of a court warrant being required to disclose or submit subscriber’s information, traffic data
or relevant data in his possession or control shall comply within seventy-two (72) hours from receipt of the order

in relation to a valid complaint officially docketed and assigned for investigation and the disclosure is necessary and
relevant for the purpose of investigation.

(b) Failure to comply with the provisions of Chapter IV specifically the orders from law enforcement authorities shall be
punished as a violation of Presidential Decree No. 1829 with imprisonment of prison correctional in its

maximum period or a fine of One hundred thousand pesos (P100,000) or both for each and every non-compliance with
an order issued by law enforcement authorities.
7. Inadmissible evidence

(a) Any evidence procured without a valid warrant or beyond the authority of the same shall be inadmissible for any
proceeding before any court or tribunal. (Section 18)

8. Access limitation

The Supreme Court struck down Section 19 of the law that gives the Department of Justice powers to order the blocking
of access to a site provided there is prima facie evidence supporting it.

9. Cybercrime new authorities

(a) Office of Cybercrime within the DOJ designated as the central authority in all matters relating to international mutual
assistance and extradition. (Section 23)

(b) Cybercrime Investigation and Coordinating Center (CICC) an inter-agency body to be created under the
administrative supervision of the Office of the President, for policy coordination among concerned agencies and for the

formulation and enforcement of the national cybersecurity plan. (Section 24) CICC will be headed by the Executive
Director of the Information and Communications Technology Office under the Department of Science and

Technology as Chairperson with the Director of the NBI as Vice Chairperson; the Chief of the PNP, Head of the DOJ Office
of Cybercrime; and one (1) representative from the private sector and academe, as members. (Section 25) The CICC is
the cybercrime czar tasked to ensure this law is effectively implemented. (Section 26)