PALAWAN STATE UNIVERSITY

College of Sciences

GE ELECT 1
LIVING IN THE IT ERA

Module 8

CYBERCRIME,
DIGITAL SECURITY
AND
DATA PRIVACY ACT
1
 Overview

Now that you have you have understood Computer Ethics, let us go
deeper by also understanding different cybercrimes , digital security and
data privacy act.

The growth of the information society is accompanied by new and

serious threats. Essential services such as water and electricity supply
now rely on ICTs. Cars, traffic control, elevators, air conditioning and
telephones also depend on the smooth functioning of ICTs. Attacks
against information infrastructure and Internet services now have the
potential to harm society in new and critical ways.

Attacks against information infrastructure and Internet services have

already taken place. Online fraud and hacking attacks are just some
examples of computer-related crimes that are committed on a large scale
every day.

Cybersecurity plays an important role on the ongoing development of

information technology, as well as Internet services. Enhancing
cybersecurity and protecting critical information infrastructures are
essential to each nation’s security and economic well-being. Making the
Internet safer (and protecting Internet users like you) has become integral
to the development of new services as well as government policy.

2
 Learning Outcomes

At the end of this module, you are expected to:

✔ Identify the different forms of cybercrime.

✔ Describe digital security.

3
 Initial Activity

Before going through this module, let us first check your prior knowledge
about this topic.

Try to fill out as many hexagons as you can with any type of crime that
can occur with the help of any computer.

4
 Discussion

COMPUTER CRIMES & INTERNET CRIMES

Other known as cybercrime, is a crime that utilizes a computer and a network

to perform different forms of attack. These are usually "Offences that are
committed against individuals or groups of individuals with a criminal motive to
intentionally harm the reputation of the victim or cause physical or mental
harm, or loss to the victim directly or indirectly, using modern
telecommunication networks such as Internet.

What are the major categories of Computer and Internet Crimes?

1. Cybercrimes Against People/Individual
2. Cybercrimes Against Property
3. Cybercrimes Against Government

5
 Discussion

EXAMPLES OF CYBERCRIME
So, what exactly is a cybercrime? And are there any well-known examples?
In this part of the module, we look at some examples of different types of
cybercrime attack used by cybercriminals.

Read on to understand what counts as cybercrime.

Cyberbullying
Harassing or bullying other people online.

Child pornography
Making or distributing child pornography.

Fraud
Manipulating data, e.g., changing banking records to transfer money to an
account or participating in credit card fraud.

6
 Discussion

EXAMPLES OF CYBERCRIME

Spoofing
Deceiving a system into thinking that you are someone you really are not.

Identity theft
Pretending to be someone you are not and using it for transactions to gain
access.

Online libel
Any inaccurately or injuriously written defamation triggered via electronic
means, including the Internet, social media, email and websites.

Hacking
The unauthorized access to or control over computer network security
systems for some illicit purpose.

Defacing
Changing the content of website to lure other people.

Hijacking
Redirecting someone elsewhere trying to access a particular website.

7
 Discussion

EXAMPLES OF CYBERCRIME

Bombing
Overwhelming a site with countless messages to slow down or even
crash the server.

Denial of service
Program which sends thousands of requests to a site simultaneously,
causing a server to slow down or crash.

Computer Vandalism
A process wherein there is a program that performs malicious function
such as extracting a data or erasing the hard disk.

8
 Discussion

EXAMPLES OF CYBERCRIME

Malware (malicious software)- is an intrusive software that is designed to

damage and destroy computers and computer systems.

Types of Malware
❏ Virus
Designed to damage its target computer by corrupting data,
reformatting your hard disk, or completely shutting down your system.

❏ Worm
Designed to spread over computer networks by exploiting operating
system vulnerabilities.

❏ Trojan Horse
A program that performs malicious actions while pretending the such
actions are harmless.

❏ Spyware
Designed to track your browsing habits and internet activity.

❏ Ransomware
A program that holds your data captive and demands payment to
release the data back to you.

9
 Discussion

EXAMPLES OF CYBERCRIME

Cybersquatting
Setting up a domain of another person or company with the sole intentions of
selling it to them later at a premium price.

Copyright Infringement
Stealing or using another person's Copyrighted material without permission.

Intellectual Property Rights Violation

Infringement of another's copyright, patent, or trademark. Like copying an
original logo or icon and use it as your own.

Software piracy
Illegally copying software that does not belong to you in a manner that
violates the copyright.

Cyber warfare
The use of technology to attack a nation, causing comparable harm to actual
warfare.

Cyber terrorism
The use of computer programs for internet-based attacks in terrorist
activities.

10
 Learning Check

Let us check what you have learned in these prior topics discussed about
computer crimes by completing the following statements:

I know why …
__________________________________________________________

__________________________________________________________

One reason is …
__________________________________________________________

__________________________________________________________

A second reason is that..

__________________________________________________________

__________________________________________________________

Last reason is that…

__________________________________________________________

__________________________________________________________

11
 Discussion

DIGITAL SECURITY

Why is Digital Security Important?

It simply refers to various ways of protecting computer user’s internet account
and files from intrusion by an outside attacker.

Did you know that there are Three Pillars of Digital Security?
Here they are..

❏ Confidentiality
Keeping it confidential, from creating a strong password to using a
fingerprint scanner, storing information through cloud security or invest
in an encryption device.

❏ Integrity
Makes sure that the data you’re keeping confidential and secure hasn’t
been modified or corrupted. You also need to consider the source of the
data.

❏ Availability
Maintaining all hardware, performing hardware repairs in a timely
manner, and ensuring your operating system is free of any bugs,
worms, or viruses.

12
 Discussion

DIGITAL SECURITY

Why is your digital security important?

Because it allows you to use social media and online banking and protects
you from risks such as identity theft and fraud.

What should you do to intensify your digital security efforts?

1. Tape over your webcam, specially if you don’t need it while online.
2. Use multi-factor authentications on your internet accounts.
3. Apply a privacy shield to your computer.

Here are some digital security tools that you can use:

Tools for anonymous navigation online:

• Navigate the internet without giving off your location.

• Install a software called Tor on your computer, which allows to hide

location and keeps whatever you are doing on the internet private.

13
 Discussion

DIGITAL SECURITY

Tools for telephone encryption

SilentPhone for phone calls is perfect if you want to protect your telephone
conversations. There is also Signal which was created by a firm called the
“Guardian Project”. Signal encrypts your voice and video conversations.

Tools to encrypt instant messaging

If you are someone who shares important information via instant messaging,
you should use Cyph which encrypts messages for both Mac and Windows
users.

ChatSecure is another great tool which works perfectly on iOS and Android
platforms.

14
 Discussion

DATA PRIVACY ACT

Have you ever tried to fill out any form with your personal data and
wondering where your data would go after?
What if someone uses your data in it without your permission?

Your personal information is protected, and here’s why.

DATA PRIVACY ACT

Republic Act No. 10173

What is it?
Republic Act No. 10173, otherwise known as the Data Privacy Act is a law
that seeks to protect all forms of information, be it private, personal, or
sensitive.

It is meant to cover both natural and juridical persons involved in the

processing of personal information.

15
 Discussion

DATA PRIVACY ACT

What is the scope of the Data Privacy Act?

SEC. 4. Scope. – This Act applies to the processing of all types of personal
information and to any natural and juridical person involved in personal
information processing including those personal information controllers and
processors who, although not found or established in the Philippines, use
equipment that are located in the Philippines, or those who maintain an office,
branch or agency in the Philippines.

Are there any exceptions to the application of the Data Privacy Act?
This act does not apply to the following:
(a) Information about any individual who is or was an officer or employee of a
government institution that relates to the position or functions of the individual,
including:
(1) The fact that the individual is or was an officer or employee of the
government institution;
(2) The title, business address and office telephone number of the
individual;
(3) The classification, salary range and responsibilities of the position
held by the individual; and
(4) The name of the individual on a document prepared by the
individual in the course of employment with the government.

16
 Discussion

DATA PRIVACY ACT

b) Information about an individual who is or was performing service under

contract for a government institution that relates to the services performed,
including the terms of the contract, and the name of the individual given in the
course of the performance of those services;

(c) Information relating to any discretionary benefit of a financial nature such

as the granting of a license or permit given by the government to an individual,
including the name of the individual and the exact nature of the benefit;

(d) Personal information processed for journalistic, artistic, literary or research

purposes;

(e) Information necessary in order to carry out the functions of public authority
which includes the processing of personal data for the performance by the
independent, central monetary authority and law enforcement and regulatory
agencies of their constitutionally and statutorily mandated functions.

17
 Discussion

DATA PRIVACY ACT

(f) Information necessary for banks and other financial institutions under the
jurisdiction of the independent, central monetary authority or Bangko Sentral
ng Pilipinas to comply with Republic Act No. 9510, and Republic Act No. 9160,
as amended, otherwise known as the Anti-Money Laundering Act and other
applicable laws; and

(g) Personal information originally collected from residents of foreign

jurisdictions in accordance with the laws of those foreign jurisdictions,
including any applicable data privacy laws, which is being processed in the
Philippines.

What is personal information?

Under Sec. 3(g) of the Data Privacy Act, “personal information refers to
any information whether recorded in a material form or not, from
which the identity of an individual is apparent or can be reasonably
and directly ascertained by the entity holding the information, or
when put together with other information would directly and
certainly identify an individual.”
In other words, personal information is any information which can be
linked to your identity, thus making you readily identifiable.

18
 Discussion

DATA PRIVACY ACT

What is a processing of personal information?

Under Sec. 3(j) of the Data Privacy Act, “processing refers to any
operation or any set of operations performed upon personal
information including, but not limited to, the collection, recording,
organization, storage, updating or modification, retrieval,
consultation, use, consolidation, blocking, erasure or destruction of
data.”

In other words, processing of personal information is any operation

where personal information is involved. Whenever your information
is, among other things, collected, modified, or used for some
purpose, processing already takes place.

19
 Reflection

Cyberspace has no total prevention for cyber-attacks, but now that

you have learned the cybercrime laws and its forms, what would you do to
prevent being attacked as a computer user with your personal data on it?
How secure is your personal computer? And how will you use your rights
as the rightful owner of your own data?

20
 Evaluation

Read the instructions carefully.

Identify the cybercrime being committed in each scenario. Write your answers
on the blank spaces provided.
1. Bryan needs to do his homework on a word document, but he
wasn’t able to do it because he doesn’t have any word processing
application on his computer, so he downloaded illegally for free.
___________________________

2. Diana wants to put on a logo or icon for her restaurant business,

and so she searched for popular logos used by other businesses
from the internet and used it.
___________________________

3. Kristina wanted to be famous online so she used the photos of a

popular personality and pretended to it was her to gain popularity.
____________________________

21
 Evaluation

Read the instructions carefully.

True or False.
Identify whether the following statements are true or false. Write your answers
at the blank lines provided.

1. A crime without the use of any form of technology can still be considered
as a cybercrime. ______

1. Cybercrime against People, Property and Government are the three

major categories of cybercrime and internet crimes. ______

1. A spyware is designed to hold your data captive and demands payment

for retrieval of data. ______

1. Personal information is any information which can be linked to your

identity, thus making you readily identifiable. ______

1. There are no exceptions for the application of Data Privacy Act. ______

22
 Evaluation

Read the instructions carefully.

Answer the following:

1. Provide one step for intensifying your digital security efforts.

________________________________________

2. What are the three Pillars of Digital Security?

_________________________________________
_________________________________________
_________________________________________

23
 References

[1] Gerke, M. (2012). Understanding Cybercrime: Phenomena,

challenges, and legal response. ITU Telecommunication
Development Bureau.

[2] National Privacy Commission. (n.d.) Data Privacy Act (DPA) Quick
Guide. Retrieved from
https://www.privacy.gov.ph/quickguide/

[3] Sabillion, R., et al. (2016). Cybercrime and Cybercriminals: A

Comprehensive Study. International Journal of Computer
Networks and Communications Security

24