R.A. No.

10175: The Cybercrime Prevention Act: The Net Commandments

By Elvic Gravino, JD1 and Mary Clare Villanueva, JD1

Brief History

The legal framework of the Republic Act No. 10175 or “Cybercrime Prevention Act of 2012” is in line with
the Cybercrime Prevention Act of the Budapest Convention, which took effect in February 2014.

The Philippine Congress enacted the Cybercrime Prevention Act of 2012, which addresses entirely crimes
committed against and through the computer system on September 12 2012, and signed by President
Benigno Aquino III. It includes substantive penal, procedural, and international cooperation rules.

Amendatory bills on cybercrime investigations are a work-in-progress in the Philippines, aiming to

introduce new procedural powers, responsibilities, and extradition provisions. These amendatory bills
aim to provide a structured approach for prosecutors and investigators on cybercrime investigations and
further align national legislation with the Budapest Convention.

Understanding the Purpose of the Act

The Cybercrime Prevention Act of 2012 focuses on the pre-emption, prevention, and prosecution of
cybercrimes such as offenses against the privacy, confidentiality, integrity, and availability of computer
data and systems, computer-related offenses, and content-related offenses.

Its original goal was to penalize acts in Republic Act 9775 like cybersex and child pornography and RA
10173 like identity theft and unsolicited electronic communications. However, various groups opposed
the provision to expand the scope of libel law to cover Internet posts, which led the Supreme Court to
issue a temporary restraining order and a status quo ante order.

The Cybercrime Prevention Act of 2012 could sentence internet users to up to 12 years in prison for
posting defamatory commentaries on social media, such as Facebook and Twitter. Though online libel
was not part of the original bill proposed by the Department of Justice (DOJ), the Senate passed an
amendment to insert it and was primarily proposed by Senator Vicente Sotto III.

In addition, this act provides that crimes defined and penalized by the Revised Penal Code, as amended,
and special laws, if committed by, through, and with the use of information and communications
technologies, shall be covered by the relevant provisions of Revised Penal Code, provided, that the
penalty should be one degree higher than the penalty imposed in the Revised Penal Code, as amended,
and special laws. Furthermore, this act provides that prosecution under the Cybercrime Prevention Act
of 2012 shall be without prejudice to any liability for violation of any provision of the Revised Penal
Code, as amended, or special laws.

Effectiveness and Value

On October 9, 2012, six days after the law took effect, the Supreme Court issued a four-month injunction
while scrutinizing the law for possible violations of constitutional provisions on freedom of expression.
Then, on February 6, 2020, the Supreme Court extended the temporary restraining order indefinitely.

The Cybercrime Prevention Act of 2012 sanctions content-related offenses performed using a computer
system, such as cybersex, child pornography, and libel. In addition, unsolicited commercial
communications or content that advertises or sells products or services is also punished. However, there
are some exceptions to this law relating to the transmission of unsolicited material: it is not a crime if the
recipient has given prior agreement, the communication is an announcement from the sender to users,
and the recipient has an easy, reliable way to refuse it, among other things.

Individuals found guilty of cybersex face a minimum prison sentence of six years and one day, a
maximum prison of 12 years, and a fine of at least P200,000 but not more than P1,000,000.In addition,
unsolicited communication is punishable by one month to six months in prison, a fine of not less than
P50,000 but not more than P250,000, or both.

Child pornography through computer systems has a penalty of one degree higher than what is provided
in RA 9775, or the Anti-Child Pornography Act of 2009. In RA 9775, those who produce, disseminate, or
publish child pornography will be fined the amount of not less than P50,000 but not more than
P5,000,000 and a maximum prison sentence of 20 to 40 years.

The Cybercrime Prevention Act of 2012 also penalizes offenses against the privacy, confidentiality,
integrity, and availability of computer data and systems, such as illegal access, unauthorized interference,
system interference, data interference, misuse of devices, and cybersquatting. In this context,
cybersquatting is defined as the acquisition of domain names on the internet in bad faith or with the
intent to gain profit, mislead, destroy one’s reputation or deprive others of registering or creating an
account to the domain name involved. Also, the Cybercrime Prevention Act of 2012 covers any digital
fraud, computer-related forgery, and identity theft.

In the Philippines, as many as 87 percent of Filipinos were identified as victims of malicious activities
committed online, according to DOJ, which quoted a 2010 report of the security software firm Symantec.
These include victims of malware invasion, sexual predation, and online or phishing scams.

Salient Points the Public Must Know

The public must know that the Cybercrime Prevention Act of 2012 has the following features:

 Internationally consistent definitions for cybercrime

 Nuanced liability for cybercrime offenders

 Increased penalties

 Enhanced authority granted to law enforcement authorities

 Expanded jurisdictional authority for prosecution

 Provisions for international cybercrime coordination effort and greater ability to combat
cybercrimes

Several of the definitions of cybercrimes under the Cybercrime Prevention Act of 2012 are patterned
after the Budapest Convention’s definition of illegal access and an interception, data and system
interference, misuse of devices, computer-related forgery, and computer-related fraud.

Here are the offenses that fall under the Cybercrime Prevention Act of 2012:

Offenses Against Confidentiality, Integrity, and Availability of Computer Data and Systems
 1. Illegal access

2. Illegal interception

3. Data Interference

4. System Interference

5. Misuse of Devices

6. Cyber Squatting

Computer-Related Offenses

1. Computer-related forgery

2. Computer-related Fraud

3. Computer-related Identity Theft

Content-Related Offenses

1. Cybersex

2. Child Pornography

3. Unsolicited Commercial Communications

4. Libel

Other Offenses

1. Aiding or abetting in the Commission of Cybercrime

2. Attempt in the Commission of Cybercrime

The National Bureau of Investigation and Philippine National Police are the law enforcement authorities
for the Cybercrime Prevention Act of 2012. Both shall organize a cybercrime unit or center staffed by
special investigators to handle cases involving violations of this Cybercrime Prevention Act of 2012
exclusively.

1. To ensure that the technical nature of cybercrime and its prevention get the attention it
deserves.

2. To submit timely and regular reports to the Department of Justice for review and monitoring,
including pre-operation, post-operation, and investigation outcomes, as well as any other
materials that may be necessary.

3. Authorized to collect or record traffic statistics in real-time related to specific communications

conducted via a computer system using technical or electronic means.

Only the origin, destination, route, time, date, size, duration, or type of underlying service are referred to
as traffic data, not the content or identity of the communication. A court warrant will be required for any
other data to be acquired, seized, or released.
The Regional Trial Court shall have jurisdiction over any violation of the provisions of this Cybercrime
Prevention Act of 2012. Including any violation committed by a Filipino national regardless of the place
of commission. Jurisdiction shall lie if any of the elements was committed within the Philippines or
committed with the use of any computer system wholly or partly situated in the country, or when by
such commission any damage is caused to a natural or juridical person who, at the time the offense was
committed, was in the Philippines.

Reporting A Cybercrime

Now that there are specialized teams to address issues of cybercrime in the country, there are more
ways than one to file a complaint. On the Philippine National Police Anti-Cybercrime Group’s website,
complaints may be filed through:

 Walk-in, Anti-Cybercrime Group Building, Camp Crame, Quezon City, Manila

 Complaint Action Center Hotline [+63 (8) 723-0401 local 7491]

 Viber [+639618298083]

 Facebook [facebook.com/anticybercrimegroup]

 Twitter [@pnpacg]

See the website here: https://pnpacg.ph/main/contacts.html

The Department of Justice also provides a matrix on their website to easily guide the netizens with a
checklist of who may complain, the cybercrime offense complained of, and documentary requirements
to support the complaint. Similar with the PNPACG, there are walk-in and electronic options are
available:

 Walk-in, Office of the Cybercrime, DOJ, Ermita, Manila

 Website [www.doj.gov.ph]

 E-mail [cybercrime@doj.gov.ph]

 Hotline [526-2747/521-8345]

 Letter Report

 Referral

See the website here: [https://www.doj.gov.ph/reporting_cybercrime.html#:~:text=Reporting%20of

%20Cybercrime%20Incidents%20%3A%3A,8482%2C%20(%2B632)%20523%206826]

In a Nutshell

We have come a long way from passing and temporarily restraining the Cybercrime Prevention Act.
Given the technological advancements of today, everything intangible becomes readily available at our
fingertips. Cyber scams are so widespread that a simple click could start a wildfire of spam links sent to
contacts across all social accounts. During this pandemic especially, we all need the levels of protection
that can be afforded to us. The Cybercrime Prevention Act of 2012 is inclusive, comprehensive, and
provides for accessibility options to the complainant.

Although the action and response of designated authorities to cybercrime are still far from perfect, it is
an Act that continuously seeks to improve the protection of every Filipino netizen’s rights.