Professional Documents
Culture Documents
CHAPTER 1
General Considerations
Learning Outcomes:
At the end of the chapter the students are expected to:
1. Explain the correlation of cybercrime and environmental crimes.
2. Differentiate cybercrime and cyber security.
3. Explain the basics of cybercrime and environmental crimes
4. Identify the significance of cybercrime investigation.
I. Overview
Due to information technology that is more embedded in our society, cybercrime has become
a common hazard on a global scale. With more than 4.5 billion people online, half of the world’s
population is potentially at risk of falling victim to cybercrime. More and more criminals are
exploiting the speed, convenience and anonymity of the Internet to commit a diverse range of
criminal activities that know no borders, either physical or virtual. These activities cause serious
harm and pose very real threats to victims worldwide.
In this connection Floridi (2010) argues that while technology keeps growing
bottom-up, it is high time we start digging deeper, top-down, in order to expand and
reinforce our conceptual understanding of our information age, of its nature, less visible
implications and its impact on human and environmental welfare, giving ourselves a chance
to anticipate difficulties, identify opportunities and resolve problems, conflicts and dilemmas.
Much more the COVID-19 pandemic has resulted in the accelerated merging of our physical
and cyber spaces and increased reliance on connectivity for many of our basic tasks, in both our
work and personal lives.
The elusive nature of cybercrime means that law enforcement bodies need to adopt new
techniques in order to prevent cybercrimes, identify offences, patterns of crime and lines of
enquiry that are robust enough to justify a criminal investigation.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 1
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Thus, the public sector and the law enforcers must ramp up its preparedness,
effectiveness and leadership for collective cyber resilience. Cybersecurity is both a shared
responsibility and a common goal that we must constantly work for.
A. Primary
Terms
Cybercrime
-identifies the core offences that may include; 1) illegal access, (2) interfering with data,
(3) interfering with computer systems, (4) illegal interception of data, (5) illegal devices and
(6) child pornography which it considers to fall within its scope.
-Defined as offences committed against computer data, computer data storage media,
computer systems, service providers.
Cybersecurity
-Cybersecurity focuses on the policy and procedure for securing and protecting
systems and assets.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 2
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Computer forensics - is the process of methodically examining computer media (hard disks,
diskettes, tapes, etc.) for evidence. In other words, computer forensics is the collection,
preservation, analysis, and presentation of computer-related evidence.
Environmental crimes. Encompass a broad list of illicit activities, including illegal trade in
wildlife; smuggling of ozone-depleting substances (ODS); illicit trade of hazardous waste; illegal,
unregulated, and unreported fishing; and illegal logging and trade in timber
Environmental Law System - is an organized way of using all of the laws in our legal
system to minimize, prevent, punish, or remedy the consequences of actions which damage or
threaten the environment, public health and safety.
B. Other Terms
Access. Refers to the instruction, communication with, storing data in, retrieving data from, or
otherwise making use of any resources of a computer system or communication network.
Access controls. Measures that establish privileges, determine authorized access, and prevent
unauthorized access.
Advanced fee fraud. A computer-related fraud involving a request for an advance fee to
complete a transfer, deposit or other transaction in exchange for a larger sum of money.
Advanced persistent threats. Individuals and/or groups that persistently target an entity. Also
known as APTs.
Appellations of origin. Symbols of products quality and the reputation of the place of its
creation property, which cannot be used unless the product was developed in that region according
to standards of practice. Also known as geographical indications.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 3
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Anonymizers. These proxy servers enable users to hide identity data by masking their IP address
and substituting it with a different IP address. Also known as anonymous proxy servers.
Anonymous proxy servers. These proxy servers enable users to hide identity data by
masking their IP address and substituting it with a different IP address. Also known as
anonymizers.
Anti-digital forensics. Tools and techniques used to obfuscate cybercrime investigation and
digital forensics efforts. Also known as anti-forensics.
Anti- forensics. Tools and techniques used to obfuscate cybercrime investigation and digital
forensics efforts. Also known as anti-digital forensics.
Application and file analysis. Type of analysis that is performed to examine applications and
files on a computer system to determine the perpetrator’s knowledge of and intent and capabilities
to commit cybercrime.
Best evidence. The original piece of evidence or an accurate duplicate of the original.
Big data. Large volumes of structured and unstructured data that can be consolidated and analysed
to reveal information about associations, patterns, and trends.
Brute force attack. The use of a script or bot to guess user credentials.
Back-tracing. The process of tracing illicit acts back to the source of the cybercrime. Also known
as trace back.
Botcode. A type of malicious software that enables the remote control of these devices and use
them to commit cybercrimes, steal information, and/or engage in cyberattacks.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 4
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Business continuity plan. Outlines instructions to be followed and actions to be taken in the
event of a cybersecurity incident. Also known as emergency management plan.
Chain of custody. A detailed log about the evidence, the condition of the evidence, its
collection, storage, access, and transfer and reasons for its access and transfer, is essential to
ensure the admissibility of digital evidence in most courts of law.
Child sex trafficking. Acting in some manner that recruits, leads, causes, maintains, and/or
otherwise facilitates the commercial sexual exploitation of children.
Child sexual abuse material. The representation of child sexual abuse and/or other
sexualized acts using children.
Child sexual abuse to order. Viewers of child sexual abuse can be actively involved in abuse
by communicating with the child, the sexual abuser, and/or facilitator of the child sexual abuse and
requesting specific physical acts and/or sexual acts to be performed on and/or performed by the
child.
Child Pornography . Refers to the unlawful or prohibited acts defined and punishable by
Republic Act No. 9775 or the “Anti-Child Pornography Act of 2009”, committed through a
computer system:
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 5
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Clearnet. Indexed websites that are accessible and available to the public and can be searched
using traditional search engines. Also known as Surface Web or Visible Web.
Code of ethics. Guidelines covering right and wrong conduct to inform decision-making.
Computer network. Two or more computers that send and receive data
between them.
Confidentiality. Systems, networks, and data are protected, and only authorized users can
access them.
Confirmation bias. The process whereby individuals look for and support results that
support their working hypothesis and dismiss results that conflict with their working
hypothesis.
Copyrights. Creative products, such as artistic and literary works, protected by law.
Crime displacement. When a crime that was intended for one target is committed on
another target because of security measures in place.
Crime reconstruction. This process seeks to determine who was responsible for the crime, what
happened, where did the crime occur, when did the crime take place, and how the crime unfolded,
through the identification, collation, and linkage of data. Also known as event reconstruction.
Critical infrastructure. Designated essential sectors that are considered fundamental to the
proper functioning of society.
Cryptojacking. A tactic whereby the processing power of infected computers is used to mine
cryptocurrency for the financial benefit of the person (or persons) controlling the bot- infected
digital devices.
- It is also an emerging threat that hides on a user’s computer mobile phone, tablet,
laptop or server, using that machine’s resources to ‘mine’ cryptocurrencies without the user’s
consent or knowledge.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 7
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Cyber-dependent crime. A cybercrime that would not be possible without the Internet and
digital technologies.
Cyber organized crime. A term used to describe a continuing criminal enterprise that
rationally works to profit from illicit activities that are in demand online.
Cyber organized criminals. A structured group of three or more persons, existing for a period
of time and acting in concert with the aim of committing one or more serious crimes or offences
established in accordance with the United Nations Convention against Transnational Organized
Crime of 2000, which operate in whole or in part online, in order to obtain, directly or indirectly, a
financial or other material benefit.
Cryptoransomware. Malware that infects a user’s digital device, encrypts the user’s
documents, and threatens to delete files and data if the victim does not pay the ransom.
Cyberstalking. The use of information and communication technology to commit a series of acts
over a period of time designed to harass, annoy, attack, threaten, frighten, and/or verbally abuse an
individual (or individuals).
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 8
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Cybersecurity. The collection of strategies, frameworks, and measures that are designed to
identify threats and vulnerabilities of systems, networks, services, and data to these threats; prevent
the exploitation of vulnerabilities; mitigate the harm caused by materialized threats; and safeguard
people, property, and information and communication technology.
Cyberwarfare. Cyber acts that compromise and disrupt critical infrastructure systems, which
amount to an armed attack. It is also the use of technology to penetrate and attack another nation’s
computer systems and networks in an effort to cause damage or disrupt services, such as shutting
down a power grid.
Digital evidence refers to digital information that may be used as evidence in a case. The
gathering of the digital information may be carried out by confiscation of the storage media (data
carrier), the tapping or monitoring of network traffic, or the making of digital copies (e.g., forensic
images, file copies, etc.), of the data held;
Dark Web. The part of the World Wide Web, which is known for its obscure and hidden
websites that host illicit activities, goods, and services, and can only be accessed using
specialized software. Also known as darknet.
Darknet. The part of the World Wide Web, which is known for its obscure and hidden websites
that host illicit activities, goods, and services, and can only be accessed using specialized
software. Also known as Dark Web.
Data. Any form of representation of information that is processed by a system of a digital device.
Also known as computer data or computer information.
Data hiding analysis. Type of analysis that searches for hidden data on a system.
Data preservation. Requests are made to service providers by law enforcement in an effort
to retain data before it is deleted or altered in any way.
Data protection. The safeguarding of personal information and regulates its collection,
storage, analysis, use, and sharing.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 9
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Data protection by design. Privacy measures embedded in the design of systems and
technologies. Also known as privacy by design.
DDoS attack. The use of multiple computers and other digital technologies to conduct
coordinated attacks with the intention of overwhelming servers to prevent legitimate users’ access.
Also known as a distributed denial of service attack.
Deep Web. The part of the World Wide Web that is not indexed by search engines and is not
easily accessible and/or available to the public.
Design patents. A form of intellectual property that includes designs that are created with the
specific purpose of being aesthetically pleasing to consumers and impacts their choice between
products. Also known as industrial designs.
Digital evidence. Data obtained from information and communication technology. Also
known as electronic evidence.
Digital footprint. Data left behind by ICT users that can reveal information about them,
including age, gender, race, ethnicity, nationality, sexual orientation, thoughts, preferences,
habits, hobbies, medical history and concerns, psychological disorders, employment status,
affiliations, relationships, geolocation, routines, and other activities.
Digital forensic process. The search, retrieval, preservation, and maintenance of digital
evidence; description, explanation and establishment of the origin of digital evidence and its
significance; the analysis of evidence and its validity, reliability and relevance to the case; and the
reporting of evidence pertinent to the case.
Digital forensics. A branch of forensic science that applies matters of law to information and
communication technology and digital evidence.
Digital piracy. The illegal download of a movie from a third-party website that does not have
the right to distribute the copyrighted work.
Disinhibition. The process whereby an individual demonstrates a lack of social restraint with
regards to online behavior.
Dissociative anonymity. Individuals detachment of their online behavior from their offline
behavior due to the anonymity afforded to them when utilizing the Internet and digital technology.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 10
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Dissociative imagination. Individuals’ view of cyberspace as a forum within which the rules
of everyday interactions, codes of conduct, social norms, and/or laws do not apply, disinhibiting
the individual to act in a manner contrary to offline rules of everyday interactions, codes of
conduct, social norms, and/or laws.
Distributed denial of service attack. The use of multiple computers and other digital
technologies to conduct coordinated attacks with the intention of overwhelming servers to prevent
legitimate users’ access. Also known as a DDoS attack.
Dogpiling. A tactic whereby users within an online space bombard victims with offensive,
insulting, and threatening messages to silence the target, force them to take back what they said
and/or apologize, or to force them to leave the platform.
DoS attack. A cybercrime that interferes with systems by overwhelming servers with
requests to prevent legitimate traffic from accessing a site and/or using a system. Also known
as denial of service attack.
Doxing. Personal information about individuals posted online to cause the individual some form of
harm.
Doxware. A form cryptoransomware that perpetrators use against victims that releases the user’s
data if ransom is not paid to decrypt the files and data.
eDiscovery. The process of searching, identifying, and preserving digital data for use as
evidence in a legal proceeding.
Electronic evidence. Data obtained from information and communication technology. Also
known as digital evidence.
Encryption. Measure that blocks third party access to users’ information and
communications.
Event reconstruction. This process seeks to determine who was responsible for the event, what
happened, where did the event occur, when did the event take place, and how the event unfolded,
through the identification, collation, and linkage of data. Also known as crime reconstruction.
Expected utility theory. A theory that holds that people engage in actions when the expected
utility from these actions are higher than the expected utility of engaging in other actions.
Firewall. A security measure that restricts the free flow of information by blocking
unauthorized traffic data.
Forensics refers to the application of investigative and analytical techniques that conform to
evidentiary standards, and are used in, or appropriate for, a court of law or other legal context;
Forensic image, also known as a forensic copy, refers to an exact bit-by-bit copy of a data carrier,
including slack, unallocated space and unused space. There are forensic tools available for making
these images. Most tools produce information, like a hash value, to ensure the integrity of the image;
Forensic relevance. The relevance of forensic data is determined by whether the digital
evidence: links or rules out a connection between the perpetrator and the target and/or the crime
scene; supports or refutes perpetrator, victim and/or witness testimony; identifies the perpetrator(s)
of the cybercrime; provides investigate leads; provides information about the method of operation
of the perpetrator; and shows that a crime has taken place.
First responders. Individuals who respond first to the scene and are responsible for
securing evidence at the scene.
Functional analysis. The assessment of the performance and capabilities of systems and devices
involved in events.
General deterrence. Punishment designed to send the message to others that similar illicit
behavior will receive similar severe punishment.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 12
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Geographical indications. Symbols of products quality and the reputation of the place of its
creation property, which cannot be used unless the product was developed in that region according
to standards of practice. Also known as appellations of origin.
Hash value refers to the mathematical algorithm produced against digital information (a file, a
physical disk or a logical disk) thereby creating a “digital fingerprint” or “digital DNA” for that
information. It is a one-way algorithm and thus it is not possible to change digital evidence without
changing the corresponding hash values
Human flesh search engine. A term used to describe online users work together to
identify a target and perpetrate coordinated online abuse against the target.
Image-based sexual abuse. A form of sexual violence whereby sexually explicit images
and/or videos of the victims are intentionally created, distributed or threatened to be distributed
without the consent of the victims. This may be to cause some form of harm to the victim and/or
to benefit the perpetrator in some way (e.g. monetary gain, sexual gratification, social status
building and more).
Incident detection. The process of identifying threats by actively monitoring assets and
finding anomalous activity.
Industrial control systems. Systems that command and control critical infrastructure
processes.
Industrial designs. A form of intellectual property that includes designs that are created with
the specific purpose of being aesthetically pleasing to consumers and impacts their choice
between products. Also known as design patents.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 13
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Identifying information refers to any name or number that may be used alone or in
conjunction with any other information to identify any specific individual, including any of the
following:
1.Name, date of birth, driver’s license number, passport number or tax identification
number;
2.Unique biometric data, such as fingerprint or other unique
physical representation;
3. Unique electronic identification number, address or routing code; and
4. Telecommunication identifying information or access device.
Information and communication technology system refers to system intended for, and
capable of, generating, sending, receiving, storing or otherwise processing electronic data messages
or electronic documents, and includes the computer system or other similar device by or in which
data is recorded or stored, and any procedures related to the recording or storage of electronic data
message or electronic document;
Internet content host refers to a person who hosts or who proposes to host internet
content in the Philippines;
Internet of Things (IoT). Is a large network of physical objects, such as sensors, software and
other equipment. All of these things are connected to the internet, with the ability to collect and
share data.
Inoculation theory. This theory holds that the way to inoculate individuals from persuasion
attempts of others is to expose them to these attempts and given them tools they need to resist
these attempts.
Integrity. Data is accurate and trustworthy and has not been modified.
Internet . It is the largest computer network in the world, connecting millions of computers. A
network is a group of two or more computer systems linked together.
Internet governance. The creation and application of Internet principles, rules, and
procedures by various stakeholders to guide the use of the Internet and shape its
development.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 14
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Internet penetration rate. The portion of the population in an area that uses the Internet.
Internet trolls. Individuals that purposely post rude, aggressive, and offensive remarks
designed to create discord and discontent online.
Jurisdiction. A state’s power and authority to enforce laws and punish non-compliance with
laws.
Key performance indicators. Measures that are used to determine progress towards the
realization of the strategic objectives of the national cybersecurity strategy.
Law enforcement authorities refers to the National Bureau of Investigation (NBI) and the
Philippine National Police (PNP) under Section 10 of RA 10171 (The Anti-Cybercrime law of the
Phil.)
Letters rogatory. Written requests from national courts for evidence from a foreign
country.
Live streaming of child sexual abuse. The real-time broadcasting of child sexual abuse to
viewers (often) in remote locations.
Logical extraction. The search for and acquisition of evidence from the file system
location.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 15
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Malware. Also known as Malicious software. Refers to any code that can be used to steal data,
bypass access controls, or cause harm to or compromise a system.
Money mules. Individuals who either knowingly or unknowingly commit crimes and/or
cybercrimes by obtaining and transferring illicit goods, engaging in illicit services, and/or
illegally receiving or transferring money for others for remuneration.
Morphing. A victim’s face or head superimposed on the bodies of others for the purpose of
defamation, pornography, and/or sexual abuse.
Online child sexual abuse. The use of information and communication technology as a
means to sexually abuse children
Online child sexual exploitation. The use of information and communication technology as a
means to sexually exploit children, where child sexual abuse and/or other sexualized acts using
children involve an exchange of some kind.
Original author refers to the person who created or is the origin of the assailed electronic
statement or post using a computer system
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 16
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Organized crime. A continuing criminal enterprise that rationally works to profit from illicit
activities that are often in great public demand.
Ownership and possession analysis. Type of analysis that is used to determine the
person who created, accessed, and/or modified files on a computer system.
Roasting. Individuals willingly posting images and/or videos of themselves on online and
inviting others to post insults about them.
Routine activity theory. A theory that holds that crime occurs when two elements are
present
- a motivated offender and a suitable target, and one element is
absent - a capable guardian.
Passive digital footprint. Data that is obtained and unintentionally left behind by the
users of the Internet and digital technology.
Patent. “Exclusive right granted for an invention (innovation or creation), which is a product or
a process that provides, in general, a new way of doing something, or offers a new technical
solution to a problem” (WIPO, n.d.).
Patent trolls. These individuals neither create nor invent anything; they merely purchase patents
to license them to others, and sue any person, group, or organization infringing their acquired
patents
Personal autonomy. The ability to make choices and act in ways of their own choosing free
from coercion.
Pharming. The creation of a fake, duplicate website that is designed to trick users to input their
login credentials.
Phishing. The sending of an email to targets with a website link for users to click on, which
might either download malware onto the users’ digital devices or sends users to a malicious
website that is designed to steal users’ credentials.
Physical extraction. The search for and acquisition of evidence from the location within a
digital device where the evidence resides.
Privacy. The right to be left alone and be free from observation; the capacity to keep one’s
thoughts, beliefs, identity, and behavior secret; and the right to choose and control when, what, why,
where, how, and to whom information about oneself is revealed and to what extent information is
revealed.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 17
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Preventive law. Legal rules that focus on regulation of risk and seek to prevent crime or at the
very least mitigate the damage that could be caused in the event of a crime.
Procedural law. Legal rules that cover the processes and procedures to be followed to apply
substantive law, the rules to enable the enforcement of substantive law, and the rules and
standards in criminal justice proceedings.
Preservation refers to the keeping of data that already exists in a stored form, protected from
anything that would cause its current quality or condition to change or deteriorate. It is the activity
that keeps that stored data secure and safe
Xc6 An intermediary server that is used to connect a client with a server that the client is
requesting resources from.
Ransomware. Malware designed to take users’ system, files, and/or data hostage and
relinquish control back to the user only after ransom is paid.
Relational analysis. The determination of the individuals involved and what they did, and the
association and relationships between these individuals.
Resilience. The ability to withstand disruptions, adapt to changing conditions, and recover from
incidents of ICT and protect the confidentiality, integrity, and availability of systems, networks,
services, and data.
Risk assessment. The evaluation of the probability of a threat, its impact, and the
exposure of an asset to this threat.
Service provider. Provides services to a computer system or a system of another digital device.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 18
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
1.any public or private entity that provides users of its service with the ability to
communicate by means of a computer system; and
2.any other entity that processes or stores computer data on behalf of such
communication service or users of such service
Sextortion. A form of cyber harassment whereby the victim is threatened with the release of
sexually explicit content if the demands of the perpetrator are not met.
Situational crime prevention. Measures used to prevent and reduce crime.
Social engineering fraud. Tricking the victim into revealing or otherwise providing
personal information and/or funds to the perpetrator.
Social dilemma. When individuals’ decisions are based on self-interest rather than the
interest of the group or collective, even when the utility of engaging in the collective interest is
higher than the utility of engaging in self-interest.
Solipsistic introjection. The fictional image of others created by users’ perceptions of others
and their traits absent contextual data, including the relationships they have with them based on
imagined rather than real information.
Social engineering. A tactic whereby a perpetrator tricks the target into divulging
information or performing another action.
Spearphishing. The sending of emails with infected attachments or links that are
designed to dupe the receiver into clicking on the attachments or links.
Specific deterrence. Punishing individuals who commit crime to cease further illicit activity if
the punishment received outweighs the benefits of committing the crime.
Spyware. Malware designed to surreptitiously monitor infected systems, and collect and relay
information back to creator and/or user of the spyware.
Stalkerware. A form of spyware that can run on a victim’s computer, smartphone or other Internet-
enabled digital device and collect and relay all the user’s actions on these devices, from emails and
text messages sent and received, to photographs taken and keystrokes.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 19
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Standard operating procedures. Documents that include the policies and sequential acts that
should be followed to investigate cybercrime and handle digital evidence on information and
communication technology.
Steganography. The stealthy concealment of data by both hiding content and making it
invisible.
Substantive law. Legal rules that govern behaviour and responsibilities of those over whom
the state has jurisdiction.
Surface Web. Indexed websites that are accessible and available to the public and can be searched
using traditional search engines. Also known as Clearnet or Visible Web.
Subscriber’s information refers to any information contained in the form of computer data
or any other form that is held by a service provider, relating to subscribers of its services,
other than traffic or content data, and by which any of the following can be established:
The type of communication service used, the technical provisions taken thereto and the
period of service;
The subscriber’s identity, postal or geographic address, telephone and other access number,
any assigned network address, billing and payment information that are available on the basis of the
service agreement or arrangement; or
Temporal analysis. The determination of the time events occurred and the sequence of
these events.
Traceback. The process of tracing illicit acts back to the source of the cybercrime. Also
known as back-tracing.
Trade secrets. Valuable information about business processes and practices that are
secret and protect the business’ competitive advantage.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 20
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Trade secret theft. The theft of a trade secret offline and/or online to gain an unfair
competitive advantage.
Traffic data. Data transmitted over a computer network (or network). It also means any computer
data relating to a communication by means of a computer system, generated by a computer system
that formed a part in the chain of communication, indicating the communication’s origin,
destination, route, time, date, size, duration, or type of underlying service.
- Traffic Data or Non-Content Data refers to any computer data other than the
content of the communication, including, but not limited to the communication’s origin,
destination, route, time, date, size, duration, or type of underlying service
Trojan horse. Malware designed to look like legitimate software in order to trick
the user into downloading the programme, which infects the users’ system to spy, steal and/or
cause harm.
Unallocated space. Space that is available for use because content was
deleted, or space never used.
Visible Web. Indexed websites that are accessible and available to the public and
can be searched using traditional search engines. Also known as Clearnet or Surface Web.
Web crawlers. Applications designed to traverse the World Wide Web to achieve
specific objectives.
Worm. Stand-alone malicious software that spreads without the need for user
activity.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 21
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Write blocker. Designed to prevent the alteration of data during the copying process.
WIFI . Stands for Wireless Fidelity which is a generic term that refers to IEEE802.11 standard for
wireless Local Networks or WLANs. It is also an alternative network to wired network which is
commonly used for connecting devices in wireless mode.
A. History of Computer
- It is an almost a complete reality that the world is becoming a global village through
the use of computer. Therefore, it is imperative to look back into its beginning and origin.
Blaise Pascal and Goffried Liebnits –They invented the calculating machine
in 1642 which marked the genesis of the application of machine in industry.
- He designed the Analytical Engine and it was this design that the basic
framework of the computers of today are based on.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 22
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Alan Turing – In 1936, he presents the notion of a universal machine, later called the Turing
machine, capable of computing anything that is computable. The central concept of the
modern computer was based on his ideas.
Atanasoff and his graduate student, Clifford Berry - design a computer that can
solve 29 equations simultaneously in 1941. This marks the first time a computer is able to
store information on its main memory.
John Mauchly and J. Presper Eckert – In 1943-1944, they build the Electronic
Numerical Integrator and Calculator (ENIAC) and this is considered the grandfather of
digital computers. They build the UNIVAC in 1946, the first commercial computer for business
and government applications.
Alan Shugart - leads a team of IBM engineers who invent the “floppy disk," allowing data
to be shared among computers in 1971.
Robert Metcalfe - a member of the research staff for Xerox, develops Ethernet for
connecting multiple computers and other hardware in 1973:
Steve Jobs and Steve Wozniak- start Apple Computers on April Fool's Day and roll
out the Apple I, the first computer with a single-circuit board, according to Stanford
University in 1976.
1983: Apple's Lisa is the first personal computer with a graphical user interface (GUI). It also
features a drop-down menu and icons. It flops but eventually evolves into the Macintosh.
The Gavilan SC is the first portable computer with the familiar flip form factor and the first
to be marketed as a "laptop."
1985: The first dot-com domain name is registered on March 15, years before the World
Wide Web would mark the formal beginning of Internet history.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 23
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
1999: The term Wi-Fi becomes part of the computing language and users begin
connecting to the Internet without wires.
2005: YouTube, a video sharing service, is founded. Google acquires Android, a Linux-
based mobile phone operating system.
2006: Apple introduces the MacBook Pro, its first Intel-based, dual-core mobile
computer, as well as an Intel-based iMac. Nintendo's Wii game console hits the market
2007: The iPhone brings many computer functions to the smart phone. 2009:
Microsoft launches Windows 7, which offers the ability to pin applications to the
taskbar and advances in touch and handwriting recognition, among other features.
2012: Facebook gains 1 billion users on October 4. 2015: Apple releases the Apple Watch.
Microsoft releases Windows 10.
Characteristics:
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 24
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Second generation of computers used transistors instead of vacuum tubes which were
more reliable. In 1951 the first computer for commercial use was introduced to the public; the
Universal Automatic Computer (UNIVAC 1). In 1953 the International Business Machine (IBM)
650 and 700 series computers made their mark in the computer world. During this generation
of computers over 100 computer programming languages were developed, computers had
memory and operating systems. Storage media such as tape and disk were in use also were printers
for output.
Characteristics:
i.The computers were still large, but smaller than the first generation of
computers.
ii. They use transistor in place of Vacuum Tubes to perform calculation.
iii.They were produced at a reduced cost compared to the first generation of
computers.
iv. Possession of magnetic tapes as for data storage.
v.They were using punch cards as input and output of data and
information. The use of keyboard as an input device was also introduced.
vi.These computers were still generating a lot of heat in which an air
conditioner is needed to maintain a cold temperature.
vii. They have about one thousand circuits per cubic foot.
Characteristics:
i.They used large-scale integrated circuits, which were used for both data
processing and storage.
ii.Computers were miniaturized, that is, they were reduced in size
compared to previous generation.
iii.Keyboard and mouse were used for input while the monitor was used as
output device.
iv.Use of programming language like COBOL and FORTRAN were
developed.
v. They have hundred thousand circuits per cubic foot.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 25
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
Characteristics:
Characteristics:
i. Consist of extremely large scale integration.
ii. Parallel processing
iii. Possession of high speed logic and memory chip.
iv. High performance, micro-miniaturization.
v.Ability of computers to mimic human intelligence, e.g. voice
recognition, facial face detector, thumb print.
vi. Satellite links, virtual reality.
vii. They have billions of circuits per cubic
B. History of Internet
The Internet has been developed through research grants from the U.S.
Department of Defense’s Advanced Research Projects Agency. Scientists wished to maintain
communication links between distant locations in the event that electrical rout had been destroyed.
The early Internet was devised and implemented in American research units, universities, and
telecommunication companies that had vision and interest in cutting-edge research. The
program grew in the 60s and 70s, becoming a network of computers that transmitted
information by “packet switching.” January 1, 1983 is considered the official birthday of the Internet.
With this, the Internet plays a crucial world in today’s technology and society (Luppicini,
2010). Then we witness circularity. New demands yielded further innovation and many more new
applications such as email, the world-wide-web, file
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 26
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
sharing, social networking, live-streaming, blogs, vlogs skype and more. These were not imagined in the
early stage of the net.
In order to understand how the Internet became an integral part of our lives, it is crucial
to examine its history and the major developments that took place from its modest infancy until its
giant presence.
Early 1960s- The history of the Internet started in the United States in the. This was the
Cold War period, when the world was bi-polar: The United States and the Soviet Union were
competing in expanding their influence in the world, viewing each other with great caution and
suspicion.
October 4, 1957 - the Soviet Union launched the first space satellite, Sputnik. The
Sputnik success necessitated American reaction. It was a question of pride and leadership
1984-1989 - entry of the Internet into the commercial phase (facilitated by the upgrading
of backbone links, the writing of new software programs and the growing number of
interconnected international networks; the massive expansion of the Internet into a global network
during the 1990s when business and personal computers with different operating systems joined
the universal network; the instant and growing success of social networking -- sites that enable
Netusers to share information, photos, private journals, hobbies and personal as well as commercial
interests with networks of mutual friends and colleagues.
- His hypermedia software program enabled people to access, link and create
communications in a single global web of information.
June 22, 2001 – The growing impact of internet has paved an opportunity for
criminals and they were also quick to abuse the Internet for profit. Therefore, in the same date, the
European Council finalized its international Convention on Cybercrime and adopted it on
November 9; 2001.This was the first treaty addressing criminal offenses committed over the Internet.
Jimmy Wales and Larry Sanger – In the year 2001, launched “Wikipedia,” the web
based free encyclopedia. It is a collaborative, multilingual project supported by the non-profit
Wikimedia Foundation. Its 17 million articles (over 3.3 million in English) have been written by
volunteers around the world, and almost all of its articles can be edited by anyone with access to the
site. Wikipedia became the largest and most popular general reference resource on the Internet.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 27
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
December 15, 2005 – The official debut of a video file sharing website called “YouTube
created by three former employees of Paypal, Chad Hurley, Steve Chen and Jawed Karim.” On
October 9, 2006, Google bought YouTube for $1.65 billion.
2006 - the free social networking site Twitter was started by Jack Dorsey.
1960 - The first computer system in the Philippines — an IBM 650 — is installed at the
Bureau of Lands to handle the country’s land survey computations.
1986 – The year when the first Philippine based public access of BBS (bulletin board
system first wen online with an annual subscription fee of P1000.
1992 – William “Bill” Torres (Grandfather of Philippine Internet), current chief executive of
the Philippine Internet Service Organization (PISO) initiated the first informal negotiations with
the US National Science Foundation to bring the Internet to the country.
March 29, 1994 - The Philippines has seen quite a number of milestones in this endeavor, all of
which started in this date, when users first got to establish a connection to the Internet. Such
a landmark moment has opened the doors for progress on the side of having Filipinos have access to
the information wellspring that the Internet offers over the following years ever since; the ICTO and
DOST are continuing this progress with the Free Public Wi- Fi Project and the use of TV White
Space (TVWS) Project. Thus, this year marked the First Internet Connection in the country.
2011 – Philippines named “Social Networking Capital of the World” with a percentage of
93.9 for Facebook alone.
2012 – The Cybercrime Prevention Act of 2012 was officially recorded as RA No. 10175 on
September 12, 2012.
2014 - Fastest Growing Connections. The Philippines named fastest growing internet
population in the last five years with a growth of 531%
It threatens the substantial and growing reliance of commerce, governments, and the public upon
the information infrastructure to conduct business, carry messages, and process information.
Cybercrime is one of the fastest growing non-violent crimes in the Asian region. It takes a great
deal of technical expertise and co-operation, both local and foreign, in order to address
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 28
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
such problems. This crime affects different countries in varying degrees, depending on the extent
of the legislative enactment of each country.
In the Philippines, as technical and electronic landscapes change, there is a need to enact laws or
amend existing laws to fully address cyber threats.
“I Love You Virus” – became the Landmark and placed the country on the global cyber-map
and pushed congress to pass the first “cybercrime law “, RA No 8792 or the Electronic
Commerce (E-Commerce) act of 2000 and signed into law on June 14, 2000.
RA 8792 - provides for the legal recognition and admissibility of electronic data
messages, documents and signatures. It is also considered the landmark law in the history of the
Philippines as a legitimate player in the global marketplace. It has placed the Philippines among the
countries penalizing cybercrime. The salient features of the Act are as follows:
The “I LOVE YOU” virus illustrated that a person armed with a computer could, from a
distant location, attack and/or disrupt computers and networks worldwide and cause severe damage.
On May 11, 2000 he was arrested, the suspect apologized to the public and said he had no
intention of causing such great harm. Government prosecutors filed cases against him, but even at
the first stage, the indictment was dismissed
In August of the same year, charges against him in our country were dismissed, mainly because
we had not yet passed legislation addressing the crimes he had committed as there was no law
penalizing the act at the time (May 2000) in the Philippines (nullum crimen, sine lege). The public
around the world is justifiably outraged.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 29
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
August 1, 2000 – The effectivity the Rules on Electronic Evidence drafted by the Supreme Court,
to emphasize the admissibility of evidence in electronic form, subject to its authenticity and reliability.
JJ Maria Giner - The first Filipino to be convicted of cybercrime, particularly hacking, was JJ
Maria Giner. He was convicted in September 2005 by Manila MTC Branch 14 Judge Rosalyn Mislos-
Loja. Giner pleaded guilty to hacking the government portal “gov.ph” and other government
websites. He was sentenced to one to two years of imprisonment and fined Php100,000.
The Anti-Transnational Crime Division (ATCD) – It was created in the year 2003 under the
Criminal Investigation and Detection Group of the Philippine National Police (PNP-CIDG)
involved in the gathering of electronic evidence and the tracking down of the Filipino hacker with
help from local Internet service provider Bitstop Inc., which hosted the gov. ph portal when it was
attacked by Giner.
September 26, 2007 - the Philippines signed the United Nations Convention on the Use
of Electronic Communications in International Contracts at United Nations
Headquarters in New York. Adopted by the United Nations General Assembly on 23
November 2005, the United Nations Convention on the Use of Electronic
Communications in International Contracts aims to enhance legal certainty and
commercial predictability where electronic communications are used in relation to
international contracts.
January 2004 – the first local cybercrime conference was organized by Atty. Gigo A.
Alampay, with representatives from the DOJ of both the US and Canada.
September 12, 2012 – The CPA of 2012 was signed and came into force on October 3,
2012.
CPA act of 2012 (RA No. 10175) – The first piece of legislation comprehensively
dealing with cybercrimes. Divided into 31 sections split across eight (8) chapters, the act
criminalizes several types of offenses such as illegal access, data interference, device
misuse, cybersquatting, computer fraud, cybersex among others. This law also reaffirms
existing laws against child pornography under RA 9775 (The anti-child pornography act of
2009) and libel punishable under Article 355 of the RPC.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 30
INTRO TO CYBER CRIME AND ENVIRONMENTAL LAWS AND PROTECTION
RA No. 8792 – the first law that penalized “cybercrimes” specifically hacking or
cracking.
RA No. 10173 – also known as the Data Privacy Act of 2012, enacted to protect the
fundamental human right of privacy and of communication while ensuring free flow of
information to promote innovation and growth.
Late 1990s - what became known as digital forensics was commonly termed ‘computer
forensics’. The first computer forensic technicians were law enforcement officers who were also
computer hobbyists. In the USA in 1984 work began in the FBI Computer Analysis and Response
Team (CART). One year later, in the UK, the Metropolitan Police set up a computer crime
unit under John Austen within what was then called the Fraud Squad.
Prepared by: Neil Bryan H. Otgalon, RCrim, MSCJ ALWAYS THINK BEFORE YOU CLICK Page 31