CYBER LAWS OF THE PHILIPPINES

Cybercrime Law

Defined as a crime in which a computer is the object of the crime (hacking, phishing, spamming) or used as a tool to commit an offense (child pornography, hate crimes).

• access personal information, business trade secrets

• use the internet for exploitative or malicious purposes.

Cybercriminals may use computer technology to:

COMPUTER CRIME

Cybercrime may also be referred to as .

• Online Bank Information Theft

• Identity Theft

• Online Predatory Crimes

• Unauthorized Computer Access

COMMON TYPES OF CYBERCRIME

• Establishes socio-legal sanctions for cybercrime

• Protects ICT users, in general, and mialgates and/or prevents harm to people, data, systems, services, and infrastructure in particular.

• Protects human rights.

• Enables the investigation and prosecution of crimes committed online.

• Facilitates cooperation between countries on cybercrime matters (UNODC, 2013, p. 52)

ROLE OF CYBERCRIME LAW

RA 8797

also called the E-commerce (Electronic Commerce) Law of the Philippines

E-commerce

refers to the business over the internet. Websites such as Lazada, Zalora, Shopee and etc. are all e- commerce sites

RA 8792

An act providing for the recognition and use of electronic commercial and non-commercial transactions and documents, penalties for unlawful use thereof and for other purposes

An act providing for the recognition and use of electronic commercial and non-commercial transactions and documents, penalties for unlawful use thereof and for other purposes

what is RA 8792 about

Key provisions of RA 8792

• Allows the formation of contracts in electronic form.

• Makes banking transactions done through ATM switching networks absolute once automated.

• The Department of Trade & Industry supervises e-commerce development in the Philippines.

• Made cable, broadcast, and wireless physical infrastructure within the activity of telecommunications.

• Provides guidelines for when a service provider can be liable.

• Authorities and parties with the legal right can only gain access to electronic documents, messages, and signatures for confidentiality purposes.

• Business-to-Consumer (B2C)

• Business-to-Business (B2B)

Types of E-commerce Transactions

Business-to-Consumer (B2C)

• Sells products/services directly to personal use customers.

• Includes online retailing, banking, travel services, auctions, health, and real estate sites.

Business-to-Business (B2B)

• Involves transactions between businesses, such as manufacturer to wholesaler and wholesaler to retailer.

• Secure legal framework for e-commerce.

• Protect integrity of electronic documents/signatures.

RA 8792 OBJECTIVES

information, communications, computer, communications, misuse, abuse, illegal access, punishable

"The state recognizes the vital role of and industries in the nation's overall social and economic development. The state also recognizes the need to protect and safeguard the integrity of and systems from all forms of , , and by making under the law such conduct or conducts."

President Benigno Aquino III

RA 10175: Cybercrime Law of the Philippines is signed into law by?

September 12, 2012

when was RA 10175 signed into law?

RA 10175

Cybercrime Law of the Philippines

RA 10175

Act that is temporarily restrained by a TRO on October 9, 2012

Illegal access

Unauthorized access (without right) to a computer system or application.

RA 4200

Anti-Wiretapping Law

RA 8484

Access Device Regulation Act

RA 9208

Anti-Trafficking in Persons Act

RA 9775

Anti-Child Pornography Act

RA 9995

Anti-Photo and Voyeurism Act

Illegal interception

Unauthorized interception of any non-public transmission of computer data to, from, or within a computer system

Data Interference

Unauthorized alteration, damaging, deletion or deterioration of computer data, electronic document, or electronic data message, and including the introduction or transmission of viruses.Authorized action can also be covered by this provision if the action of the person went beyond agreed scope resulting to damages stated in this provision.

System Interference

Unauthorized hindering or interference with the functioning of a computer or computer network by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data or program, electronic document, or electronic data messages, and including the introduction or transmission of viruses.Authorized action can also be covered by this provision if the action of the person went beyond agreed scope resulting to damages stated in this provision.

Misuse of devices

The unauthorized use, possession, production, sale, procurement, importation, distribution, or otherwise making available, of devices, computer program designed or adapted for the purpose of committing any of the offenses stated in Republic Act 10175. Unauthorized use of computer password, access code, or similar data by which the whole or any part of a computer system is capable of being accessed with intent that it be used for the purpose of committing any of the offenses under Republic Act 10175.

Cyber-squatting

Acquisition of domain name over the Internet in bad faith to profit, mislead, destroy reputation, and deprive others from the registering the same. This includes those existing trademark at the time of registration; names of persons other than the registrant; and acquired with intellectual property interests in it. Those who get domain names of prominent brands and individuals which in turn is used to damage their reputation – can be sued under this provision. Note that freedom of expression and infringement on trademarks or names of person are usually treated separately. A party can exercise freedom of expression without necessarily violating the trademarks of a brand or names of persons.

Computer-related Forgery

Unauthorized input, alteration, or deletion of computer data resulting to inauthentic data with the intent that it be considered or acted upon for legal purposes as if it were authentic, regardless whether or not the data is directly readable and intelligible; orThe act of knowingly using computer data which is the product of computer-related forgery as defined here, for the purpose of perpetuating a fraudulent or dishonest design.

Computer-related Fraud

Unauthorized input, alteration, or deletion of computer data or program or interference in the functioning of a computer system, causing damage thereby with fraudulent intent

Computer-related Identity Theft

Unauthorized acquisition, use, misuse, transfer, possession, alteration or deletion of identifying information belonging to another, whether natural or juridical.

• Stealing someone's personal information online, like their name, address, or financial details, to impersonate them or commit fraud

Cybersex

Willful engagement, maintenance, control, or operation, directly or indirectly, of any lascivious exhibition of sexual organs or sexual activity, with the aid of a computer system, for favor or consideration.There is a discussion on this matter if it involves “couples” or “people in relationship” who engage in cybersex. For as long it is not done for favor or consideration, I don’t think it will be covered. However, if one party (in a couple or relationship) sues claiming to be forced to do cybersex, then it can be covered.

Child Pornography

Unlawful or prohibited acts defined and punishable by Republic Act No. 9775 or the Anti-Child Pornography Act of 2009, committed through a computer system.

• Producing, distributing, or possessing sexual images or videos involving children, which is illegal and harmful.

Libel

Unlawful or prohibited acts of libel as defined in Article 355 of the Revised Penal Code, as amended committed through a computer system or any other similar means which may be devised in the future.

Aiding or Abetting in the commission of cybercrime

Any person who willfully abets or aids in the commission of any of the offenses enumerated in this Act shall be held liable.

Attempt in the commission of cybercrime

Any person who willfully attempts to commit any of the offenses enumerated in this  Act shall be held liable

All crimes

defined and penalized by the Revised Penal Code, as amended, and special laws, if committed by, through and with the use of information and communications technologies shall be covered by the relevant provisions of this Act.

Corporate Liability

When any of the punishable acts herein defined are knowingly committed on behalf of or for the benefit of a juridical person, by a natural person acting either individually or as part of an organ of the juridical person, who has a leading position within

Prision correccional in its minimum and medium periods or a fine ranging from 200 to 6,000 pesos, or both.

Punishment of libel

Cybercrime Prevention Act

The strengthened libel in terms of penalty provisions.The electronic counterpart of libel has been recognized since the year 2000 when the E-Commerce Law was passed. The E-Commerce Law empowered all existing laws to recognize its electronic counterpart whether commercial or not in nature.

Prision mayor

imprisonment of six years and 1 day up to 12 years

Reclusion temporal

imprisonment for twelve years and one day up to twenty years

• Illegal access

• illegal interception

• data interference

• system interference

actions that has a penalty of:
Prision mayor (imprisonment of six years and 1 day up to 12 years) or a fine of at least Two hundred thousand pesos (P200,000) up to a maximum amount commensurate to the damage incurred or BOTH. If committed against critical infrastructure: Reclusion temporal (imprisonment for twelve years and one day up to twenty years) or a fine of at least Five hundred thousand pesos (P500,000) up to a maximum amount commensurate to the damage incurred or BOTH.

misuse of devices

Penalty: Same as illegal access, but fine not exceeding Five hundred thousand pesos (P500,000).

• computer-related forgery

• computer-related identity theft

Penalty: Prision mayor or a fine of at least Two hundred thousand pesos (P200,000) up to a maximum amount commensurate to the damage incurred or BOTH.

Cybersex

Penalty: Prision mayor or a fine of at least Two hundred thousand pesos (P200,000) but not exceeding One million pesos (P1,000,000) or BOTH.

Child pornography

Penalty: One degree higher than provided in the Anti-Child Pornography Act.

One degree higher than provided for in the Revised Penal Code or special laws.

penalty for libel

• Aiding or Abetting in the commission of cybercrime

• Attempt in the commision of cybercrime

penalty: Imprisonment of one (1) degree lower than that of the prescribed penalty for the offense or a fine of at least One hundred thousand pesos (P100,000) but not exceeding Five hundred thousand pesos (P500,000) or both.

• Improving Public Access

• Educate and expand our knowledge on

• Information and Communications Technology (ICT)

• Protect the Consumer and Industry development

• Nation Building through ICT

• Safeguarding of Information

• Widen the scope of ICT in the Philippines

RA 10844 or DICT ACT FOCUSES ON

RA 10173

An act protecting individual personal information in mation and communications systems in the government and private sector, creating for this purpose a National Privacy Commission (NPC), and for other purposes.

Department of Information and Communication Technology (DICT)

It is the responsible agency and home to the NPC.

RA 10173

Data Privacy Act

• Growing and important business process management and health information technology.

• Expenses on IT has reached an all time high

• We are in the process of enabling free public Wi-Fi

• The digital engagement of Filipinos are ranked #1 in the whole world

why do we need Data Privacy Act?

Companies with at least 250 employees or access to the personable and identifiable information of at least 1,000 people are required.

Who needs to register?