Cybercrime Law

The Cybercrime Law of the Philippines (also known as the Cybercrime Prevention Act of 2012 or Republic Act 10175) is a newly-signed act that gives us a true legal tool to combat cybercrime. A better definition is given by a press release from the Senate, a part of which says, "The Cybercrime Prevention Act lays down a comprehensive legal framework for the detection, investigation, and suppression of cybercrimes... " The Republic Act No. 10175, also known as the Cybercrime Prevention Act of 2012, is an act that defines and punishes cybercrime to prevent and suppress its proliferation.

It aims to effectively prevent and combat misuse, abuse and illegal access of the Internet by facilitating their detection, investigation, arrest and prosecution at both the domestic and international levels, and by providing arrangements for fast and reliable international cooperation. To formulate and implement a national cyber security plan, a Cybercrime Investigation and Coordinating Center (CICC) will be created under the administrative supervision of the Office of the President.

This Prevention Act is a boon for local firms, particularly in the information technology sector, business groups said. Other groups meanwhile warned that the new law threatens Filipinos' freedom of expression as well as freedom of information. But what does the anti-cybercrime law mean for the ordinary Filipino citizen? Most if not all of the offenses in the law are already crimes punishable under the Revised Penal Code.

Commenting on the new law, Information and Communications Technology Association of the Philippines (ITAP) President Dondi Mapa said: "It's not a matter of identifying new crimes but only recognizing that existing crimes now happen in a new environment. " The anti-cybercrime act itself notes under its declaration of policy that it is the state's mechanism to adopt "sufficient powers to effectively prevent and combat such offenses by facilitating their detection, investigation, and prosecution. "

The law categorizes cybercrimes into three: (1) offenses against the confidentiality, integrity and availability of computer data and systems; (2) computer-related; or (3) content-related offenses. Illegal access to computer systems, illegal interception of data, data or system interference, as well as misuse or computer systems or data belong in the first category. Also in the same group is "cyber-squatting," which involves the acquisition of a domain name "in bad faith to profit, mislead, destroy reputation, and deprive others from registering the same.

" In case of businesses, these may include the use of a domain name "similar, identical, or confusingly similar" to registered trademarks. But businesses are not the only targets of "cyber-squatters," as the law also covers the use of personal names "identical or in any way similar with the name of a person other than the registrant. " Computer-related offenses, meanwhile, include the input, alteration or deletion of any computer data with the intent of forgery, fraud or identity theft.

On the other hand, cybersex, defined under the law as the willful engagement in online sexual activities, is included in content-related offenses. Child pornography is another content-related offense in the law. The anti-cybercrime act notes that punishment to child pornography committed through a computer system will be one degree higher than the sanctions in the Anti-Child Pornography Act. Also named a content-related offense is the sending of unsolicited communication which advertise or sell products or services. Punishable acts

Offenses punishable under Cybercrime Prevention Act are: * Offenses against the confidentiality, integrity and availability of computer data and systems 1. Illegal access to the whole or any part of a computer system without rights 2. Illegal interception of any non-public transmission of computer data to, from, or within a computer system 3. Data interference such as alteration, damaging, deletion or deterioration of data without rights, including the introduction or transmission of viruses 4. System (computer or computer network) interference 5.

Cyber-squatting or the acquisition of a domain name over the Internet in bad faith to profit, mislead, destroy reputation, and deprive others from registering the same 6. Misuse of devices * Computer-related offenses 1. Computer-related forgery (input, alteration, or deletion of data) without rights resulting in inauthentic data, with the intent that it be considered or acted upon for legal purposes as if it were authentic 2. Computer-related fraud (input, alteration, or deletion of data or interference in the functioning of a computer system) causing damage

3. Computer-related identity theft or the acquisition, use, misuse, transfer, possession, alteration or deletion of the identifying information of another person * Content-related offenses 1. Cybersex or the engagement, maintenance, control, or operation of any lascivious exhibition of sexual organs or sexual activity, with the aid of a computer system 2. Child pornography or the unlawful acts as defined and punishable by Republic Act No. 9775 or the Anti-Child Pornography Act of 2009 committed through a computer system 3.

Unsolicited commercial communications which seek to advertise, sell, or offer for sale products and services 4. Libel or unlawful acts as defined in Article 355 of the Revised Penal Code * Others 1. Aiding or abetting in the commission of cybercrime 2. Attempt in the commission of cybercrime Penalties * Any person found guilty of committing cybercrime acts enumerated in the first two groups shall be punished with prisons mayor, or serving of six years and one day to twelve12 years in prison, or a fine of at least PHP 200,000 up to PHP 500,000.

* A person found guilty of committing punishable acts enumerated in the first group shall be punished with reclusion temporal, or serving of 12 years and one day to 20 years in prison, or a fine of at least PHP 500,000 up to the maximum amount in proportion to the damage incurred, or both. * A person found guilty of committing cybersex shall be punished with prisons mayor, or serving of six years and one day to 12 years in prison, or a fine of at least PHP 200,000 but not exceeding PHP 1,000,000, or both. * A person found guilty of committing child pornography shall be punished with the penalties enumerated in the Republic Act No.

9775 or the Anti-Child Pornography Act of 2009. * A person found guilty of committing unsolicited commercial communications shall be punished with arrest mayor, or serving of one month and one day to six months, or a fine of at least PHP 50,000 but not exceeding PHP 250,000, or both. * A person found guilty of committing other offenses enumerated in the last group shall be punished with imprisonment one degree lower than that of the prescribed penalty for the offense, or a fine of at least PHP 100,000 but not exceeding PHP 500,000, or both.

Unfortunately, questions remain over the constitutionality of the law. It doesn't help that there are people who still think they can use the law, especially a judge in Nueva Vizcaya who had an anti-mining protestor jailed over the basis of cyber libel, one of the crimes made punishable by the controversial act. But what "crimes" specifically does the suspended law target? Someone asked me for a breakdown of what is (or isn't allowed) by the Cybercrime Law. Here's a layman's version of what the law entails, which I call: The 10 Commandments of the Cybercrime Law of the Philippines.

1. You shall only say nice things on the Internet--This is the main fault attributed to the law: It's a violation of the Freedom of Expression with its cyber libel provision. Thanks to this provision inserted "without knowledge" by most of the lawmakers, if you say something bad against certain people on the Internet, you can be charged in court. What's more, according to Bayan Muna Representative Teddy Casino, this not only applies to statements you make on the Internet but also on smartphones or with any device you use to access the Internet. So yes, this covers texting.

2. You cannot tell the Truth, whether joking or seriously, if it hurts someone--In relation to the 1st Commandment, regardless if you state a fact or you use satire or sarcasm or even say something in a joking tone on the 'net, you can still be held liable for cyber libel for impugning against another person's supposed dignity as per the anti-libel law of the Revised Penal Code. 3. What you say can be held against you forever--According to online legal expert Atty. JJ Disini, because of the nature of your online posts, anything you posted years ago that are still live today can be still held against you in a court of law.

4. What you like can also be held against you--In relation to the 3rd Commandment, liking a FB post can be considered as abetting libel. Retweeting a probably libelous tweet might be covered here as well so be warned. 5. The government now has the power to take down your Internet--Thanks to the power given by the law, the Department of Justice, together with its arms in the National Bureau of Investigation and the Philippine National Police have the power to order the shutdown of Web sites if there is prima facie evidence of violation of the law--even without a court warrant.

6. Your Internet is required to compile evidence against you--In relation to the 5th Commandment, Internet service providers are now required to keep their data for six months after which they can be forced to keep it for six more months if authorities request it. 7. You can be punished more harshly for online crimes than for real life crimes--Thanks to the wording of the law, punishment for those charged with this law is "one degree higher" than that provided for in the Revised Penal Code. Because of this, if you're charged with online libel, you can be fined a million bucks or spend 12 months in jail.

8. You must trust the government to do the right thing in implementing the law--The government refuses to budge on this law, saying the public should trust them to come up with the proper Implementing Rules and Regulation to ensure that there won't be abuses of the law despite the vague wording. This after the some of the lawmakers who signed the law admitted they had no idea what had gone into the law. 9. The law shall apply to all Filipinos wherever they are--Just because you think you're not in the Philippines, you can escape jurisdiction from this Philippine law.

Think again: this law has universal jurisdiction. Even your electronic devices that are situated (or even partly) in the Philippines are under jurisdiction under this law. 10. The law doesn't really protect you--Supposedly it goes after identity-theft. However, because of the heavy provisions against online libel, a hacker can take over your account and post libelous stuff, and then pull out. From the safety of distance, he can watch the fireworks fly as the government screws you over. So yes, it can protect industries and the rich and powerful, just not you. Of course there are other issues over this law.

One is that the basis for its cyber libel provision is the antiquated anti-libel law in the Philippines (which the United Nations pointedly reiterates as violating respect for freedom of expression). And there lies the irony of this law: In trying to implement tighter data security and prevent cybercrime laws like cybersex and child pornography in the country, the Philippines are using vague language like a sledgehammer to go after cybercriminals. Unfortunately, the government doesn't seem to have any idea of the power of words--whether specific or vague--and how dangerous they can become when implemented as laws.