By Elvic Gravino, JD1 and Mary Clare Villanueva, JD1
The legal framework of the Republic Act No. 10175 or “Cybercrime Prevention Act of 2012” is in line with the Cybercrime Prevention Act of the Budapest Convention, which took effect in February 2014.
The Philippine Congress enacted the Cybercrime Prevention Act of 2012, which addresses entirely crimes committed against and through the computer system on September 12 2012, and signed by President Benigno Aquino III. It includes substantive penal, procedural, and international cooperation rules.
Amendatory bills on cybercrime investigations are a work-in-progress in the Philippines, aiming to introduce new procedural powers, responsibilities, and extradition provisions. These amendatory bills aim to provide a structured approach for prosecutors and investigators on cybercrime investigations and further align national legislation with the Budapest Convention.
Understanding the Purpose of the Act
The Cybercrime Prevention Act of 2012 focuses on the pre-emption, prevention, and prosecution of cybercrimes such as offenses against the privacy, confidentiality, integrity, and availability of computer data and systems, computer-related offenses, and content-related offenses.
Its original goal was to penalize acts in Republic Act 9775 like cybersex and child pornography and RA 10173 like identity theft and unsolicited electronic communications. However, various groups opposed the provision to expand the scope of libel law to cover Internet posts, which led the Supreme Court to issue a temporary restraining order and a status quo ante order.
The Cybercrime Prevention Act of 2012 could sentence internet users to up to 12 years in prison for posting defamatory commentaries on social media, such as Facebook and Twitter. Though online libel was not part of the original bill proposed by the Department of Justice (DOJ), the Senate passed an amendment to insert it and was primarily proposed by Senator Vicente Sotto III.
In addition, this act provides that crimes defined and penalized by the Revised Penal Code, as amended, and special laws, if committed by, through, and with the use of information and communications technologies, shall be covered by the relevant provisions of Revised Penal Code, provided, that the penalty should be one degree higher than the penalty imposed in the Revised Penal Code, as amended, and special laws. Furthermore, this act provides that prosecution under the Cybercrime Prevention Act of 2012 shall be without prejudice to any liability for violation of any provision of the Revised Penal Code, as amended, or special laws.
Effectiveness and Value
On October 9, 2012, six days after the law took effect, the Supreme Court issued a four-month injunction while scrutinizing the law for possible violations of constitutional provisions on freedom of expression. Then, on February 6, 2020, the Supreme Court extended the temporary restraining order indefinitely.
The Cybercrime Prevention Act of 2012 sanctions content-related offenses performed using a computer system, such as cybersex, child pornography, and libel. In addition, unsolicited commercial communications or content that advertises or sells products or services is also punished. However, there are some exceptions to this law relating to the transmission of unsolicited material: it is not a crime if the recipient has given prior agreement, the communication is an announcement from the sender to users, and the recipient has an easy, reliable way to refuse it, among other things.
Individuals found guilty of cybersex face a minimum prison sentence of six years and one day, a maximum prison of 12 years, and a fine of at least P200,000 but not more than P1,000,000.In addition, unsolicited communication is punishable by one month to six months in prison, a fine of not less than P50,000 but not more than P250,000, or both.
Child pornography through computer systems has a penalty of one degree higher than what is provided in RA 9775, or the Anti-Child Pornography Act of 2009. In RA 9775, those who produce, disseminate, or publish child pornography will be fined the amount of not less than P50,000 but not more than P5,000,000 and a maximum prison sentence of 20 to 40 years.
The Cybercrime Prevention Act of 2012 also penalizes offenses against the privacy, confidentiality, integrity, and availability of computer data and systems, such as illegal access, unauthorized interference, system interference, data interference, misuse of devices, and cybersquatting. In this context, cybersquatting is defined as the acquisition of domain names on the internet in bad faith or with the intent to gain profit, mislead, destroy one’s reputation or deprive others of registering or creating an account to the domain name involved. Also, the Cybercrime Prevention Act of 2012 covers any digital fraud, computer-related forgery, and identity theft.
In the Philippines, as many as 87 percent of Filipinos were identified as victims of malicious activities committed online, according to DOJ, which quoted a 2010 report of the security software firm Symantec. These include victims of malware invasion, sexual predation, and online or phishing scams.
Salient Points the Public Must Know
The public must know that the Cybercrime Prevention Act of 2012 has the following features:
- Internationally consistent definitions for cybercrime
- Nuanced liability for cybercrime offenders
- Increased penalties
- Enhanced authority granted to law enforcement authorities
- Expanded jurisdictional authority for prosecution
- Provisions for international cybercrime coordination effort and greater ability to combat cybercrimes
Several of the definitions of cybercrimes under the Cybercrime Prevention Act of 2012 are patterned after the Budapest Convention’s definition of illegal access and an interception, data and system interference, misuse of devices, computer-related forgery, and computer-related fraud.
Here are the offenses that fall under the Cybercrime Prevention Act of 2012:
Offenses Against Confidentiality, Integrity, and Availability of Computer Data and Systems
- Illegal access
- Illegal interception
- Data Interference
- System Interference
- Misuse of Devices
- Cyber Squatting
- Computer-related forgery
- Computer-related Fraud
- Computer-related Identity Theft
- Child Pornography
- Unsolicited Commercial Communications
- Aiding or abetting in the Commission of Cybercrime
- Attempt in the Commission of Cybercrime
The National Bureau of Investigation and Philippine National Police are the law enforcement authorities for the Cybercrime Prevention Act of 2012. Both shall organize a cybercrime unit or center staffed by special investigators to handle cases involving violations of this Cybercrime Prevention Act of 2012 exclusively.
- To ensure that the technical nature of cybercrime and its prevention get the attention it deserves.
- To submit timely and regular reports to the Department of Justice for review and monitoring, including pre-operation, post-operation, and investigation outcomes, as well as any other materials that may be necessary.
- Authorized to collect or record traffic statistics in real-time related to specific communications conducted via a computer system using technical or electronic means.
Only the origin, destination, route, time, date, size, duration, or type of underlying service are referred to as traffic data, not the content or identity of the communication. A court warrant will be required for any other data to be acquired, seized, or released.
The Regional Trial Court shall have jurisdiction over any violation of the provisions of this Cybercrime Prevention Act of 2012. Including any violation committed by a Filipino national regardless of the place of commission. Jurisdiction shall lie if any of the elements was committed within the Philippines or committed with the use of any computer system wholly or partly situated in the country, or when by such commission any damage is caused to a natural or juridical person who, at the time the offense was committed, was in the Philippines.
Reporting A Cybercrime
Now that there are specialized teams to address issues of cybercrime in the country, there are more ways than one to file a complaint. On the Philippine National Police Anti-Cybercrime Group’s website, complaints may be filed through:
- Walk-in, Anti-Cybercrime Group Building, Camp Crame, Quezon City, Manila
- Complaint Action Center Hotline [+63 (8) 723-0401 local 7491]
- Viber [+639618298083]
- Facebook [facebook.com/anticybercrimegroup]
- Twitter [@pnpacg]
See the website here: https://pnpacg.ph/main/contacts.html
The Department of Justice also provides a matrix on their website to easily guide the netizens with a checklist of who may complain, the cybercrime offense complained of, and documentary requirements to support the complaint. Similar with the PNPACG, there are walk-in and electronic options are available:
- Walk-in, Office of the Cybercrime, DOJ, Ermita, Manila
- Website [www.doj.gov.ph]
- E-mail [email@example.com]
- Hotline [526-2747/521-8345]
- Letter Report
See the website here: [https://www.doj.gov.ph/reporting_cybercrime.html#:~:text=Reporting%20of%20Cybercrime%20Incidents%20%3A%3A,8482%2C%20(%2B632)%20523%206826]
In a Nutshell
We have come a long way from passing and temporarily restraining the Cybercrime Prevention Act. Given the technological advancements of today, everything intangible becomes readily available at our fingertips. Cyber scams are so widespread that a simple click could start a wildfire of spam links sent to contacts across all social accounts. During this pandemic especially, we all need the levels of protection that can be afforded to us. The Cybercrime Prevention Act of 2012 is inclusive, comprehensive, and provides for accessibility options to the complainant.
Although the action and response of designated authorities to cybercrime are still far from perfect, it is an Act that continuously seeks to improve the protection of every Filipino netizen’s rights.