Chapter 3 legal framework of cybercrime and law enforcement tools

Introduction to Cybercrime Investigation
Portia R. Hermosa, RCrim
Chapter 3: Legal Framework of Cybercrime and Law Enforcement tools
Lesson 1: Legal Framework of Cybercrime
At the end of this lesson the students will be able to:
1. Explain the international and local legal framework of cybercrime; and
2. Describe the relationship pf cybercrime laws to human rights.
Budapest Convention
The Convention is the first international treaty on crimes committed via the Internet and
other computer networks, dealing particularly with infringements of copyright, computer-related
fraud, child pornography and violations of network security. It also contains a series of powers
and procedures such as the search of computer networks and interception.
Its main objective, set out in the preamble, is to pursue a common criminal policy aimed
at the protection of society against cybercrime, especially by adopting appropriate legislation and
fostering international co-operation.
E-Commerce Law or RA 8792
The objectives of E-Commerce Law were to facilitate domestic and international transactions,
contracts and exchanges and storage of information through the utilization of electronic, optical
and similar medium, mode, instrumentality and technology to recognize the authenticity and
reliability of electronic documents related to such activities and to promote the universal use of
electronic transaction in the government and general public (Section 3, RA 8792).
Data Privacy Act of 2012 or RA 10173
1. It applies to processing of personal information (section 3g) and sensitive personal
information (Section 3L).
2. Created the National Privacy Commission to monitor the implementation of this law.
(section 7)
3. Gave parameters on when and on what premise can data processing of personal
information be allowed. Its basic premise is when a data subject has given direct consent.
(section 12 and 13)
4. Companies who subcontract processing of personal information to 3rd party shall have full
liability and can’t pass the accountability of such responsibility. (section 14) 5. Data subject
has the right to know if their personal information is being processed. The person can
demand information such as the source of info, how their personal information is being used,
and copy of their information. One has the right to request removal and

destruction of one’s personal data unless there is a legal obligation that required for it to
be kept or processed. (Section 16 and 18)
6. If the data subject has already passed away or became incapacitated (for one reason or
another), their legal assignee or lawful heirs may invoke their data privacy rights. (Section
17)
7. Personal information controllers must ensure security measures are in place to protect the
personal information they process and be compliant with the requirements of this law.
(Section 20 and 21)
8. In case a personal information controller systems or data got compromised, they must
notify the affected data subjects and the National Privacy Commission. (Section 20) 9. Heads
of government agencies must ensure their system compliance to this law (including security
requirements). Personnel can only access sensitive personal information off-site, limited to
1000 records, in government systems with proper authority and in a secured manner. (Section
22)
10. Government contractors who have existing or future deals with the government that
involves accessing of 1000 or more records of individuals should register their personal
information processing system with the National Privacy Commission. (Section 25)
11. Provided penalties (up to 5 million as per sec. 33) on the processing of personal
information and sensitive personal information based on the following acts:
• Unauthorized processing (sec. 25)
• Negligence (sec. 26)
• Improper disposal (sec. 27)
• Unauthorized purposes (sec. 28)
• Unauthorized access or intentional breach (sec. 29)
• Concealment of security breaches (sec. 30)
• Malicious (sec. 31) and unauthorized disclosure (sec. 32)
If at least 100 persons are harmed, the maximum penalty shall apply (section 35).
12. For public officers (working in government), an accessory penalty consisting in the
disqualification to occupy public office for a term double the term of criminal penalty
imposed shall he applied. (sec. 36)
Feedback:
1. What have you realized after studying the lesson?
________________________________________________________________________
________________________________________________________________________
________________________________________________________________________
2. Were you able to achieve the preset learning objectives? If no, please consult your
instructor.

________________________________________________________________________
________________________________________________________________________
________________________________________________________________________
Reference/s:
Budapest Convention
RA 8792
RA 10173
Lesson 2: Salient Features of Cybercrime Prevention Act of 2012
1. Categorize the elements of cybercrime offenses;
2. Distinguish the punishable acts and penalties under cybercrime act; and 3. Identify
the competent authorities who has the jurisdiction over cybercrime offenses.
Cybercrime Prevention Act of 2012 or RA 10175
SECTION 4 CYBERCRIME OFFENSES
a. Offenses against the confidentiality, integrity and availability of computer data and
systems
1. Illegal access – the access to the whole or any part of a computer system without right
2. Illegal interception – the interception made by technical means without right of any
public transmission of computer data to, from or within a computer system including
electromagnetic emissions from a computer system carrying such computer data. 3. Data
Interference – the intentional or reckless alteration, damaging, deletion or deterioration of
computer data, electronic document, or electronic data message, without right including
the introduction or transmission of viruses.
4. System Interference – the intentional alteration or reckless hindering or interference
with the functioning of the computer or computer network by inputting, transmitting,
damaging, deleting, deteriorating, altering or suppressing computer data or program,
electronic document, or electronic data message, without right or authority, including the
introduction or transmission of viruses.
5. Misuse of Devices
i. The use, production, sale, procurement, importation, distribution, or otherwise
making available without right of:

aa. A device, including a computer program designed or adapted primarily
for the purpose of committing any of the offenses under this Act, or
bb. A computer password, access code or similar data by which the whole or
any part of the computer system is capable of being accessed with intent
that it be used for the purpose of committing any of the offenses under
this Act.
ii. The possession of an item referred to 5(1)(aa) or (bb) above with intent to use said
devices for the purpose of committing any of the offenses in this Act.
6. Cyber Squatting – the acquisition of a domain name over the internet in bad faith to
profit, mislead, destroy reputation and deprive others from registering the same, if such a
domain name is:
i. Similar, identical or confusingly similar to an existing trademark registered with the
appropriate government agency at the time of the domain name registration.
ii. Identical or any way similar with the name of a person other than the registrant, in
case of a personal name, and
iii. Acquired without right or with intellectual property interests in it
b. Computer-related offenses
1. Computer-related forgery
i. The input, alteration or deletion of any computer data without right resulting in
inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic regardless whether or not the data is directly
readable and intelligible; or
ii. The act of knowingly using computer data which is the product of computer related
forgery as defined herein, for the purpose of perpetuating a fraudulent or
dishonest design.
2. Computer-related Fraud – the unauthorized input, alteration, or deletion of computer
data or program or interference in the functioning of a computer system, causing
damage thereby with fraudulent intent: Provided, that if no damage has yet been
caused, the penalty imposable shall be one (1) degree lower
3. Computer-related Identity Theft – The intentional acquisition, use, misuse, transfer,
possession, alteration, or deletion of identifying information belonging to another,
whether natural or juridical, without right: Provided, that if no damage has yet been
caused, the penalty imposable shall be one (1) degree lower.
c. Content-related Offenses:

1. Cybersex- The wilful engagement, maintenance, control, or operation, directly or
indirectly, or any lascivious exhibition of sexual organs or sexual activity, with the aid
of a computer system, for favour or consideration.
2. Child Pornography – The unlawful or prohibited acts defined and punishable by RA
9775 or the Anti-Child Pornography Act of 2009, committed through a computer
system: Provided, that the penalty to be imposed shall be (1) one degree higher than
that provided for in RA 9775
3. Unsolicited Commercial Communications- The transmission of commercial electronic
communication with the use of computer system which seek to advertise, sell, or offer
for sale products and services are prohibited unless:
i. There is prior affirmative consent from the recipient; or
ii. The primary intent of the communication is for service and/or administrative
announcements from the sender to its existing users, subscribers or customers;
or
iii. The following conditions are present:
aa. The commercial electronic communication contain a simple, valid, and
reliable way for the recipient to reject, receipt of further commercial
electronic messages (opt-out) from the same source:
bb. The CEC does not purposely disguise the source of the electronic
message; and
cc. The CEC does not purposely include misleading information in any part
of the message in order to induce the recipients to read the message
4. Libel – The unlawful or prohibited acts of libel as defined in Article 355 of the Revised
Penal Code, as amended, committed through a computer system or any other similar
means which may be devised in the future. (Art 355 is about Libel by means of
writing or similar means)
SECTION 5 OTHER OFFENSES – The following acts shall also constitute an offense:
a. Aiding or abetting in the Commission of Cybercrime – Any person who wilfully abets or
aids in the commission of any of the offenses enumerated in this Act shall be held liable. b.
Attempt in the Commission of Cybercrime – Any person who wilfully attempts to commit
any of the offenses enumerated in this Act shall be held liable
SECTION 6. All crimes defined and penalized by the RPC, as amended, and special laws, if
committed by, through and with the use of information and communications technologies shall be
covered by the relevant provisions of this Act: Provided, that the penalty to be imposed shall be
one (1) degree higher than that provided for by the RPC, and special laws, as the case may be.
Sec. 8 PENALTIES

Sec. 4 (a),
(b)
Cybercrime Offense
Offenses against
confidentiality, integrity and
availability of computer data
& systems
Computer-related offenses
Penalty/Fines
- Prision Mayor
- Fine of at least P200,000 up to a
maximum amount commensurate
to the damage incurred, or
- Both
Sec. 4 (a)5 Misuse of Devices - Prision Mayor
- Fine of not more than P500,000,
or
- Both
Sec. 4 (a)
If
committed
against
critical
infrastructure
Offenses against
confidentiality, integrity and
availability of computer data
& systems
- Reclusion temporal
- Fine of at least P500,000 up to a
maximum amount
commensurate to the damage
incurred ,
- Both
Sec. 4 (c) Cybersex - Prision Mayor
- Fine of at least P200,000 but not
exceeding P1 Million pesos, or
- Both
Sec. 4 (C )2
If
committed
through a
computer
system
Child Pornography - One (1) degree higher than that
provided for in RA 9775
Sec 4 (C ) 3 Unsolicited Commercial
Communication
- Arresto Mayor
exceeding P250,000, or
- Both
Sec 5 Aiding or abetting of cybercrime
Attempt in the commission
of cybercrime
- Imprisonment of one (1) degree
lower than that of the
prescribed penalty
exceeding P500,000, or
- Both

SEC. 10 LAW ENFORCEMENT AUTHORITIES
1. National Bureau of Investigation
2. Philippine National Police
Both shall organize a cybercrime unit or center manned by special investigators to
exclusively handle cases involving violations of this Act.
SEC. 11 DUTIES OF LAW ENFORCEMENT AUTHORITIES
1. To ensure that the technical nature of cybercrime and its prevention is given focus 2.
To submit timely and regular reports including pre-operation, post-operation and
investigation results and such other documents as may be required to the Dept of Justice
for review and monitoring
SEC. 12
3. Authorized to collect or record by technical or electronic means traffic data in real-time
associated with specified communications transmitted by means of a computer system
Traffic data refer only to the communication’s origin, destination, route, time, date, size,
duration, or type of underlying service, but not content, nor identities.
All other data to be collected or seized or disclosed will require a court
warrant. SEC. 21 JURISDICTION
The Regional Trial Court shall have the jurisdiction over any violation of the provisions
of this Act. Including any violation committed by a Filipino national regardless of the place of
commission. Jurisdiction shall lie if any of the elements was committed within the Philippines or
committed with the use of any computer system wholly or partly situated in the country, or when
by such commission any damage is caused to a natural or juridical person who, at the time the
offense was committed, was in the Philippines.
Feedback:
________________________________________________________________________
________________________________________________________________________
________________________________________________________________________

instructor.
________________________________________________________________________
________________________________________________________________________
________________________________________________________________________
Reference/s:
RA 10175
Lesson 3: Law Enforcement Tools
1. Classify the cybercrime warrants provided by Cybercrime Act and Rules on Digital
Evidence; and
2. Explain the legal standard in filing cybercrime cases.
Rules on Digital Evidence
Relevant Philippine Laws
1. Republic Act No. 4200 or the Anti-Wire Tapping Law
2. Republic Act No. 8484 or Access Devices Regulation Act of 1998
3. Republic Act No. 8782 or Electronic Commerce Act of 2000
4. Republic Act No. 9208 or Anti-Trafficking in Persons Act of 2003
5. Republic Act No. 9775 or Anti-Child Pornography Act of 2009
6. Republic Act No. 9995 or Anti-Photo and Video Voyeurism Act of 2009
7. Republic Act No. 10175 or Cybercrime Prevention Act of 2012
Electronic Evidence
The “definition” in the Council of Europe Guide is: “Any information generated, stored or
transmitted in digital form that may later be needed to prove or disprove a fact disputed in legal
proceedings”
A.M. No. 01-7-01-SC or RULES ON ELECTRONIC EVIDENCE
“Electronic document” refers to information or the representation of information, data,
figures, symbols or other modes of written expression, described or however represented, by
which a right is established or an obligation extinguished, or by which a fact may be proved and
affirmed, which is received, recorded, transmitted, stored, processed, retrieved or produced

electronically. It includes digitally signed documents and any print-out or output, readable by
sight or other means, which accurately reflects the electronic data message or electronic
document. For purposes of these Rules, the term "electronic document" may be used
interchangeably with "electronic data message".
“Electronic data message” refers to information generated, sent, received or stored by
electronic, optical or similar means.
Rules on Cybercrime Warrants or A.M. No. 17-11-03-SC
Basis for Cybercrime Warrants
Response to specific innovations introduced by RA 10175 in cybercrime prevention,
investigation, and suppression.
Cybercrime warrants
1. Preservation order – Pursuant to Section 13, Chapter IV of RA10175, the integrity of
traffic data and subscriber’s information shall be kept, retained, and preserved by a
service provider for a minimum period of six (6) months from the date of the transaction.
2. Warrant to Disclose Computer Data (WDCD) – A WDCD is an order in writing issued in
the name of the People of the Philippines, signed by a judge, upon application of law
enforcement authorities, authorizing the latter to issue an order to disclose and
accordingly, require any person or service provider to disclose or submit subscriber’s
information, traffic data, or relevant data in his/her or its possession or control.
3. Warrant to Intercept Computer Data (WICD) – A WICD is an order in writing issued in
the name of the People of the Philippines, signed by a judge, upon application of law
enforcement authorities, authorizing the latter to carry out any or all of the following
activities: (a) listening to, (b) recording, (c) monitoring, or (d) surveillance of the content
of communications, including procuring of the content of computer data, either directly
through access and use of a computer system or indirectly, through the use of electronic
eavesdropping or tapping devices, at the same time that the communication is occurring.
4. Warrant to Search, Seize, and Examine Computer Data (WSSED) – A WSSECD is an
order in writing issued in the name of the People of the Philippines, signed by a judge,
upon application of law enforcement authorities, authorizing the latter to search the
particular place for items to be seized and/or examined.
5. Warrant to Examine Computer Data – Upon acquiring possession of a computer device or
computer system via a lawful warrantless arrest, or by any other lawful method, law
enforcement authorities shall first apply for a warrant before searching the said computer
device or computer system for the purpose of obtaining for forensic examination the
computer data contained therein.

Legal Standard
In the issuance of a search warrant, probable cause requires such facts and circumstances
which would lead a reasonably discrete and prudent man to believe that an offense has been
committed and that the objects sought in connection with the offense are in the place sought to be
searched.
Who may file the warrant?
Law enforcement authorities as defined by CPA.
Sec. 10, CPA – Law Enforcement Authorities. – The National Bureau of
Investigation (NBI) and the Philippine National Police (PNP) shall be responsible for the
efficient and effective law enforcement of the provisions of this Act. The NBI and the
PNP
shall organize a cybercrime unit or center manned by special investigators to exclusively
handle cases involving violations of this Act.
Where to file the warrant?
Secs. 4 and/or 5:
designated cybercrime courts of the province or the city where the offense or any of its
elements has been committed, is being committed, or is about to be committed, or where any part
of the computer system used is situated, or where any of the damage caused to natural or juridical
person took place.
Section 6:
Regular or other specialized regional trial courts, as the case may be, within its territorial
jurisdiction in the places above-described.
Feedback:
________________________________________________________________________
________________________________________________________________________
________________________________________________________________________
instructor.
________________________________________________________________________

________________________________________________________________________
________________________________________________________________________
Reference/s:
RA 10175
A.M. No. 17-11-03-SC

Chapter 3 legal framework of cybercrime and law enforcement tools

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Chapter 3 legal framework of cybercrime and law enforcement tools

Similar to Chapter 3 legal framework of cybercrime and law enforcement tools (20)

Recently uploaded

Recently uploaded (20)

Chapter 3 legal framework of cybercrime and law enforcement tools