1

CHAPTER 1:
THE PROBLEM AND ITS BACKGROUND

Introduction
Life today is highly dependent on the technology that people have

develeped. Technology has advanced throughout the years, and it has

changed many aspects of everyday life: the way to communicate; the way to

travel; and the way to learn. So many changes have been brought about by

these continuous technological advancements. As people’s demands and

lifestyle change, the demand for advancing the type of technology to be used

is high. Almost everything used has been innovated to better standards.

Technological advancements helped businesses and organizations

save time and cost of production, making the people concerned gain

competitive advantages. The so-called 3G/4G broadband, for example, is a

super fast internet that has afforded small businesses the chance to reache

target markets with less cost of operation.

The networked environment likewise resulted in changes in the way of

doing work, with others and the general view of the world. The accelerated

timing of technological advancement and development created a gap between

the past, present and future.

The Internet, was arguably considered the most powerful tool since the

invention of the printing press. The emergence of the virtual World Wide Web

or more commonly known as (www.) with nearby physical devices that are

part of what is called today as Internet of Things gives everyone, with the help

of a mobile device with the corresponding authorization, the power to monitor,

track and control almost anything.

 2

The Internet of Things, (IoT), as more commonly and popularly known,

enables interconnectedness among and between physical devices as an

instrument anytime, and anywhere on the planet, which provides the needed

advantages in all aspects of daily life of the potential user.

The conventional Internet has proved valuable in almost, if not all,

endeavors by giving an individual the ability to interact with the so-called

global information race and services. The majority of such interaction happens

through the World Wide Web (WWW) with myriad of computers running a

browser and communicating with cloud based storage through and by the use

of servers. However, the Internet is not limited to the Web due to a wide

diversity of other protocols employed to make use of the Internet on a global

scale. Furthermore, IoT is considered to be the next logical evolution that

provides extensive services that is not limited to manufacturing, security,

healthcare, engineering, education and consumer electronics. Many of these,

if not all, have what experts call Web presence with corresponding or

assigned protocols.

Computer crime has been an issue in criminal justice and criminology

since time immemorial. The recent development of the Internet has created a

substantial increase in criminals using computers to commit crimes. Thus, an

emerging area of criminal behavior and ingenuity is currently known as

cybercrime. There is a truism that in today’s world of business and commerce

is the risk for cybercrime. Cybercrime has no boundaries due to its

transnational nature.

Cybercrime refers to any criminal activity that involves a netwoked

device, computer, or a network. It is defined as a crime in which a computer

 3

becomes the object of the crime, or is used as a tool to commit an offense.

Cybercriminals could use computer technology to access businesses trade

secrets, personal information or use the internet for malicious purposes.

Often, cybercriminals execute their criminal activities using malware and

several other types of software, but social engineering is often a vital

component for executing most types of cybercrime.

Cybercriminals always opt for an easy way to make big money. They

target rich people, or rich organizations like banks, casinos, and financial firms

where a huge amount of money flows daily and hack sensitive information.

The effect of cybercrime can be extremely upsetting for victims, and not

necessarily just for financial reasons. Victims may feel that their privacy has

been violated, and that they are powerless.

It is the responsibility of the police to ensure the safety and well-being

of citizens. Police officers are given the mandate to use force and authority, if

necessary, to complete the objectives of their jobs.

Law enforcement needs new resources and support. They need to

create cyber units and ensure that the officers have access to the tools

needed to fight crime online. Fighting cybercrime has to be a partnership

between government and the private sector. This partnership will help law

enforcement scale with the rising tide of cybercrime and use the latest

technology possible to get control of this epidemic.

The global nature of the Internet allows criminals to commit almost any,

if not all, forms of illegal activities anywhere and anytime in the world which

makes it essential for all countries to adapt local or domestic offline controls of

some sort to help cover crimes carried out in cyberspace much as the use of
 4

Internet by foreign and local terrorists, particularly for influence, recruitment

and incitement towards radicalization that poses a serious threat not only to

national but international security as well.

Technology has also permitted individuals involved in criminal activities

to conduct such activities with reduced if not minimal chances of detection

and identification. Encryption software is becoming increasingly sophisticated

but at the same time also increasingly expensive. The speed at which Internet

access is becoming available is growing exponentially.

Cybercrime is one of the fastest if not the fastest growing areas of

crime, as more criminals exploit the speed, convenience and anonymity that

modern technologies offer in order to commit a diverse range of crimes.

These include but not limited to attacks against the computer itself, computer

data, and systems, identity theft, distribution of child sexual abuse images,

and internet auction fraud and the like.

In fact, anyone with an Electronic Mail Address more commonly known

as “Email Add,” an inbox, or a social media account is a potential target. Most

organizations or individuals are not even aware of hackers, cyber thieves, and

extortionists until it is too late to respond or recover from such attacks.. As

attackers are well-organized and well-informed, they take advantage of the

latest fraud innovations to capitalize on shared intelligence in the web.

Organizations and individuals must be prepared to do the same. Being

attentive will not keep out the crosshairs of a perpetrator’s line of sight out of

the headlines.

While the Philippine economy is now making progress, almost a

quarter of the population still lives below the poverty line. Poverty within
 5

families is one of the factors contributing to vulnerabilities of children.

In the Philippines and in other parts of the world it takes a great deal of

technical expertise, cooperation and collaboration in order to address such

problems. Hence, the crimes committed by the use of technology affect the

Philippines in a degree depending on the extent of legislative enactment. In

the Philippines, however, as technical and electronic landscapes change,

there is a need to introduce, enact laws or amend, revise existing laws to fully

address cyber threats.

During the Fifth National Anti-Cybercrime Summit spearheaded by the

PNP-ACG, Nap Castillo, Fortinate’s regional pre-sales consultant for South

East Asia and Hongkong, said that business organizations and individuals

increasingly rely on technology for their daily activities. They also expose

themselves to many dangers lurking online. He said that users can easily fall

prey to cybercrime specially now that cybercriminals are using a wide range of

approaches to snare their victims. As such, cybercrime today is no longer just

a technology issue. It is turning into a serious economic problem that can

impact the financial well-being of individuals, as well as the survival of

organizations.

In addition, Castillo said that to prevent cyberattacks, it is important to

deploy an intelligent and integrated layered defense capable of detecting even

unknown threats. Despite their efforts, most firms are not able to figure out the

root causes of their infections, and are constantly getting re-infected.

This research paper entitled “Operational Capability of the Philippine

National Police Anti-Cybercrime Group: An Assessment” is geared at finding

out how capable the PNP ACG is in the implementation of its anti-cybercrime
 6

operations, showing its strengths and weaknesses, and offering suggestions

on how to enhance its activities.

Background of the Study

The Philippines, like any other country around the world, is increasingly

adopting Information and Communication Technology (ICT) in its economic,

government and social activities.

The dependence on ICT however, makes us vulnerable to different

forms of security threats such as malwares, botnets, denial of service attacks,

phishing and other types of identity theft, computer-related forgery and fraud,

child pornography, copyright infringements and cyber terrorism.

In response to the mounting threats on the country’s cyber space and

critical infrastructures, the country needs to strengthen its legal framework,

international cooperation, public and private partnership, advocacy and public

awareness.

The Philippine National Police (PNP) through its current Chief,

PNP and in line with the PNP’s strategic thrust, saw a need to enhance the

organization’s capabilities and capacities in addressing cybercrime that paved

the way for the creation of the PNP Anti Cybercrime Group (ACG).

The PNP ACG started its humble beginnings when the Criminal

Investigation and Detection Group (CIDG) formed in 2003 under the Anti-

Transnational Crime Division (ATCD) the Cybercrime Section where it started

without computers, computer forensic equipment, trained cyber investigator,

digital forensic examiner or cyber forensic laboratory.

In order for the PNP to establish a credible cybercrime unit within

 7

CIDG, it conducted consultations and networking with various international

law enforcement agencies, ICT industries, the academes and other

stakeholders.

In line with the program of the Task Force for the Security of Critical

Infrastructures (TFSCI) under the Office of the President of the Philippines,

the Government Computer Security Incident Response Team (GCSIRT) was

launched on August 5, 2004. GCSIRT through the Anti-Transnational Crime

Division of CIDG, became the focal point for reporting all internet-related

security breaches and coordinated support systems to respond to such

threats across all government agencies.

Moreover, a cyber training laboratory was established on December 9,

2011 to conduct specialized technical training to CIDG police personnel.

Finally, on February 27, 2013 the PNP-Anti Cybercrime Group with

official acronym “PNP ACG”, was activated as a National Operational Support

Unit primarily responsible for the implementation of pertinent Philippine laws

on cybercrimes and advocating the anti-cybercrime campaign of the PNP.

Research Locale

The study will take place at the Philippine National Police, National

Headquarters Camp Gen Rafael T. Crame, Quezon City where the Anti-

Cybercrime Group (ACG) is located and tagged and considered as National

Operational Support Unit (NOSU).

Philippine National Police Anti-Cybercrime Group (PNP ACG) traces its

roots when the Cyber Crime Section (CCS) under the Anti-Transnational

Crime and Cybercrime Division (ATCCD) of the Criminal Investigation and

 8

Detection Group (CIDG) was formed in 2003 to address cyber threats,

investigation of cybercrimes, and other cyber- related offenses.

CCS had very modest and unique beginnings and started its operation

without computers, computer forensic equipment, trained cyber investigators

and digital forensic examiners and cyber forensic laboratory. They made do

with limited resources and inadequately capable personnel. Due to the

increasing concerns on the safe use of computers and internet that was

brought about by rapid modernization, the CCS quickly attracted attention and

support from the international community, local and foreign counterparts,

Information Technology (IT) industries, the academe and other stakeholders.

As a response of the National Government, Computer Security and

Incident Response Team (GCSIRT) under the Office of the President’s Task

Force for the Security of Critical Infrastructures (TFSCI) were launched on

August 5, 2004. A Cyber Training Laboratory was also established on

December 9, 2011 to handle the technical trainings of the PNP Personnel.

The training laboratory was developed and established through the assistance

of the United States Department of State Anti-Terrorism Assistance Program

(US ATAP).

Finally, on March 20, 2013, the then Chief of the Philippine National

Police PDG Alan La Madrid Purisima, activated the Philippine National Police

Anti–Cybercrime Group (PNP ACG) by virtue of National Police Commission

(NAPOLCOM) Resolution Number 2013-22 and PNP General Order (GO)

Directorate for Plans (DPL) -12-09 dated February 27, 2013 to address the

growing threats of cybercrime and cyber enabled criminality in the country.

The establishment of the PNP ACG is a strong signal to criminals that the
 9

PNP is very serious in addressing cybercrime nationwide.

The main cutting edge in the crackdown against cyber offenders and

suspects also known as modern pirates by exploitation of technology to would

be victims of technological crimes. Hence, serve as the primary Unit

responsible for the implementation and enforce pertinent laws on cybercrime

and other cyber related offenses and pursue an effective anti-cybercrime

campaign in cooperation, coordination and collaboration with the Cybercrime

Division of National Bureau of Investigation (NBI) to include other agencies in

the fight against cybercrime in the Philippines. As of December 2017, the

Group has 205 Personnel composed of 195 Organic Personnel and 10 on

Detailed Service from other PNP Units strategically positioned not only in the

National Headquarters but also in 6 Regional Field Units nationwide.

Statement of the Problem

The problem in this study is em bodied in the question: How

capable is the Philippine National Police Anti -Cybercrime Group

(PNP ACG) in its implementation of anti -cybercrime operations?

Specifically this study saught answers to the following

questions:

1. How do the respondents evalluate the PNP ACG’s capability in

its implementation of anti-cybercrime operations in terms of:

1.1 Manpower/ Personelle;

1.2 Resource management;

1.3 Budget and logistics;

 10

1.4 Community cybercrime awareness; and

1.5 Cyberpatrolling and intelligence capability?

2. Is there a significant difference in the evaluation made by the

two groups of respondents as to the capability of the PNP ACG

in implementing its anti-cybercrime operations?

3. What are the problems encountered in t he implementation of

the anti-cybercrime operations by the PNP ACG?

4. What measures may be proposed to address the problems

encountered by the PNP ACG in its anti -cybercrime operations?

5. What action plan may be formulated from the results of the

study to enhance the anti-cybercrime operations of the PNP

ACG?

Hypothesis

It is hypothesized that there is no significant difference in the

evaluations made by the two groups of respondents as to the

capability of the PNP ACG in its anti-cybercrime operations.

Significance of the Study

This research investigation will be significant to the following:

Cybercrime is a criminal act using a computer that occurs over the

Internet. The Internet has become the source for multiple types of crime and
 11

different ways to perform such crimes. The types of cybercrime may be

loosely grouped into three categories. First, the Internet allows for the creation

and maintenance of cybercrime markets. Second, the Internet provides a

venue for fraudulent behavior. Third, the Internet has become a place for the

development of cybercriminal communities. The purpose of this research

paper is to outline and exemplify these different forms of communities. The

research paper then shifts into a discussion of policy steps to reduce some

forms of cybercrime in the country.

To the area covered, which is in Camp Rafael T. Crame, Q.C. This

study would also serve as a motivation for the law enforcement to understand

the clamor for policies intended to help community become more effectively

vigilant and cooperative to address the increasing problem of Cybercrime.

To the policymakers, it could serve as feedback on the existing policies

and programs in the area of public intervention, including needed legislative

changes, and issues of institutional design and finance. Furthermore, this

would aid the framework for policy development that would directly improve

government’s expenditure program and fiscal reforms.

To the government agencies involved, this study aims to provide an

updated picture of cybercrime in the Philippines, specifically in PNP Anti-

Cybercrime Group (ACG) and a framework for identifying priorities in

designing a strategy to attack cybercrime. It is intended as an input into the

Philippine Government’s poverty eradication strategy. This would help

perceive the more efficient ways to combat cybercrime in the Philippines.

To the Courts, this study will give the information about the existence of

cybercrime to include the technical aspect of such.

 12

This study is valuable to all persons concerned with nation building,

since this study will definitely help get a better perspective on the dynamics of

masked life. To many, it is only an avenue and an adjustment in preparation

for moving to a better place in the cyber community.

To the Faculty and Students of MBA-ISM, this study will serve as

reference or guideline for students who wish to take the course as their

chosen field or for those who are not sure of what they want to pursue.

Moreover, this research will serve as an avenue for student opinions and

views on why they took the course/program. Consequently, this paper will

attempt to present solutions to the weaknesses of the course/program and

explain why these tend to limit the number of enrollees every school year.

Likewise, future related research can use the findings of this study as a

reference.

Scope and Limitation of the Study

The study is focused on an assessment of the capability of the PNP

ACG in implementing its anti-cybercrime operations. This being the scenario,

the study is therefore limited to the following:

The researcher has chosen the Philippine National Police Anti-

Cybercrime Group (PNP ACG) to be the setting of this study for reasons of

practicality and convenience, the proximity of the chosen setting to the

researcher’s residence in order to conduct the interview more easily and

conveniently.

The respondents for the study are grouped into: (1) Non ACG police

personelle who are acquainted with the set-up ans operations of the ACG;
 13

and (2) Judges, fiscals and lawyers who have an insight as to the system and

structure of the ACG.

The time frame for the study is from 2018-2019.

Definition of Terms

The following terminologies are here by theoretically and operationally

defined foe better understanding of the study:

Access. It refers to the instruction, communication with, storing data in,

retrieving data from, or otherwise making use of any resources of a computer

system or communication network.

Action Plan. It refers to a sequence of steps that must be taken or

activities that must be performed well, for a strategy to succeed.

Assessment. It refers to the evaluation or estimation of the nature,

quality, or ability of someone or something.

Budget. It refers to an estimation of revenue and expenses over a

specified future period of time.

Capability. It refers to the measure of the ability of an entity

(department, organization, person, system) to achieve its objectives, specially

in relation to its overall missions.

Communication. It refers to the transmission of information through

ICT media, including voice, video and other forms of data.

Challenges. It refers to problems encountered during investigation.

Computer. It refers to an electronic device for storing and processing

data, typically in binary form, according to instructions given to it in a variable

 14

program.

Computer Crime. It refers to the unauthorized use of computer or

network for personal gain.

Computer program. It refers to a set of instructions executed by the

computer to achieve intended results.

Computer system. It refers to any device or group of interconnected

or related devices, one or more of which, pursuant to a program, performs

automated processing of data.

Cyber. It refers to a computer or a computer network, the electronic

medium in which online communication takes place.

Cybercrime. It refers to criminal activities carried out by means of

computers or the Internet.

Cyberpatrolling. It refers to searching for relevant information by the

police via public platforms on the internet, where necessary.

Cyber security. It refers to the collection of tools, policies, risk

management approaches, actions, training, best practices, assurance and

technologies that can be used to protect the cyber environment and

organization and user’s assets.

Cyber space. It refers to the conceptual electronic space unbounded

by distance or other physical limitations.

Convention on Cybercrime. It refers to the Budapest Convention on

Cybercrime or the Budapest Convention, is the first

international treaty seeking to address Internet and computer crime by

harmonizing national laws, improving investigative techniques, and increasing

cooperation among nations.

 15

Database. It refers to a representation of information, knowledge,

facts, concepts, or instructions which are being prepared, processed or stored

or have been prepared, processed or stored in a formalized manner and

which are intended for use in a computer system.

Electronic Communication. It refers to all kinds of computer-

mediated communication in which individuals exchange messages with

others, either individually or in groups.

Facility. It refers to something created and designed to provide service

in crime investigation.

Framework. It refers to a set of ideas, principles, agreement, rules

or policies that provides the basis or outline for busting cybercrime.

Highly Skilled Individuals. It refers to exceptional knowledge,

experience, or skill in a field of endeavor.

ICT. It refers to Information Communication Technology.

Information Technology. It refers to the study or use of systems

(especially computers and telecommunications) for storing, retrieving, and

sending information.

Internet. It refers to a global wide area network that connects computer

systems across the world.

Internet of Things (IoT). It refers to a system of interrelated computing

devices, mechanical and digital machines, objects, animals or people that are

provided with unique identifiers and the ability to transfer data over a network

without requiring human-to-human or human-to-computer interaction.

Internet Police. It is a generic term for police and government

agencies, departments, and other organizations incharge of policing internet

 16

in a number of countries.

Interception. It refers to listening to, recording, monitoring or

surveillance of the content of communications, including procuring of the

content of data, either directly, through access and use of a computer system

or indirectly, through the use of electronic eavesdropping or tapping devices,

at the same time that the communication is occurring.

Investigation. It refers to the art of locating, tracing and identifying

criminals and criminal intent in order to bring the individual in Court.

Investigator. It refers to a law enforcement officer designated to check

the facts, probe and provide inquiry on crime committed. Hence, is a member

of either the Philippine National Police (PNP) or National Bureau of

Investigation (NBI).

Investigator Competency. It refers to a cluster of related abilities,

commitments, knowledge and skills that enable a person to act effectively in a

job or a wide variety of situations.

IP Address. It refers to the division of data flow into packets with an

attached header containing a forwarding address for its correct transmission

to the intended receiver.

Issues. It refers to the existing problems in relation to cybercrime and

investigation.

Law Enforcement. It refers to any system by which some members of

society act in an organized manner to enforce the law by discovering,

deterring, rehabilitating, or punishing people who violate the rules and norms

governing that society.

 17

Logistics. It refers to the planning, execution and control of the

procurement, movement and stationing of personnel, material and other

resources to achieve the objectives of a campaign, plan, project or strategy.

Manpower. It refers to the total number of people who can work to get

something done.

Money. It refers to anything of value that serves as a medium of

financial exchange and legal tender for payment.

National Law. It refers to the rule that has been established in a nation

or country, and the law was accepted as rule for all the citizens of the nations

and for all another people from other nations, who were residing in this area of

jurisdiction.

Operation. It refers to the performance of a practical work or of

something involving the practical application of principles or processes.

Personnel. It refers to the people employed in an organization or

engaged in an organized undertaking such as military service.

Resource Management. It refers to the efficient and effective

development of an organization’s resources when they are needed.

Systems and procedures. It refers to a set of rules and regulations to

be followed by the Law Enforcement Agency Personnel to maintain a well

organized process of things to be done and accomplished.

Service Provider. It refers to any public or private entity that provides

to users of its service the ability to communicate by means of a computer

system.

Subscriber’s Information. It refers to any information contained in the

form of computer data or any other form that is held by a service provider,
 18

relating to subscribers of its services other than traffic or content data and by

which identity can be established.

System Interference. It refers to the intentional alteration or reckless

hindering or interference with the functioning of a computer or computer

network by inputting, transmitting, damaging, deleting, deteriorating, altering

or suppressing computer data or program, electronic document, or electronic

data message, without right or authority, including the introduction or

transmission of viruses.

Sensitive Information. It refers to data protected from unauthorized or

unwarranted access and disclosure for privacy or security of an individual or

organization.

Technological Proficiency. It refers to the ability to use technology to

communicate effectively and professionally, organized information, produce

high quality products and enhance one’s own ability to think and collaborate.

Technology. It refers to science or knowledge put into practical use to

solve existing problems.

Transnational Crime. It refers to the crimes that have actual or

potential effect across national borders, and crimes that are intrastate but

offend fundamental values of the international community.

LIST OF REPUBLIC ACTS

Republic Act 4200 – known as the “Anti-Wiretapping Law”

Republic Act 7610 – known as the “Special Protection of Children

Against Abuse, Exploitation and Discrimination Act”.

Republic Act 8293 – known as the “Intellectual Property Code of the

 19

Philippines”.

Republic Act 8484 – known as the “Access Device Regulation Act of

1998”.

Republic Act 8792 – known as the “E-Commerce Act of 2000”.

Republic Act 9262 – known as the “Anti-Violence Against Women and

Their Children Act of 2004”.

Republic Act 9775 – known as the "Anti-Child Pornography Act of

2009."

Republic Act 9995 – “Anti-Photo and Video Voyeurism Act of 2009”.

Republic Act 10173 – known as the “Data Privacy Act of 2012”.

Republic Act 10175 – known as the “Cybercrime Prevention Act of

2012”.

Republic Act 10364 – known as the “Expanded Anti-Trafficking in

Persons Act of 2012″

Article 315 – known as “Estafa” in the Revised Penal Code (RPC)

LIST OF ACRONYMS

ACG – refers to Anti-Cybercrime Group

CICC – Cybercrime Investigation and Coordinating Center

CISO – Chief Information Security Officer

DICT – Department of Information and Communications Technology

DOJ – Department Of Justice

ICTO – Information and Communication Technology Office

NCIAC – National Cybersecurity Inter-Agency Committee

NCMEC – National Center for Missing and Exploited Children

 20

NCSP – National Cybersecutity Plan

NBI – refers to National Bureau of Investigation

PNP – refers to Philippine National Police

RPC – refers to Revised Penal Code

 21

CHAPTER 2:
REVIEW OF RELATED LITERATURE AND STUDIES

This chapter presents the various articles, books, and researches

relevant to the present study which is the Assessment of the Organizational

Capability of the PNP ACG in Combatting Cybercrimes.

Foreign Literature

According to Anton Maslov in “Measuring the Performance of the

Police: The Perspective of the Public” (2018), the aim of this project is to

review and critically assess the current survey methods used to measure

police performance in common law jurisdictions. The fact that police

undertake a broad array of work calls for a multidimensional approach to

measuring police performance. Both direct and indirect measures need to be

used to evaluate police performance. Measurements of police performance

through public opinion polling may be distinguished in two kinds: general and

specific questions on satisfaction with police. The general questions on

satisfaction with police are important to ask on surveys, but tend to be too

general to understand that about which citizens are content or discontent

when it comes to the police. The questions also tend to be unstandardized,

inconsistent, and at times, have poor choice of wording on questions and

response categories, making comparisons across time and place impossible.

The specific questions on police performance tend to be used on surveys in

an arbitrary manner, often without proper understanding of the meaning of the

question and responses.

 22

Research on the validity and reliability of specific questions on police

performance is lacking in Canada and the Western World. Three notable

studies have attempted to conceptualize and test specific measures of police

performance measured through public opinion polling in the U.S., Canada,

and Europe. In Canada, only one national survey administered by Statistics

Canada every five years asks six questions on police performance. This

constitutes the only source of public opinion police performance metrics that is

comparable across time and place in Canada. Questions asked on surveys of

municipal police tend to be unstandardized and inconsistent, with varying

response category thus making them incomparable across time and place.

More research into either testing the existing questions or creating new

standardized questions is required to improve the measurement of public

satisfaction with the services provided by the police in Canada.

This paper entitled “Organizations and Cyber crime: An Analysis of the

Nature of Groups engaged in Cyber Crime” (2014), explores the nature of

groups engaged in cyber crime. It briefly outlines the definition and scope of

cyber crime, theoretical and empirical challenges in addressing what is known

about cyber offenders, and the likely role of organized crime groups. The

paper gives examples of known cases that illustrate individual and group

behaviour, and motivations of typical offenders, including state actors.

Different types of cyber crime and different forms of criminal organization are

described drawing on the typology suggested by McGuire (2012). It is

apparent that a wide variety of organizational structures are involved in cyber

crime. Enterprise or profit-oriented activities, and especially cyber crime

committed by state actors, appear to require leadership, structure, and

 23

specialization. By contrast, protest activity tends to be less organized, with

weak (if any) chain of command.

In this paper entitled “High Volume Cyber Crime and the Organization

of the Police: The results of two empirical studies in the Netherlands” (2013),

the question that is central is: to what extent is the Dutch police organization

able to effectively combat high volume cyber crime? First we focus on the

definition of cyber crime in the Netherlands. Next, we examine the

criminalization of the two most common cyber crimes in the Netherlands:

hacking and e-fraud. After that, based on police records, we analyze the

nature of these crimes. Thereafter, we will look at the functioning of the Dutch

police regarding cyber crime. What are the strengths and weaknesses of their

handling of cyber crimes? We conclude that the Dutch police are insufficiently

organized to combat cyber crime. The lack of priority and proper capacity

throughout the entire police organization to fight digital crimes results in cyber

cases never entering the criminal justice system or leaving the criminal justice

process early. According to Brennan, Sean (2017), in his paper entitled

“Cybercrime and the ‘Peelian Model’ of Policing: A Literature Review”,

‘Cybercrime’ is the term used to describe the use of internet and computer

technology to engage in unlawful activity. Through its scale, anonymity and

portability, the internet has revolutionised the way we live our lives while in

turn giving rise to new forms of crime and deviance. Policing must adapt to

this unique environment while continuing to meet conventional demand. This

review summarises and critically evaluates existing research on how the

internet has changed society and the demands on policing. It examines the

effectiveness of cybercrime policing apparatus in England and Wales, and

 24

explores a trifurcated method of improvement. Relevant literature was

identified, reviewed and synthesised into three main themes to meet the

objectives. Findings indicate that cybercrime is a complex and poorly defined

concept which poses challenges to traditional modes of law enforcement,

resulting in a poorly co-ordinated response. Conclusions are drawn that the

rise of the internet in England and Wales appears to correspond with changes

in criminal behaviour, but further research and improved recording practices

are needed to prove a relationship. In the absence of a dedicated ‘cyber-

force’, the police response is exiguous to the current threat, harm and risk.

Recommendations include a shift towards multilateral and pluralized models

of policing and a re-engagement of current resources through the

professionalism agenda.

Accoring to Lusthaus and Varese in “Offline and Local: The

Hidden Face of Cybercrime” (2017), a persistent refrain in both the academic

literature and the popular press is that cybercrime is a largely anonymous

activity that exists in cyberspace (e.g. Gabrys, 2002. For relevant discussions,

see Grabosky, 2004; Wall, 2007; Lusthaus, 2013). Cybercriminals ‘meet’

anonymously in virtual marketplaces (see, for instance, Holt and Lampke

2010; Décary-Hétu and Dupont, 2013; Hutchings and Holt, 2015). Shadowy

attackers could strike from anywhere at any moment. They are a new type of

threat, unlike any criminal activity that has been observed before. In short,

these offenders challenge existing paradigms of crime and policing, and vastly

new models are required to comprehend this new challenge.

This study “The Law Enforcement Challenges of Cybercrime: Are We

Really Playing Catch-Up?” (2015), was commissioned by the European

 25

Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs

at the request of the LIBE Committee. With a number of high-profile criminal

cases, such as ‘Silk Road’, cybercrime has been very much in the spotlight in

recent years, both in Europe and elsewhere. While this study shows that

cybercrime poses significant challenges for law enforcement, it also argues

that the key cybercrime concern for law enforcement is legal rather than

technical and technological. The study further underlines that the European

Parliament is largely excluded from policy development in the field of

cybercrime, impeding public scrutiny and accountability.

According to Thomas Holt in “Regulating Cybercrime through Law

Enforcement and Industry Mechanisms” (2018), Cybercrimes, or offenses

enabled by technology, affect computer systems and people and prove

difficult to pursue through traditional criminal justice strategies due to

jurisdictional challenges and legal hurdles. As a result, corporations and

industry have begun to play a role in mitigating various forms of cybercrime.

This article examines what constitutes cybercrime and the successes and

limitations of law enforcement in combatting these offenses. I present a

detailed discussion of efforts by industry and regulatory bodies to deter

cybercrime. Finally, I consider and discuss the risks and challenges that

traditional criminal justice system operations face moving forward.

The article “Determinants of Preventing Cyber Crime: a Survey

Research” by Maziah Mohd Ali (2016) aims to describe different types of

organizational structures in the companies, their strengths and weaknesses,

and trends in the organizational structures. Then, the position of logistics in

organizational structures, different logistic systems in organizational structures

 26

from practice have been described. The next section describes the structure

of logistics centrally managed for manufacturing companies and types of

information flows across the logistical structure of production. In conclusion,

the latest trends in the structures of business logistics and the potential

contribution of this work have been stated.

The purpose of this research entitled “Factors affecting the

effectiveness of police performance in Metropolitan Police Bureau” by

Wuthichai Tengpongsthorn (2017) was to study the factors relative to the work

effectiveness of police officers in the Thai Metropolitan Police Bureau. The

methodology in the research was the implementation of both quantitative and

qualitative research using questionnaires and in-depth interviews as research

tools. In the quantitative research methodology, the overall samples based on

both cluster and simple random samplings included 405 police officers from

different police stations under the control of the Thai Metropolitan Police

Division, whereas the 25 samples in the qualitative research were selected

using purposive sampling. Statistics used for data analysis were the frequency,

percentage, mean, standard deviation, and Pearson correlation. We found that

motivator factors and hygiene factors had positive relationships with the

effectiveness of work performance. The Metropolitan Police officers in all

divisions felt strongly that enough equipment was a factor facilitating an

increase in work performance, whereas the imbalance of manpower and

scarcity of modern equipment were factors which were obstacles to work

performance.

According to Tatiana Tropina in her research entitled “Cyber-policing:

the role of the police in fighting cybercrime” (2009), the recent growth of ICT
 27

has brought all the opportunities provided by its global character and easy

usage of new technologies for the development and facilitation of business

processes or communications in the legal sector and within wider society. At

the same time, it has also provided new possibilities for criminals who can

exploit the same advantages offered by these technologies. The growing

number of internet users offers society the perspective to speed up

communications in everyday life and for commercial purposes, to lower the

transactions and the costs of doing business, to increase the availability of

information for educational purposes and to facilitate the development of such

services as e-government. However, with the creation of new opportunities for

economic and social development, the distribution of new technologies

changes the criminal landscape and generates challenges for government

and society with regard to the use of these instruments for criminal purposes.

Cyberspace constantly remains the greatest source of different illegal

activities that include not only new types of crime, such as hacking or

malicious codes and programmes, such as ‘spam’, but also the migration of

traditional crime, such as child pornography, fraud and copyright

infringements to the ICT networks. The fight against cybercrime requires the

adoption of effective substantive criminal legislation and procedural

instruments that allow for the investigation and prosecution of the misuse of

the ICTs for committing crime. In addition, the international dimension of

internet-related crime and the cross-border nature of ICT networks also evoke

the need for harmonization of legislative approaches and coordinated actions

in preventing and investigating cybercrime on different levels: national,

regional and international (Gercke, 2006, 2009). Furthermore, since the

 28

networks are mainly privately owned, the comprehensive strategy of

addressing cybercrime also includes the development of the tools for effective

cooperation with industry, the private sector, encouraging the application of

co-regulation and self-regulation tools. Every actor in this multi-stakeholder

environment of fighting and preventing crime in cyberspace faces a number of

challengers, that could be either general problems emerging due to the global

nature of internet or unique issues related to the changing nature of duties,

responsibilities and functions of the stakeholders which used to operate in the

real world and are now in charge of addressing crime in cyberspace. The

police as a body responsible for maintaining public order and detecting,

monitoring and preventing crime is one of the actors on this scene that faces

great number of challenges (Wall, 2007) related to the migration of old crime

to the ICT environment and the emergence of the new forms of criminal

activity (Quille, 2009; Kozlovski, 2005; Wall, 2007). This chapter provides an

analysis of the problems that police organisations are currently facing as a

result of new threats emerging with the spread of communication

technologies; and investigates the opportunities for addressing the problem of

policing cyberspace. The first section examines the role of the police in

fighting cybercrime and the problems of addressing the new threats in this

area, while the second part focuses on the opportunities for developing new

tools to meet the challenges, capacity building and possibilities for

cooperation. Finally, conclusions are drawn to highlight the need for reviewing

the concept of police activity in the real world to address the challenges

emerging in cyberspace, as well as the necessity for capacity building and

cooperation in a multi-stakeholder environment.

 29

The primary goal of this paper entitled “Investigating and Prosecuting

Cyber Crime: Forensic Dependencies and Barriers to Justice” by Cameron

Brown (2015), is to raise awareness regarding legal loopholes and enabling

technologies, which facilitate acts of cyber crime. In perusing these avenues

of inquiry, the author seeks to identify systemic impediments, which obstruct

police investigations, prosecutions, and digital forensics interrogations.

Existing academic research on this topic has tended to highlight theoretical

perspectives when attempting to explain technology aided crime, rather than

presenting practical insights from those actually tasked with working cyber

crime cases. The author offers a grounded, pragmatic approach based on the

in-depth experience gained serving with police task forces, government

agencies, private sector, and international organizations. The secondary

objective of this research encourages policy makers to reevaluate strategies

for combating the ubiquitous and evolving threat posed by cyber criminality.

Research in this paper has been guided by the firsthand global accounts (via

the author’s core involvement in the preparation of the Comprehensive Study

on Cybercrime (United Nations Office on Drugs and Crime, 2013) and is

keenly focused on core issues of concern, as voiced by the international

community. Further, a fictional case study is used as a vehicle to stimulate

thinking and exemplify key points of reference. In this way, the author invites

the reader to contemplate the reality of a cyber crime inquiry and the practical

limits of the criminal justice process.

In the book entitled “Cybercrime: Investigating High-Technology

Computer Crime” by Robert Moore (2015), an innovative text provides an

excellent introduction to technology-assisted crime and the basics of

 30

investigating such crime, from the criminal justice perspective. It presents

clear, concise explanations for students and professionals, who need not be

technically proficient to find the material easy-to-understand and practical.

The book begins by identifying and defining the most prevalent and emerging

high-technology crimes and exploring their history, their original methods of

commission, and their current methods of commission. Then it delineates the

requisite procedural issues associated with investigating technology-assisted

crime. In addition, the text provides a basic introduction to computer forensics,

explores legal issues in the admission of digital evidence, and then examines

the future of high-technology crime, including legal responses.

According to Matthew Richardson, in his book entitled “Cybercrime:

Law and Practice”, as computer technology has advanced - and along with it

the development of the internet- the utility and benefits that they have brought

with them have made them indispensible to modern society. With the ever

increasing reliance on such technology and its pervasiveness in personal and

professional life, it was inevitable that it should come to be used in ways

which society has decided are contrary to the public interest and therefore

worthy of disapprobation and criminal sanction. To this end, Parliament has

found itself having to legislate in order to criminalize certain acts involving

computer technology, which did not exist prior to the development of the

technology. On the other side of the law, the courts have found themselves

having to redefine the application of pre-existing criminal law in order to

accommodate and incorporate the novel ways in which computer technology

can be used to commit criminal offences. This book is the first book to tackle

the fast growing topic of cyber crime and covers a wide range of topics from
 31

electronic fraud, cyber stalking, online theft and intellectual property to more

involved topics like malicious communications and the rules of evidence

relating to cyber crimes and computers. Through the use of detailed case

studies, examples and statutory extracts the reader is able to understand all

aspects of cyber crime and computer crime. Cyber Crime: Law and Practice

provides a practical, easy-to- follow guide for practitioners in the field, as well

as those in law enforcement and academia.

In his book entitled “Principles of Cybercrime”, Jonathan Clough (2015)

claimed that digital technology has transformed the way in which we socialize

and do business. Proving the maxim that crime follows opportunity, virtually

every advance has been accompanied by a corresponding niche to be

exploited for criminal purposes; so-called 'cybercrimes'. Whether it be fraud,

child pornography, stalking, criminal copyright infringement or attacks on

computers themselves, criminals will find ways to exploit new technology. The

challenge for all countries is to ensure their criminal laws keep pace. The

challenge is a global one, and much can be learned from the experience of

other jurisdictions. Focusing on Australia, Canada, the UK and the USA, this

book provides a comprehensive analysis of the legal principles that apply to

the prosecution of cybercrimes. This new edition has been fully revised to

take into account changes in online offending, as well as new case law and

legislation in this rapidly developing area of the law.

In the book entitled “Cybercrime: Prevention and Detection”, Prasanthi

and Ishwarya (2015) discussed that cybercrime is a complex and ever

changing phenomenon. Cyber criminals are becoming more sophisticated and

are targeting consumers as well as public and private organizations.

 32

Therefore, additional layers of defense are needed. Cyber crime has been

increasing in complexity and financial costs since corporations started to

utilize computers in the course of doing business. Some of the case studies of

cyber crime include Parliament attack case. In this paper we have discussed

about Cyber crime and cyber security and different cyber crimes that we come

across and prevention techniques and detection techniques such as

Tripwires, configuration checking tools, Honey Pots, anomaly detection

system and operating system commands. In this we also discuss about

regulation acts imposed against Cyber crime and also online safety tips.

According to the book entitled “Introduction to Cybercrime: Computer

Crimes, Laws, and Policing in the 21st Century”, Hill and Marion (2016)

concluded that cybercrime will evolve and expand in the next few years as

technology continues to evolve. The number of attacks on individuals,

businesses and governments will only continue to increase and become more

severe. Cybercriminals will become more technologically savvy and will

continue to seek to profit from their actions or harm other computer systems.

The cost associated with cybercrime will increase as businesses and

organizations face more attacks. Losses associated with the theft of

intellectual property will also increase as more people around the world

connect to the Internet. Further, no individual or organization is able to

absolutely prevent a cyber attack or data breach, but some steps can be

taken to reduce the risk. By increasing security, the risk can be mitigated. If an

event occurs, that incident can be handled efficiently and effectively to

minimize the damage to the organization and the individuals involved.

Protecting a company’s data and information is more complex now. Threats to

 33

a company’s security are becoming more common and more serious. Hackers

have many weapons that they can use against a business, and these

weapons are constantly changing and evolving. It is difficult for information

technology personnel to know how to prevent malware that does not yet exist,

so having a course or action is sometimes difficult. It is not possible to have a

completely secure system but traditional defenses are no longer sufficient. IT

personnel must make the system as secure as possible and ensure that the

appropriate policies and procedures are in place. Then, it is possible to

mitigate some of the risks posed by cybercriminals.

In a study by Malhorta and Alpna entitled “Cyber Crime-Its Types,

Analysis and Prevention Techniques” the claimed that the user of computer

system and internet are increasing worldwide in large number day by day,

where it is easy to access any information easily within a few seconds by

using internet which is the medium for huge information and a base of

communications around the world. There has been tremendous growth in use

of Internet. Due to this cybercrimes increases day by day. Cyber Crime is

technology-based crime committed by technocrats. This paper deals with

Variants of cyber crime like terrorist attack, cyber extortion, crimes against

individuals, crimes against property, and crimes against organization. It also

includes impact on the real world and society, and how to handle cyber

crimes.

In “Cyber security: Threats, Challenges, Opportunities” the Australian

Computer Society (2016) identified the five core pillars of cyber security

readiness. First, education and readiness shows that it is essential that cyber

security form part of the conversation in every organization. Second, planning

 34

and preparations, shows that a cyber security incident is not an (if) but a

(when), and to that end, preparation is essential. Third, detection and

recovery, when a breach happens, the quicker it is detected and responded

to, the greater the chance of minimizing laws, be it financial, reputational, or

otherwise. Lastly, ethics and certification which may initially seem to be a less

practical pillar. In any company or organization, ethics plays a role and should

be of particular concern when it comes to cyber security. While some sectors,

such as defense, will have their own means to present credentials, for an

industry as diverse and skilled as ICT, it helps if professionals can

demonstrate adherence to a code of ethics though membership in a

professional institution.

Local Literature

In the Philippines, the pervasiveness of cybercrimes using the

definition of an international body is apparently ubiquitous. In 2000, the

infamous “I LOVE YOU” virus was created and unleashed by Onel De

Guzman, a Filipino student. It caused damage and infected computers and

networks of companies, private and government institutions in Asia

(particularly in Hong Kong), Europe and United States which was estimated to

have reached to US$ 10 billion. Emanating from the Philippines, the virus was

received in e-mail inboxes in Hong Kong which erases and blurs the graphics

and data in the computer and gets the contact address in the computer

directory and sends the same email to all contacts listed therein. Once

received and opened in another computer, it replicates the same harm (Sosa

2009:80).

A thorough international manhunt was conducted resulting to De

 35

Guzman‟s arrest. However, the cases filed against him were dismissed based

on the principle of nullum crimen, nulla poena sine lege (for there is no crime

committed when there is no law punishing the same).

Following that incident, the Philippine government enacted Republic

Act (RA) Number 8792, or the “Electronic Commerce Act of 2000” which

provides for the legal recognition and admissibility of electronic data

messages, documents and signatures. Under this law, the first Filipino to be

convicted of cybercrime particularly on hacking was JJ Maria Giner. He

pleaded guilty to hacking the governmental portal “gov.ph” in violation of

Section 33 (a) of the E-Commerce Law.

The said particular section is only limited to “hacking or cracking which

refers to unauthorized access into or interference in a computer system/server

or information and communication system. It can also be an access to corrupt,

alter, steal or destroy using a computer or other similar information and

communication devices, without the knowledge and consent of the owner of

the computer or information & communications systems, including the

introduction of computer viruses resulting in the corruption, destruction,

alteration, theft or loss of electronic data messages or document” (RA 8792).

A study was conducted on how federal agencies define success in

computer crime investigations and how they can facilitate the development

and refinement of a comprehensive law enforcement strategy for addressing

cyber threats. Through interviews with experienced computer crime

investigators from the Federal Bureau of Investigation (FBI), the U.S. Secret

Service and the Air Force Office of Special Investigations, these project aims

to identify how federal agencies conduct investigations related to cyber

 36

security and how they define operational success. Strategies employ the use

of intelligence gathering and sharing to fortify potential targets and identify

prolific offenders. (Lemieux 2011).

A thesis study conducted to outline the introduction of the misuse of

computer in Maltese criminal legislation and charts the way forward offering

an action plan in the field of technology, education, industry and law whilst

pre-empting future local legal development o the matter. Extensive reference

is made to the council of Europe’s Convention on Cybercrime whose article

are juxtapose with those presented in the Maltese Criminal Code as

evidenced by similarities and anomalies. The computer misuse criminal

provision themselves are a milestone in Maltese IT legislative history and

evidence the importance and protection granted to the information society in

its increasing social, cultural, and economical cohesive force. (Giovanni

2002).

Addressing Cybercrime in the Philippines: a Legal Framework is crucial

“A Study: The Emergence of Modern and Sophisticated Information

Communications Technology (ICT) and the Borderless Connectivity of the

World Wide Web (www) have fundamentally changed the way society deals

with its various activities like academics, business and politics. With ease of

access and availability of ICTs and the Internet, pieces of evidence such as

economic growth and development and political upheavals in other nations

can be known and felt without the affected party’s knowledge. However, the

presence of these modern technologies like the Internet appears to have

drawbacks in terms of usage. One of which is the prevalence of cybercrime.

The Philippine Government through the different Law Enforcement Agencies

 37

(LEAs) such as the National Bureau of Investigation (NBI) and the Philippine

National Police (PNP) initiated remarkable efforts to prevent cybercrime

activities. Cooperation and coordination with other government agencies and

private institutions in the local arena as well as with other international bodies

have been pursued. But there is an apparent policy gap identified by various

stakeholders which is the difficulty in prosecuting offenders for there is no law

punishing cybercrime activities. (Calina 2011)

In a news article entitled “First Case Under Cybercrime Law Filed in

Las Pinas RTC”, NewsBytes Philippines (2014), The Department of Justice

(DOJ) said on Friday, June 13, that the City Prosecutor of Las Pinas has filed

the first case for violation of Republic Act 10175 or the Cybercrime Prevention

Act of 2012. In a resolution approved by City Prosecutor Marylin Cynthia

Fatima Madamba-Luang, Assistant City Prosecutor Sylvia Inciso-Butial

recommended that two counts of computer-related forgery be filed at the Las

Pinas Regional Trial Court for the alleged fraudulent transactions of the

respondents, which were facilitated with the use of information and

communications technology. It was alleged, among others, that the

complainant discovered unauthorized transactions, two of which pertain to the

remittances which the respondent made using her ATM card. Computer-

related forgery covers the act of knowingly using computer data which is the

product of computer-related forgery for the purpose of perpetuating a

fraudulent or dishonest design. Docketed as Criminal Case Nos. 14-0426-27,

the case is the first reported under the Cybercrime Prevention Act after the

Supreme Court’s decision on the validity of the said law last February.
 38

According to Narciso M. Aguilar (2014), in his book entitled “Cyber-

related Laws: Legal Aspects Concerning Digitization and Modernization”,

jurisprudence in the Philippine context provides insights on the wisdom,

guidelines, precepts and reference which a citizen may avail of in

understanding the niceties of technological changes. The policy enunciated by

the government of the Philippines through Republic Act no. 10175 is one that

recognizes the vital role of information and communication industries such as

content production, telecommunication, broadcasting electronic commerce,

and data processing, in the nation’s overall social and economic development.

The emergence of digital technology which has led to the convergence of

broadcasting, telecommunication and the computer industry have likewise led

to the question of whether the regulatory model for broadcasting will continue

to be appropriate in the converged environment.

Theoretical Framework

The view of organizations as open social systems that must interact

with their environments in order to survive is known as the systems theory

approach. Organizations depend on their environments for several essential

resources: customers who purchase the product or service, suppliers who

provide materials, employees who provide labor or management,

shareholders who invest, and governments that regulate. According to Cutlip,

Center, and Broom, public relations’ essential role is to help organizations

adjust and adapt to changes in an organization’s environment.Cutlip, Center,

and Broom (2006).

 39

The open-systems approach was first applied by Katz and Kahn, who

adapted General Systems Theory to organizational behavior.Katz and Kahn

(1966); Bertalanffy (1951), pp. 303–361. This approach identifies

organizational behavior by mapping the repeated cycles of input, throughput,

output, and feedback between an organization and its external environment.

Systems receive input from the environment either as information or in the

form of resources. The systems then process the input internally, which is

called throughput, and release outputs into the environment in an attempt to

restore equilibrium to the environment. The system then seeks feedback to

determine if the output was effective in restoring equilibrium. As can be seen,

the systems approach focuses on the means used to maintain organizational

survival and emphasize long-term goals rather than the short-term goals of

the goal-attainment approach.

Theoretically, systems can be considered either open or closed. Open

organizations exchange information, energy, or resources with their

environments, whereas closed systems do not. In reality, because no social

systems can be completely closed or open, they are usually identified as

relatively closed or relatively open. The distinction between closed and open

systems is determined by the level of sensitivity to the external

environment. Closed systems are insensitive to environmental deviations,

whereas open systems are responsive to changes in the environment.

The systems approach is an external standard that measures

effectiveness based on long-term growth or sustainability. Effective systems

are characterized by a steady state that systems theorists call homeostasis in

 40

order to “avoid the static connotations of equilibrium and to bring out the

dynamic, processual, potential-maintaining properties of basically unstable…

systems.”Buckley (1967), p. 14. If an organization is able to maintain

homeostasis, which includes not just survival but also growth, then it

is effective. This perspective is broader and more comprehensive than the

goal-attainment approach because it is not limited to measuring effectiveness

as meeting goals determined by powerful internal coalitions that may or may

not be propitious for the whole organization. Pfeffer and Salancik defined

effectiveness as “how well an organization is meeting the demands of the

various groups and organizations that are concerned with its activities.”Pfeffer

and Salancik (1978), p. 11.

Most effective organizations, according to systems theory, adapt to

their environments. Pfeffer and Salancik described the environment as the

events occurring in the world that have any effect on the activities and

outcomes of an organization. Environments range from “static” on one

extreme to “dynamic” on the other. Static environments are relatively stable or

predictable and do not have great variation, whereas dynamic environments

are in a constant state of flux. Because environments cannot be completely

static or constantly changing, organizations have varying levels of dynamic or

static environments.

Organizations that exist in dynamic environments must be open

systems in order to maintain homeostasis. Because dynamic environments

are constantly changing, they create a lot of uncertainty about what an

organization must do in order to survive and grow. The key to dealing with
 41

uncertainty is information. An open organization monitors its environment and

collects information about environmental deviations that is labeled as input.

Input can also be thought of as a form of feedback. The most important

information is negative input, according to systems theorists, because this

information alerts the organization to problems that need to be

corrected. Negative input tells the organization that it is doing something

wrong and that it must make adjustments to correct the

problem; positive input tells the organization that it is doing something right

and that it should continue or increase that activity.

Organizations then organize and process this information to formulate

solutions or responses to these changes. As Cutlip, Center, and Broom noted,

open systems use information to respond to environmental changes and

adjust accordingly. The adjustments affect the structure or process of the

organization, or both. The structure is what the organization is, whereas

process is what the organization does. Adjustments are “intended to reduce,

maintain, or increase the deviations.”Cutlip, Center, and Broom (2006), p.

181. For example, an organization can alter its structure by downsizing to

remain competitive. Other organizations may change their processes in order

to adhere to new environmental laws. Processing positive and negative input

to adjust to environmental change is called throughput. In the throughput of

information, the organization analyzes it and tailors it strategically to fit with

the organization’s goals, values, and within the relationship context it holds

with publics.
 42

After an organization adapts to environmental changes, its actions and

messages represent its output. The automobile industry is constantly enticing

car consumers to try the latest models, hoping that it has responded to

changing expectations. Recently, many auto manufacturers have attempted to

color their products as “green” or environmentally friendly. However,

messages are not enough. If the cars are not really friendlier to the

environment, then these messages eventually will fall on skeptical ears and

impugn the credibility of the organization. An organization measures the

effectiveness of its output by seeking feedback. If its actions and messages

were not effective then the process is repeated until the appropriate solution is

found. If the organization is not able to adapt to the environmental variation

then it will eventually cease to exist. The public relations professional

engaged in an organization that takes a systems approach is continually

focusing on feedback as a way of measuring organizational success.

The public relations professional can use the academic concept of

systems theory to implement protocols for regular feedback to the

organization, thereby aligning it with the desires of publics in its environment.

This theory can also be useful in understanding the role of research and

feedback in creating a thoroughly analyzed and consistent strategy (the

throughput stage of information in systems theory). The analysis of

information and creation of strategy known as throughput helps to

conceptualize and justify not only the research budget of the public relations

department but also the need for making decisions that strategically align the

public communications of an organization with the information needed by

publics. The practical implementation of this approach keeps public relations

 43

from being used as a simple publicity function, and places the function

squarely in the strategic planning process.

Systems theory, however, is not without some shortcomings. The first

shortcoming relates to measurement, and the second is the issue of whether

the means by which an organization survives really matter. Robbins noted

that one criticism of this approach is that its focus is on “the means necessary

to achieve effectiveness rather than on organizational effectiveness

itself.”Robbins (1990), p. 62. Measuring the means, or process, of an

organization can be very difficult when compared to measuring specific end

goals of the goal-attainment approach.

Conceptual Framework

Figure 1 presents the conceptual framework of the study. The Input-

Process-Output (IPO) model or pattern is a widely used approach in systems

analysis. On the IPO model, a process is viewed as a series of boxes

(Processing Elements) connected by inputs and outputs. Information or

material objects flow through a series of tasks or activities based on a set of

rules or decription points. Flow charts and process diagrams are often used to

represent the process.

In the Input box will be seen the assessment of the operational

capability of the PNP ACG and the problems encountered in this regard.

In the Process box will be found the demographic profile of the

respondents, the distributuion of survey questionnaire, collection tally and

tabulation, anaysis, statistical treatment of data and presentation.

 44

In the Output will be seen the Action Plan to enhance the anti-

cybercrime operations of PNP ACG.

INPUT Process OUTPUT

Assessment of Demographic profile of
operational capability od respondents
PNP ACG
1. Manpower Distribution of survey
2. Resource questionnaire
management Action plan to enhance
3. Budget and Collection/ Tally/
Anti-Cybercrime
Logistics Tabulation
Operations of
4. Community PNP- ACG
cybercrime Analysis
awareness
5. Cyberpatrolling Statistical treatment of
and intelligence data
capability
Presentation
Problems encountered

Feedback

Synthesis of the Study

In searching through the different sources of information, the

researcher is able to gather facts from both foreign and local literature as to

the early beginings of cybercrime, the nature of cybercrime, the severity of the

problems brought about by cybercrime, among others.

Moreover, studies about high-technology computer crimes, cybercrime

law and practice, cybercrime prevention and detection, the efforts made to
 45

combat cybercrimes, policing cybercrimes, threats to cyber security have

likewise been unfolded. The biggest question lies in the readiness of the

police to discover and combat cybercrime.

It is on this note that the present study is being tackled. While it is true

that the Philippine National Police has come up with its Anti-Cybercrime

group, the dilema seems to be on how capable the group is in its

implementation of anti-cybercrime operations to stop cybercrimes and

cybercriminals.
 46

CHAPTER 3:
METHODOLOGY
This study is the presentation of the research method, population and

sampling of the respondents, description of the respondents on the basis of

their demographic characteristics, research instruments, validation of the

instruments, procedures in data gathering, and statistical treatment of data.

Research Design

The study will utilize the descriptive-normative survey method with the

questionnaires and interviews as techniques in gathering data.

A descriptive research involves the collection of data in order to test

hypothesis or answer questions concerning the current status of the subject of

the study. It involves description, recording, analysis and interpretation of

conditions that now exist. It aims primarily at gathering knowledge about the

object of the study but without modifying or changing it. Normative approach,

on the other hand, defines how things should be, which means that it will be

necessary to define also to subjective point of view that shall be used.

With regard to descriptive-normative survey, Good and Scates (1972),

stressed that “the term normative is sometimes used because surveys are

frequently made to ascertain the normal or typical condition for practice, or to

compare local test results with a state or national norm. Hence, the

results/findings of the study should be compared with the norm.

The researcher will also employ inductive reasoning based on

observation and drawing from personal experience, documentary review,

interview, and survey.

 47

All data collected will be carefully evaluated, examined, and quantified

to show the factual and accurate description of the research study.

Population and Sampling Scheme

The researcher will utilize both primary and secondary sources of data

to substantiate his research efforts. Secondary data will be derived from

books, journals, and other related studies that are found in the library. Primary

data will definitely come from the sampled respondents who will act as

participants in this study.

The total number of respondents for this study is average since there

are a number of people who can be tapped and are willing to act as

participants in the study. Hence, it will not be difficult for the researcher to get

the respondents, these respondents being chosen on the basis of their

qualifications and familiarity with the topic on hand. The respondents will be

divided into two (2) groups and will be referred to as Groups 1 and 2.

These respondents will be sampled for the purpose of acting as

participants in this research study. They will share their opinions with the

researcher by answering the survey questionnaire and some other pertinent

questions during the informal interview.

Stratified sampling will be used since there is a ready list of the

universe whose numbers are classified as non-ACG Police Personnel who

are acquainted with the set up and operation of the ACG and judges, fiscals,

and lawyers, who have an insight as to the system and structure of the ACG.
 48

Description of the Respondents

In this study, the researcher will include as part of the study the profile

of the respondents as to their age, gender, civil status and educational

attainment and length of service in present employment.

Table 1 illustrates the distribution and percentage of the two groups of

respondents according to their age.

Table 1

Percentage Distribution of Respondents According to age

CATEGORY OF RESPONDENTS
AGE
BRACKET IN GROUP 1 GROUP 2
TOTAL
YEARS
f % F % f %

21-30

31-40

41-50

51-Above

TOTAL
 49

Table 2 reveals the distribution and percentage of respondents

according to their gender.

Table 2

Percentage Distribution of Respondents According to Gender

MALE FEMALE TOTAL

%
RESPONDENTS f % f % F
 50

Table 3 shows the distribution and percentage of respondents

according to civil status.

Table 3

Percentage Distribution of Respondents According to Civil Status

GROUP 1 GROUP 2 TOTAL

RESPONDENTS

f % f % f %

Single

Married

Separated

Widowed

TOTAL
 51

Table 4 illustrates the distribution and percentage of respondents

according to their educational attainment.

Table 4

Distribution of Respondents According to their Highest Educational

Attainment

CATEGORY OF RESPONDENTS
HIGHEST
EDUCATIONAL GROUP 1 GROUP 2
TOTAL
ATTAINMENT
f % f % f %

High School
Graduate

College
Undergraduate

College
Graduate

Post Graduate
Units

Masters or
Doctoral
Degree

TOTAL
 52

Table 5 shows the distribution and percentage of respondents

according to their length of service in their present employment/service.

Table 5

Percentage Distribution of Respondents According to their Length of

Service in the Present Employment/Services

CATEGORY OF RESPONDENTS

LENGTH OF
GROUP 1 GROUP 2
SERVICE TOTAL

f % f % f %

Less than 1
year

More than 1
year but less
than 2 years

2-3 years

4-5 years

TOTAL

Data Gathering Instruments

For the researcher’s specific purposes, the instruments that will be

used to gather data are documentary review, interview schedule and survey.

Documentary review will include the use of related published materials

like books, journals, pamphlets, primers, magazines, and newspapers, and

unpublished ones like speeches, lectures, and handouts.

 53

With the use of survey questionnaire, specifically constructed by

the researcher for the purpose of data gathering, the sampled respondents

will provide additional inputs as to their demographic characteristics and

opinions regarding the topic on hand. The main problems tackled in the

survey questionnaire will be those in relation to Operational Capability of

PNP-ACG.

The interview, on the other hand, will be designed to allow elaboration

on the issues. Questions will be constructed in relation to the validation of the

problems to be raised in this study in order to obtain the opinion of those

considered knowledgeable. Some follow up questions will be asked to clarify

important matters and to gather rejoinders or information not contained in the

survey questionnaire.

All data gathered though the use of the aforementioned instruments will

be personally collected, sorted out, tabulated, analyzed, and collated by the

researcher himself to ensure credibility and completeness.

Data Gathering Procedures

In collecting informative data, with he use of documentary review, the

researcher will go to several libraries and bookstores to consult related

materials for additional information. The problem encountered in his regard is

possibly the insufficient amount of available local materials for review. Hence,

the researcher will focus more on foreign literature.

With regard to the use of the survey questionnaire, the

researcher will seek the permission and approval of the Philippine Women’s

University Graduate School for the conduct of the study. He will consult

knowledgeable persons for the design of the instruments. He will make

 54

necessary revisions in the research instrument based on the results of the

pre-test and comments/suggestions of the consulted parties. He will

reproduce enough copies of the revised and validated survey instrument.

Written letters of request and coordination will be transmitted first to the

officials concerned who have jurisdiction over the selected respondents for

this study. After follow-ups are made and approval acquired, distribution of the

copies will be done.

Ethical Considerations

Principle of Beneficence: Freedom from Harm and Freedom from Exploitation

Principle of Respect for Human Dignity: Right to Full Disclosure

Instrumentation: Survey Questionnaire,

Data Gathering Procedure: Objective Test (50 Item Multiple-Choice)

Appendices: Communication Letter

:Raw Data (Survey Questionnaire)

Data Analysis/Statistical Treatment of Data

Data analysis refers to the process of determining the distribution of the

respondents under different categories that suggest trends and priorities.

Descriptive statistics will be used in the statistical treatment of the data.

The following tools will be applied.

1. Percentage is a measure of proportion, in this study. It will be used

to demonstrate the demographic profile of the sampled

respondents. It will be computed as follows:

 55

P = f/N (100)

Where: P = the Percentage

f = the value if a single case

N = the value of the population

100 = constant

2. Weighted Mean. The frequency of responses will be tabulated and

counted in each item resulting over all mean

Where:

F5x5 = the frequency count

N = Number of respondents

The Likert Scale is a type of Psychometric response format often used

in the surveys that was developed by Rensis Likert in 1932. It is a multi-point

rating scale that measures the strength of the respondents’ level of agreement

or disagreement with the favorable or unfavorable statements about a concept

being measured (Likert, 1932).

For the interpretation of the scales to answer the assessment of current

system, the data below will be used.

Scale Limit/Boundaries Interpretation

5 4.50 – 5.00 Strongly Agree

4 3.50 – 4.49 Agree

 56

3 2.50 – 3.49 Moderately Agree

2 1.50 – 2.49 Disagree

1 1.00 – 1.49 Strongly Disagree

3. Median - The median will be used to determine the value that

describes the middle of the data. The formula used:

Md = Lb + (N/2 - <cf)i / f

Where: Lb = lower boundary of median class

N = total frequencies

f = frequency of median class

<cf = cumulative frequency of the class just before the median

class

4. Standard Deviation - It will be used to determine the data in terms of

its measure of variability or dispersion. The variance will be used to

measure the difference between observed values and their mean.

The formula used:

 57

σ(x – )2

Variance, s2 =

n-1 Where: σ =

Sigma

x = value of the variable X

= arithmetic mean

n = sample size

S2 = Variance

5. Z-test - A statistical test used to determine whether the hypothesis

presented is a null or an alternative hypothesis. The z test provides

the proportion of the total area under the normal distribution curve

that lies outside of the z value. As the total area was designated as

1, the result was a number between 0.5 and 0. The z test is

commonly used to assess statistical significance, especially when

non-parametric tests are used. The level of significance used is at

0.05.
 58

CHAPTER 4: PRESENTATION, ANALYSIS AND

INTERPRETATION OF DATA

(Arranged according to the Statement of the Problem)

 59

CHAPTER 5: SUMMARY, CONCLUSIONS AND

RECOMMENDATIONS