A Look on the Legislative History of

Laws and Compilation of Cases

Involving Cybercrime in the
Philippines
 Cybercrime is defined as a crime in which a computer or
any gadget is the object of the crime (hacking, phishing,
spamming) or is used as a tool to commit an offense
(child pornography, hate crimes). Cybercriminals may
use computer technology to access personal
information, business trade secrets or use the internet
for exploitive or malicious purposes. Criminals can also
use computers for communication and document or data
storage.
 Cybercrimes are generally classified as: (1) Offenses
against the confidentiality, integrity and availability of
computer data and systems; (2) Computer-related
Offenses; and (3) Content-related Offenses.

 The Act also criminalizes aiding or abetting in the

commission of cybercrimes as well as attempts to
commit cybercrimes. It also criminalizes as an
obstruction of justice any failure to comply with the
orders of law enforcement authorities issued for the
purpose of investigating or prosecuting cybercrimes.
(Aguda and Tiojanco, 2012)
HISTORY OF REPUBLIC ACT
NO. 10175 – THE
CYBERCRIME PREVENTION
ACT OF 2012
 The Congress passed the first cybercrime law, Republic Act No.
8792 or the Electric Commerce (E-Commerce) Act of 2000, which
merely regulated certain computer related activities, however
these existing laws does not account for the crimes that have
been done over a computer.When the Republic of the Philippines
was placed on a global cyber-map due to the “I Love You Virus”
which was unleashed globally in the year 2000. As the legislation
was only passed last June 2000, it wasn’t able to prosecute Onel
De Guzman who is believed to be the culprit behind the I Love
You Virus as the cybercrime got committed a month prior to the
law’s passage.
 Not long after, the Department of Justice (DOJ) and the
primary law enforcement agencies, the National Bureau
of Investigation (NBI) and the Philippine National Police
(PNP) Criminal Investigation and Detection Group (CIDG)
established the first cybercrime laboratories in 2001,
one for each agency given the need to build the
capacity and to spur development of cyber
investigations.
 The Supreme Court set and issued Rules on Electronic
Evidence on July 17, 2001 and was initially only
applicable to all civil actions and proceedings as well as
quasi-judicial and administrative cases but eventually it
was amended on September 24, 2002 to include criminal
cases.
 The Department of Justice created the Task Force on E-
Government, Cyber-security and Cybercrime to address
cyber-security issues and to pursue an e-government agenda.
The task force began collaborating with the Council of
Europe, the organization which drafted and pushed for the
adoption of the first international convention on cybercrime
(CoC) known as the Budapest Convention.

 The Council of Europe is an international organization which

promotes co-operation between all countries in Europe in the
areas of legal standards, human rights, democratic
development, the rule of law and cultural co-operation.
 The Cybercrime Prevention Act (CPA) of 2012 is the first piece
of legislation comprehensively dealing with cybercrimes. The
Act completely addresses crimes committed against and by
means of computer system ; offenses such as illegal data,
data interference, device misuse, cybersquatting, computer
fraud, cybersex among others.The law focuses on the pre-
emption,prevention and prosecution of cybercrimes such as
offenses against the confidentiality, integrity and availability
of computer data and systems, computer-related offenses,
and content-related offenses. And it also reaffirms existing
laws against child pornography punishable act under R.A.
9775 (Anti-Child Pornography Act of 2009) and libel
punishable under Article 355 of the Revised Penal Code.
 R.A. 8792 is the first to penalize cybercrimes, however,
R.A. 8484 (Access Device Regulation Act of 1998) and
R.A. 4200 (Anti-wiretapping Law) had earlier recognized
acts done using information and communication
technology (ICT). Prior to the effectivity of CPA, R.A.
10173 (Data Privacy Act of 2012) was enacted to protect
the fundamental human right of privacy and of
communication while ensuring free flow of information
to promote innovation and growth.
THE ROOTS OF CYBERCRIME
PREVENTION ACT
 The Cybercrime Bill started in 2001 under the Legal and
Regulatory Committee of the former Information
Technology and e-Commerce Council’s (ITECC) which
later became the Commission on Information and
Communication Technology (CICT). It was headed by
former Secretary Virgilio “Ver” Peña and the Committee
was chaired by Atty. Claro Parlade.
 Numerous public sector consultations were held, on
January 2004, the first local cybercrime conference was
organized by Atty. Gigo Alampay with representatives
from the Department of Justice of both the United
States and Canada.
 During 2006 and 2007, the prototype Cybercrime
Prevention Act was initially crafted and later finalized
after the first international cybercrime conference on
October 25-26,2007.

 On the first quarter of 2008, legislative strategy on

information and and communication was created by the
government focused mainly in adopting a three-tiered
approach in crafting related laws to underline the
primacy of three virtual subjects,namely: data privacy,
cybercrime, and cybersecurity.
 The Cybercrime Prevention Act was signed into law on
September 12,2012 by former President Benigno C.
Aquino.

 The IRR of the Cybercrime Prevention Act was signed on

August 12, 2015.
SYNTHESIS OF CASES
 The Supreme Court has decided six cases on Cybercrime
Prevention Act of 2012.

 In the case of Disini v. Secretary of Justice 716 SCRA 237, the

Supreme Court ruled that libel is not a constitutionally
protected speech and that the government has an obligation
to protect private individuals from defamation. Cyberlibel is
not a new crime since Article 353, in relation to Article 355 of
the Revised Penal Code already punishes it. In effect, Section
4(c)4 of R.A 10175 merely affirms that online defamation
constitutes similar means for committing libel. Thus, Section
4(c)4 penalizing online libel is valid and constitutional with
respect to the original author of the post, but void and
unconstitutional with respect to others who simply receive
the post and react to it.
 In Vivares v. St. Theresa’s College 737 SCRA 92, the
Supreme Court ruled that in developing the writ of
habeas data, the Court aimed to protect an individual’s
right to informational privacy, among others. The writ,
however, will not issue on the basis merely of an alleged
unauthorized access to information about a person.
Moreover, the existence of a person’s right to
informational privacy and a showing, at least by
substantial evidence, of an actual or threatened
violation of the right to privacy in life, liberty or
security of the victim are indispensable before the
privilege of the writ may be extended.
 In Bonifacio v. RTC 620 SCRA 268, the Supreme Court stated
that the rules on venue of criminal actions for internet libel
are as follows: (I) If the offended party is a private individual,
the criminal case can only be filed in either of two places,
namely: (a) where the complainant or offended party actually
resides at the time of the commission of the offense; or (b)
where the alleged defamatory article was printed and first
published. (II) If the offended party is a public official, the
criminal case can only be filed in either of two places,
namely: (a) in the place (whether in or outside Manila) where
he holds office at the time of the commission of the crime; or
(b) where the alleged defamatory article was printed and first
published.
 In Maliksi v. COMELEC, 693 SCRA 214, the Court ruled as
to the evidentiary value of the digital ballot images that
the ballot images in the CF cards, as well as the
printouts of such images, are the functional equivalent
of the official physical ballots filled up by the voters,
and may be used in an election protest
 In Nogales v. People 660 SCRA 475, the court held that if
the softwares were determined to be violative of Article
201 of the RPC, unlicensed or pirated, they should also
be forfeited and destroyed in the manner allowed by
law. The law is clear. Only licensed softwares that can
be used for legitimate purposes should be returned to
petitioners.
 In People v. Enojas 718 SCRA 313 the Court stated that
as to the admissibility of the text messages, the RTC
admitted them in conformity with the Court’s earlier
Resolution applying the Rules on Electronic Evidence to
criminal actions. Text messages are to be proved by the
testimony of a person who was a party to the same or
has personal knowledge of them.
 From the above cases, the Supreme Court has laid down
the necessary conditions to consider for the filing of an
action on Cybercrime such that (1) the prosecution
bears the burden of proving the presence of actual
malice (Disini case) where such requirement is required
to establish guilt and for the accused, his defense must
show that he has a justifiable reason for the defamatory
statement (Disini case) and the (2) extent of the right to
privacy protected in Social Networking Sites (Vivares
case) and the (3) rules on venue of criminal actions for
internet libel.
 Further, it can be stressed out that digital documents
such as printed ballots which are scanned and recorded
by machines such as the PCOS are considered to be
“official” (Maliksi case) and it being official, it may be
used in an electoral protest and violation of Article 201
of the Revised Penal Code in relation to online
pornography is strictly dealt with by the Court and other
illegal and obscene films should be forfeited in favor of
the government to be destroyed (Nogales case) and
lastly, the use of text messages in an entrapment
operation is in conformity of the Rules on Electronic
Evidence in a criminal action (Enojas case).
CONCLUSION
 Computers add a new dimension to criminal law, presenting
many issues for law enforcement. At the forefront of law
enforcement concerns is the necessity to secure adequate
training to combat these crimes. This requires additional
resources. The technical sophistication needed to follow the
"electronic trail" far surpasses traditional methods of
investigation. In some cases data are encrypted, making it
difficult for police authorities to discern the contents of the
information. The detection of criminal conduct may also be
hampered by the reluctance of entities to report an
unauthorized computer access.


 However, the researchers observed that one of the
challenges of the law is integrating and adapting to the
additional layer of interaction provided by cyberspace.
As derived from the data presented in the paper, there
are several complaints on cyber-related offenses
however, there is no assurance that all complaints were
resolved. Moreover, only few cases were decided by the
courts.
 The researchers recommend that further trainings for
the stakeholders involved in the Cybercrime Law such as
the PNP-ACG, NBI-Cybercrime, the respective local
government units and the courts. As one of the
objectives of the Department of Justice – Office of
Cybercrime, a National Computer Forensics Training
Program (NCFTP) will be launched to train and
capacitate our law enforcers in computer forensics
jointly. The main purpose is to have a consolidated
training for all law enforcement agencies in computer
forensics and provide them with a structured
procedures and guidelines consistent with international
best practices.
TOPICS DISCUSSED IN OUR PAPER:
 History of Republic Act No. 10175

 The Cybercrime Prevention Act Of 2012

 2014-2015 Trends and Challenges

Offenses Against And By Means Of Computer System

 Crimes Against Children

 Challenges on Electronic Device

 2016-2017 Current Trends and Challenges

 Core Cybercrimes

 Computer Related Offenses

 Content Related Offenses

 Crimes Committed By Through the Use of ICTS

 Cybercrime Offenses

 Penalties

 Case Briefs

 Case Synthesis

 Conclusion
BIBLIOGRAPHY
 Aguda, Henry Rhoel R. and Tiojanco Bryan Dennis G. Tiojanco, A Primer The
Cybercrime Prevention Act of 2012 and the Data Privacy Act of 2012, (2013).

 Philippines 2014-2015 Cybercrime Report, The Rule of Law in Cyberspace, march

2015

 (https://www.doj.gov.ph/files/cybercrime_office/2014-
2015_Annual_Cybercrime_Report.pdf). Accessed on August 24, 2017.

 Philippines 2016-2017 Cybercrime Report,The Rule of Law in Cyberspace,May 2017

(https://doj.gov.ph//files/OOC/ooc_report_corrected.pdf) Accessed on August 24,
2017.

 Rules and Regulations Implementing Republic Act 10175

(https://www.doj.gov.ph/files/cybercrime_office/Rules_and_Regulations_Implem
enting_Republic_Act_10175.pdf) Accessed on August 24, 2017.
 Geronimo Sy, “A Short History of the Development of Cybercrime Legislation in the
Philippines 2000 to 2015.”
(https://doj.gov.ph/files/cybercrime_office/Short%20History%20of%20the%20Dvlpt
%20of%20Cybercrime.pdf) Accessed on August 27,2017.

 R.A. 10175( http://www.officialgazette.gov.ph/2012/09/12/republic-act-no-

10175/) Accessed on August 24, 2017.

 Cybercrime Definition

 (https://www.techopedia.com/definition/2387/cybercrime). Accessed on August

24, 2017.