RA 10175 OUTLINE

CYBERCRIME PREVENTION ACT OF 2012

HISTORY

 Year 2000 - I Love You Virus

- Implementation of RA 8792( Electronic Commerce Act of 2000)
 2001 - Convention on Cybercrime. Anti-Cybercrime bill (2001) was filed by former
Congressman Eric D. Singson. Supported by Senator Ramon Magsaysay Jr. at Senate
legislation.
 2004 - Rise of BPO Companies
 2005 - First Cybercrime Conviction
- Revision of Cybercrime Prevention Bill
 2007 – The CICT took a proactive role in advocating for various laws such as the
Cybercrime Bill. Various groups also participated in hearings and consultation on various
ICT policies.
 “Boy Bastos” got the attention of Senator Loren Legarda’s as it linked to porn and sex
scandal videos. y
 2008 - Senator Manny Villar filed for revision of Cybercrime Prevention Bill
 2009 - Senator Antonio Trillanes IV filed for revision of Cybercrime Prevention Bill
 2010 - Norton stated that 9 out of 10 Filipinos are victims of various forms of cybercrime
 September 12, 2012 - The RA 10175 is approved.

CHAPTER I – PRELIMINARY PROVISIONS

SECTION 1 – TITLE
(CYBERCRIME PREVENTION ACT OF 2012)
SECTION 2 – DECLARATION OF POLICY
The State recognizes the vital role of information and communications industries such as
content production, telecommunications, broadcasting electronic commerce, and data
processing, in the nation’s overall social and economic development.
SECTION 3 – DEFINITION OF TERMS

TERM DEFINITION
Access  Refers to the instruction, communication with, storing
data in, retrieving data from, or otherwise making use
of any resources of a computer system or
communication network.
Alteration  Refers to the modification or change, in form or
substance, of an existing computer data or program.
Communication  Refers to the transmission of information through ICT
media, including voice, video and other forms of data.
Computer  Capable of performing logical, arithmetic, routing, or
storage functions and which includes any storage
facility or equipment or communications facility or
equipment directly related to or operating in
conjunction with such device.
Computer data  Any representation of facts, information, or concepts in
 a form suitable for processing in a computer system
using a program suitable to cause a computer system
to perform

Computer program  Refers to a set of instructions executed by the

computer to achieve intended results.
Computer system  Any device or group of interconnected or related
devices, one or more of which, pursuant to a program,
performs automated processing of data.
Without right  conduct undertaken without or in excess of authority;
 conduct not covered by established legal defenses,
excuses, court orders, justifications, or relevant
principles under the law.
Cyber  Refers to a computer or a computer network, the
electronic medium in which online communication
takes place.
Critical infrastructure  The incapacity or destruction of or interference with
such system and assets would have a debilitating
impact on security, national or economic security,
national public health and safety, or any combination of
those matters.
Cybersecurity  Used to protect the cyber environment and
organization and user’s assets.
Database  Stored in a formalized manner and which are intended
for use in a computer system.
Interception  Through the use of electronic eavesdropping or
tapping devices, at the same time that the
communication is occurring.
Service provider  Any public or private entity that provides to users of its
service the ability to communicate by means of a
computer system;
 Any other entity that processes or stores computer
data on behalf of such communication service or users
of such service.
Subscriber’s Information  Refers to any information contained in the form of
computer data or any other form that is held by a
service provider
Traffic Data  Refers to any computer data other than the content of
the communication

CHAPTER II – PUNISHABLE ACTS

SECTION 4 – CYBERCRIME OFFENSES
The following acts constitute the offense of cybercrime punishable under this Act:
(a) Offenses against the confidentiality, integrity and availability of computer data and
systems:
(b) Computer-related Offenses:
(c) Content-related Offenses:

TYPE OF OFFENSE SPECIFIC OFFENSE

Offenses against the confidentiality, (a) Illegal Access
integrity and availability of computer (b) Illegal Interception
data and systems: (c) Data Interference.
(d) System Interference.
(e) Misuse of Devices.
(f) Cyber-squatting.
Computer-related Offenses: (a) Computer-related Forgery
(b) Computer-related Fraud
Content-related Offenses: (a) Cybersex
(b) Child Pornography
(c) Unsolicited Commercial Communications
(d) Libel

SECTION 5 – OTHER OFFENSES

The following acts shall also constitute an offense:
(a) Aiding or Abetting in the Commission of Cybercrime. – Any person who willfully abets or aids
in the commission of any of the offenses enumerated in this Act shall be held liable.
(b) Attempt in the Commission of Cybercrime. — Any person who willfully attempts to commit
any of the offenses enumerated in this Act shall be held liable.
SECTION 6
All crimes defined and penalized by the Revised Penal Code, as amended, and special
laws, if committed by, through and with the use of information and communications technologies
shall be covered by the relevant provisions of this Act: Provided, That the penalty to be imposed
shall be one (1) degree higher than that provided for by the Revised Penal Code, as amended,
and special laws, as the case may be.
SECTION 7 – LIABILITY UNDER OTHER LAWS
A prosecution under this Act shall be without prejudice to any liability for violation of any
provision of the Revised Penal Code, as amended, or special laws.

CHAPTER III – PENALTIES

SECTION 8 - PENALTIES
 SECTIONS VIOLATED PENALTIES
Sections 4(a) and 4(b)  prision mayor
 a fine of at least Two hundred thousand pesos
(PhP200,000.00) up to a maximum amount
commensurate to the damage incurred
Section 4(a)(5)  prision mayor
 or a fine of not more than Five hundred thousand
pesos (PhP500,000.00)
Section 4(a) against  reclusion temporal 
critical infrastructures  a fine of at least Five hundred thousand pesos
(PhP500,000.00) up to maximum amount
commensurate to the damage incurred
Section 4(c)(1)  prision mayor
 a fine of at least Two hundred thousand pesos
(PhP200,000.00) but not exceeding One million pesos
(PhP1,000,000.00)
Section 4(c)(2)  One degree higher sanction based on the Republic
Act No. 9775 or the "Anti-Child Pornography Act of
2009
Section 4(c)(3)  arresto mayor 
 a fine of at least Fifty thousand pesos (PhP50,000.00)
but not exceeding Two hundred fifty thousand pesos
(PhP250,000.00)
Section 5  one (1) degree lower than that of the prescribed
penalty for the offense
 a fine of at least One hundred thousand pesos
(PhP100,000.00) but not exceeding Five hundred
thousand pesos (PhP500,000.00)

Prision mayor- sanction from six years and one day to twelve years.
Reclusion temporal- penalty from twelve years and one day to twenty years.
Arresto mayor- penalty from one month and one day to six months.

SECTION 9 – CORPORATE LIABILITY

When any of the punishable acts herein defined are knowingly committed on behalf of or for
the benefit of a juridical person, by a natural person acting either individually or as part of an
organization of the juridical person, who has a leading position within, based on:
a) a power of representation of the juridical person provided the act committed falls within
the scope of such authority;
b) an authority to take decisions on behalf of the juridical person: Provided, That the act
committed falls within the scope of such authority; or
c) an authority to exercise control within the juridical person, the juridical person shall be
held liable for a fine equivalent to at least double the fines imposable in Section 7 up
to a maximum of Ten million pesos (PhP10,000,000.00).

If the commission of any of the punishable acts herein defined was made possible due to
the lack of supervision or control by a natural person referred to and described in the preceding
paragraph, for the benefit of that juridical person by a natural person acting under its authority,
the juridical person shall be held liable for a fine equivalent to at least double the fines
imposable in Section 7 up to a maximum of Five million pesos (PhP5,000,000.00).

CHAPTER IV – ENFORCEMENT AND IMPLEMENTATION

SECTION 10 – LAW ENFORCEMENT AUTHORITIES

The National Bureau of Investigation (NBI) and the Philippine National Police (PNP)
shall be responsible for the efficient and effective law enforcement of the provisions of this Act

SECTION 11 – DUTIES OF LAW ENFORCEMENT AUTHORITIES

They are required to submit timely and regular reports including pre-operation, post-
operation and investigation results and such other documents as may be required to the
Department of Justice (DOJ) for review and monitoring.

SECTION 12 – REAL-TIME COLLECTION OF TRAFFIC DATA

Law enforcement authorities, with due cause, shall be authorized to collect or record by
technical or electronic means traffic data in real-time associated with specified communications
transmitted by means of a computer system.
The court warrant required under this section shall only be issued or granted upon
written application and the examination under oath or affirmation of the applicant and the
witnesses he may produce and the showing:

1) that there are reasonable grounds to believe that any of the crimes enumerated
hereinabove has been committed, or is being committed, or is about to be committed
2) that there are reasonable grounds to believe that evidence that will be obtained is
essential to the conviction of any person for, or to the solution of, or to the prevention of,
any such crimes; and
3) that there are no other means readily available for obtaining such evidence.

SECTION 13 – PRESERVATION OF COMPUTER DATA

The integrity of traffic data and subscriber information relating to communication services
provided by a service provider shall be preserved for a minimum period of six (6) months from
the date of the transaction. Content data shall be similarly preserved for six (6) months from the
date of receipt of the order from law enforcement authorities requiring its preservation.

Law enforcement authorities may order a one-time extension for another six (6)
months: Provided, that once computer data preserved, transmitted or stored by a service
provider is used as evidence in a case.

SECTION 14 – DISCLOSURE OF COMPUTER DATA

Issuance of order requiring any person or service provider to disclose or submit

subscriber’s information, traffic data or relevant data in his/its possession or control within
seventy-two (72)hours from receipt of the order in relation to a valid complaint officially
docketed and assigned for investigation and the disclosure is necessary and relevant for the
purpose of investigation.

SECTION 15 – SEARCH, SEIZURE AND EXAMINATIONOF COMPUTER DATA

These are the following powers and duties:

a) To secure a computer system or a computer data storage medium;

 b) To make and retain a copy of those computer data secured;
c) To maintain the integrity of the relevant stored computer data;
d) To conduct forensic analysis or examination of the computer data storage medium; and
e) To render inaccessible or remove those computer data in the accessed computer or
computer and communications network.

Law enforcement authorities may request for an extension of time to complete the
examination of the computer data storage medium and to make a return thereon but in no case
for a period longer than thirty (30) days from date of approval by the court.

SECTION 16 – CUSTODY OF COMPUTER DATA

All computer data, including content and traffic data, examined under a proper warrant
shall, within forty-eight (48) hours after the expiration of the period fixed therein, be deposited
with the court in a sealed package, and shall be accompanied by an affidavit of the law
enforcement authority executing it stating the dates and times covered by the examination, and
the law enforcement authority who may access the deposit, among other relevant data.

SECTION 17 – DESTRUCTION OF COMPUTER DATA

Service providers and law enforcement authorities, as the case may be, shall
immediately and completely destroy the computer data subject of a preservation and
examination.

SECTION 18 – EXCLUSIONARY RULE

Any evidence procured without a valid warrant or beyond the authority of the same shall
be inadmissible for any proceeding before any court or tribunal.

SECTION 19 – RESTRICTING OR BLOCKINGACCESS TO COMPUTER

When a computer data is prima facie found to be in violation of the provisions of this Act,
the DOJ shall issue an order to restrict or block access to such computer data.

Prima facie- “at first appearance”

SECTION 20 – NON-COMPLIANCE

Failure to comply with the provisions of Chapter IV hereof specifically the orders from
law enforcement authorities shall be punished as a violation of Presidential Decree No. 1829
with imprisonment of prision correctional in its maximum period or a fine of One hundred
thousand pesos (Php100,000.00) or both, for each and every noncompliance with an
order issued by law enforcement authorities.

CHAPTER V - JUSRISDICTION

SECTION 21 – JURISDICTION
 The Regional Trial Court shall have jurisdiction over any violation of the provisions of
this Act. including any violation committed by a Filipino national regardless of the place of
commission.

CHAPTER VI – INTERNATIONALCOOPERATION

SECTION 22 – GENERAL PRINCIPLES RELATING TO INTERNATIONAL COOPERATION

All relevant international instruments on international cooperation in criminal matters,

arrangements agreed on the basis of uniform or reciprocal legislation, and domestic laws, to the
widest extent possible for the purposes of investigations or proceedings concerning criminal
offenses related to computer systems and data, or for the collection of evidence in electronic
form of a criminal, offense shall be given full force and effect

CHAPTER VII – COMPETENT AUTHORITIES

SECTION 23 – DEPARTMENT OF JUSTICE (DOJ)

There is hereby created an Office of Cybercrime within the DOJ designated as the
central authority in all matters related to international mutual assistance and extradition.

SECTION 24 – CYBERCRIME INVESTIGATION AND COORDINATING CENTER

There is hereby created, within thirty (30) days from the effectivity of this Act, an
inter-agency body to be known as the Cybercrime Investigation and Coordinating Center
(CICC), under the administrative supervision of the Office of the President, for policy
coordination among concerned agencies and for the formulation and enforcement of the
national cybersecurity plan.

SECTION 25 – COMPOSITION

a) The CICC shall be headed by the Executive Director of the Information and
Communications Technology Office under the Department of Science and Technology
(ICTO-DOST) as Chairperson
b) Director of the NBI as Vice Chairperson; the Chief of the PNP
c) Head of the DOJ Office of Cybercrime
d) and one (1) representative from the private sector and academe, as members.

The CICC shall be manned by a secretariat of selected existing personnel and

representatives from the different participating agencies.

CICC Officials:
Louis Napoleon C. Casambre – Chairperson
Dante Gierran – Vice Chairperson
Oscar Albayalde – Member
Jed Sherwin G. Uy – Member

SECTION 26 – POWER AND FUNCTIONS

 a) To formulate a national cybersecurity plan and extend immediate assistance for the
suppression of real-time commission of cybercrime offenses through a computer
emergency response team (CERT);
b) To coordinate the preparation of appropriate and effective measures to prevent and
suppress cybercrime activities as provided for in this Act;
c) To monitor cybercrime cases being bandied by participating law enforcement and
prosecution agencies;
d) To facilitate international cooperation on intelligence, investigations, training and
capacity building related to cybercrime prevention, suppression and prosecution;
e) To coordinate the support and participation of the business sector, local government
units and nongovernment organizations in cybercrime prevention programs and
otherrelated projects;
f) To recommend the enactment of appropriate laws, issuances, measures and policies;
g) To call upon any government agency to render assistance in the accomplishment of the
CICC’s mandated tasks and functions; and
h) To perform all other matters related to cybercrime prevention and suppression, including
capacity building and such other functions and duties as may be necessary for the
proper implementation of this Act.

CHAPTER VIII - FINAL PROVISIONS

SECTION 27- APPROPRIATIONS

The amount of Fifty million pesos (PhP50,000,000.00) shall be appropriated annually

for the implementation of this Act.

SECTION 28 – IMPLEMENTING RULES AND REGULATIONS

The ICTO-DOST, the DOJ and the Department of the Interior and Local Government
(DILG) shall jointly formulate the necessary rules and regulations within ninety (90) days from
approval of this Act, for its effective implementation.

SECTION 29 – SEPARABILITY CAUSE

If any provision of this Act is held invalid, the other provisions not affected shall remain in
full force and effect.

SECTION 30 – REPEALING CAUSE

All laws, decrees or rules inconsistent with this Act are hereby repealed or modified
accordingly. Section 33(a) of Republic Act No. 8792 or the “Electronic Commerce Act” is hereby
modified accordingly.

SECTION 31 - EFFECTIVITY

This Act shall take effect fifteen (15) days after the completion of its publication in
the Official Gazette or in at least two (2) newspapers of general circulation

SIGNATORIES:

(Sgd.) FELICIANO BELMONTE JR.

Speaker of the House of Representatives

(Sgd.) JUAN PONCE ENRILE

President of the Senate

(Sgd.) MARILYN B. BARUA-YAP
Secretary General House of Representatives

(Sgd.) EMMA LIRIO-REYES
Secretary of the Senate

(Sgd.) BENIGNO S. AQUINO III

President of the Philippines