REPUBLIC ACT NO. 10175 related to or operating in conjunction with such device.

It covers any type of

AN ACT DEFINING CYBERCRIME, PROVIDING FOR THE PREVENTION, computer device including devices with data processing capabilities like mobile
INVESTIGATION, SUPPRESSION AND THE IMPOSITION OF PENALTIES THEREFOR phones, smart phones, computer networks and other devices connected to the
AND FOR OTHER PURPOSES internet.

CHAPTER I (e) Computer data refers to any representation of facts, information, or concepts in
PRELIMINARY PROVISIONS a form suitable for processing in a computer system including a program suitable to
cause a computer system to perform a function and includes electronic documents
SECTION 1. TITLE. — This Act shall be known as the "Cybercrime Prevention Act of and/or electronic data messages whether stored in local computer systems or
2012″. online.

SECTION 2. DECLARATION OF POLICY. — The State recognizes the vital role of (f) Computer program refers to a set of instructions executed by the computer to
information and communications industries such as content production, achieve intended results.
telecommunications, broadcasting electronic commerce, and data processing, in
the nation’s overall social and economic development. The State also recognizes the (g) Computer system refers to any device or group of interconnected or related
importance of providing an environment conducive to the development, devices, one or more of which, pursuant to a program, performs automated
acceleration, and rational application and exploitation of information and processing of data. It covers any type of device with data processing capabilities
communications technology (ICT) to attain free, easy, and intelligible access to including, but not limited to, computers and mobile phones. The device consisting
exchange and/or delivery of information; and the need to protect and safeguard the of hardware and software may include input, output and storage components
integrity of computer, computer and communications systems, networks, and which may stand alone or be connected in a network or other similar devices. It also
databases, and the confidentiality, integrity, and availability of information and data includes computer data storage devices or media.
stored therein, from all forms of misuse, abuse, and illegal access by making
punishable under the law such conduct or conducts. In this light, the State shall (h) Without right refers to either: (i) conduct undertaken without or in excess of
adopt sufficient powers to effectively prevent and combat such offenses by authority; or (ii) conduct not covered by established legal defenses, excuses, court
facilitating their detection, investigation, and prosecution at both the domestic and orders, justifications, or relevant principles under the law.
international levels, and by providing arrangements for fast and reliable
international cooperation. (i) Cyber refers to a computer or a computer network, the electronic medium in
which online communication takes place.
SECTION 3. DEFINITION OF TERMS. — For purposes of this Act, the following terms
are hereby defined as follows: (j) Critical infrastructure refers to the computer systems, and/or networks, whether
(a) Access refers to the instruction, communication with, storing data in, retrieving physical or virtual, and/or the computer programs, computer data and/or traffic
data from, or otherwise making use of any resources of a computer system or data so vital to this country that the incapacity or destruction of or interference
communication network. with such system and assets would have a debilitating impact on security, national
or economic security, national public health and safety, or any combination of those
(b) Alteration refers to the modification or change, in form or substance, of an matters.
existing computer data or program.
(k) Cybersecurity refers to the collection of tools, policies, risk management
(c) Communication refers to the transmission of information through ICT media, approaches, actions, training, best practices, assurance and technologies that can
including voice, video and other forms of data. be used to protect the cyber environment and organization and user’s assets.

(d) Computer refers to an electronic, magnetic, optical, electrochemical, or other (l) Database refers to a representation of information, knowledge, facts, concepts,
data processing or communications device, or grouping of such devices, capable of or instructions which are being prepared, processed or stored or have been
performing logical, arithmetic, routing, or storage functions and which includes any prepared, processed or stored in a formalized manner and which are intended for
storage facility or equipment or communications facility or equipment directly use in a computer system.
(m) Interception refers to listening to, recording, monitoring or surveillance of the (2) Illegal Interception. – The interception made by technical means without right
content of communications, including procuring of the content of data, either of any non-public transmission of computer data to, from, or within a computer
directly, through access and use of a computer system or indirectly, through the use system including electromagnetic emissions from a computer system carrying such
of electronic eavesdropping or tapping devices, at the same time that the computer data.
communication is occurring.
(3) Data Interference. — The intentional or reckless alteration, damaging, deletion
(n) Service provider refers to: or deterioration of computer data, electronic document, or electronic data
message, without right, including the introduction or transmission of viruses.
(1) Any public or private entity that provides to users of its service the ability to
communicate by means of a computer system; and (4) System Interference. — The intentional alteration or reckless hindering or
interference with the functioning of a computer or computer network by inputting,
(2) Any other entity that processes or stores computer data on behalf of such transmitting, damaging, deleting, deteriorating, altering or suppressing computer
communication service or users of such service. data or program, electronic document, or electronic data message, without right or
authority, including the introduction or transmission of viruses.
(o) Subscriber’s information refers to any information contained in the form of
computer data or any other form that is held by a service provider, relating to (5) Misuse of Devices.
subscribers of its services other than traffic or content data and by which identity
can be established: (i) The use, production, sale, procurement, importation, distribution, or otherwise
making available, without right, of:
(1) The type of communication service used, the technical provisions taken thereto
and the period of service; (aa) A device, including a computer program, designed or adapted primarily for the
purpose of committing any of the offenses under this Act; or
(2) The subscriber’s identity, postal or geographic address, telephone and other
access numbers, any assigned network address, billing and payment information, (bb) A computer password, access code, or similar data by which the whole or any
available on the basis of the service agreement or arrangement; and part of a computer system is capable of being accessed with intent that it be used
for the purpose of committing any of the offenses under this Act.
(3) Any other available information on the site of the installation of communication
equipment, available on the basis of the service agreement or arrangement. (ii) The possession of an item referred to in paragraphs 5(i)(aa) or (bb) above with
intent to use said devices for the purpose of committing any of the offenses under
(p) Traffic data or non-content data refers to any computer data other than the this section.
content of the communication including, but not limited to, the communication’s
origin, destination, route, time, date, size, duration, or type of underlying service. (6) Cyber-squatting. – The acquisition of a domain name over the internet in bad
faith to profit, mislead, destroy reputation, and deprive others from registering the
CHAPTER II same, if such a domain name is:
PUNISHABLE ACTS
SECTION 4. CYBERCRIME OFFENSES. — The following acts constitute the offense of (i) Similar, identical, or confusingly similar to an existing trademark registered
cybercrime punishable under this Act: with the appropriate government agency at the time of the domain name
registration:
(a) Offenses against the confidentiality, integrity and availability of computer data
and systems: (ii) Identical or in any way similar with the name of a person other than the
registrant, in case of a personal name; and
(1) Illegal Access. – The access to the whole or any part of a computer system
without right. (iii) Acquired without right or with intellectual property interests in it.
(b) Computer-related Offenses: (iii) The following conditions are present:

(1) Computer-related Forgery. — (aa) The commercial electronic communication contains a simple, valid, and reliable
way for the recipient to reject. receipt of further commercial electronic messages
(i) The input, alteration, or deletion of any computer data without right resulting in (opt-out) from the same source;
inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic, regardless whether or not the data is directly (bb) The commercial electronic communication does not purposely disguise the
readable and intelligible; or source of the electronic message; and

(ii) The act of knowingly using computer data which is the product of computer- (cc) The commercial electronic communication does not purposely include
related forgery as defined herein, for the purpose of perpetuating a fraudulent or misleading information in any part of the message in order to induce the recipients
dishonest design. to read the message.

(2) Computer-related Fraud. — The unauthorized input, alteration, or deletion of (4) Libel. — The unlawful or prohibited acts of libel as defined in Article 355 of the
computer data or program or interference in the functioning of a computer system, Revised Penal Code, as amended, committed through a computer system or any
causing damage thereby with fraudulent intent: Provided, That if no other similar means which may be devised in the future.

damage has yet been caused, the penalty imposable shall be one (1) degree lower. SECTION 5. OTHER OFFENSES. — The following acts shall also constitute an offense:

(3) Computer-related Identity Theft. – The intentional acquisition, use, misuse, (a) Aiding or Abetting in the Commission of Cybercrime. – Any person who willfully
transfer, possession, alteration or deletion of identifying information belonging to abets or aids in the commission of any of the offenses enumerated in this Act shall
another, whether natural or juridical, without right: Provided, That if no damage be held liable.
has yet been caused, the penalty imposable shall be one (1) degree lower.
(b) Attempt in the Commission of Cybercrime. — Any person who willfully attempts
(c) Content-related Offenses: to commit any of the offenses enumerated in this Act shall be held liable.

(1) Cybersex. — The willful engagement, maintenance, control, or operation, SECTION 6. All crimes defined and penalized by the Revised Penal Code, as
directly or indirectly, of any lascivious exhibition of sexual organs or sexual activity, amended, and special laws, if committed by, through and with the use of
with the aid of a computer system, for favor or consideration. information and communications technologies shall be covered by the relevant
provisions of this Act: Provided, That the penalty to be imposed shall be one (1)
(2) Child Pornography. — The unlawful or prohibited acts defined and punishable degree higher than that provided for by the Revised Penal Code, as amended, and
by Republic Act No. 9775 or the Anti-Child Pornography Act of 2009, committed special laws, as the case may be.
through a computer system: Provided, That the penalty to be imposed shall be (1)
one degree higher than that provided for in Republic Act No. 9775.1âwphi1 SECTION 7. LIABILITY UNDER OTHER LAWS. — A prosecution under this Act shall be
without prejudice to any liability for violation of any provision of the Revised Penal
(3) Unsolicited Commercial Communications. — The transmission of commercial Code, as amended, or special laws.
electronic communication with the use of computer system which seek to
advertise, sell, or offer for sale products and services are prohibited unless: CHAPTER III
PENALTIES
(i) There is prior affirmative consent from the recipient; or
SECTION 8. PENALTIES. — Any person found guilty of any of the punishable acts
(ii) The primary intent of the communication is for service and/or administrative enumerated in Sections 4(a) and 4(b) of this Act shall be punished with
announcements from the sender to its existing users, subscribers or customers; or imprisonment of prision mayor or a fine of at least Two hundred thousand pesos
(PhP200,000.00) up to a maximum amount commensurate to the damage incurred (c) an authority to exercise control within the juridical person, the juridical person
or both. shall be held liable for a fine equivalent to at least double the fines imposable in
Section 7 up to a maximum of Ten million pesos (PhP10,000,000.00).
Any person found guilty of the punishable act under Section 4(a)(5) shall be
punished with imprisonment of prision mayor or a fine of not more than Five If the commission of any of the punishable acts herein defined was made possible
hundred thousand pesos (PhP500,000.00) or both. due to the lack of supervision or control by a natural person referred to and
described in the preceding paragraph, for the benefit of that juridical person by a
If punishable acts in Section 4(a) are committed against critical infrastructure, the natural person acting under its authority, the juridical person shall be held liable for
penalty of reclusion temporal or a fine of at least Five hundred thousand pesos a fine equivalent to at least double the fines imposable in Section 7 up to a
(PhP500,000.00) up to maximum amount commensurate to the damage incurred or maximum of Five million pesos (PhP5,000,000.00).
both, shall be imposed.
The liability imposed on the juridical person shall be without prejudice to the
Any person found guilty of any of the punishable acts enumerated in Section 4(c)(1) criminal liability of the natural person who has committed the offense.
of this Act shall be punished with imprisonment of prision mayor or a fine of at least
Two hundred thousand pesos (PhP200,000.00) but not exceeding One million pesos CHAPTER IV
(PhPl,000,000.00) or both. ENFORCEMENT AND IMPLEMENTATION

Any person found guilty of any of the punishable acts enumerated in Section 4(c)(2) SECTION 10. LAW ENFORCEMENT AUTHORITIES. — The National Bureau of
of this Act shall be punished with the penalties as enumerated in Republic Act No. Investigation (NBI) and the Philippine National Police (PNP) shall be responsible for
9775 or the "Anti-Child Pornography Act of 2009″: Provided, That the penalty to be the efficient and effective law enforcement of the provisions of this Act. The NBI
imposed shall be one (1) degree higher than that provided for in Republic Act No. and the PNP shall organize a cybercrime unit or center manned by special
9775, if committed through a computer system. investigators to exclusively handle cases involving violations of this Act.

Any person found guilty of any of the punishable acts enumerated in Section 4(c)(3) SECTION 11. DUTIES OF LAW ENFORCEMENT AUTHORITIES. — To ensure that the
shall be punished with imprisonment of arresto mayor or a fine of at least Fifty technical nature of cybercrime and its prevention is given focus and considering the
thousand pesos (PhP50,000.00) but not exceeding Two hundred fifty thousand procedures involved for international cooperation, law enforcement authorities
pesos (PhP250,000.00) or both. specifically the computer or technology crime divisions or units responsible for the
investigation of cybercrimes are required to submit timely and regular reports
Any person found guilty of any of the punishable acts enumerated in Section 5 shall including pre-operation, post-operation and investigation results and such other
be punished with imprisonment one (1) degree lower than that of the prescribed documents as may be required to the Department of Justice (DOJ) for review and
penalty for the offense or a fine of at least One hundred thousand pesos monitoring.
(PhPl00,000.00) but not exceeding Five hundred thousand pesos (PhP500,000.00)
or both. SECTION 12. REAL-TIME COLLECTION OF TRAFFIC DATA. — Law enforcement
authorities, with due cause, shall be authorized to collect or record by technical or
Section 9. Corporate Liability. — When any of the punishable acts herein defined electronic means traffic data in real-time associated with specified communications
are knowingly committed on behalf of or for the benefit of a juridical person, by a transmitted by means of a computer system.
natural person acting either individually or as part of an organ of the juridical
person, who has a leading position within, based on: Traffic data refer only to the communication’s origin, destination, route, time, date,
(a) a power of representation of the juridical person provided the act committed size, duration, or type of underlying service, but not content, nor identities.
falls within the scope of such authority;
(b) an authority to take decisions on behalf of the juridical person: Provided, That All other data to be collected or seized or disclosed will require a court warrant.
the act committed falls within the scope of such authority; or
Service providers are required to cooperate and assist law enforcement authorities
in the collection or recording of the above-stated information.
 (b) To make and retain a copy of those computer data secured;
The court warrant required under this section shall only be issued or granted upon (c) To maintain the integrity of the relevant stored computer data;
written application and the examination under oath or affirmation of the applicant (d) To conduct forensic analysis or examination of the computer data storage
and the witnesses he may produce and the showing: (1) that there are reasonable medium; and
grounds to believe that any of the crimes enumerated hereinabove has been (e) To render inaccessible or remove those computer data in the accessed computer
committed, or is being committed, or is about to be committed: (2) that there are or computer and communications network.
reasonable grounds to believe that evidence that will be obtained is essential to the
conviction of any person for, or to the solution of, or to the prevention of, any such Pursuant thereof, the law enforcement authorities may order any person who has
crimes; and (3) that there are no other means readily available for obtaining such knowledge about the functioning of the computer system and the measures to
evidence. protect and preserve the computer data therein to provide, as is reasonable, the
necessary information, to enable the undertaking of the search, seizure and
SECTION 13. PRESERVATION OF COMPUTER DATA. — The integrity of traffic data examination.
and subscriber information relating to communication services provided by a
service provider shall be preserved for a minimum period of six (6) months from the Law enforcement authorities may request for an extension of time to complete the
date of the transaction. Content data shall be similarly preserved for six (6) months examination of the computer data storage medium and to make a return thereon
from the date of receipt of the order from law enforcement authorities requiring its but in no case for a period longer than thirty (30) days from date of approval by the
preservation. court.

Law enforcement authorities may order a one-time extension for another six (6) SECTION 16. CUSTODY OF COMPUTER DATA. — All computer data, including
months: Provided, That once computer data preserved, transmitted or stored by a content and traffic data, examined under a proper warrant shall, within forty-eight
service provider is used as evidence in a case, the mere furnishing to such service (48) hours after the expiration of the period fixed therein, be deposited with the
provider of the transmittal document to the Office of the Prosecutor shall be court in a sealed package, and shall be accompanied by an affidavit of the law
deemed a notification to preserve the computer data until the termination of the enforcement authority executing it stating the dates and times covered by the
case. examination, and the law enforcement authority who may access the deposit,
among other relevant data. The law enforcement authority shall also certify that no
The service provider ordered to preserve computer data shall keep confidential the duplicates or copies of the whole or any part thereof have been made, or if made,
order and its compliance. that all such duplicates or copies are included in the package deposited with the
court. The package so deposited shall not be opened, or the recordings replayed, or
SECTION 14. DISCLOSURE OF COMPUTER DATA. — Law enforcement authorities, used in evidence, or then contents revealed, except upon order of the court, which
upon securing a court warrant, shall issue an order requiring any person or service shall not be granted except upon motion, with due notice and opportunity to be
provider to disclose or submit subscriber’s information, traffic data or relevant data heard to the person or persons whose conversation or communications have been
in his/its possession or control within seventy-two (72) hours from receipt of the recorded.
order in relation to a valid complaint officially docketed and assigned for
investigation and the disclosure is necessary and relevant for the purpose of SECTION 17. DESTRUCTION OF COMPUTER DATA. — Upon expiration of the
investigation. periods as provided in Sections 13 and 15, service providers and law enforcement
authorities, as the case may be, shall immediately and completely destroy the
SECTION 15. SEARCH, SEIZURE AND EXAMINATION OF COMPUTER DATA. — computer data subject of a preservation and examination.
Where a search and seizure warrant is properly issued, the law enforcement
authorities shall likewise have the following powers and duties. SECTION 18. EXCLUSIONARY RULE. — Any evidence procured without a valid
warrant or beyond the authority of the same shall be inadmissible for any
Within the time period specified in the warrant, to conduct interception, as defined proceeding before any court or tribunal.
in this Act, and:

(a) To secure a computer system or a computer data storage medium;

SECTION 19. RESTRICTING OR BLOCKING ACCESS TO COMPUTER DATA. — When a SECTION 24. CYBERCRIME INVESTIGATION AND COORDINATING CENTER. — There
computer data is prima facie found to be in violation of the provisions of this Act, is hereby created, within thirty (30) days from the effectivity of this Act, an inter-
the DOJ shall issue an order to restrict or block access to such computer data. agency body to be known as the Cybercrime Investigation and Coordinating Center
(CICC), under the administrative supervision of the Office of the President, for policy
SECTION 20. NONCOMPLIANCE. — Failure to comply with the provisions of Chapter coordination among concerned agencies and for the formulation and enforcement
IV hereof specifically the orders from law enforcement authorities shall be punished of the national cybersecurity plan.
as a violation of Presidential Decree No. 1829 with imprisonment of prision
correctional in its maximum period or a fine of One hundred thousand pesos SECTION 25. COMPOSITION. — The CICC shall be headed by the Executive Director
(Php100,000.00) or both, for each and every noncompliance with an order issued by of the Information and Communications Technology Office under the Department
law enforcement authorities. of Science and Technology (ICTO-DOST) as Chairperson with the Director of the NBI
as Vice Chairperson; the Chief of the PNP; Head of the DOJ Office of Cybercrime;
CHAPTER V and one (1) representative from the private sector and academe, as members. The
JURISDICTION CICC shall be manned by a secretariat of selected existing personnel and
representatives from the different participating agencies.1âwphi1
SECTION 21. JURISDICTION. — The Regional Trial Court shall have jurisdiction over
any violation of the provisions of this Act. including any violation committed by a SECTION 26. POWERS AND FUNCTIONS. — The CICC shall have the following
Filipino national regardless of the place of commission. Jurisdiction shall lie if any of powers and functions:
the elements was committed within the Philippines or committed with the use of
any computer system wholly or partly situated in the country, or when by such (a) To formulate a national cybersecurity plan and extend immediate assistance for
commission any damage is caused to a natural or juridical person who, at the time the suppression of real-time commission of cybercrime offenses through a
the offense was committed, was in the Philippines. computer emergency response team (CERT);

There shall be designated special cybercrime courts manned by specially trained (b) To coordinate the preparation of appropriate and effective measures to prevent
judges to handle cybercrime cases. and suppress cybercrime activities as provided for in this Act;

CHAPTER VI (c) To monitor cybercrime cases being bandied by participating law enforcement
INTERNATIONAL COOPERATION and prosecution agencies;

SECTION 22. GENERAL PRINCIPLES RELATING TO INTERNATIONAL COOPERATION. (d) To facilitate international cooperation on intelligence, investigations, training
— All relevant international instruments on international cooperation in criminal and capacity building related to cybercrime prevention, suppression and
matters, arrangements agreed on the basis of uniform or reciprocal legislation, and prosecution;
domestic laws, to the widest extent possible for the purposes of investigations or
proceedings concerning criminal offenses related to computer systems and data, or (e) To coordinate the support and participation of the business sector, local
for the collection of evidence in electronic form of a criminal, offense shall be given government units and nongovernment organizations in cybercrime prevention
full force and effect. programs and other related projects;

CHAPTER VII (f) To recommend the enactment of appropriate laws, issuances, measures and
COMPETENT AUTHORITIES policies;

SECTION 23. DEPARTMENT OF JUSTICE (DOJ). — There is hereby created an Office (g) To call upon any government agency to render assistance in the accomplishment
of Cybercrime within the DOJ designated as the central authority in all matters of the CICC’s mandated tasks and functions; and
related to international mutual assistance and extradition.
(h) To perform all other matters related to cybercrime prevention and suppression,
including capacity building and such other functions and duties as may be necessary
for the proper implementation of this Act.

CHAPTER VIII
FINAL PROVISIONS

SECTION 27. APPROPRIATIONS. — The amount of Fifty million pesos

(PhP50,000,000_00) shall be appropriated annually for the implementation of this
Act.

SECTION 28. IMPLEMENTING RULES AND REGULATIONS. — The ICTO-DOST, the

DOJ and the Department of the Interior and Local Government (DILG) shall jointly
formulate the necessary rules and regulations within ninety (90) days from approval
of this Act, for its effective implementation.

SECTION 29. SEPARABILITY CLAUSE — If any provision of this Act is held invalid, the
other provisions not affected shall remain in full force and effect.

SECTION 30. REPEALING CLAUSE. — All laws, decrees or rules inconsistent with this
Act are hereby repealed or modified accordingly. Section 33(a) of Republic Act No.
8792 or the "Electronic Commerce Act" is hereby modified accordingly.

SECTION 31. EFFECTIVITY. — This Act shall take effect fifteen (15) days after the
completion of its publication in the Official Gazette or in at least two (2) newspapers
of general circulation.