0 valutazioniIl 0% ha trovato utile questo documento (0 voti)
19 visualizzazioni25 pagine
This document contains a draft of rules and regulations implementing the Cybercrime Prevention Act of 2012 in the Philippines. It begins with preliminary provisions, defining key terms related to cybercrime such as access, alteration, computer, and traffic data. It also establishes the Cybercrime Investigation and Coordinating Center as the competent authority for enforcing cybercrime prevention. The document provides definitions to clarify important concepts in investigating and prosecuting technology-enabled crimes.
This document contains a draft of rules and regulations implementing the Cybercrime Prevention Act of 2012 in the Philippines. It begins with preliminary provisions, defining key terms related to cybercrime such as access, alteration, computer, and traffic data. It also establishes the Cybercrime Investigation and Coordinating Center as the competent authority for enforcing cybercrime prevention. The document provides definitions to clarify important concepts in investigating and prosecuting technology-enabled crimes.
This document contains a draft of rules and regulations implementing the Cybercrime Prevention Act of 2012 in the Philippines. It begins with preliminary provisions, defining key terms related to cybercrime such as access, alteration, computer, and traffic data. It also establishes the Cybercrime Investigation and Coordinating Center as the competent authority for enforcing cybercrime prevention. The document provides definitions to clarify important concepts in investigating and prosecuting technology-enabled crimes.
Republic Act No. 10175, Otherwise Known as the !bercrime "re#ention Act O$ %01% Pursuant to the authority of the Department of Justice, Department of Interior and Local Government and Department of Science and Technology under Republic ct !o" #$#%&, other'ise (no'n as the )*ybercrime Prevention ct of +$#+,, the follo'ing rules and regulations are hereby promulgated to implement the provisions of said ct- &A"'(R I R)*( 1 "reliminar! "ro#isions +ection 1. Title. , These Rules shall be referred to as the Implementing Rules and Regulations of Republic ct !o" #$#%& or the *ybercrime Prevention ct of +$#+" +ection %. Declaration of Policy. . The State recogni/es the vital role of information and communications industries such as content production, telecommunications, broadcasting, electronic commerce, and data processing, in the nation0s overall social and economic development" The State also recogni/es the importance of providing an environment conducive to the development, acceleration, and rational application and e1ploitation of information and communications technology to attain free, easy, and intelligible access to e1change and2or delivery of information3 and the need to protect and safeguard the integrity of computer, computer and communications systems, net'or(s, and databases, and the confidentiality, integrity, and availability of information and data stored therein, from all forms of misuse, abuse, and illegal access by ma(ing punishable under the la' such conduct or conducts" In this light, the State shall adopt sufficient po'ers to effectively prevent and combat such offenses by facilitating their detection, investigation, and prosecution at both the domestic and international levels, and by providing arrangements for fast and reliable international cooperation" +ection -. Definition of Terms. . 4or purposes of this implementing rules and regulations, the follo'ing terms are hereby defined as follo's- 1 Draft as of 28 March 2014 a5 Access refers to the instruction, communication 'ith, storing data in, retrieving data from, or other'ise ma(ing use of any resources of a computer system or communication net'or(" b5 Act refers to Republic ct !o" #$#%& or the *ybercrime Prevention ct of +$#+" c5 Alteration refers to the modification or change, in form or substance, of an e1isting computer data or program" d5 Bullying refers to the unla'ful or prohibited acts defied and punishable by Republic ct !o" #$6+% or the nti78ullying ct of +$#9, committed through the use of technology or any electronic means" e5 Child Pornography refers to the unla'ful or prohibited acts defined and punishable by Republic ct !o" :%%& or the nti7*hild Pornography ct of +$$:, committed through a computer system- Provided, that the penalty to be imposed shall be one ;#5 degree higher than that provided for in Republic ct !o" :%%&" f5 Collection refers to gathering and receiving information" g5 Communication refers to the transmission of information through I*T media, including voice, video and other forms of data" h5 Competent Authority refers to the *ybercrime Investigation and *oordinating *enter or the D<J . <ffice of *ybercrime" i5 Computer refers to an electronic, magnetic, optical, electrochemical, or other data processing or communications device, or grouping of such devices, capable of performing logical, arithmetic, routing, or storage functions and 'hich includes any storage facility or e=uipment or communications facility or e=uipment directly related to or operating in con>unction 'ith such device" It covers any type of computer device including devices 'ith data processing capabilities li(e mobile phones, smart phones, computer net'or(s and other devices connected to the internet" >5 Computer data refers to any representation of facts, information, or concepts in a form suitable for processing in a computer system including a program 2 Draft as of 28 March 2014 suitable to cause a computer system to perform a function and includes electronic documents and2or electronic data messages 'hether stored in local computer systems or online" (5 Computer program refers to a set of instructions e1ecuted by the computer" l5 Computer system refers to any device or group of interconnected or related devices, one or more of 'hich, pursuant to a program, performs automated processing of data" It covers any type of device 'ith data processing capabilities including, but not limited to, computers and mobile phones" The device consisting of hard'are and soft'are may include input, output and storage components 'hich may stand alone or be connected in a net'or( or other similar devices" It also includes computer data storage devices or media" m5 Critical infrastructure refers to the computer systems, and2or net'or(s, 'hether physical or virtual, and2or the computer programs, computer data and2or traffic data so vital to this country that the incapacity or destruction of or interference 'ith such system and assets 'ould have a debilitating impact on security, national or economic security, national public health and safety, or any combination of those matters" n5 Cybersecurity refers to the collection of tools, policies, ris( management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organi/ation and user0s assets" o5 National Cybersecurity Plan refers to a comprehensive plan of actions designed to improve the security and enhance cyber resilience of infrastructures and services" It is a top7do'n approach to cybersecurity that contains broad policy statements and establishes a set of national ob>ectives and priorities that should be achieved in a specific timeframe" p5 Cybersex refers to the 'illful engagement, maintenance, control, or operation, directly or indirectly, of any lascivious e1hibition of se1ual organs or se1ual activity, 'ith the aid of a computer system, for favor or consideration" =5 Cyber refers to a computer or a computer net'or(, the electronic medium in 'hich online communication ta(es place" 3 Draft as of 28 March 2014 r5 Database refers to a representation of information, (no'ledge, facts, concepts, or instructions 'hich are being prepared, processed or stored or have been prepared, processed or stored in a formali/ed manner and 'hich are intended for use in a computer system" s5 Hash value refers to the mathematical algorithm produced against digital information ;a file, a physical dis(, a logical dis(5 thereby creating a ?digital fingerprint0 or ?digital D!0 for that information" It is by purpose a one7'ay algorithm and thus it is not possible to change digital evidence, 'ithout changing the corresponding hash values" t5 dentifying information refers to any name or number that may be used alone or in con>unction 'ith any other information, to identify any specific individual, including any- #" !ame, date of birth, driver0s license number, passport number or ta1 identification number3 +" @ni=ue biometric data, such as fingerprint or other uni=ue physical representation3 9" @ni=ue electronic identification number, address, or routing code3 and A" Telecommunication identifying information or access device" u5 nterception refers to listening to, recording, monitoring or surveillance of the content of communications, including procurement of the content of data, either directly, through access and use of a computer system or indirectly, through the use of electronic eavesdropping or tapping devices, at the same time that the communication is occurring" v5 !a" enforcement authorities refers to the !ational 8ureau of Investigation ;!8I5 and the Philippine !ational Police ;P!P5 under Section #$ of the ct" '5 #riginal author refers to the person 'ho created or is the origin of the assailed electronic statement or post using the computer system" 15 Preservation refers to (eeping data, 'hich already e1ists in a stored form, protected from anything that 'ould cause its current =uality or condition to 4 Draft as of 28 March 2014 change or deteriorate" It is the activity that (eeps that stored data secure and safe" y5 $ervice Provider refers to- #" any public or private entity that provides to users of its service the ability to communicate by means of a computer system3 and +" any other entity that processes or stores computer data on behalf of such communication service or users of such service" /5 $ubscriber%s information refers to any information contained in the form of computer data or any other form that is held by a service provider, relating to subscribers of its services other than traffic or content data and by 'hich can be established- #" The type of communication service used, the technical provisions ta(en thereto and the period of service3
+" The subscriber0s identity, postal or geographic address, telephone and other access number, any assigned net'or( address, billing and payment information available on the basis of the service agreement3 or 9" ny other available information on the site of the installation of communication e=uipment, available on the basis of the service agreement or arrangement" aa5Traffic Data or Non&Content Data refers to any computer data other than the content of the communication, including but not limited to the communication0s origin, destination, route, time, date, si/e, duration, or type of underlying service" bb5 'ithout (ight refers to either- ;i5 conduct underta(en 'ithout or in e1cess of authority3 or ;ii5 conduct not covered by established legal defenses, e1cuses, court orders, >ustifications, or relevant principles under the la'" &A"'(R II R)*( % "unishable Acts and "enalties 5 Draft as of 28 March 2014 "art I ore !bercrimes +ection .. Cybercrime #ffenses. . The follo'ing acts constitute the offense of core cybercrime punishable under the ct- " <ffenses against the confidentiality, integrity and availability of computer data and systems shall be punished 'ith imprisonment of prision mayor or a fine of at least T'o hundred thousand pesos;Ph+$$,$$$"$$5 up to a ma1imum amount commensurate to the damage incurred or both, e1cept no" & herein- #" Illegal ccess . The access to the 'hole or any part of a computer system 'ithout right" +" Illegal Interception . The interception made by technical means 'ithout right of any non7public transmission of computer data to, from, or 'ithin a computer system including electromagnetic emissions from a computer system carrying such computer data- Provided, ho'ever, That it shall not be unla'ful for an officer, employee, or agent of a service provider, 'hose facilities are used in the transmission of communications, to intercept, disclose, or use that communication in the normal course of employment 'hile engaged in any activity that is necessary to the rendition of service or to the protection of the rights or property of the service provider, e1cept that the latter shall not utili/e service observing or random monitoring e1cept for mechanical or service control =uality chec(s" 9" Data Interference . The intentional or rec(less alteration, damaging, deletion or deterioration of computer data, electronic document, or electronic data message, 'ithout right, including the introduction or transmission of viruses" A" System Interference . The intentional alteration or rec(less hindering or interference 'ith the functioning of a computer or computer net'or( by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data or program, electronic document, or electronic data message, 'ithout right or authority, including the introduction or transmission of viruses" 6 Draft as of 28 March 2014 &" Bisuse of Devices shall be punished 'ith imprisonment of prision mayor or a fine of not more than 4ive hundred thousand pesos ;P&$$,$$$"$$5 or both- i" The use, production, sale, procurement, importation, distribution or other'ise ma(ing available intentionally and 'ithout right, of- ;aa5 device, including a computer program, designed or adapted primarily for the purpose of committing any of the offenses under this rules3 or ;bb5 computer pass'ord, access code, or similar data by 'hich the 'hole or any part of a computer system is capable of being accessed 'ith the intent that it be used for the purpose of committing any of the offenses under this rules3 ii" The possession of an item referred to in paragraphs &;a5;i5 or ;ii5 above 'ith the intent to use said devices for the purpose of committing any of the offenses under this section" Provided, That no criminal liability shall attach 'hen the use, production, sale, procurement, importation, distribution, or other'ise ma(ing available, or possession of computer devices or data referred to in this section is for the authori/ed testing of a computer system" If any of the punishable acts enumerated in section A;5 is committed against critical infrastructure, the penalty of reclusion temporal or a fine of at least 4ive hundred thousand pesos ;P&$$,$$$"$$5 up to ma1imum amount commensurate to the damage incurred or both shall be imposed" 8" *omputer7related <ffenses shall be punished 'ith imprisonment of prision mayor or a fine of at least T'o hundred thousand pesos;Ph+$$,$$$"$$5 up to a ma1imum amount commensurate to the damage incurred or both- #" *omputer7related 4orgery . i" The input, alteration, or deletion of any computer data 'ithout right resulting in inauthentic data 'ith the intent that it be considered or acted upon for legal purposes as if it 'ere authentic, regardless 'hether or not the data is directly readable and intelligible3 or 7 Draft as of 28 March 2014 ii" The act of (no'ingly using computer data 'hich is the product of computer7related forgery as defined herein, for the purpose of perpetuating a fraudulent or dishonest design" +" *omputer7related 4raud . The unauthori/ed input, alteration, or deletion of computer data or program or interference in the functioning of a computer system, causing damage thereby 'ith fraudulent intent- Provided, That if no damage has yet been caused, the penalty imposable shall be one ;#5 degree lo'er" 9" *omputer7related Identity Theft . The intentional ac=uisition, use, misuse, transfer, possession, alteration or deletion of identifying information belonging to another, 'hether natural or >uridical, 'ithout right- Provided, That if no damage has yet been caused, the penalty imposable shall be one ;#5 degree lo'er" *" *ontent7related <ffenses- #" ny person found guilty of *hild Pornography shall be punished 'ith the penalties as enumerated in Republic ct !o" :%%& or the )nti7*hild Pornography ct of +$$:,- Provided, that the penalty to be imposed shall be one ;#5 degree higher than that provided for in Republic ct !o" :%%&, if committed through a computer system" +ection 5. #ther #ffenses. . The follo'ing acts shall also constitute an offense 'hich shall be punished 'ith imprisonment one ;#5 degree lo'er than that of the prescribed penalty for the offense or a fine of at least <ne hundred thousand pesos ;PhP#$$,$$$"$$5 but not e1ceeding 4ive hundred thousand pesos ;PhP&$$,$$$"$$5 or both- " iding or betting in the *ommission of *ybercrime" . ny person 'ho 'illfully abets, aids or financially benefits in the commission of any of the offenses enumerated in the ct shall be held liable" B. ttempt to *ommit *ybercrime" . ny person 'ho 'illfully attempts to commit any of the offenses enumerated in the ct shall be held liable" 8 Draft as of 28 March 2014 Provided, that this provision shall not apply in the crimes of ;#5 child pornography as defined and punished by R"" :%%& or the nti7*hild Pornography ct +$$:3 ;+5 unsolicited commercial communications under Sec" A;c5;95 of R"" #$#%&3 and online libel under Sec" A;c5;A5 of R"" #$#%&" "unishable Acts and "enalties "art II Other !bercrimes +ection 5. #ther #ffenses. . The follo'ing constitute other cybercrime offenses punishable under the ct- #" *yber7s=uatting . The ac=uisition of a domain name over the internet in bad faith to profit, mislead, destroy reputation, and deprive others from registering the same, if such a domain name is- a" Similar, identical, or confusingly similar to an e1isting trademar( registered 'ith the appropriate government agency at the time of the domain name registration3 b" Identical or in any 'ay similar 'ith the name of a person other than the registrant, in case of a personal name3 and c" c=uired 'ithout right or 'ith intellectual property interests in it" *yber7s=uatting shall be punished 'ith imprisonment of prision mayor or a fine of at least T'o hundred thousand pesos;Ph+$$,$$$"$$5 up to a ma1imum amount commensurate to the damage incurred or both" Provided, if it is committed against critical infrastructure, the penalty of reclusion temporal or a fine of at least 4ive hundred thousand pesos ;P&$$,$$$"$$5 up to ma1imum amount commensurate to the damage incurred or both shall be imposed" 2. *yberse1 . ny person found guilty cyberse1 shall be punished 'ith imprisonment of prision mayor or a fine of at least T'o hundred thousand pesos ;P+$$,$$$"$$5 but not e1ceeding <ne million pesos ;P#,$$$,$$$"$$5 or both" 9 Draft as of 28 March 2014 The maintenance, control, or operation of cyberse1 shall be punished 'ith the ma1imum penalty if it involves three or more offenders or victims" *yberse1 involving a child shall be punished in accordance to the provision on child pornography of the ct" 3. Libel . The unla'ful or prohibited act of libel as defined in rticle 9&& of the Revised Penal *ode, as amended, committed through a computer system or any other similar means 'hich may be devised in the future shall be punished 'ith prision correccional in its ma1imum period to prision mayor in its minimum period or a fine ranging from 6,$$$ pesos up to the ma1imum amount determined by *ourt, or both, in addition to the civil action 'hich may be brought by the offended party" Provided, that this provision applies only to the original author of the post or online libel and not to others 'ho simply receive the post and react to it" A" *yber78ullying . ny person found guilty of 8ullying shall be punished 'ith the penalties as enumerated in Republic ct !o" #$6+% or the )nti78ullying ct of +$#9,- Provided, that the penalty to be imposed shall be one ;#5 degree higher than that provided for in Republic ct !o" #$6+%, if committed through a computer system" &" <ther offenses . The follo'ing acts shall also constitute an offense 'hich shall be punished 'ith imprisonment one ;#5 degree lo'er than that of the prescribed penalty for the offense or a fine of at least <ne hundred thousand pesos ;PhP#$$,$$$"$$5 but not e1ceeding 4ive hundred thousand pesos ;PhP&$$,$$$"$$5 or both- *" iding or betting in the *ommission of *ybercrime" . ny person 'ho 'illfully abets, aids or financially benefits in the commission of any of the offenses enumerated in the ct shall be held liable" D. ttempt to *ommit *ybercrime" . ny person 'ho 'illfully attempts to commit any of the offenses enumerated in the ct shall be held liable" 10 Draft as of 28 March 2014 Provided, that this provision shall not apply in the crimes of ;#5 child pornography as defined and punished by R"" :%%& or the nti7*hild Pornography ct +$$:3 and online libel under Sec" A;c5;A5 of R"" #$#%&" +ection /. Corporate !iability. . Chen any of the punishable acts herein defined are (no'ingly committed on behalf of or for the benefit of a >uridical person, by a natural person acting either individually or as part of an organ of the >uridical person, 'ho has a leading position 'ithin, based on ;a5 a po'er of representation of the >uridical person, ;b5 an authority to ta(e decisions on behalf of the >uridical person, or ;c5 an authority to e1ercise control 'ithin the >uridical person, the >uridical person shall be held liable for a fine e=uivalent to at least double the fines imposable in Section % up to a ma1imum of Ten million pesos ;Php#$,$$$,$$$"$$5" If the commission of any of the punishable acts herein defined 'as made possible due to the lac( of supervision or control by a natural person referred to and described in the preceding paragraph, for the benefit of that >uridical person by a natural person acting under its authority, the >uridical person shall be held liable for a fine e=uivalent to at least double the fines imposable in Section % up to a ma1imum of 4ive million pesos ;Php&,$$$,$$$"$$5" The liability imposed on the >uridical person shall be 'ithout pre>udice to the criminal liability of the natural person 'ho has committed the offence" +ection 7. )iolation of the (evised Penal Code as Amended Through and 'ith the *se of nformation and Communication Technology. . ll crimes defined and penali/ed by the Revised Penal *ode, as amended, and special criminal la's committed by, through and 'ith the use of information and communications technologies shall be covered by the relevant provisions of the ct- Provided, That the penalty to be imposed shall be one ;#5 degree higher than that provided for by the Revised Penal *ode, as amended, and special la's, as the case may be" +ection 0. !iability under #ther !a"s. . prosecution under the ct shall be 'ithout pre>udice to any liability for violation of any provision of the Revised Penal *ode, as amended, or special la's" Provided, that this provision shall not apply to the prosecution of an offender under ;#5 both Section A;c5;A5 of R"" #$#%& and rticle 9&9 of the Revised Penal *ode3 and both Section A;c5;+5 of R"" #$#%& and R"" :%%& or the nti7*hild Pornography ct of +$$:" 11 Draft as of 28 March 2014 &A"'(RIII ;*hapter ID of the ct5 R)*( - (n$orcement and Implementation +ection 1. !a" +nforcement Authorities. . The !ational 8ureau of Investigation ;!8I5 and the Philippine !ational Police ;P!P5 shall be responsible for the efficient and effective la' enforcement of the provisions of the ct" The !8I and the P!P shall organi/e a cybercrime division or unit to be manned by Special Investigators to e1clusively handle cases involving violations of the ct" The !8I shall create a cybercrime division headed by a Eead gent" The P!P shall create an anti7cybercrime unit headed by a Police Director" The <ffice of *ybercrime ;<<*5 created under the ct shall coordinate the efforts of the !8I and the P!P in enforcing the provisions of the ct" +ection 10. Po"ers and ,unctions of !a" +nforcement Authorities. . The !8I and P!P cybercrime unit or division shall have the follo'ing po'ers and functions- a" To investigate all cybercrimes 'here computer systems are involved3 b" To conduct data recovery and forensic analysis on computer systems and other electronic evidence sei/ed3 c" To formulate guidelines in investigation, forensic evidence recovery, and forensic data analysis consistent 'ith industry standard practices3 d" To provide technological support to investigating units 'ithin the P!P and !8I including the search, sei/ure, evidence preservation, forensic recovery of data from crime scenes and systems used in crimes and to provide testimonies3 e" To develop public, private sector, and la' enforcement agency relations in addressing cybercrimes3 f" To maintain necessary and relevant databases for statistical and2or monitoring purposes3 g" To develop capacity 'ithin their organi/ations in order to perform such duties necessary for the enforcement of the act3 h" To support the formulation and enforcement of the national cybersecurity plan3 and i" To perform other functions as may be re=uired by the ct" 12 Draft as of 28 March 2014 +ection 11. Duties of !a" +nforcement Authorities. . To ensure that the technical nature of cybercrime and its prevention is given focus and considering the procedures involved for international cooperation, la' enforcement authorities specifically the computer or technology crime divisions or units responsible for the investigation of cybercrimes are re=uired to submit timely and regular reports including pre7operation, post7operation and investigation results and such other documents as may be re=uired to the Department of Justice ;D<J5 . <ffice of *ybercrime for revie' and monitoring" La' enforcement authorities should act in accordance 'ith the guidelines, advisories, and procedures issued and promulgated by the competent authority in all matters related to cybercrime, and utili/e the prescribed forms and templates including but not limited to preservation orders, chain of custody, consent to search, consent to assume account2online identity, re=uest for computer forensic e1amination. +ection 1%. Preservation and (etention of Computer Data" . The integrity of traffic data and subscriber information shall be (ept, retained and preserved by a service provider for a minimum period of si1 ;65 months from the date of the transaction" *ontent data shall be similarly preserved for si1 ;65 months from the date of receipt of the order from la' enforcement authorities re=uiring its preservation" La' enforcement authorities may order a one7time e1tension for another si1 ;65 months provided that once computer data preserved, transmitted or stored by a service provider is used as evidence in a case, the mere furnishing to such service provider of the transmittal document to the <ffice of the Prosecutor, shall be deemed a notification to preserve the computer data until the termination of the case" The service provider ordered to preserve computer data shall (eep the order and its compliance confidential" +ection 1-. Collection of Computer Data" La' enforcement authorities, 'ith the issuance of a court 'arrant, shall be authori/ed to collect or record by technical or electronic means, and service providers are re=uired to collect or record by technical or electronic means, and2or to cooperate and assist in the collection or recording of, computer data, associated 'ith specified communications transmitted by means of a computer system" 13 Draft as of 28 March 2014 The court 'arrant re=uired under this section shall be issued or granted upon 'ritten application and the e1amination under oath or affirmation of the applicant and the 'itnesses he may produce and the sho'ing- ;#5 that there are reasonable grounds to believe that any of the crimes enumerated hereinabove has been committed, or is being committed or is about to be committed3 ;+5 that there are reasonable grounds to believe that evidence 'ill be obtained is essential to the conviction of any person for, or to the solution of, or to the prevention of, any such crimes3 and ;95 that there are no other means readily available for obtaining such evidence" +ection 1.. Disclosure of Computer Data. . La' enforcement authorities, upon securing a court 'arrant, shall issue an order re=uiring any person or service provider to disclose or submit subscriber0s information, traffic data or relevant data in his2its possession or control 'ithin seventy7t'o ;%+5 hours from receipt of the order in relation to a valid complaint officially doc(eted and assigned for investigation and the disclosure is necessary and relevant for the purpose of investigation" +ection 15. $earch- $ei.ure- and +xamination of Computer Data" . Chere a search and sei/ure 'arrant is properly issued, the la' enforcement authorities shall li(e'ise have the follo'ing po'ers and duties- Cithin the time period specified in the 'arrant, to conduct interception, as defined in this Rules, and- a" To search and sei/e computer data3 b" To secure a computer system or a computer data storage medium3 c" To ma(e and retain a copy of those computer data secured3 d" To maintain the integrity of the relevant stored computer data3 e" To conduct forensic analysis or e1amination of the computer data storage medium3 and f" To render inaccessible or remove those computer data in the accessed computer or computer and communications net'or(" Pursuant thereof, the la' enforcement authorities may order any person 'ho has (no'ledge about the functioning of the computer system and the measures to protect and preserve the computer data therein to provide, as is reasonable, the necessary information, to enable the underta(ing of the search, sei/ure and e1amination" 14 Draft as of 28 March 2014 La' enforcement authorities may re=uest for an e1tension of time to complete the e1amination of the computer data storage medium and to ma(e a return thereon but in no case for a period longer than thirty ;9$5 days from date of approval by the court" +ection 1/. Custody of Computer Data" . ll computer data, including content and traffic data, e1amined under a proper 'arrant shall, 'ithin forty7eight ;AF5 hours after the e1piration of the period fi1ed therein, be deposited 'ith the court in a sealed pac(age, and shall be accompanied by an affidavit of the la' enforcement authority e1ecuting it stating the dates and times covered by the e1amination, and the la' enforcement authority 'ho may access to the deposit, among other relevant data" The la' enforcement authority shall also certify that no duplicates or copies of the 'hole or any part thereof have been made, or if made, that all such duplicates or copies are included in the pac(age deposited 'ith the court" The pac(age so deposited shall not be opened, or the recordings replayed, or used in evidence, or their contents revealed, e1cept upon order of the court, 'hich shall not be granted e1cept upon motion, 'ith due notice and opportunity to be heard to the person or persons 'hose conservation or communications have been recorded" +ection 17. Destruction of Computer Data" . @pon e1piration of the periods as provided in Sections #+ and #5 hereof, service providers and la' enforcement authorities, as the case may be, shall immediately and completely destroy the computer data sub>ect of a preservation and e1amination" +ection 10. +xclusionary (ule. . ny evidence obtained 'ithout a valid 'arrant or beyond the authority of the same shall be inadmissible for any proceeding before any court or tribunal" The Rules of *ourt shall have suppletory application in implementing the ct" +ection 11. Non&compliance. . 4ailure to comply 'ith the provisions of *hapter ID of the ct specifically the orders from la' enforcement authorities shall be punished as a violation of P"D" !o" #F+: 'ith imprisonment of prision correccional in its ma1imum period or a fine of <ne hundred thousand pesos ;Php#$$,$$$"$$5 or both, for each and every noncompliance 'ith an order issued by la' enforcement authorities" &A"'(R I2 15 Draft as of 28 March 2014 ;*hapter D of the ct5 R)*( . 3urisdiction +ection %0. /urisdiction. , The Regional Trial *ourt shall have >urisdiction over any violation of the provisions of the ct including any violation committed by a 4ilipino national regardless of the place of commission" Jurisdiction shall lie if any of the elements 'as committed 'ithin the Philippines or committed 'ith the use of any computer system 'holly or partly situated in the country, or 'hen by such commission any damage is caused to a natural or >uridical person 'ho, at the time the offense 'as committed, 'as in the Philippines" There shall be designated special cybercrime courts manned by specially trained >udges to handle cybercrime cases" +ection %1. Designation of $pecial Prosecutors. 0 The Secretary of Justice shall designate special prosecutors comprising the prosecution tas(force or division under the D<J7<ffice of *ybercrime to handle cybercrime cases in violation of the ct" &A"'(R 2 ;*hapter DI in the ct5 R)*( 5 International ooperation +ection %%. nternational Cooperation. . ll relevant international instruments on international cooperation on criminal matters, arrangements agreed on the basis of uniform or reciprocal legislation, and domestic la's, to the 'idest e1tent possible for the purposes of investigations or proceedings concerning crimes related to computer systems and data, or for the collection of electronic evidence of crimes shall be given full force and effect"
The D<J shall cooperate and render assistance to other nations, as 'ell as re=uest assistance from foreign states, for purposes of detection, investigation and prosecution of offenses referred to in the ct and in the collection of evidence in electronic form in relation thereto" The principles contained in Presidential Decree 16 Draft as of 28 March 2014 !o" #$6: and other pertinent la's as 'ell as e1isting e1tradition and mutual legal assistance treaties shall apply" In this regard, the central authority shall- a" Provide assistance to a re=uesting nation in the real7time collection of traffic data associated 'ith specified communications in the country transmitted by means of a computer system, 'ith respect to criminal offenses defined in the ct for 'hich real7time collection of traffic data 'ould be available3 b" Provide assistance to a re=uesting nation in the real7time collection, recording or interception of content data of specified communications transmitted by means of a computer system3 c" llo' another nation to- #" ccess publicly available stored computer data, located in the country, or else'here3 or +" ccess or receive, through a computer system located in the country, stored computer data located in another country, if the nation obtains the la'ful and voluntary consent of the person 'ho has the la'ful authority to disclose the data to the nation through that computer system" d" Receive a re=uest of another nation for it to order or obtain the e1peditious preservation of data stored by means of a computer system, located 'ithin the country, relative to 'hich the re=uesting nation shall submit a re=uest for mutual assistance for the search or similar access, sei/ure or similar securing, or disclosure of the stored computer data- #" re=uest for preservation of data under this section shall specify- i" The authority see(ing the preservation3 ii" The offense that is the sub>ect of a criminal investigation or proceedings and a brief summary of the related facts3 iii" The stored computer data to be preserved and its relationship to the offense3 iv" The necessity of the preservation3 and v" That the re=uesting nation shall submit a re=uest for mutual assistance for the search or similar access, sei/ure or similar securing, or disclosure of the stored computer data" 17 Draft as of 28 March 2014 +" @pon receiving the re=uest from another nation, the D<J and la' enforcement agencies shall ta(e all appropriate measures to preserve e1peditiously the specified data in accordance 'ith the ct and other pertinent la's" 4or the purposes of responding to a re=uest, dual criminality shall not be re=uired as a condition to providing such preservation3 9" re=uest for preservation may only be refused if- i" The re=uest concerns an offense 'hich the government of the Philippines considers as a political offense or an offense connected 'ith a political offense3 or ii" The government of the Philippines considers the e1ecution of the re=uest 'ill pre>udice its sovereignty, security, public order or other national interest" A" Chere the government of the Philippines believes that preservation 'ill not ensure the future availability of the data, or 'ill threaten the confidentiality of, or other'ise pre>udice the re=uesting nation0s investigation, it shall promptly so inform the re=uesting nation" The re=uesting nation 'ill determine 'hether its re=uest should be e1ecuted3 and &" ny preservation effected in response to the re=uest referred to in paragraph ;a5 shall be for a period not less than si1ty ;6$5 days, in order to enable the re=uesting nation to submit a re=uest for the search or similar access, sei/ure or similar securing, or disclosure of the data" 4ollo'ing the receipt of such a re=uest, the data shall continue to be preserved pending a decision on that re=uest" e" ccommodate re=uest from another nation to search, access, sei/e, secure, or disclose data stored by means of a computer system located 'ithin the country, including data that has been preserved under the previous subsection" The government of the Philippines shall respond to the re=uest through the proper application of international instruments, arrangements and la's- #" The re=uest shall be responded to on an e1pedited basis 'here- i" There are grounds to believe that relevant data is particularly vulnerable to loss or modification3 or 18 Draft as of 28 March 2014 ii" The instruments, arrangements and la's referred to in paragraph ;b5 of this section other'ise provide for e1pedited cooperation" +" The re=uesting nation must maintain the confidentiality of the fact or the sub>ect of re=uest for assistance and cooperation" It may only use the re=uested information sub>ect to the conditions specified in the grant" f" Ba(e a re=uest to any foreign state for assistance for purposes of detection, investigation and prosecution of offenses referred to in the ct3 g" The criminal offenses described under *hapter II of the ct shall be deemed to be included as e1traditable offenses in any e1tradition treaty 'here the Philippines is a party" Provided, that the offense is punishable under the la's of both Parties concerned by deprivation of liberty for a ma1imum period of at least one year or by a more severe penalty" &A"'(R 2I ;*hapter DII of the ct5 R)*( / ompetent Authorities +ection %-. Cybercrime nvestigation and Coordinating Center1 Composition. The inter7agency body (no'n as the *ybercrime Investigation and *oordinating *enter ;*I**5, under the administrative supervision of the <ffice of the President, established for policy coordination among concerned agencies and for the formulation and enforcement of the national cyber security plan, is headed by the G1ecutive Director of the Information and *ommunications Technology <ffice under the Department of Science and Technology ;I*T<7D<ST5 as *hairperson 'ith the Director of the !8I as Dice *hairperson3 the *hief of the P!P3 Eead of the D<J <ffice of *ybercrime, and one ;#5 representative from the private sector and academe, as members" The D<J7<ffice of *ybercrime, 'ith representatives from !8I, P!P, and I*T<7 D<ST, shall serve as the Secretariat for the *I**" The D<J . <ffice of *ybercrime shall also serve as the <perations *enter of the *I** and have the follo'ing agencies form part- #" !ational 8ureau of Investigation +" Philippine !ational Police 19 Draft as of 28 March 2014 9" D<J . !ational Prosecution Service A" Information and *ommunications Technology <ffice &" 8ureau of Immigration 6" Philippine Drug Gnforcement gency %" 8ureau of *ustoms F" nti . Boney Laundering *ouncil 9. !ational La' Gnforcement *oordinating *ouncil Participation and representation in the Secretariat and2or <perations *enter does not re=uire physical presence but may be done thru electronic modes such as email, audio7visual conference calls, and the li(e. +ection %.. Po"ers and ,unctions. . The *I** shall have the follo'ing po'ers and functions- a" To formulate a national cybersecurity plan and e1tend immediate assistance for the suppression of real7time commission of cybercrime offenses through a computer emergency response team ;*GRT53 b" To coordinate the preparation of appropriate and effective measures to prevent and suppress cybercrime activities as provided for in the ct3 c" To monitor cybercrime cases being handled by participating la' enforcement and prosecution agencies3 d" To facilitate international cooperation on intelligence, investigations, training and capacity building related to cybercrime prevention, suppression and prosecution through the D<J7<ffice of *ybercrime3 e" To coordinate the support and participation of the business sector, local government units and nongovernment organi/ations in cybercrime prevention programs and other related pro>ects3 f" To recommend the enactment of appropriate la's, issuances, measures and policies3 g" To call upon any government agency to render assistance in the accomplishment of the *I**0s mandated tas(s and functions3 h" To establish and perform community a'areness program on cybercrime prevention in coordination 'ith la' enforcement authorities and all sta(eholders3 and i" To perform all other matters related to cybercrime prevention and suppression, including capacity building and such other functions and duties as may be necessary for the proper implementation of the ct" 20 Draft as of 28 March 2014 +ection %5. Department of /ustice 2D#/31 ,unctions and Duties. , The D<J7 <ffice of *ybercrime ;<<*5, designated as the central authority in all matters related to international mutual assistance and e1tradition, shall serve the <perations *enter of the *I*C, and shall have the follo'ing functions and duties- a" To act as a competent authority for all re=uests for assistance for investigation or proceedings concerning cybercrimes, facilitate the provisions of legal or technical advice, preservation and production of data, collection of evidence, giving legal information and locating suspects3 b" To act on complaints2referrals, to cause the investigation and prosecution of cybercrimes and other violations of the ct3 c" To issue preservation orders addressed to service providers, subpoena and summon 'itnesses to appear in an investigation or proceedings for cybercrime3 d" To re=uire the submission of timely and regular reports including pre7 operation, post7operation and investigation results and such other documents from the P!P and !8I for monitoring and revie'3 e. To facilitate international cooperation on intelligence, investigations, training and capacity building related to cybercrime prevention, suppression and prosecution3 f" To issue and promulgate guidelines, advisories, and procedures in all matters related to cybercrime, investigation, forensic evidence recovery, and forensic data analysis consistent 'ith industry standard practices3 g. To prescribe forms and templates including but not limited to preservation orders, chain of custody, consent to search, consent to assume account2online identity, re=uest for computer forensic e1amination3 and h. To underta(e the specific roles and responsibilities of the D<J related to cybercrime under the Implementing Rules and Regulation of Republic ct !o" :%%& or the nti7*hild Pornography ct of +$$:" +ection %/. Computer +mergency (esponse Team 2C+(T3. , The D<ST7I*T <ffice shall establish and operate the *omputer Gmergency Response Team ;*GRT5 that shall assist the *I** to fulfil its mandate under the ct"
ll instances of computer security incidents detected, suspected or reported by a third party or through regular monitoring activities performed by the technical personnel of an organi/ation shall be reported to the *GRT"
21 Draft as of 28 March 2014 To report a computer security incident, the prescribed form to be issued by the *GRT shall be used at all times"
The *GRT shall perform services such as, but not limited to- #" Providing technical analysis of computer security incidents3 +" ssisting Internet users in escalating abuse reports to relevant parties3 9" *onducting operational research and development 'or( on emerging threats to computer security3 A" Issuing relevant alerts and advisories on emerging threats to computer security3 &" *oordinating computer security incident responses 'ith trusted third parties at the national and international levels3 and 6" *onducting technical training on computer security and related topics" CHAPTER VII RULE 7 Service Providers +ection 44. Duties of a $ervice Provider. . The follo'ing are the duties of a service provider- a" Preserve the integrity of traffic data and subscriber information for a minimum period of si1 ;65 months from the date of the transaction3 b" Preserve the integrity of content data for si1 ;65 months from the date of receipt of the order from la' enforcement authorities re=uiring its preservation3 c" Preserve the integrity of computer data for an e1tended period of si1 ;65 months from the date of receipt of the order from la' enforcement authorities re=uiring e1tension on its preservation3 d" Preserve the integrity of computer data until the termination of the case upon receipt of a copy of the transmittal document to the <ffice of the Prosecutor3 e" Gnsure the confidentiality of the preservation orders and its compliance3 f" *ollect or record by technical or electronic means, and2or to cooperate and assist la' enforcement authorities in the collection or recording of, 22 Draft as of 28 March 2014 computer data, associated 'ith specified communications transmitted by means of a computer system3 g" Disclose or submit subscriber0s information, traffic data or relevant data in his2its possession or control to la' enforcement authorities 'ithin seventy7t'o ;%+5 hours upon receipt of order and copy of the court 'arrant3 h" Immediately and completely destroy the computer data sub>ect of a preservation and e1amination after the e1piration of the period provided in Sections #9 and #& of the ct3 and i" To perform such other duties as may be necessary and proper to carry into effect the provisions of the ct" RULE 8 Duties of Service Providers in Child Pornogr!h" Cses +ection 44. Duties of a $ervice Provider in Child Pornography Cases. 0 In line 'ith R:%%& or the nti7*hild Pornography ct of +$$:, the follo'ing are the duties of a service provider in child pornography cases- #" n Internet Service Providers ;ISP52Internet *ontent Eost shall install available technology, program or soft'are, such as but not limited to system2technology that produces hash value or any similar calculation, to ensure that access to or transmittal of any form of child pornography 'ill be bloc(ed or filtered3 +" Service Providers shall immediately notify la' enforcement authorities 'ithin seven ;%5 days of facts and circumstances relating to any form child pornography that passes or being committed in their system3 and 9" service provider or any person in possession of traffic data or subscriber0s information, shall, upon the re=uest of proper authorities, furnish the particulars of users 'ho gained or attempted to gain access to an internet address 'hich contains any form of child pornography" ISPs shall also preserve customer data records, specifically the time, origin, and destination of access, for purposes of investigation and prosecution by relevant authorities under Sections : and ## of R"" :%%&" 23 Draft as of 28 March 2014 CHAPTER VIII RULE # Prescri$ed %or&s +(. %7. Prescribed ,orms. H The D<J . <ffice of *ybercrime shall prescribe forms and templates including but not limited to preservation orders, chain of custody, consent to search, consent to assume account2online identity, re=uest for computer forensic e1amination" The follo'ing prescribed forms are anne1ed to this IRR- A" Preservation <rders . nne1 3 &" *hain of *ustody . nne1 83 6" *onsent to Search . nne1 *3 %" *onsent to assume account2online identity . nne1 D3 F" Re=uest for *omputer 4orensic e1amination . nne1 G3 The D<J . <ffice of *ybercrime shall prescribe additional, and2or update e1isting, forms and templates as necessary, in consultation 'ith *I** members, that are consistent 'ith international standard practices" &A"'(R I5 ;*hapter DIII of the ct5 R)*( 10 6inal "ro#isions +(. %7. Appropriations. H The amount of 4ifty million pesos ;PhP&$,$$$,$$$"$$5 shall be appropriated annually for the implementation of the ct under the fiscal management of D<J 7 <ffice of *ybercrime" ll proceeds derived from as 'ell as the sale of properties used for the commission of any violation of the ct shall accrue to the special account of the D<J7<<* 'hich shall be used e1clusively for the proper implementation of the ct. +ection %0. $eparability Clause. , If any provision of these Rules is held invalid, the other provisions not affected shall remain in full force and effect" 24 Draft as of 28 March 2014 +ection %1. (epealing Clause. , ll rules and regulations inconsistent 'ith these Rules are hereby repealed or modified accordingly" +ection -0. +ffectivity. , These rules and regulations shall ta(e effect fifteen ;#&5 days after the completion of its publication in at least t'o ;+5 ne'spapers of general circulation" D<!G in the *ity of Banila, this IIII of IIIIIIIIIIIIIII +$#A" &ON. 7AN)(* A. RO5A+ II Secretary Department of Interior and Local Government &ON. 7ARIO 8. 7ON'(3O Secretary Department of Science and Technology &ON. *(I*A 7. 9( *I7A Secretary Department of Justice 25
Cybersecurity: A Simple Beginner’s Guide to Cybersecurity, Computer Networks and Protecting Oneself from Hacking in the Form of Phishing, Malware, Ransomware, and Social Engineering