THE E-COMMERCE ACT OF 2000 (The Cyber Crime Law)

THE E-COMMERCE ACT OF 2000 (The Cyber Crime Law)

BY

DEAN WILFREDO R. BERALDE

Criminologist

Professor

What is the E-Commerce Law

• Republic Act 8792, was signed into law

on June 14, 2000. It is a landmark

legislation in the history of the

Philippines. Not only has this bill made

the country a legitimate player in the

global marketplace. The Philippine

Internet community has played a major

role in pushing for its passage. The law

took effect last June 19, 2000.

How is the Cyber Crime Prevention Act of 2012

CYBERCRIME PREVENTION ACT OF 2012 is referring

to Republic Act 10175. This law was temporarily

withheld in terms of implementation because of

the Temporary Restraining Order filed with

Supreme Court of the country.

Because of this the E-Commerce Act of 2000 was

used by our authorities in terms of cybercrime

violation and related acts.

What is a cybercrime?

• A cybercrime is a crime committed

with or through the use of information

and communication technologies such as radio, television, cellular

phone, computer and network, and

other communication device or

application.

How is a cybercrime different from

a real-world crime?

• The main difference between a

cybercrime and crime committed in the

physical world is that cybercrime is

committed with or through the use of

information and communication

technology. Furthermore, cybercrimes are

punishable under special cybercrime laws

and subject to distinct law enforcement

provisions.

What are the types of cybercrime?

There are various types and kinds of

cybercrimes. The 2001 Budapest Convention on

Cybercrime categorizes cybercrime offenses

into four:

1.offences against the confidentiality, integrity

and availability of computer data and systems;

2.computer-related offences;

3.content-related offences; and

4.offences related to infringements of copyright

and related rights.

What is the global trend of cybercrime? Cybercrime is one of the fastest growing

crimes globally. According to Norton Cyber

Crime Report, 431 million adults worldwide

were victims of cybercrimes in 2011. The costs

that cybercrimes caused in 2011 amounted to

$114 billion. Globally, the top cybercrimes in

2011 were

1. computer viruses or malware – 54%

overall;

2. online Scams – 11% overall; and

3. phishing – 10% overall.

What is the trend of cybercrime

in the Philippines?

• In a 2010 report of the security software firm

Symantec, 87% of Filipino internet users were

identified as victims of crimes and malicious

activities committed online. The following

activities were:

o malware (virus and Trojan) invasion;

o online or phishing scams;

o sexual predation; and

o services in social networking site like Facebook

and Twitter.

• The Anti-Transnational Crime Division (ATCD) of the

Criminal Investigation and Detection Group (CIDG) of

the Philippine National Police (PNP) has encountered

2,778 referred cases of computer crimes from

government agencies and private individuals

nationwide from 2003 to 2012.

What is CCU?

• CCU means Cyber Crime Unit. It is a

section under Anti-Transnational

Crime Division of the Criminal

Investigation and Detection Group

(ATCD-CIDG). The CCU is capable

of Cyber Crime Investigations and

Digital Forensics.

Where are the Digital Forensics

Laboratories of CIDG? • There are four (4) state-of-the-art Digital Forensics laboratories,

manned by competent Digital Forensic Investigators and

Examiners, located all over the Philippines. The main laboratory is

in Headquarters CIDG, Camp Crame, QC.

• The regional forensic laboratories can be found at: (1) 9RCIDU,

Zamboanga City (2) 11RCIDU, Davao City and (3) 12RCIDU,

General Santos City.

What are the cybercrime-related

laws in the Philippines?

The cybercrime-related laws in the country are:

1. RA 10175 – Cybercrime Prevention Act of 2012,

which is currently suspended due to a TRO issued

by the Supreme Court;

2. RA 9995 – Anti-Photo and Voyeurism Act of 2009;

3. RA 9725 – Anti-Child Pornography Act of 2009;

4. RA 9208 – Anti-Trafficking in Persons Act of 2003;

5. RA 8792 – E-Commerce Act of 2000;

6. RA 8484 – Access Device Regulation Act of 1998;

7. RA 4200 or Anti-Wiretapping Law.

What and when was the first recorded

Cybercrime in the Philippines?

• In 2000, Onel de Guzman

released the “I Love You”

virus. The case filed against

De Guzman was dismissed at

the first stage because there

was no law punishing the

deed as of that time in May

2000, in the Philippines.

When was a law penalizing computer

crimes or cybercrimes passed?

• On 14 June 2000, RA 8792 or the

Electronic Commerce Act was signed

into law. RA 8792 positioned the

Philippines as the third country to

enact an e-commerce law, next to

Singapore and Malaysia. The E-

Commerce Act placed the Philippines

on the list countries which penalize

cybercrime.

In the Philippines, have we already

convicted a cybercriminal?

• Yes. The first one was pursued by the PNP-CIDG; a

person was convicted in September 2005 for

pleading guilty of hacking the government portal

“gov.ph” and other government websites. The NBI

pursued a cybercrime case that led to the second

cybercrime conviction; the person used the BPO call

center provider Sitel Philippines Corporation to

illegally secure credit card information from the

company’s sister firm, Sitel USA. The two convictions

were secured under the Section 33(a) of RA 8972

that penalizes hacking.

What is the latest development in anti-cybercrime effort of the Philippine government?

President Benigno Aquino signed into law

RA 10175 or the Cybercrime Prevention Act of 2012 on September 12, 2012, which adopted

the provisions of the first International

Convention on Cybercrime. But the

implementation of the new law which started

on October 3, 2o12 was put on hold after 6

days, when the Supreme Court issued a

temporary restraining order against the law

last October 9, 2012, after 15 petitions were

filed against it.

RA 8792 E-Commerce Act - Section 33 A. Penalties • Hacking or crackling with refers to unauthorized access

into or interference in a computer system/server or

information and communication system; or any access in

order to corrupt, alter, steal, or destroy using a computer or

other similar information and communication devices,

without the knowledge and consent of the owner of the

computer or information and communications system,

including the introduction of computer viruses and the like,

resulting in the corruption, destruction, alteration, theft or

loss of electronic data messages or electronic documents.

• Minimum fine of One Hundred Thousand pesos (P

100,000.00) and a mandatory imprisonment of six (6)

months to three (3) years.

What is Digital Evidence? A.M. NO. 01-7-01-SC.- RE: RULES ON ELECTRONIC

EVIDENCE

• Acting on the Memorandum dated 18 June 2001 of

the Committee on the Revision of the Rules of Court

to Draft the rules on E-Commerce Law [R.A. No. 8792]

submitting the Rules on Electronic Evidence for this

Court’s consideration and approval, the Court

Resolved to APPROVED the same.

• The Rules on Electronic Evidence shall apply to cases

pending after their effectivity. These Rules shall take

effect on the first day of August 2001 following their

publication before the 20th of July in two newspapers

of general circulation in the Philippines.

What is a Digital Forensics? • Computer forensics (sometimes computer forensic

science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. Computer forensics is also known as digital forensics.

• The goal of computer forensics is to explain the current state of a digital artifact; such as a computer system, storage medium (e.g. hard disk or CD-ROM), an electronic document (e.g. an email message or JPEG image). The scope of a forensic analysis can vary from simple information retrieval to reconstructing a series of events.

There are five basic steps to the computer forensics:

1. Preparation (of the investigator)

2. Collection (the data)

3. Examination

4. Analysis

5. Reporting

What are the requirements for

Examination?

1. Request form by the Investigator,

Case Officer or Chief of Office.

2. Submission of Actual evidence in the

custody of the Examiner. The

Requesting party and the Court with

Jurisdiction can pull-out evidence.

3. Additional Hard Drive (normally

double or more the Hard Drive for

Examination)

4. Addition CD-R for Cellphone

Forensics Data Extraction Report.

The 12 Salient Points of the Law

1. It gives legal recognition of electronic data

messages, electronic documents, and

electronic signatures. (section 6 to 13)

2. Allows the formation of contracts in

electronic form. (section 16)

3. Makes banking transactions done through

ATM switching networks absolute once

consummated. (section 16)

4. Parties are given the right to choose the

type and level of security methods that suit

their needs. (section 24)

5. Provides the mandate for the electronic implementation of transport documents to facilitate carriage of goods. This includes documents such as, but not limited to, multi-modal, airport, road, rail, inland waterway, courier, post receipts, transport documents issued by freight forwarders, marine/ocean bill of lading, non-negotiable seaway bill, charter party bill of lading. (section 25 and 26)

6. Mandates the government to have the capability to do e-commerce within 2 years or before June 19, 2002. (section 27)

7. Mandates RPWeb to be implemented. RPWeb is a strategy that intends to connect all government offices to the Internet and provide universal access to the general public. The Department of Transportation and Communications, National Telecommunications Commission, and National Computer Center will come up with policies and rules that shall lead to substantial reduction of costs of telecommunication and Internet facilities to ensure the implementation of RPWeb. (section 28)

8. Made cable, broadcast, and wireless physical

infrastructure within the activity of

telecommunications. (section 28)

9. Empowers the Department of Trade and Industry to

supervise the development of e-commerce in the

country. It can also come up with policies and

regulations, when needed, to facilitate the growth of

e-commerce. (section 29)

10.Provided guidelines as to when a service provider can

be liable. (section 30)

11.Authorities and parties with the legal right can only

gain access to electronic documents, electronic data

messages, and electronic signatures. For

confidentiality purposes, it shall not share or convey to

any other person. (section 31 and 32)

12.Hacking or cracking, refers to unauthorized

access including the introduction of computer

viruses, is punishable by a fine from 100

thousand to maximum commensurating to the

damage. With imprisonment from 6 months to

3 years. (section 33)

13.Piracy through the use of telecommunication

networks, such as the Internet, that infringes

intellectual property rights is punishable. The

penalties are the same as hacking. (section 33)

14.All existing laws such as the Consumer Act of

the Philippines also applies to e-commerce

transactions. (section 33)

Penalties under the law:

http://digitalfilipino.com/core/uploads/2009/09/infographics-The-Philippines-E-Commerce-Law-2000-20121.png







Why we need to be interested in the study of

CYBERCRIME

Because CYBERCRIME belong to a

larger group of crime called

Transnational Crime. This crime also

is more known in criminal

investigation as ORGANIZED CRIME.

What is an organized Crime?

ORGANIZED CRIME is in a class by

itself. It's big, it's powerful, it's well-

connected, and highly profitable.

12/3/2013

33

Owned by CRIMPHILS.COM/BERALDEWR

Mafia is the most common term used to describe

the more profitable criminal organizations around the

world, but other terminology includes:

international criminal organizations (military

usage);

transnational crime (UN usage);

and enterprise crime (FBI usage).

12/3/2013

34 Owned by

CRIMPHILS.COM/BERALDEWR

• Crime as business, which includes white collar crime as

well as various forms of corruption;

As the term is utilized in criminology, it refers to any (or all) of six (6) different types of crime:

12/3/2013 35 Owned by


• Offenses involving works of art, counterfeiting, or other

cultural artifacts;

12/3/2013 Owned by

CRIMPHILS.COM/BERALDEWR 36

Crime associated with the distribution and sale of

narcotics as well as other contraband substances;

12/3/2013 Owned by


Crime associated with human migration or sex trafficking

including various forms of prostitution;

12/3/2013 Owned by


Crime involving contract murder or for-hire use of force,

mostly deadly force; and

12/3/2013 Owned by


• Various forms of computer crime involving identity theft and/or other large-scale financial frauds.

12/3/2013 Owned by


CYBER CRIME AND ITS INVESTIGATION

With the day to day

evolution of human

mind, the modes of

committing crime are

also drastically

changing. Criminals are

getting smarter day by

day and are applying

there minds in this

context to commit

crime and escape

without getting caught.

12/3/2013 41 Owned by


With the advent of

computers no one thought

that it will become a mode

or source of committing

crime. Charles Babbage

who is well known as the

father of computer would

not have dreamt that the

machine he is giving the

world may become a

source of crime and would

ever influence the society in

a negative way.

12/3/2013 42 Owned by


Whenever we talk about cyber crime

we can make out that its something

related to a wrong done were a computer

system is involved. The term „cyber crime‟

is a wrongly applied name. The concept

of cyber crime is not radically different

from the concept of conventional crime.

Both include conduct whether act or

omission, which cause breach of rules of

law and counterbalanced by the sanction

of the state. Though cyber crimes is a new

breed of crimes which came into being

just after the advent of the computers and

the scenario has become more worse with

the influence of internet in our day to day

life.

12/3/2013 43 Owned by


CONVENTIONAL CRIME Crime is a social and economic

phenomenon and is as old as the

human society. Crime is a legal

concept and has the sanction of the

law. Crime is defined as “a legal

wrong that can be followed by

criminal proceedings which may result

into punishment.”. A crime may be

said to be any conduct

accompanied by act or omission

prohibited by law and consequential

breach of which is visited by penal

consequences.

12/3/2013 44 Owned by


CYBER CRIME: Cyber crime is the latest and perhaps the most

complicated problem in the cyber world. “Cyber

crime may be said to be those species, of which,

genus is the conventional crime, and where either the

computer is an object or subject of the conduct constituting crime. In general, cyber crime may be

defined as “ unlawful acts wherein the computer is

either a tool or target or both”.

12/3/2013 45 Owned by


The computer may be used as a tool in the

following kinds of activity: financial crimes, sale of

illegal articles, pornography, online gambling,

intellectual property crime, e-mail spoofing, forgery,

cyber defamation, cyber stalking.

The computer may however be a target for

unlawful acts in the following cases: unauthorized

access to computer/ computer system/ computer

networks, theft of information contained in the

,electronic form, e-mail bombing, salami attacks,

logic bombs, Trojan attacks, internet time thefts, web

jacking, theft of computer system, physically

damaging the computer system.

12/3/2013 46 Owned by


DISTINCTION BETWEEN CONVENTIONAL

AND CYBER CRIME

There is apparently no distinction

between cyber and conventional crime as

both the crimes results into some sort of loss to

one of the parties. However on a deep

introspection we may say that there exists a

fine line of demarcation between the

conventional and cyber crime, which is

appreciable. The demarcation lies in the

involvement of the medium in cases of cyber

crime.

12/3/2013 47

Owned by


MODE AND MANNER OF COMMITING CYBER CRIME:

1. HACKING:

2. THEFT OF INFORMATION CONTAINED IN ELECTRONIC FORM:

3. EMAIL BOMBARDING:

4. DATA DIDDLING:

5. SALAMI ATTACKS:

6. DENIAL OF SERVICE ATTACK:

7. VIRUS OR WORM ATTACKS:

8. LOGIC BOMBS:

9. TROJAN ATTACKS:

10. INTERNET TIME THEFT:

11. WEB JACKING:

12/3/2013 48

Owned by


CLASSIFICATION OF CYBER CRIMES:

The subject of cyber crime may be broadly

classified under the following three groups. They are:

1. Against Individuals :

a. against person They can be:

i. Harassment via e-mails.

ii. Cyber-stalking.

iii. Dissemination of obscene material.

iv. Defamation.

v. Unauthorized control/access over

computer system.

vi. Fraud and cheating

12/3/2013 49 Owned by


b. the property of an individual

i. Computer vandalism.

ii. Transmitting virus.

iii. Netrespass

iv. Unauthorized control/access over

computer system.

v. Intellectual Property crimes

vi. Internet time thefts

12/3/2013 50 Owned by


2. Against Organization:

a. Government

b. Firm, Company, Group of Individuals.

i. Unauthorized control/access over

computer system

ii. Possession of unauthorized information.

iii. Cyber terrorism against the government

organization.

iv. Distribution of pirated software etc.

12/3/2013 51 Owned by


3. Against Society at large

i. Pornography (basically child pornography).

ii. Polluting the youth through indecent

exposure.

iii. Trafficking

iv. Financial crimes

v. Sale of illegal articles

vi. Online gambling

vii. Forgery

12/3/2013 52 Owned by


THE NEW PHILS. CYBER CRIME LAW

Republic Act 10175 or the

Cybercrime Prevention Act (also known as CYBERCRIME

PREVENTION ACT OF 2012)

This law punishes an act described by congress as

herein defined (in this law) as CYBER CRIME)

12/3/2013 53 Owned by


THE PHILIPPINE CENTER ON

TRANSNATIONAL CRIME To address this growing threat, the President

signed Executive Order No. 62 creating the Philippine

Center on Transnational Crime (PCTC) to serve as a

nerve center, a think tank, and a central database for

the monitoring, detecting, and investigating of

transnational crimes, as well as formulating of national

programs and policies, both tactical and strategic,

geared towards the prevention of said crimes, and

the recommending of measures for the enactment of

legislation that will strengthen responses and provide

immediate intervention in the prevention, detection

and apprehension of transnational criminals.

12/3/2013 54 Owned by


Recognizing, however, that transnational

crimes operate beyond national borders and

that the government has to address the

inefficiency of domestic law enforcement

created by jurisdictional and territorial

limitations, there is a pressing need for the

institutionalization of a regional framework for

law enforcement cooperation. This

cooperation can be achieved largely on

apolitical or technical issues specified in

international and regional agreements and

those identified by individual states.

12/3/2013 55 Owned by


Among these technical issues in global and international cooperation are the following:

1. Establishment of a central database on transnational crime

2. Cross-training programs, like those offered by the International Law Enforcement Academy (ILEA) in Bangkok, Thailand by U.S. Federal Bureau of Investigation

3. Personnel exchanges are encouraged to ensure compatibility in a wide range of areas ranging from simple police functions to other social dimensions.

4. Investigation and prosecution of transnational crimes require a high level of cooperation and trust;

5. The constitution of multinational centers or task forces against transnational crime that would supplement and address the inefficiencies that is inherent in the other technical aspects of cooperation. The creation of the ASEAN Center for Combating Transnational Crime (ACTC), whose headquarters will be located in the Philippines, which has volunteered to host the main headquarters, construct its building, and provide all the necessary facilities.

12/3/2013 56 Owned by


Transnational Crime Defined The transnational character of many crimes,

although not new, has not been fully recognized until

recently. Crime was traditionally viewed as a purely

domestic law enforcement issue and, therefore,

treated and addressed as an exclusive concern of

individual states. As such transnational crime, being a

new threat to domestic and international interest and

security, has yet to be baptized with an official

definition. However, there is an emerging consensus

to accept the definition of transnational crime as

proposed by Bossard. He defined TRANSNATIONAL

CRIME as an offense that has an international

dimension and implies crossing at least one national

border before, during or after the act.

12/3/2013 57

Owned by


12/3/2013 58 Owned by


Documents

THE E-COMMERCE ACT OF 2000 (The Cyber Crime Law)