Upload
independent
View
0
Download
0
Embed Size (px)
Citation preview
THE E-COMMERCE ACT OF 2000 (The Cyber Crime Law)
BY
DEAN WILFREDO R. BERALDE
Criminologist
Professor
What is the E-Commerce Law
• Republic Act 8792, was signed into law
on June 14, 2000. It is a landmark
legislation in the history of the
Philippines. Not only has this bill made
the country a legitimate player in the
global marketplace. The Philippine
Internet community has played a major
role in pushing for its passage. The law
took effect last June 19, 2000.
How is the Cyber Crime Prevention Act of 2012
CYBERCRIME PREVENTION ACT OF 2012 is referring
to Republic Act 10175. This law was temporarily
withheld in terms of implementation because of
the Temporary Restraining Order filed with
Supreme Court of the country.
Because of this the E-Commerce Act of 2000 was
used by our authorities in terms of cybercrime
violation and related acts.
What is a cybercrime?
• A cybercrime is a crime committed
with or through the use of information
and communication technologies such as radio, television, cellular
phone, computer and network, and
other communication device or
application.
How is a cybercrime different from
a real-world crime?
• The main difference between a
cybercrime and crime committed in the
physical world is that cybercrime is
committed with or through the use of
information and communication
technology. Furthermore, cybercrimes are
punishable under special cybercrime laws
and subject to distinct law enforcement
provisions.
What are the types of cybercrime?
There are various types and kinds of
cybercrimes. The 2001 Budapest Convention on
Cybercrime categorizes cybercrime offenses
into four:
1.offences against the confidentiality, integrity
and availability of computer data and systems;
2.computer-related offences;
3.content-related offences; and
4.offences related to infringements of copyright
and related rights.
What is the global trend of cybercrime? Cybercrime is one of the fastest growing
crimes globally. According to Norton Cyber
Crime Report, 431 million adults worldwide
were victims of cybercrimes in 2011. The costs
that cybercrimes caused in 2011 amounted to
$114 billion. Globally, the top cybercrimes in
2011 were
1. computer viruses or malware – 54%
overall;
2. online Scams – 11% overall; and
3. phishing – 10% overall.
What is the trend of cybercrime
in the Philippines?
• In a 2010 report of the security software firm
Symantec, 87% of Filipino internet users were
identified as victims of crimes and malicious
activities committed online. The following
activities were:
o malware (virus and Trojan) invasion;
o online or phishing scams;
o sexual predation; and
o services in social networking site like Facebook
and Twitter.
• The Anti-Transnational Crime Division (ATCD) of the
Criminal Investigation and Detection Group (CIDG) of
the Philippine National Police (PNP) has encountered
2,778 referred cases of computer crimes from
government agencies and private individuals
nationwide from 2003 to 2012.
What is CCU?
• CCU means Cyber Crime Unit. It is a
section under Anti-Transnational
Crime Division of the Criminal
Investigation and Detection Group
(ATCD-CIDG). The CCU is capable
of Cyber Crime Investigations and
Digital Forensics.
Where are the Digital Forensics
Laboratories of CIDG? • There are four (4) state-of-the-art Digital Forensics laboratories,
manned by competent Digital Forensic Investigators and
Examiners, located all over the Philippines. The main laboratory is
in Headquarters CIDG, Camp Crame, QC.
• The regional forensic laboratories can be found at: (1) 9RCIDU,
Zamboanga City (2) 11RCIDU, Davao City and (3) 12RCIDU,
General Santos City.
What are the cybercrime-related
laws in the Philippines?
The cybercrime-related laws in the country are:
1. RA 10175 – Cybercrime Prevention Act of 2012,
which is currently suspended due to a TRO issued
by the Supreme Court;
2. RA 9995 – Anti-Photo and Voyeurism Act of 2009;
3. RA 9725 – Anti-Child Pornography Act of 2009;
4. RA 9208 – Anti-Trafficking in Persons Act of 2003;
5. RA 8792 – E-Commerce Act of 2000;
6. RA 8484 – Access Device Regulation Act of 1998;
7. RA 4200 or Anti-Wiretapping Law.
What and when was the first recorded
Cybercrime in the Philippines?
• In 2000, Onel de Guzman
released the “I Love You”
virus. The case filed against
De Guzman was dismissed at
the first stage because there
was no law punishing the
deed as of that time in May
2000, in the Philippines.
When was a law penalizing computer
crimes or cybercrimes passed?
• On 14 June 2000, RA 8792 or the
Electronic Commerce Act was signed
into law. RA 8792 positioned the
Philippines as the third country to
enact an e-commerce law, next to
Singapore and Malaysia. The E-
Commerce Act placed the Philippines
on the list countries which penalize
cybercrime.
In the Philippines, have we already
convicted a cybercriminal?
• Yes. The first one was pursued by the PNP-CIDG; a
person was convicted in September 2005 for
pleading guilty of hacking the government portal
“gov.ph” and other government websites. The NBI
pursued a cybercrime case that led to the second
cybercrime conviction; the person used the BPO call
center provider Sitel Philippines Corporation to
illegally secure credit card information from the
company’s sister firm, Sitel USA. The two convictions
were secured under the Section 33(a) of RA 8972
that penalizes hacking.
What is the latest development in anti-cybercrime effort of the Philippine government?
President Benigno Aquino signed into law
RA 10175 or the Cybercrime Prevention Act of 2012 on September 12, 2012, which adopted
the provisions of the first International
Convention on Cybercrime. But the
implementation of the new law which started
on October 3, 2o12 was put on hold after 6
days, when the Supreme Court issued a
temporary restraining order against the law
last October 9, 2012, after 15 petitions were
filed against it.
RA 8792 E-Commerce Act - Section 33 A. Penalties • Hacking or crackling with refers to unauthorized access
into or interference in a computer system/server or
information and communication system; or any access in
order to corrupt, alter, steal, or destroy using a computer or
other similar information and communication devices,
without the knowledge and consent of the owner of the
computer or information and communications system,
including the introduction of computer viruses and the like,
resulting in the corruption, destruction, alteration, theft or
loss of electronic data messages or electronic documents.
• Minimum fine of One Hundred Thousand pesos (P
100,000.00) and a mandatory imprisonment of six (6)
months to three (3) years.
What is Digital Evidence? A.M. NO. 01-7-01-SC.- RE: RULES ON ELECTRONIC
EVIDENCE
• Acting on the Memorandum dated 18 June 2001 of
the Committee on the Revision of the Rules of Court
to Draft the rules on E-Commerce Law [R.A. No. 8792]
submitting the Rules on Electronic Evidence for this
Court’s consideration and approval, the Court
Resolved to APPROVED the same.
• The Rules on Electronic Evidence shall apply to cases
pending after their effectivity. These Rules shall take
effect on the first day of August 2001 following their
publication before the 20th of July in two newspapers
of general circulation in the Philippines.
What is a Digital Forensics? • Computer forensics (sometimes computer forensic
science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. Computer forensics is also known as digital forensics.
• The goal of computer forensics is to explain the current state of a digital artifact; such as a computer system, storage medium (e.g. hard disk or CD-ROM), an electronic document (e.g. an email message or JPEG image). The scope of a forensic analysis can vary from simple information retrieval to reconstructing a series of events.
There are five basic steps to the computer forensics:
1. Preparation (of the investigator)
2. Collection (the data)
3. Examination
4. Analysis
5. Reporting
What are the requirements for
Examination?
1. Request form by the Investigator,
Case Officer or Chief of Office.
2. Submission of Actual evidence in the
custody of the Examiner. The
Requesting party and the Court with
Jurisdiction can pull-out evidence.
3. Additional Hard Drive (normally
double or more the Hard Drive for
Examination)
4. Addition CD-R for Cellphone
Forensics Data Extraction Report.
The 12 Salient Points of the Law
1. It gives legal recognition of electronic data
messages, electronic documents, and
electronic signatures. (section 6 to 13)
2. Allows the formation of contracts in
electronic form. (section 16)
3. Makes banking transactions done through
ATM switching networks absolute once
consummated. (section 16)
4. Parties are given the right to choose the
type and level of security methods that suit
their needs. (section 24)
5. Provides the mandate for the electronic implementation of transport documents to facilitate carriage of goods. This includes documents such as, but not limited to, multi-modal, airport, road, rail, inland waterway, courier, post receipts, transport documents issued by freight forwarders, marine/ocean bill of lading, non-negotiable seaway bill, charter party bill of lading. (section 25 and 26)
6. Mandates the government to have the capability to do e-commerce within 2 years or before June 19, 2002. (section 27)
7. Mandates RPWeb to be implemented. RPWeb is a strategy that intends to connect all government offices to the Internet and provide universal access to the general public. The Department of Transportation and Communications, National Telecommunications Commission, and National Computer Center will come up with policies and rules that shall lead to substantial reduction of costs of telecommunication and Internet facilities to ensure the implementation of RPWeb. (section 28)
8. Made cable, broadcast, and wireless physical
infrastructure within the activity of
telecommunications. (section 28)
9. Empowers the Department of Trade and Industry to
supervise the development of e-commerce in the
country. It can also come up with policies and
regulations, when needed, to facilitate the growth of
e-commerce. (section 29)
10.Provided guidelines as to when a service provider can
be liable. (section 30)
11.Authorities and parties with the legal right can only
gain access to electronic documents, electronic data
messages, and electronic signatures. For
confidentiality purposes, it shall not share or convey to
any other person. (section 31 and 32)
12.Hacking or cracking, refers to unauthorized
access including the introduction of computer
viruses, is punishable by a fine from 100
thousand to maximum commensurating to the
damage. With imprisonment from 6 months to
3 years. (section 33)
13.Piracy through the use of telecommunication
networks, such as the Internet, that infringes
intellectual property rights is punishable. The
penalties are the same as hacking. (section 33)
14.All existing laws such as the Consumer Act of
the Philippines also applies to e-commerce
transactions. (section 33)
Penalties under the law:
Penalties under the law:
Penalties under the law:
Penalties under the law:
Why we need to be interested in the study of
CYBERCRIME
Because CYBERCRIME belong to a
larger group of crime called
Transnational Crime. This crime also
is more known in criminal
investigation as ORGANIZED CRIME.
ORGANIZED CRIME is in a class by
itself. It's big, it's powerful, it's well-
connected, and highly profitable.
12/3/2013
33
Owned by CRIMPHILS.COM/BERALDEWR
Mafia is the most common term used to describe
the more profitable criminal organizations around the
world, but other terminology includes:
international criminal organizations (military
usage);
transnational crime (UN usage);
and enterprise crime (FBI usage).
12/3/2013
34 Owned by
CRIMPHILS.COM/BERALDEWR
• Crime as business, which includes white collar crime as
well as various forms of corruption;
As the term is utilized in criminology, it refers to any (or all) of six (6) different types of crime:
12/3/2013 35 Owned by
CRIMPHILS.COM/BERALDEWR
• Offenses involving works of art, counterfeiting, or other
cultural artifacts;
12/3/2013 Owned by
CRIMPHILS.COM/BERALDEWR 36
Crime associated with the distribution and sale of
narcotics as well as other contraband substances;
12/3/2013 Owned by
CRIMPHILS.COM/BERALDEWR 37
Crime associated with human migration or sex trafficking
including various forms of prostitution;
12/3/2013 Owned by
CRIMPHILS.COM/BERALDEWR 38
Crime involving contract murder or for-hire use of force,
mostly deadly force; and
12/3/2013 Owned by
CRIMPHILS.COM/BERALDEWR 39
• Various forms of computer crime involving identity theft and/or other large-scale financial frauds.
12/3/2013 Owned by
CRIMPHILS.COM/BERALDEWR 40
CYBER CRIME AND ITS INVESTIGATION
With the day to day
evolution of human
mind, the modes of
committing crime are
also drastically
changing. Criminals are
getting smarter day by
day and are applying
there minds in this
context to commit
crime and escape
without getting caught.
12/3/2013 41 Owned by
CRIMPHILS.COM/BERALDEWR
With the advent of
computers no one thought
that it will become a mode
or source of committing
crime. Charles Babbage
who is well known as the
father of computer would
not have dreamt that the
machine he is giving the
world may become a
source of crime and would
ever influence the society in
a negative way.
12/3/2013 42 Owned by
CRIMPHILS.COM/BERALDEWR
Whenever we talk about cyber crime
we can make out that its something
related to a wrong done were a computer
system is involved. The term „cyber crime‟
is a wrongly applied name. The concept
of cyber crime is not radically different
from the concept of conventional crime.
Both include conduct whether act or
omission, which cause breach of rules of
law and counterbalanced by the sanction
of the state. Though cyber crimes is a new
breed of crimes which came into being
just after the advent of the computers and
the scenario has become more worse with
the influence of internet in our day to day
life.
12/3/2013 43 Owned by
CRIMPHILS.COM/BERALDEWR
CONVENTIONAL CRIME Crime is a social and economic
phenomenon and is as old as the
human society. Crime is a legal
concept and has the sanction of the
law. Crime is defined as “a legal
wrong that can be followed by
criminal proceedings which may result
into punishment.”. A crime may be
said to be any conduct
accompanied by act or omission
prohibited by law and consequential
breach of which is visited by penal
consequences.
12/3/2013 44 Owned by
CRIMPHILS.COM/BERALDEWR
CYBER CRIME: Cyber crime is the latest and perhaps the most
complicated problem in the cyber world. “Cyber
crime may be said to be those species, of which,
genus is the conventional crime, and where either the
computer is an object or subject of the conduct constituting crime. In general, cyber crime may be
defined as “ unlawful acts wherein the computer is
either a tool or target or both”.
12/3/2013 45 Owned by
CRIMPHILS.COM/BERALDEWR
The computer may be used as a tool in the
following kinds of activity: financial crimes, sale of
illegal articles, pornography, online gambling,
intellectual property crime, e-mail spoofing, forgery,
cyber defamation, cyber stalking.
The computer may however be a target for
unlawful acts in the following cases: unauthorized
access to computer/ computer system/ computer
networks, theft of information contained in the
,electronic form, e-mail bombing, salami attacks,
logic bombs, Trojan attacks, internet time thefts, web
jacking, theft of computer system, physically
damaging the computer system.
12/3/2013 46 Owned by
CRIMPHILS.COM/BERALDEWR
DISTINCTION BETWEEN CONVENTIONAL
AND CYBER CRIME
There is apparently no distinction
between cyber and conventional crime as
both the crimes results into some sort of loss to
one of the parties. However on a deep
introspection we may say that there exists a
fine line of demarcation between the
conventional and cyber crime, which is
appreciable. The demarcation lies in the
involvement of the medium in cases of cyber
crime.
12/3/2013 47
Owned by
CRIMPHILS.COM/BERALDEWR
MODE AND MANNER OF COMMITING CYBER CRIME:
1. HACKING:
2. THEFT OF INFORMATION CONTAINED IN ELECTRONIC FORM:
3. EMAIL BOMBARDING:
4. DATA DIDDLING:
5. SALAMI ATTACKS:
6. DENIAL OF SERVICE ATTACK:
7. VIRUS OR WORM ATTACKS:
8. LOGIC BOMBS:
9. TROJAN ATTACKS:
10. INTERNET TIME THEFT:
11. WEB JACKING:
12/3/2013 48
Owned by
CRIMPHILS.COM/BERALDEWR
CLASSIFICATION OF CYBER CRIMES:
The subject of cyber crime may be broadly
classified under the following three groups. They are:
1. Against Individuals :
a. against person They can be:
i. Harassment via e-mails.
ii. Cyber-stalking.
iii. Dissemination of obscene material.
iv. Defamation.
v. Unauthorized control/access over
computer system.
vi. Fraud and cheating
12/3/2013 49 Owned by
CRIMPHILS.COM/BERALDEWR
b. the property of an individual
i. Computer vandalism.
ii. Transmitting virus.
iii. Netrespass
iv. Unauthorized control/access over
computer system.
v. Intellectual Property crimes
vi. Internet time thefts
12/3/2013 50 Owned by
CRIMPHILS.COM/BERALDEWR
2. Against Organization:
a. Government
b. Firm, Company, Group of Individuals.
i. Unauthorized control/access over
computer system
ii. Possession of unauthorized information.
iii. Cyber terrorism against the government
organization.
iv. Distribution of pirated software etc.
12/3/2013 51 Owned by
CRIMPHILS.COM/BERALDEWR
3. Against Society at large
i. Pornography (basically child pornography).
ii. Polluting the youth through indecent
exposure.
iii. Trafficking
iv. Financial crimes
v. Sale of illegal articles
vi. Online gambling
vii. Forgery
12/3/2013 52 Owned by
CRIMPHILS.COM/BERALDEWR
THE NEW PHILS. CYBER CRIME LAW
Republic Act 10175 or the
Cybercrime Prevention Act (also known as CYBERCRIME
PREVENTION ACT OF 2012)
This law punishes an act described by congress as
herein defined (in this law) as CYBER CRIME)
12/3/2013 53 Owned by
CRIMPHILS.COM/BERALDEWR
THE PHILIPPINE CENTER ON
TRANSNATIONAL CRIME To address this growing threat, the President
signed Executive Order No. 62 creating the Philippine
Center on Transnational Crime (PCTC) to serve as a
nerve center, a think tank, and a central database for
the monitoring, detecting, and investigating of
transnational crimes, as well as formulating of national
programs and policies, both tactical and strategic,
geared towards the prevention of said crimes, and
the recommending of measures for the enactment of
legislation that will strengthen responses and provide
immediate intervention in the prevention, detection
and apprehension of transnational criminals.
12/3/2013 54 Owned by
CRIMPHILS.COM/BERALDEWR
Recognizing, however, that transnational
crimes operate beyond national borders and
that the government has to address the
inefficiency of domestic law enforcement
created by jurisdictional and territorial
limitations, there is a pressing need for the
institutionalization of a regional framework for
law enforcement cooperation. This
cooperation can be achieved largely on
apolitical or technical issues specified in
international and regional agreements and
those identified by individual states.
12/3/2013 55 Owned by
CRIMPHILS.COM/BERALDEWR
Among these technical issues in global and international cooperation are the following:
1. Establishment of a central database on transnational crime
2. Cross-training programs, like those offered by the International Law Enforcement Academy (ILEA) in Bangkok, Thailand by U.S. Federal Bureau of Investigation
3. Personnel exchanges are encouraged to ensure compatibility in a wide range of areas ranging from simple police functions to other social dimensions.
4. Investigation and prosecution of transnational crimes require a high level of cooperation and trust;
5. The constitution of multinational centers or task forces against transnational crime that would supplement and address the inefficiencies that is inherent in the other technical aspects of cooperation. The creation of the ASEAN Center for Combating Transnational Crime (ACTC), whose headquarters will be located in the Philippines, which has volunteered to host the main headquarters, construct its building, and provide all the necessary facilities.
12/3/2013 56 Owned by
CRIMPHILS.COM/BERALDEWR
Transnational Crime Defined The transnational character of many crimes,
although not new, has not been fully recognized until
recently. Crime was traditionally viewed as a purely
domestic law enforcement issue and, therefore,
treated and addressed as an exclusive concern of
individual states. As such transnational crime, being a
new threat to domestic and international interest and
security, has yet to be baptized with an official
definition. However, there is an emerging consensus
to accept the definition of transnational crime as
proposed by Bossard. He defined TRANSNATIONAL
CRIME as an offense that has an international
dimension and implies crossing at least one national
border before, during or after the act.
12/3/2013 57
Owned by
CRIMPHILS.COM/BERALDEWR