Question & AnswerQ&A (DOJ RULES AND REGULATIONS IMPLEMENTING Republic Act No. 10175, OTHERWISE KNOWN AS THE "CYBERCRIME PREVENTION ACT OF 2012")
These rules are referred to as the Implementing Rules and Regulations of Republic Act No. 10175, or the Cybercrime Prevention Act of 2012.
The State recognizes the vital role of information and communications industries and aims to provide an environment conducive to the development and rational application of ICT while protecting the integrity and confidentiality of computer systems and data from misuse and illegal access.
Illegal Access refers to the access to the whole or any part of a computer system without right.
Illegal Interception is punishable by prision mayor or a fine of at least Two Hundred Thousand Pesos (P200,000.00) up to an amount commensurate to the damage incurred, or both.
Cybersex is the willful engagement, maintenance, control, or operation of any lascivious exhibition of sexual organs or sexual activity aided by a computer system for favor or consideration. It is punishable by imprisonment of prision mayor or a fine of at least Two Hundred Thousand Pesos (P200,000.00) but not exceeding One Million Pesos (P1,000,000.00), or both.
The Regional Trial Court has jurisdiction over cybercrime offenses if any element of the crime was committed within the Philippines, or with the use of any computer system wholly or partly situated in the country, or if damage was caused to a person in the Philippines.
The National Bureau of Investigation (NBI) and the Philippine National Police (PNP) are responsible and must organize cybercrime divisions or units to handle cybercrime cases, coordinated by the DOJ Office of Cybercrime.
Service providers must preserve traffic data and subscriber information for six months, preserve content data upon order, assist law enforcement in collecting computer data, disclose information within 72 hours upon order, and destroy data after the prescribed period, among others.
Preservation refers to keeping stored data secure and safe without changing its quality or condition, especially traffic data and subscriber information preserved for at least six months as ordered by law enforcement authorities.
The DOJ Office of Cybercrime acts as the competent authority for international cooperation, handles investigation and prosecution of cybercrime cases, issues preservation orders, monitors compliance of service providers, and issues guidelines related to cybercrime investigation and forensic analysis.
The juridical person (corporation) shall be liable for fines at least double the fines for natural persons and up to Ten Million Pesos (P10,000,000.00), in addition to the criminal liability of the natural person who committed the offense.
Libel committed through a computer system is punishable with prision correccional in its maximum period to prision mayor in its minimum period, or a fine ranging from Six Thousand Pesos (P6,000.00) up to the maximum amount the court determines, or both.
If a punishable cybercrime act is committed against critical infrastructure, the penalty is elevated to reclusion temporal or a fine of not less than Five Hundred Thousand Pesos (P500,000.00) up to an amount commensurate to the damage incurred, or both.
Service providers must retain and preserve traffic data and subscriber information for a minimum period of six (6) months from the date of the transaction.
Any evidence obtained without a valid warrant or beyond the authority of the warrant shall be inadmissible in court proceedings.