Title
Rules for Implementing the Electronic Commerce Act
Law
Dti
Decision Date
Jul 13, 2000
The Implementing Rules and Regulations (IRR) of the Electronic Commerce Act in the Philippines outlines policies and guidelines for the promotion and development of electronic commerce, covering aspects such as legal recognition of electronic data messages, electronic signatures, formation of electronic contracts, and the establishment of an electronic online network called RPWEB.
implementing rules
regulations
electronic commerce act

Policy and principles for e-commerce promotion

  • The State recognizes the “vital role” of ICT in nation-building and the need to create an information-friendly environment supporting the availability, diversity, and affordability of ICT products and services.
  • The State places primary responsibility for ICT investments and services on the private sector while committing to technology transfer and promotion.
  • The State must ensure network security, connectivity, and neutrality of technology for national benefit, including deployment and interconnection of national information infrastructures with appropriate legal, financial, diplomatic, and technical frameworks.
  • The government’s role is limited to intervention that is clear, transparent, objective, non-discriminatory, proportional, flexible, and technologically neutral, and that promotes private-sector input.
  • Electronic commerce development is led primarily by the private sector through open and fair competitive markets.
  • Government policy must support international coordination and harmonization, neutral tax treatment, and protections for users’ privacy, confidentiality, anonymity, and content control, consistent with applicable laws.
  • Government and the private sector must promote electronic commerce awareness and support SMEs, skills development for workers, and government as a model user.
  • The rules adopt principles on convergence, domain name governance participation, equal and transparent access to public records, and encouragement of self-regulatory extra-judicial dispute settlement mechanisms like arbitration and mediation.

Objective and scope of application

  • Section 4 provides that the Electronic Commerce Act aims to facilitate domestic and international dealings, transactions, arrangements, agreements, contracts, and exchanges and storage of information using electronic, optical, or similar medium and technology, to recognize authenticity and reliability of electronic documents and to promote universal use of electronic transactions in government and by the public.
  • Section 5 provides that the Act applies to any kind of electronic data message and electronic document used in the context of commercial and non-commercial activities, including both domestic and international dealings and contracts.

Core definitions used throughout

  • Addressee means a person intended by the originator to receive an electronic data message or electronic document, excluding an intermediary acting with respect to that message/document (Section 6(a)).
  • Commercial Activities receive a wide interpretation covering relationships of commercial nature whether contractual or not, including acts/events/transactions/dealings among parties and a broad set of services and tangible/intangible property transactions (Section 6(b)).
  • Computer means any device/apparatus that can receive, record, transmit, store, process, correlate, analyze, project, retrieve, and/or produce information, data, text, graphics, figures, voice, video, symbols, or other modes of expression, or perform one or more of these functions (Section 6(c)).
  • Convergence refers to technologies moving toward a common point and elimination of differences between provisioning of video, voice, and data using digital and emerging technologies, including network platforms carrying any kind of service and convergence of consumer devices (Section 6(d)).
  • Electronic data message means information generated, sent, received, or stored by electronic/optical/similar means (including EDI, email, telegram, telex, telecopy), and the term is treated as equivalent to electronic document throughout the rules (Section 6(e)).
  • Information and Communications System means a system for generating, sending, receiving, storing, or processing electronic data messages/documents and includes the computer system or similar device and related recording/storage procedures (Section 6(f)).
  • Electronic signature is any distinctive mark/characteristic/sound in electronic form representing identity and attached to or logically associated with an electronic data message/document (or methodology/procedures executed/adopted with intention to authenticate/approve) (Section 6(g)).
  • Electronic document is electronic information/representation of information that establishes a right/extinguishes an obligation or proves and affirms a fact, received/recorded/transmitted/stored/processed/retrieved/produced electronically, and is treated as equivalent to electronic data message throughout the rules (Section 6(h)).
  • Electronic key is a secret code securing sensitive information crossing public channels into decipherable form only by itself or a matching key, including single-key, public-key, or similar systems (Section 6(i)).
  • Intermediary is a person, in behalf of another person, who sends/receives/stores or provides other services with respect to a particular electronic data message/document (Section 6(j)).
  • Non-Commercial Activities are activities not falling under commercial activities (Section 6(k)).
  • Originator is the person by whom or on whose behalf an electronic data message/document is purported to have been created/generated/sent, excluding an intermediary (Section 6(l)).
  • Person includes natural and juridical persons, including governmental authorities (Section 6(m)).
  • Service provider includes providers of online services/network access (or operator of facilities) and technical means for storage/access to a designated or undesignated third party, with limitations that such providers have no authority to modify/alter content or make entries unless specifically authorized, and must retain the data message/document according to request or necessary to perform services (Section 6(n)).

Legal recognition of electronic records and signatures

  • Section 7 requires that information must not be denied validity or enforceability solely because it is an electronic data message or electronic document, and electronic data messages/documents have legal effect, validity, or enforceability as other documents/legal writings.
  • Section 7(a) provides that a legal requirement that information be “in writing” is satisfied by providing the information in electronic data message/electronic document form.
  • Section 7(b) provides that a legal requirement for a person to provide information in writing to another person is satisfied by providing the information in an electronic data message/electronic document.
  • Section 7(c) provides that a requirement for a person to provide information in a specified non-electronic form is satisfied by providing it in electronic data message/electronic document form in the same or substantially the same form.
  • Section 7(d) preserves requirements for posting/displaying information in specified manner/time/location and communications by specified method unless and until a functional equivalent has been developed, installed, and implemented.
  • Section 8 provides that incorporation by reference does not lose legal validity/enforceability merely because the incorporated information is not contained in the electronic data message/document.
  • Section 9 provides that nothing requires a person to use or accept electronic data messages/documents or electronic signatures, except that consent may be inferred from conduct, subject to Section 27 of the Act.
  • Section 10 provides that where law requires writing or imposes consequences for not presenting/retaining in original form, an electronic document/data message is sufficient if it maintains integrity and reliability and is authenticated for subsequent reference.
  • Section 11 provides that where law requires presentation/retention of originals, the requirement is met by electronic form if there is reliable assurance of integrity from first generation in final form and the electronic document/data message is capable of being displayed to the intended recipient; integrity assessment is whether information remains complete and unaltered apart from authorized/normal changes; reliability is assessed by purpose and relevant circumstances.
  • Section 12 states that no provision of the Act varies existing laws and relevant judicial pronouncements on formalities required for validity/enforceability of executed documents; when a contract must be in a specific form or proved in a specific way, the requirement is absolute and indispensable.
  • Section 13 provides that an electronic signature relating to an electronic document/data message is equivalent to a handwritten signature if it meets the electronic signature definition and is proved by a prescribed procedure (not alterable by interested parties) under which (i) identity is indicated and access for consent/approval is provided, (ii) the method is reliable/appropriate, (iii) execution/provision of the electronic signature is necessary to proceed, and (iv) the other party is authorized/enabled to verify and decide to proceed using signature-authenticated authentication.
  • Section 13 also allows parties to agree on supplementary/alternative procedures as long as the Section 13(b) requirements are complied with, and permits taking into account factors in Annex “2” for Sections 13(b)(i) and 13(b)(ii).
  • Section 14 establishes a rebuttable presumption in proceedings involving an electronic signature that (i) the signature is that of the person to whom it correlates and (ii) the signature was affixed with intention to sign/approve unless the relying person knew/had notice of defects or unreliability or reliance was not reasonable under circumstances.
  • Section 15 provides that authentication is done by demonstrating/validating claimed identity of a user/device/entity in an information/communication system, and provides interim authentication manners (i) symbol/character proof or security procedures intended to authenticate/approve and (ii) appropriate security procedure to verify origin/detect error or alteration using algorithm/codes/encryption/answers-back/acknowledgment procedures or similar security devices.
  • Section 16 places on the person introducing an electronic document/data message in legal proceedings the burden of proving authenticity with evidence capable of supporting that it is what is claimed.
  • Section 17 provides integrity methods: system operating so integrity wasn’t affected with no other reasonable grounds to doubt; or recorded/stored by an adverse party; or recorded/stored in usual and ordinary course of business by a person not a party and not acting under control.
  • Section 18 provides that electronic documents/data messages are functional equivalents of written documents for evidentiary purposes, and their admissibility is not denied solely because they are in electronic form or not in standard written form; evidential weight depends on reliability of generation/storage/communication, reliability of originator identification, and other relevant factors.
  • Section 19 allows matters on admissibility and evidential weight and integrity presumptions to be presumed established by an affidavit based on personal knowledge subject to a right of cross-examination by parties with an interest; the right to cross-examine applies to specified persons under the Act and to persons in Section 11, paragraph 4, and sub-paragraph c of the Act.
  • Section 20 requires electronic retention to satisfy original-retention legal requirements if (i) accessible for subsequent reference, (ii) retained in format generated/sent/received or demonstrated to accurately represent the electronic record, and (iii) where applicable enables identification of originator/addressee and determination of date/time sent/received; using third-party services is allowed if the stated conditions are met; government enforcement agencies may issue regulations to ensure integrity/reliability and proper implementation of Section 13 of the Act.

Electronic contracts, banking transactions, and attribution rules

  • Section 21 provides that, except as otherwise agreed, offer, acceptance, and contract formation/perfection elements may be expressed/demonstrated/proved by electronic data messages/electronic documents, and no contract is denied validity/enforceability solely because it is in electronic form or because formation elements are expressed/demonstrated/proved by electronic documents.
  • Section 22 deems electronic bank network transactions consummated upon actual cash dispensing or debit of one account and corresponding credit to another, whether initiated by depositor or authorized collecting party, and characterizes the resulting obligation between banks/entities similarly situated as absolute and not subject to preference of credits, limited to transactions utilizing the Automated Teller Machine switching network.
  • Section 22 provides that banking-related electronic transactions for institutions subject to Bangko Sentral supervision are governed by Bangko Sentral rules issued under Section 59 of Republic Act No. 8791, Republic Act No. 7653, and Section 20, Article XII of the Constitution.
  • Section 23 provides that as between originator and addressee, a declaration of will or other statement is not denied legal effect/validity/enforceability solely because it is an electronic data message/document.
  • Section 24 provides that an electronic data message/document is the originator’s if it was sent by the originator himself.
  • Section 25 provides that as between originator and addressee, it is deemed the originator’s if sent by (i) an authorized person acting on the originator’s behalf with respect to that message/document or (ii) an information and communications system programmed by/on behalf of the originator to operate automatically.
  • Section 26 entitles an addressee to regard a message/document as originating from the originator, and act on that assumption, if (i) the addressee properly applied a previously agreed procedure to ascertain originator authenticity or (ii) the message/document resulted from actions of a person whose relationship with originator/any agent enabled access to a method used by originator to identify messages/documents as that person’s own.
  • Section 26 also preserves other instances/circumstances where originator may be bound by addressee reliance and consequent action.
  • Section 27 provides when an addressee may not regard a message/document as originating from the originator: (i) after addressee has both received notice from originator that it is not the originator’s and has reasonable time to act accordingly, or (ii) in a case under Section 26(b), at any time when addressee knew or should have known with reasonable care and any agreed procedure that it was not from the originator.
  • Section 28 provides that each electronic data message/document may be treated as separate for addressee reliance except where it duplicates another message/document and addressee knew or should have known with reasonable care/agreed procedure it was a duplicate.
  • Section 29 provides that an addressee may treat a received message/document as what the originator intended to send unless addressee knew/should have known with reasonable care/agreed or appropriate procedure that transmission contained error or was sent to an undesignated system.
  • Section 30 provides acknowledgment rules where originator and addressee agreed or requested acknowledgment of receipt:
    • If no form/method is agreed, acknowledgment may be given by any communication/conduct sufficient to indicate receipt.
    • If effect/significance is conditional on acknowledgment receipt, the message/document is treated as never sent until acknowledgment is received.
    • If not conditional and acknowledgment is not received within specified/agreed time, and if none specified/agreed then within reasonable time, the originator may give notice setting a reasonable time; if acknowledgment is not received, the originator may treat the message/document as never sent or exercise other rights.
  • Section 31 defines dispatch as when the message/document enters an information and communications system outside the control of the originator or sender on originator’s behalf unless otherwise agreed.
  • Section 32 defines receipt as (i) when it enters the designated information/communications system (or when retrieved by the addressee if both are participants in that system), (ii) when retrieved by addressee if sent to a non-designated system, or (iii) when it enters any information/communications system of the addressee if no designated system exists, notwithstanding that the system location may differ from the deemed place of receipt.
  • Section 33 deems dispatch to occur at the originator’s place of business and receipt at the addressee’s place of business unless otherwise agreed, even if a laptop/portable device is used; it also governs tax situs to the extent not inconsistent with Philippine situs rules and BIR regulations on e-commerce tax.
  • Section 33 defines place rules: where multiple places of business exist, choose the one closest relationship to the underlying transaction (or principal place if no underlying transaction); if no place of business, use habitual residence; and for bodies corporate without place of business, habitual residence means place of incorporation or legal constitution; it also states nothing amends private international law rules.
  • Section 34 allows parties, subject to applicable laws and DTI and other agencies’ rules/guidelines, to determine the type and level of security needed and select appropriate technological methods.

Transportation documents in e-commerce carriage

  • Section 35 applies these rules to actions connected with or pursuant to a contract of carriage of goods, including: furnishing marks/number/quantity/weight; stating nature/value; issuing/confiming/loading; notifying terms/conditions; giving instructions to carrier; claiming delivery; authorizing release; giving loss/damage notices; any other notice/statement; delivering to a named person or authorized claimant; and granting/acquiring/renouncing/surrendering/transferring/negotiating rights in goods, as well as acquiring/transferring rights/obligations under the contract.
  • Section 36(1) provides that where law requires writing/paper documents for actions under Section 35, the requirement is met by one or more electronic data messages/electronic documents; transport documents include those listed in Annex “1”, and concerned agencies (including DTI, Department of Finance, DOTC, Philippine Ports Authority, and other port authorities) issue appropriate rules/guidelines within their mandates.
  • Section 36(2) applies the electronic-document rule whether the law imposes an obligation in writing or provides consequences for failing to carry out in writing or using a paper document.
  • Section 36(3) provides that where a right must be conveyed to one person and the law requires transfer/use of a paper document, the requirement is met if conveyed via electronic data messages/electronic documents using a reliable method rendering them unique.
  • Section 36(4) defines reliability for the unique standard by assessing it in light of purpose and all circumstances, including agreements.
  • Section 36(5) provides that when electronic data messages/electronic documents are used to effect actions in Section 25(f) and (g) of the Act, any paper document used to effect such action is not valid unless the electronic data message/electronic document use has been terminated and replaced by paper documents, and the paper document must contain a statement of such termination; replacement does not affect parties’ rights/obligations.
  • Section 36(6) provides that mandatory rules of law applicable to carriage contracts evidenced by paper documents do not become inapplicable merely because the contract is evidenced by electronic data messages/electronic documents.

Government electronic transactions and RPWEB

  • Section 37 mandates that within two (2) years from the date of effectivity of the Act, government departments/bureaus/offices/agencies and government-owned and-controlled corporations that require or accept filing/creation/retention/submission of documents, issue permits/licenses/certificates, or provide for fee payment/settlement must:
    • accept creation, filing, or retention of such documents in electronic form;
    • issue permits/licenses/approvals in electronic data message/document form;
    • require and/or accept payments and issue receipts acknowledging payment using systems using electronic documents/messages; and
    • transact government business and/or perform governmental functions using electronic data messages/documents.
  • Section 37 authorizes the adoption and promulgation—after appropriate public hearing and with due publication in newspapers of general circulation—of rules/guidelines specifying the manner/format of filing/creating/retaining/issuing, signing requirements (including type of electronic signature), format and how signatures are affixed, control processes for integrity/security/confidentiality, attributes required, and full/limited use of documents for compliance.
  • Section 37 provides that the Act itself mandates acceptance/issuance of electronic documents for departments/organ of state/statutory corporations only upon adoption, promulgation, and publication of the specified rules/guidelines.
  • Section 37 prohibits any person from requiring a government branch/department/agency/bureau/instrumentality to accept or process electronic data messages, conduct business electronically, or perform functions electronically until adoption, promulgation, and publication of the required rules/guidelines.
  • Section 38 imposes mandatory government implementation principles: technology neutrality, interoperability, elimination of red tape through re-examination and simplification/re-engineering, implementation of security measures for unauthorized access/disclosure prevention and integrity of stored information, and auditability with an audit trail.
  • Section 39 mandates adjustment, modification, and amendment of the Government Information System Plan (GISP) to conform to the Act, RPWEB, and these rules.
  • Section 40 mandates installation of RPWEB within two (2) years from the effectivity of the Act, as an electronic on-line network to implement government electronic document transmission and use and to facilitate open, speedy, efficient conveyance of electronic services among government levels and universal public access.
  • Section 40 provides that RPWEB serves as an initial platform of government information infrastructure and shall evolve using better technologies or kinds of wide-area networks using, among others, fiber optic, satellite, wireless, and other broadband telecommunications media.
  • Section 41 requires coordination among the Department of Transportation and Communications, National Telecommunications Commission, and National Computer Center to promulgate issuances leading to substantial reduction of costs for leased lines, land, satellite, dial-up access, cheap broadband, and wireless accessibility, including establishment of a government website portal and a domestic internet exchange system for strategic access and faster flow of locally generated internet traffic.
  • Section 42 characterizes the physical infrastructure of cable and wireless systems for cable TV and broadcast (excluding programming/content and management) as part of telecommunications for electronic commerce purposes, and supports convergence of ICT in the installation of the government information infrastructure.
  • Section 43 assigns delineated functions:
    • DTI supervises and coordinates full implementation of Section 27 of the Act, requires agencies intending to comply to coordinate with DTI for adherence to Section 38 principles, mandates observance of public bidding/disbursements and other restrictions including COA policies; installs an on-line public information and quality/price monitoring system to protect consumer interests; establishes a voluntary listing system for electronic commerce businesses/entities including VAS providers as understood in Republic Act No. 7925, and maintains and electronically provides the list; reviews and assesses legal/technical/commercial issues and convenes agencies as needed to deliberate and resolve, and promulgates additional implementing rules in proper cases.
    • Bangko Sentral ng Pilipinas performs functions mandated under the Act, including promulgation of implementing rules for supervised institutions (banks, quasi-banks, trust entities, and others subject to BSP supervision).
    • Department of Budget and Management identifies fund sources for implementation of Sections 37, 39, and 40, consistent with annual General Appropriations Act, and is responsible for putting core processes on-line.

Service provider liability limits and access controls

  • Section 44 provides that, except as otherwise provided, no person/party acting as a service provider is subject to civil or criminal liability founded on the electronic data message/electronic document where the service provider merely provides access, for liabilities founded on (i) parties’ obligations/liabilities or (ii) making/publication/dissemination/distribution of material or statements in it.
  • Section 44 conditions exemption on the service provider not having actual knowledge or not being aware of facts indicating unlawfulness/infringement, or if aware, advising affected parties within a reasonable time to refer to appropriate authority or opt for alternative dispute resolution; not knowingly receiving financial benefit directly attributable to unlawful/infringing activity; and not directly committing infringement/unlawful acts or inducing/causing others to infringe or benefiting financially from others’ infringing/unlawful acts.
  • Section 44 preserves: obligations founded on contract; obligations under licensing/regulatory regimes established by written law; obligations imposed under written law; and civil liability to the extent it serves as basis for injunctive relief by a court requiring actions to remove/block/deny access or preserve evidence of a violation under laws requiring such action.
  • Section 45 limits lawful access to electronic files, electronic signatures, and electronic signatures/files to the individual/entity with legal right to plaintext/e-signature/file possession/use and solely for authorized purposes.
  • Section 46 prohibits disclosure of an electronic key for identity/integrity to any person/party without consent of the lawful possessor; testimonial disclosure in any proceeding is limited by the constitutional right against self-incrimination.
  • Section 47 imposes confidentiality: except for purposes authorized under the Act, a person who obtained access to any electronic key, electronic data message, electronic document, book/register/correspondence/information/material pursuant to powers under the Act must not convey or share it with any other person.

Penal provisions and penalties

  • Section 48 punishes hacking or cracking—unauthorized access into/interference with a computer system/server/information and communications system, or access to corrupt/alter/steal/destroy using computer or similar devices (including introducing computer viruses), resulting in corruption/destruction/alteration/theft/loss of electronic data messages or electronic documents—by a minimum fine of PHP 100,000.00, a maximum fine commensurate to the damage incurred, and mandatory imprisonment of six (6) months to three (3) years.
  • Section 49 punishes piracy—unauthorized copying/reproduction/dissemination/distribution/importation/use/removal/alteration/substitution/modification/storage/uploading/downloading/communication/making available to the public/broadcasting of protected material, electronic signature, or copyrighted works (including legally protected sound recordings or phonograms or information material on protected works), through telecommunication networks such as the internet, in a manner that infringes intellectual property rights—by a minimum fine of PHP 100,000.00, a maximum fine commensurate to the damage incurred, and mandatory imprisonment of six (6) months to three (3) years, without prejudice to rights/liabilities/remedies under Republic Act No. 8293 and other applicable laws.
  • Section 50 provides that violations of the Consumer Act (Republic Act No. 7394) and other relevant/p eint laws through transactions covered by or using electronic data messages/documents are penalized with the same penalties as those laws.
  • Section 51 provides that other violations of provisions of the Act are penalized with a maximum penalty of PHP 1,000,000.00 or six (6) years imprisonment.

Miscellaneous operative rules

  • Section 52 directs statutory interpretation to give due regard to the Act’s international origin, the UNCITRAL Model Law on Electronic Commerce, the need for uniformity and good faith in international trade relations, and generally accepted principles of international law and conventions on electronic commerce.
  • Section 53 allows variation of any provision of the Act by agreement among parties as long as the agreement involves only generation/sending/receiving/storing/processing of an electronic data message/electronic document; agreements may not defeat the legal recognition, validity, admissibility of electronic data messages/electronic documents or electronic signatures.
  • Section 54 establishes reciprocity for benefits/privileges/advantages/statutory rules established under the Act.

Analyze Cases Smarter, Faster
Jur helps you analyze cases smarter to comprehend faster, building context before diving into full texts. AI-powered analysis, always verify critical details.

About Privacy Terms