Posted on September 12, 2012

S. No. 2796
H. No. 5808
Republic of the Philippines
Congress of the Philippines
Metro Manila
Fifteenth Congress
Second Regular Session
Begun and held in Metro Manila, on Monday the Twenty-fifth day of July two thousand
eleven.
[ Republic Act No. 10175 ]
AN ACT DEFINING CYBERCRIME, PROVIDING FOR THE PREVENTION,
INVESTIGATION, SUPPRESSION AND THE IMPOSITION OF PENALTIES THEREFOR
AND FOR OTHER PURPOSES
Be it enacted by the Senate and House of Representatives of the Philippines in Congress
assembled:
CHAPTER I
PRELIMINARY PROVISIONS
SECTION 1. Title. This Act shall be known as the Cybercrime Prevention Act of 2012.
http://www.gov.ph/2012/09/12/republic-act-no-10175/
The Cybercrime Prevention Act of 2012, officially recorded as Republic Act No. 10175, is a law in
the Philippines approved on September 12, 2012. It aims to address legal issues concerning online interactions and
the Internet in the Philippines. Among the cybercrime offenses included in the bill are cyber
squatting, cybersex, child pornography, identity theft, illegal access to data and libel.
While hailed for penalizing illegal acts done via the Internet that were not covered by old laws, the act has been
criticized for its provision on criminalizing libel, which is perceived to be a curtailment in freedom of expression.
On October 9, 2012, the Supreme Court of the Philippines issued a temporary restraining order, stopping
implementation of the Act for 120 days, and extended it on 5 February 2013 "until further orders from the court
On May 24, 2013, The DOJ announced that the contentious online libel provisions of the law had been dropped
On February 18, 2014, the Supreme Court ruled that section 5 of the law decision was constitutional, and that
sections 4-C-3, 7, 12 and 19 were unconstitutional.
http://en.wikipedia.org/wiki/Cybercrime_Prevention_Act_of_2012

Economic
The optimal level of cyber-security depends largely on the incentives facing providers and the incentives facing
perpetrators. Providers make their decision based on the economic payoff and cost of increased security whereas
perpetrators decisions are based on the economic gain and cost of cyber-crime. Potential prisoners dilemma, public

goods, and negative externalities become sources of cyber-security market failure when private returns to security
are less than the social returns. Therefore the higher the ratio of public to private benefit the stronger the case for
enacting new public policies to realign incentives for actors to fight cyber-crime with increased investment in cybersecurity.
The Computer Fraud and Abuse Act
The Computer Fraud and Abuse Act passed in 1986 is one of the broadest statutes in the US used to combat cybercrime. It has been amended a number of times, most recently by the US Patriot Act of 2002 and the Identity theft
enforcement and Restitution Act of 2008. Within it is the definition of a protected computer used throughout the US
legal system to further define computer espionage, computer trespassing, and taking of government, financial, or
commerce information, trespassing in a government computer, committing fraud with a protected computer,
damaging a protected computer, trafficking in passwords, threatening to damage a protected computer, conspiracy
to commit a cyber-crime, and the penalties for violation. The 2002 update on the Computer Fraud and Abuse
Act expands the act to include the protection of information from any protected computer if the conduct involved an
interstate or foreign communication.
The Digital Millennium Copyright Act
The Digital Millennium Copyright Act passed in 1998 is a United States copyright law that criminalizes the production
and dissemination of technology, devices, or services intended circumvent Digital Rights Management (DRM), and
circumvention of access control.
The Electronic Communications Privacy Act
The Electronic Communications Privacy Act of 1986 extends the government restrictions on wiretaps from
telephones. This law is generally thought in the perspective of what law enforcement may do to intercept
communications, but it also pertains to how an organization may draft their acceptable use policies and monitor
communications.
The Stored Communications Act
The Stored Communications Act passed in 1986 is focused on protecting the confidentiality, integrity and availability
of electronic communications that are currently in some form of electronic storage. This law was drafted with the
purpose of protecting the privacy of e-mails and other electronic communications.
Identity Theft and Aggravated Identity Theft
The Identity Theft and Aggravated Identity Theft statute is a subsection of the Identification and Authentication Fraud
statute. It defines the conditions under which an individual has violated identity theft laws.
Identity Theft and Assumption Deterrence Act
Identity theft was declared unlawful by the federal Identity Theft and Assumption Deterrence Act of 1998 (ITADA).
Criminals knowingly transferring or using, without lawful authority, a means of identification of another person with
the intent to commit, or to aid abet, any unlawful activity that constitutes a violation of federal law, or that constitutes
a felony under any applicable State or local law. Penalties of the ITADA include up to 15 years in prison and a
maximum fine of $250,000 and directly reflect the amount of damage caused by the criminals actions and their
amount of planning and intent.
Gramm-Leach-Bliley Act
The Gramm-Leach-Bliley Act (GLBA) requires that financial institutions and credit agencies increase the security of
systems that contain their customers personal information. It mandates that all financial institutions design,
implement, and maintain safeguards to protect customer information. [30]

Internet Spyware Prevention Act

The Internet Spyware Prevention Act (I-SPY) prohibits the implementation and use of spyware and adware. I-SPY
also includes a sentence for intentionally accessing a computer with the intent to install unwanted software.
Access Device Fraud Statutes
18 U.S.C. 1029 outlines 10 different offenses under which an offender could violate concerning device fraud.
These offenses include:

Knowingly trafficking in a counterfeit access device

Trafficking the counterfeit access device with the intention to committing fraud

Possessing more than 15 devices with the purpose to defraud

Production/possession/trafficking in equipment to create access devices if the intent is to defraud

Receiving payment from an individual in excess of $1,000 in a one year period who was found using illegal
access devices
Solicitation of another individual with offers to sell illegal access devices
Distributing or possessing an altered telecommunication device for the purpose of obtaining unauthorized
telecommunication services
Production, possession, or trafficking in a scanning receiver
Using or possessing a telecommunication device that has been knowingly altered to provide unauthorized
access to a telecommunication service
Using a credit card which was illegally obtained and used to purchase goods and services

CAN-SPAM Act
The CAN-SPAM Act of 2003 establishes the United States' first national standards for the sending of commercial email and requires the Federal Trade Commission (FTC) to enforce its provisions.
Wire Fraud Statute[
The Wire fraud statute outlined in 18 U.S.C. 1343 applies to crimes committed over different types of electronic
medium such as telephone and network communications.
http://en.wikipedia.org/wiki/Cybercrime_and_countermeasures

Identifying Cyber Vulnerabilities

Todays world is more interconnected than ever before. Yet, for all its advantages, increased connectivity brings increased risk of theft,
fraud, and abuse. As Americans become more reliant on modern technology, we also become more vulnerable to cyber attacks such as
Corporate Security Breaches, Spear Phishing, and Social Media Fraud. Cybersecurity is a shared responsibility, and each of us has a
role to play in making it safer, more secure and resilient.

Collaborating to Enhance Cyber Security

To address the evolving threats and increased risks of cyber crimes, DHS works directly with public and private partners to enhance
cybersecurity. We work to promote cybersecurity awareness and digital literacy amongst all Internet users.
DHS also collaborates with the financial and other critical infrastructure sectors to improve network security. Additionally, DHS
components such as the U.S. Secret Service and U.S. Immigration and Customs Enforcement (ICE), have special divisions dedicated
to combating cyber crime.

Combating Cyber Crime

The Secret Service maintains Electronic Crimes Task Forces (ECTFs), which focus on identifying and locating international cyber
criminals connected to cyber intrusions, bank fraud, data breaches, and other computer-related crimes. The Secret Services Cyber
Intelligence Section has directly contributed to the arrest of transnational cyber criminals responsible for the theft of hundreds of millions
of credit card numbers and the loss of approximately $600 million to financial and retail institutions. The Secret Service also runs the
National Computer Forensic Institute, which provides law enforcement officers, prosecutors, and judges with cyber training and
information to combat cyber crime.
ICEs Cyber Crimes Center (C3) works to prevent cyber crime and solve cyber incidents. From the C3 Cyber Crime Section, ICE
identifies sources for fraudulent identity and immigration documents on the Internet. C3's Child Exploitation Section investigates largescale producers and distributors of child pornography, as well as individuals who travel abroad for the purpose of engaging in sex with
minors.

Law Enforcement Cyber Incident Reporting

The Law Enforcement Cyber Incident Reporting resource provides information for State, Local, Tribal, and Territorial (SLTT) law
enforcement on when, what and how to report a cyber incident to a federal entity. The document also provides information on federally
sponsored training opportunities and other useful resources available to SLTT law enforcement.

https://www.dhs.gov/combat-cyber-crime