Even cops confused over cybercrime law

Police investigators say they're waiting for the law's implementing rules and regulations because 'we really do have a lot of questions'

Published 2:53 PM, September 25, 2012
Updated 11:33 AM, September 27, 2012

MANILA, Philippines - Even police investigators have questions on the new cybercrime law, particularly Section 19 and its provision on libel.

Section 19 of the Cybercrime Prevention Act states that the Department of Justice (DOJ) can restrict or block access to computer data that is "prima facie" found to be in violation of the law.

But Director Samuel Pagdilao Jr, head of the Philippine National Police-Criminal Investigation and Detection Group (CIDG), said this needs further clarification. "This one needs further detail through an IRR (implementing rules and regulation). That's what we're waiting for because honestly we really do have a lot of questions," he said during a media forum on Tuesday, September 25.

For example, he said, does the authority to restrict or block access to computer data lie solely in the hands of the DOJ? If this is the case, what will be the role of police investigators in implementing this particular section of the law?

"And then the prima facie. Because when you say prima facie, it's already in the level of the prosecutor and there's already probable cause to file the case," he said.

The law, signed last September 12, has been criticized by lawyers, journalists and media organizations. JJ Disini, who teaches at the University of the Philippines College of Law, said the law creates an all-powerful DOJ Secretary.

Pagdilao also described the libel provision of the law as "too broad." He explained: "Because of the questions and concerns raised, we have to find more details to clarify (and) to sufficiently guide everybody. The ones that are tasked to draft the IRR would [have] to [clarify] details so these can amply guide the investigators, police, law enforcement," he

Section 12 of the law also states: "Law enforcement authorities, with due cause, shall be authorized to collect or record by technical or electronic means traffic data in real time associated with specified communications transmitted by means of a computer system."


The CIDG gave assurances they would only implement this based on an existing complaint or if there is strong evidence to warrant the gathering of traffic data such as hacking or acts of terrorism.

"We will be monitoring the movement of an IP address, how it was able to intrude into a system but not the content," said Sr. Insp. Roberto Reyes, forensic investigator of the CIDG's Anti-Transnational and Cyber Crime Division.

Thus despite some questions, Pagdilao welcomed the new law, saying it would help the police in the campaign against hacking, identity theft and pornography.

"That's the beauty of this new law. Under Section 13, it is the duty or obligation of service providers to preserve computer data for six months. Even if we don't monitor it and somebody comes to us to complain, the data is preserved. If we investigate, we can actually ask for the preservation of that data for six months and another six
months extension," Pagdilao said.

CIDG data showed that common cybercrime-related complaints filed with the unit are scams, identity theft, libel, threats to social media, hacking and child pornograpy. Cases of voyeurism have also been on the rise, according to records.

The CIDG has 6 forensic labs capable of conducting cybercrime incident response such as cellphone forensic exam, audio-video forensic exam, computer network logs and stenography analysis. These are manned by persons trained here and abroad consisting of 6 case forensic examiners, 12 cellphone forensic examiners, 11 Microsoft-certified engineers and five trained computer hacking forensics experts. - Rappler.com