Frozen cybercrime law: Deterrent or nuisance?
MANILA, Philippines – Is the highly-debated Cybercrime Prevention Act of 2012 a deterrent against cyber crimes or simply a nuisance? If we go by the numbers, the National Bureau of Investigation (NBI) would like to believe that the frozen law has served as a deterrence.
Data from the NBI’s Cybercrime Division showed that in the first half of 2012, the country’s main investigative agency received and handled a total of 332 cyber-related crime cases. This was before both houses of Congress passed their respective versions of the measure in June.
The figure dwindled to 145 cases from July to November of 2012, at the height of public debates and discussions on the controversial measure. President Benigno Aquino III signed the measure into law last September, but the Supreme Court has stopped its implementation "until further orders from the court.”
NBI Cybercrime Division assistant head Vic Lorenzo told Rappler that based on the figures alone, the frozen cybercrime law has a "deterrence" effect on the commission of cyber-related crimes.
“On the prevention aspect, the law has impact," Lorenzo said.
From January to June 2012, the NBI investigated the following cyber crimes: estafa/fraud, libel (92 cases) , libel (73 cases ), Internet scam (46 cases), hacking (28 cases), and anti-voyeurism (23 cases).
From July to November 2012, the numbers declined across the board, with only 43 cases for estafa, 23 cases for libel, 21 cases for Internet scam, 12 cases for hacking and 9 cases on anti-voyeurism.
Out of the 477 total cases from January to November, only 13 cases were recommended for prosecution. The rest were either closed or terminated for lack of leads or evidence, Lorenzo said.
Effect on law enforcement
Various groups such as media agencies, NGOs, and human rights organizations have criticized the law now in limbo for a number of reasons, among which are the take-down clause which empowers the Department of Justice to demand the removal of content without any court order, and the upgrading of the penalty of libel from 6 months to 4 years to 6 years to 12 years.
Lorenzo acknowledged that many cyber-related crimes can be prosecuted without the cybercrime law, because of existing laws. These include the Electronic Commerce Act, RA 9995 or the Anti-Voyeurism Act, RA 8484 or the Access Device Law, and RA 9262 or the Anti-Violence Against Women and Their Children Act.
Those engaged in identity theft, obscene publication, online child pornography, extortion through Internet, malicious email, internet scam and other cyber-related crimes can be charged using these laws. “Even without the cybercrime law, we can go after the violators,” he said.
The added value that the Cybercrime Prevention Act provides, according to Lorenzo, is the provision which compels telecommunication companies or service providers to produce traffic data on the offending online content, and preserve or store traffic data for at least 6 months.
The law authorizes the police and the NBI to collect traffic data from service providers "in real time associated with specified communications…” It mandates service providers “to cooperate and assist law enforcement authorities in the collection and the recording..”
Without the law, Lorenzo said law enforcers merely bank on the goodwill and cooperation of service providers and telecommunication companies. “At present, we cannot compel them to provide us with the traffic data. And some of these telecommunication companies do not cooperate, citing confidentiality, he added. “We rely on off-line relationships with the personnel of the companies.”
With traffic data, it would easier for law enforcement agencies to zero in on the computer used by the violator or the Internet shop where the violator uploaded the offending content, Lorenzo said. As for confidentiality issues, there is nothing to fear since the law only requires the communications’ origin, date, size and route but not content data which may reveal the identities of subscribers, he said.
Various petitioners against the cybercrime law, however, have argued before the Supreme Court that the collection of traffic data violates basic rights.
Lorenzo said it is logical for telecommunication firms to oppose the controversial law since the storage of data entails cost. “It is, after all, a business and they are driven by income.”
Crime of the future
How essential is the law on cybercrime on law enforcement?
In some of the cases, Lorenzo said they are forced to terminate investigation for lack of evidence or leads leading to the identification of the perpetrator. Without traffic data, it is like finding a needle in a haystack, according to Lorenzo.
But sometimes the NBI is able to crack a case using old and reliable techniques. One case involved an extortion pulled off by an Internet shop owner on a female victim. Apparently, the Internet owner was able to hack the email address of the victim and download some suggestive photos. Threatening to upload the incriminating photos on the Internet, the suspect extorted P100,000 from the victim. After a few weeks, the suspect sought for more money. This prompted the victim to seek NBI help for an entrapment.
With expanding Internet usage, Lorenzo said more and more crimes are now related to the use of technology.
NBI agents however concede that they are also able to solve crimes with the help of the Internet.
“Cybercrime is the crime of the future. There are only few crimes – like murder – that (do) not involve the use of Internet. But the Internet can also be a source of forensic lead for murder for instance. You can monitor emails and online communication,” he explained. – Rappler.com