UNIT 10 Flashcards
On the year 2000 a Filipino named Onel De Guzman created a worm that sent messages
through email with an attachment: “LOVE-LETTER-FORYOU.txt.vbs”
When the attachment is opened, the file activates a code that sends an instruction to
forward the same email to all the contacts of the user
● The worm spread to e-mail accounts across the globe – including US and Europe –
overwhelming the email systems of private and government organizations causing them
to shut down resulting to estimated damages worth millions of USD
● This prompted the FBI to identify the source of the worm, which was then traced back to
the Philippines
The I LOVE YOU Worm
Onel De Guzman was eventually arrested by the Philippine government at the request of
the FBI but was released shortly afterwards because there was NO pre-existing Philippine
laws that he violated
The I LOVE YOU Worm
AN ACT PROVIDING FOR THE
RECOGNITION AND USE OF ELECTRONIC TRANSACTIONS AND DOCUMENTS,
PENALTIES FOR UNLAWFUL USE THEREOF AND OTHER PURPOSES.
NOTE: was used to define certain illegal activities concerning the use of various
devices in an effort to provide a legal provision to deter future actions similar to what
Onel De Guzman did
Republic Act 8792: Philippine E-Commerce Act Of 2000
Section 6. LEGAL RECOGNITION OF DATA MESSAGES
Republic Act 8792: Philippine E-Commerce Act Of 2000
text messages, e-mails, or any other similar modes of
communication done through electronic means [including unaltered screenshots] has the
same legal validity as physical messages
ELECTRONIC DATA MESSAGES
Section 7. LEGAL RECOGNITION OF ELECTRONIC DOCUMENTS
Republic Act 8792: Philippine E-Commerce Act Of 2000
shall have the legal effect, validity or enforceability as any other
document or legal writing.
NOTE: This provision gives softcopy of authentic documents the same legal validity as physical
documents
ELECTRONIC DOCUMENTS
Section 8. LEGAL RECOGNITION OF ELECTRONIC SIGNATURES
Republic Act 8792: Philippine E-Commerce Act Of 2000
An _____ on the electronic document shall be equivalent to the signature
of a person on a written document
ELECTRONIC SIGNATURE
Section 33. PENALTIES
The following acts shall be penalized by fine and/or imprisonment:
Republic Act 8792: Philippine E-Commerce Act Of 2000
● Unauthorized access into a computer system/server or information and communication
system
● Any access with the intent to corrupt, alter, steal, or destroy using a computer or computer
system without the knowledge and consent of the owner of the system
HACKING/CRACKING
Section 33. PENALTIES
Republic Act 8792: Philippine E-Commerce Act Of 2000
● Unauthorized copying, reproduction, storage, uploading, downloading, communication, or
broadcasting of protected material [..] through the use of telecommunication networks,
e.g. the Internet, in a manner that infringes intellectual property
PIRACY
Section 33. PENALTIES
Violations against R.A. 7394: The Consumer Act Of The Philippines
● R.A. 7394 was enacted primarily to protect the consumers …
… against hazards to health and safety, and
… against deceptive, unfair and unconscionable sales acts and practices.
Republic Act 8792: Philippine E-Commerce Act Of 2000
NOTE:
● Penalty for HACKING/CRACKING and PIRACY:
▪ Pay a fine amounting to a minimum of one hundred thousand pesos (PhP 100,000) and a
maximum that is commensurate to the damage incurred and …
▪ Mandatory imprisonment of 6 months to 3 years.
● Penalty for violations against R.A. 7394 will be the same penalties as provided by same law which
is to pay a fine of PhP 20,000 to PhP 2000,000 and/or imprisonment of 3 to 6 years
Republic Act 8792: Philippine E-Commerce Act Of 2000
Does connecting to an open WIFI network (e.g. WIFI with no password), without the consent
of the network owner, constitute a violation of RA 8792?
NO! By merely accessing it, there is no clear intent to “corrupt, alter, steal or destroy”
is an act that adopts sufficient powers to effectively prevent and combat cybercrime
offenses by facilitating their detection, investigation, and prosecution at both the domestic and
international levels
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
defines ____ as a crime committed with or through the use of information and
communication technologies such as radio, television, cellular phone, computer and network, and
other communication device or application
CYBERCRIME
Section 4. CYBERCRIME OFFENSES
The following acts constitute the offense of cybercrime punishable under this Act
(a) OFFENSES against the CONFIDENTIALITY, INTEGRITY and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS;
(b) COMPUTER-RELATED OFFENSES; and
(c) CONTENT-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The access to the whole or any part of a computer system without right.
NOTE:
● “access” is the instruction, communication with, storing/retrieving data from or use of
any resources of a computer system of network
● “without right” means having no consent from the owner of the computer system
ILLEGAL ACCESS
Does connecting to an open WIFI network (e.g. WIFI with no password), without the
consent of the network owner, constitute a violation of RA 8792?
NO! By merely accessing it, there is no clear intent to “corrupt, alter, steal or
destroy”
Does connecting to an open WIFI network (e.g. WIFI with no password), without the
consent of the network owner, constitute a violation of RA 10175?
YES! Illegal access is to “make use of any resources” without right (consent)
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The interception […] of computer data to, from, or within a computer system.
NOTE:
● Interception is listening to, recording, monitoring or surveillance of the content of
communications through the use of electronic eavesdropping or tapping devices at the same
time that the communication is occurring
ILLEGAL INTERCEPTION
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The intentional or reckless alteration, damaging, deletion or deterioration of computer
data, electronic document or electronic data message without right – including the
introduction or transmission of viruses
DATA INTERFERENCE
Consider the following situation:
A friend sent you a file on a flash drive infected with a virus
Both of you is not aware that the flash drive is infected
After you insert the flash drive in your computer, your computer get infected
and you lost your documents
Is your friend liable for any violation on RA 10175?
YES! Data interference includes “the intentional or reckless alteration, damaging,
deletion
or deterioration of computer data” – even if your friend has no malicious intent it is
still considered as “recklessness” in his/her part causing you to lose your file
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The intentional alteration or reckless hindering or interference with the functioning of a
computer or computer network by inputting, transmitting, damaging, deleting,
deteriorating, altering or suppressing computer data or program, electronic document,
or electronic data message, without right or authority, including the introduction or
transmission of viruses
SYSTEM INTERFERENCE
Consider the same situation in the previous example:
A friend sent you a file on a flash drive infected with a virus
Both of you is not aware that the flash drive is infected
After you insert the flash drive in your computer, your computer get infected
and you lost all your files and the whole computer system went into error
Is your friend liable for any violation on RA 10175?
YES! Although it may be unintentional, data interference and system interference
was committed
SYSTEM INTERFERENCE EXAMPLE:
Refers to software programs and malware components developed to take over a
computer’s resources and use them for cryptocurrency mining without the user’s explicit
permission
CRYPTOJACKING or CRYPTOMINING MALWARE
SYSTEM INTERFERENCE EXAMPLE:
When you download through torrent sites like “thepiratebay”, you basically give them the
authority to use your computer’s CPU to “mine” cryptocurrencies – the reason why
downloading a lot of torrent file can cause your computer to heat up
CRYPTOJACKING or CRYPTOMINING MALWARE
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The unauthorized use, production, sale, procurement, distribution or otherwise making
available of:
i. A device designed for committing any offenses under this Act
ii. A computer password, access code, or similar data by which […] a computer
system is […] accessed with the intent of committing any offenses under this act
MISUSE OF DEVICE (SKIMMING DEVICES and KEYLOGGERS)
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The acquisition of a domain name on the internet in bad faith to profit, mislead, destroy
reputation, and deprive others from registering the same
CYBER-SQUATTING
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
the domain name that was acquired is:
i. Similar, identical or confusingly similar to an existing government-registered
trademark;
ii. In case of a personal name, identical or in any way similar with the name of a
person other than the registrant; and
iii. Acquired without right or with intellectual property interests in it
CYBER-SQUATTING
SECTION 4 (a) OFFENSES against the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY (CIA) of
COMPUTER DATA and COMPUTER SYSTEMS
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
In January 2004, Mike Rowe was a grade 12 student who operated a profitable web
design business as a part time job.
He registered the website with the domain name MikeRoweSoft.com
Lawyers from Microsoft asked him to stop using the website and Mike Rowe complied
after an undisclosed settlement with the company
CYBER-SQUATTING
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The input, alteration, or deletion of any computer data without right resulting in
inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic
Computer-related FORGERY
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The act of knowingly using computer data which is the product of computer-related
forgery for the purpose of perpetuating a fraudulent or dishonest design
Computer-related FORGERY
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
Hacking into the SLU Student Portal to change your grade from 65 to 95
Since NO MONETARY VALUE is involved, this is considered as “—” and not “fraud”
COMPUTER-RELATED FORGERY
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The unauthorized input, alteration, or deletion of computer data or program or
interference in the functioning of a computer system, causing damage thereby with
fraudulent intent
Computer-related FRAUD
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The ONLY difference between forgery and fraud is if the damage incurred has a ____
monetary value
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
Hacking into a bank’s database and changing your account balance from PhP 500 to PhP
5,000
Asking people to send you a “prepaid load” by pretending to be a “relative from abroad”
Computer-related FRAUD
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
The intentional acquisition, use, misuse, transfer, possession, alteration or deletion of
identifying information belonging to another [person] without right
Computer-related IDENTITY THEFT
SECTION 4 (b) COMPUTER-RELATED OFFENSES
REPUBLIC ACT 10175: CYBERCRIME PREVENTION ACT OF 2012
Those fake social media accounts that has a user profile that contains “identifying
information” – like picture or name – belonging to another person with the intention of using
it for malicious purposes, such as pretending to be the actual person even if it is not
Computer-related IDENTITY THEFT
Assume that two individuals, who happen to be real-life partners, gave their consent to
each other to record their sexual act.
Is this a case of cybersex?
NO! Since both parties consented and even if these acts are publicly denounced, they
do NOT constitute to cybersex since the act is NOT done for “any favour or
consideration” and without the element of “engagement in business”
SECTION 4 (c) CONTENT-RELATED OFFENSES
● The unlawful or prohibited acts defined and punishable by R.A. 9775: The Anti-Child
Pornography Act of 2009 committed through a computer system
● This includes any representation – whether visual or audio – by electronic or any other
means of a child engaged or involved in real or simulated explicit sexual activities
CHILD PORNOGRAPHY
SECTION 4 (c) CONTENT-RELATED OFFENSES
Are “hentai” clips – sexually explicit Japanese comics or anime – considered as a
violation of this law?
NO … unless the hentai clip itself contains a character which is explicit identified as a
minor. If so, the said material is prohibited and the creator/distributor of the said
material are liable for violation of this law.
SECTION 4 (c) CONTENT-RELATED OFFENSES
is the public and malicious imputation of a crime – real or imaginary – or any act,
omission, condition, status or circumstance tending to cause the dishonor, discredit, or
contempt of a […] person, or to blacken the memory of the dead
(ONLINE) LIBEL
SECTION 4 (c) CONTENT-RELATED OFFENSES
FOUR ELEMENTS OF LIBEL
a discreditable act or condition concerning another;
Allegations
SECTION 4 (c) CONTENT-RELATED OFFENSES
FOUR ELEMENTS OF LIBEL
___ of the charge
Publication
SECTION 4 (c) CONTENT-RELATED OFFENSES
FOUR ELEMENTS OF LIBEL
The person being ___ is clearly identified; and
defamed
SECTION 4 (c) CONTENT-RELATED OFFENSES
FOUR ELEMENTS OF LIBEL
Existence of
Malice
Assume that someone posted this unfounded claim on social media:
“HOY! MARIA DAVID! MAGNANAKAW KA! KAYONG DALAWANG
“NANAY MO! MGA MAGNANAKAW! IBALIK NIYO YUNG MILYUN-
“MILYONG PERA NA NINAKAW NIYO!”
Did the person who posted commit online libel?
YES! All the FOUR ELEMENTS OF LIBEL is present!
a. FALSE ALLEGATION: MAGNANAKAW KA! KAYONG DALAWA NG NANAY MO!
b. PUBLICATION: Allegation was posted on social media
c. PERSON DEFAMED is IDENTIFIED: Maria David and her mother
d. EXISTENCE OF MALICE: Even though unfounded, the post was published
nonetheless
“HOY! MARIA DAVID! MAGNANAKAW KA! KAYONG DALAWANG
“NANAY MO! MGA MAGNANAKAW! IBALIK NIYO YUNG MILYUN-
“MILYONG PERA NA NINAKAW NIYO!”
If you LIKED/REACTED to the post above, are you liable?
NO! LIKING or REACTING may be a sign of approval to the said post but NO
STATEMENT was mentioned – none of the FOUR ELEMENTS OF LIBEL is present!