TIMELINE: Cybercrime Prevention Act of 2012: A Law 11 Years in the Making

When the controversial Cybercrime Prevention Act of 2012 was passed, there was an impression that
this law was done in haste. But actually, the law was almost 11 years in the making. Here is a timeline of
developments that happened through the years involving the struggles of many in pushing for a
cybercrime legislation.

Year 2000

When the E-Commerce Law (Republic Act 8792) was passed, the Philippines then was considered as one
of the countries with advance legislation in prosecuting cybercrime. As the legislation was only passed
last June 2000, it wasn’t able to prosecute Onel De Guzman who is believed to be the culprit behind the I
Love You Virus as the cybercrime got committed a month prior to the law’s passage.

The I Love You Virus case brought us to the reality of how global cybercrime can be where prosecution
in one country may not be sufficient when majority of victims maybe residing in another location. The
said virus caused damage from US$2 to 5 billion.

Efforts in registering the Philippine Computer Emergency Response Team (PH-CERT) started with the
support of the National Computer Center.

Year 2001 – 2002

Nearly two years after the law’s passage, a growing number of hacking attacks and cybercrimes were
recorded. Most victims do not file a complaint for lack of clarity on how the process works. Law
enforcement was lagging behind due to lack of resources as the law did not specifically provided for it.

In 2001, a Convention on Cybercrime was proposed encouraging countries with cybercrime legislation to
become a signatory. Countries with cybercrime legislation will pave the way for hackers who have
caused havoc to be accountable in countries where he or she has cause damage. As the Philippines did
not have one, it can’t participate in these efforts.

Philippine Computer Emergency Response Team (PH-CERT) was launched at One Internet Day 2001.

However, a Anti-Cybercrime bill (2001) was filed as early as then by former Congressman Eric D. Singson.
In the Senate, Senator Ramon Magsaysay Jr. was also a supporter of the said legislation.

First Internet libel case filed when DotPH CEO Joel Disini sued Fernando Contreras Jr. of Philippine
Domain Authority Convenors. Both parties used electronic documents against each other as evidence in
court. The case was dismissed for lack of evidence.

Year 2003

Another Cybercrime bill was filed in 2003 that is seen as a complement to the E-Commerce Law and
Intellectual Property Code. A growing number of companies are coming out as well announcing cases
they have filed against local scammers and hackers taking advantage of Filipino e-commerce sites. TSSI
in 2003, with the cooperation of authorities, entrapped 3 suspected money remittance service fraudster
who uses stolen credit cards to load money in the service.

With the growing number of crimes, organizations such as the Philippine Computer Emergency
Response Team (PH-CERT) took on the advocacy of pushing for the passage of a Cybercrime legislation.

Year 2004

The growth of home-based workers and BPO industries further strengthen the need for a Cybercrime
Law as it is seen a factor in contributing to the future growth of this sector. This is important as investors
have a lot of choices in the region and having an efficient cybercrime legislation is seen as critical.
Although most legislations around the world are local in application by nature.

Year 2005

First cybercrime conviction happened with JJ Maria Giner convicted under the E-Commerce Law for
hacking the government’s .gov.ph site. (Criminal Case No. 419672-CR filed at Branch 14 of the
Metropolitan Trial Court of Manila under Judge Rosalyn Mislos-Loja)

On its 10th revision, the Cybercrime Prevention Bill was revised and covered cellphone transactions and
anti-spam measures. The International Intellectual Property Alliance saw the Cybercrime bill as an
important measure in fighting copyright piracy on the Internet.

Data Privacy legislation need became evident this year for outsourcing competitiveness.

Year 2006 - In 2006, the enactment of a cybercrime legislation was also included in the country’s ICT
roadmap.

Year 2007

The CICT took a proactive role in advocating for various laws such as the Cybercrime Bill. Various groups
also participated in hearings and consultation on various ICT policies.

Growth in cybersex and child trafficking rings were noted. Worries that not having a Cybercrime Law will
make the Philippines a haven for individuals engage in various cybercrime. The DOJ believes that the
proposed law should not duplicate other laws to avoid giving an escape clause for offenders.

Interest surge for a law also happened this year when the site Boy Bastos got Senator Loren Legarda’s
attention as it linked to porn and sex scandal videos. He was caught but was later released for lack of law
covering cyber-pornography.

An International Conference on Cybercrime took place this year that paved the way for a consolidated
Cybercrime bill. Internet piracy provisions were also considered.

Efforts to form a Government Security Incident Response Team (GSIRT) started. However, as in the past
years, cybercrime legislation was observed to be of low priority.
Year 2008

As the years and technology has evolved, the E-Commerce Law was deemed lacking in prosecuting a
growing number of forms of cybercrime as technologies evolve. The lack of a law also unable the
country to participate in conventions that intends to facilitate mutual cooperation.

It was noted 87% of emails Filipino received this year were spam.

Law enforcement was also becoming impatient as much is expected from them but the lack of law is
preventing them from making progress. Although investigation methodology improvements were being
made continuously.

CICT proceeded in endorsing its Cybercrime Bill versions.

Senator Manny Villar also filed his version of Anti-Cybercrime Act. Former Congressman Joseph Santiago
also has counterpart Cybercrime bills.

The first case filed this year involved stealing of company secrets.

First public key infrastructure seminar also happened this year which done to support plans for a
National Public Key Infrastructure.

Guidelines for Habeas Data came out this year.

Year 2009

Need for a Cybercrime bill got a renewed boost this year when the Katrina Hall and Hayden Kho sex
scandal went viral as it involves computer theft and unauthorized access to information that got posted
online.

CICT formed its own cybercrime unit.

Senator Antonio Trillianes IV filed his version of Cybercrime Bill.

Committee report on the Cybercrime Bill (report #770 resulting to Senate Bill 3553) were referred to the
Committee on Rules this year. House Bill 6794 got approved. Legislators exerted effort to fast track it.

Atty. Geronimo Sy sees constant advocacy as key to push for legislation passage.

Year 2010 - In 2010, Norton reported that 9 out of 10 Filipinos are victims of various forms of cybercrime
ranging from hacking attacks to online scams.

PH-CERT also renewed calls for the passage of Cybercrime Bill.

It was passed at the House of Representatives but got stalled in the Senate due to the election season.

Year 2011 - Committee Report on Cybercrime Bill was submitted to the House of Representatives.