RULES ON CYBERCRIME WARRANTS

Pursuant to Section 5 (5), Article VIII of the 1987 Constitution, the Supreme Court is vested with
the power to promulgate rules concerning the pleading, practice, and procedure in all courts.

Thus, in order to complement the state policy leading to the enactment of RA 10175, the Supreme
Court, having in mind the necessity to provide rules for the detection, investigation, and
prosecution of cybercrime offenses, especially for the application, issuance, and implementation
of court warrants technically-suited to the nature of cybercrime offenses, promulgated A. M. No.
17-11-03-SC, otherwise known as the Rule on Cybercrime Warrants, approved on July 3, 2018
and made effective on August 15, 2018.

The purpose of this rule is not to replace the existing Rules of Criminal Procedure but to expand
the same. The provisions of which shall remain to govern the preliminary investigation as well as
all stages of prosecution of criminal actions that involves any violations of RA 10175.

This Rule sets forth the procedure for the application and grant of warrants and related orders
involving the preservation, disclosure, interception, search, seizure, and/or examination, as well as
the custody, and destruction of computer data, as provided under Republic Act No. 10175

The Cybercrime Prevention law also includes all crimes specified and penalized by the Revised
Penal Code and violations of special laws perpetrated by, through and with the use of electronic
means in transmitting, collecting and disseminating data.

Remedies provided under existing procedural rules shall, whenever applicable, be made available
to any party who seeks relief against any of the orders provided under this Rule.

The Rule on Cybercrime Warrants also provides the forms of four types of warrants which are:
 Warrant to Disclose Computer Data (WDCD): An order to disclose and accordingly,
require any person or service provider to disclose or submit subscriber’s information,
traffic data, or relevant data in his/her controversial or is possession or control.
 Warrant to Intercept Computer Data (WICD): An order authorizing law enforcement
authorities to carry out any or all of the following activities: (a) listening to, (b) recording,
(c) monitoring, or (d) surveillance of the content of communications, including procuring
of the content of computer data, either directly, through access and use of a computer
system or indirectly, through the use of electronic eavesdropping or tapping devices, at the
same time that the communication is occurring
 Warrant to Search, Seize and Examine Computer Data (WSSECD): An order authorizing
law enforcement authorities to search a particular place for items to be seized and/or
examined
 Warrant to Examine Computer Data (WECD): This is a requirement by the law
enforcement authorities before searching the computer system of the lawfully arrested
person/s in order to gain forensic examination of latter’s computer data
PRESERVATION ORDER - An order requiring a service provider to keep, retain and preserve:
 The integrity of traffic data and subscriber’s information for a minimum period of six (6)
months from the date of transaction.
 Content data shall be preserved for six (6) months from the date of receipt of the order from
law enforcement authorities requiring its preservation.

DESTRUCTION ORDER / RETURN ORDER

 An order requiring the complete or partial destruction, or the return to its lawful owner or
possessor, of the computer data or any related items turned over to the court’s custody

How long are cybercrime warrants valid?

Cybercrime warrants are valid for the length of time as determined by the court, which shall not
exceed 10 days from its issuance. Extendible, based on justifiable, for not more than 10 days from
the expiration of the original period. This is provided under Section 2.5 of the Rule on Cybercrime
Warrants.

Moreover, under Section 4.1 of the Rules on Cybercrime Warrants, law enforcement authorities,
upon securing Warrant to Disclose Computer Data, shall issue an order requiring any person or
service provider to disclose or submit subscriber’s information, traffic data or relevant data in
his/her or its possession or control within seventy-two (72) hours from receipt of the order in
relation to a valid complaint officially docketed and assigned for investigation and the disclosure
is necessary and relevant for the purpose of investigation.

Thus, the law enforcer should be able to execute the warrant within 10 days otherwise the warrant
will be void if executed beyond the period provided by the law.

It is important to remember that only judges have the authority to issue warrants since this is
provided in our Constitution. The application for warrant can be filed before any of the cybercrime
courts designated by law where the offense or the elements of which has been committed or the
location of any part of the computer system used or the place where the damage to a natural or
juridical person arises. Cybercime courts in Quezon City, the City of Manila, Makati City, Pasig
City, Cebu City, Iloilo City, Davao City and Cagayan de Oro City shall have the special authority
to act on applications and issue warrants which shall be enforceable nationwide and outside the
Philippines.

Considering that cybercrime may be committed anywhere and may have an effect on different
jurisdictions, the Rule on Cybercrime Warrants also prescribes for its rules in extraterritorial
enforcement. Such warrants that shall be served outside the Philippine jurisdiction shall be pursued
through the Office of Cybercrime under the Department of Justice.