Cyber

INTRODUCTION TO
CYBERCRIME WITH
ENVIRONMENTAL LAWS
& PROTECTION
CLINT MICHAEL G. RAYMUNDO, RCRIM
WHAT IS CYBERCRIME?
• Cybercrime is a criminal activity that either targets or uses a
computer, a computer network, or a networked device.
• Cybercrime is carried out by individuals or organizations. Some

cybercriminals are organized, use advanced techniques & are highly
technically skilled. Others are novice hackers.
• Rarely, does cybercrime aims to damage computers for reasons

other than profit. These could be political or personal.
OVERVIEW OF CYBERCRIME
• Cybercrime is one of the fastest-growing non-violent crimes in
the Asian region. It takes a great deal of technical expertise & co-
operation, both local & foreign, in order to address such problems
• It threatens the governments and the public upon the information

infrastructure to conduct business, carries messages, & process
information.
TYPES OF CYBERCRIME
Here are some specific examples of the different types of cybercrime:
Internet fraud – Is a cybercrime fraud or deception which make use of
the internet by tricking the victim to divulge sensitive information out of
profit or other consideration.
• Identity fraud - someone uses another person's personal identifying

information, like their name, identifying number, or credit card number,
without their permission, to commit fraud or other crimes.
TYPES OF CYBERCRIME
• Theft of financial or card payment data - unauthorized access to
your financial card(s) or account information through theft (home,
auto, wallet/purse, mail), by hacking your online account, or through
a data breach involving your account information.
• Cyber Extortion - the act of cyber-criminals demanding payment

through the use of or threat of some form of malicious activity against
a victim, such as data compromise or denial of service attack.
TYPES OF CYBERCRIME
• Cyber Espionage- the use of computer networks to gain illicit
access to confidential information, typically that held by a
government or other organization.
• Phishing - is when spam emails, or other forms of communication, are
sent en masse, with the intention of tricking recipients into doing
something that undermines their security or the security of the
organization they work for
A famous example of a phishing scam from 2018 was one that took
place during the World Cup.
MOST CYBERCRIME FALLS UNDER
TWO MAIN CATEGORIES:
• Criminal activity that targets
• Criminal activity that uses computers to commit other crimes.
• Cybercrime that targets

computers often involves viruses & other types of malware.
• Cybercriminals may infect computers
with viruses & malware to damage devices or stop them working.
They may also use malware to delete or steal data.
PHILIPPINE SITUATION
The public is aware of the importance of legislation that supports police efforts
against computer crimes. Onel de Guzman, the Philippine dropout who, in
August 2000, created & unleashed a remarkably dangerous computer virus
called “I LOVE YOU”, cost several companies, governments, & citizens billions
of US dollars in damages. (First global computer virus)
In August of the same year, charges against him in our country were
dismissed, mainly because we had not yet passed legislation addressing the
crimes he had committed. The public around the world is justifiably outraged.
• The “I LOVE YOU” Computer Virus (Lovebug virus/ Love
letter virus)
• The virus was received in email inboxes in Hong Kong on 4 May 2000, with
the subject “I LOVE YOU” & an attachment “LOVE-LETTER-FOR-
YOU.TXT.vbs.”
• It erases or blurs the graphics & data in the computer & sends the same
email to all contacts listed in that directory.
• Arrest of the Suspect: An international manhunt was conducted; the
investigators traced the origin of the virus to its creator, a
programming student at the AMA Computer University in Manila.
• When arrested (11 May 2000), the suspect apologized to the public &
said he had no intention of causing such great harm. Government
prosecutors filed cases against him, but even at the first stage, the
indictment was dismissed as there was no law penalizing the act
at the time 2000 in the Philippines (nullum crimen, sine lege).
PHILIPPINE CONGRESS’ RESPONSE
• PC enacted RA 8792, otherwise known as the “Electronic Commerce
Act of 2000”.
• Supreme Court drafted the Rules on Electronic Evidence, the
admissibility of evidence in electronic form, subject to its authenticity &
reliability. This restriction intends to safeguard against accepting evidence
of doubtful character.
• Department of Justice (DOJ) created the Task Force on E-Government,
Cyber-security & Cybercrime in 2007 to deal with cyber-security issues
in relation to legislation & investigation.
REPORTING OF CYBERCRIME
INCIDENTS
Who may file?
A. Private individuals:
• Minors
• Of legal age
INCIDENTS
Who may file?
B. Juridical entities
Private institutions
Government agencies
Quasi-public
INCIDENTS
WHO MAY FILE?
C. Enforcement agencies
Philippine National Police
National Bureau of Investigation
Office of the Cybercrime
BASIC COMPONENTS & FUNCTION OF
DIGITAL DEVICES & DEFINITION OF
COMPUTER TERMINOLOGY
DIGITAL DEVICES-
• A digital device processes electronic signals that represent either a one
“on” or a zero “off”.
• The “on” state is represented by the presence of an electronic signal;
• the “off” state is represented by the absence of an electronic signal.
BASIC COMPONENTS & FUNCTION OF DIGITAL
DEVICES & DEFINITION OF COMPUTER
TERMINOLOGY
PROCESSING DATA: THE CPU- The CPU can be thought of as

the “brain” of the device. The CPU carries out the commands
sent to it by the software & returns results to be acted upon.
TERMINOLOGY
MOTHERBOARD- The motherboard is the main circuit board on
the computer. The CPU, memory, & storage components,
among other things, all connect to the motherboard.
The motherboard provides much of the “bus of the computer”

TERMINOLOGY
RANDOM-ACCESS
MEMORY(RAM)-
When a computer starts up, it
begins to load information from the
hard disk.
It’s working memory. Any program
that you are running on the
computer is loaded into RAM for
processing.
TERMINOLOGY
• HARD DISK- HD is where data is stored when the computer is turned
off & where it is retrieved from when the computer is turned on.
TERMINOLOGY
• REMOVABLE MEDIA (RM)- allows you to take your data with you &
just as with all other digital technologies.
TERMINOLOGY
• INPUT & OUTPUT- The computer

must have channels for receiving
input from the user & channels for
delivering output to the user.
• These input & output devices

connect to the computer via
various connection ports, which
generally are part of the
motherboard & are accessible
outside the computer case.
BASIC COMPONENTS & FUNCTION OF
DIGITAL DEVICES & DEFINITION OF
COMPUTER TERMINOLOGY
OTHER COMPUTING DEVICES
• PORTABLE COMPUTERS
• SMARTPHONES
• TABLET COMPUTERS
COMPONENTS OF COMPUTER SYSTEM
(THE COMPUTER & THE INTERNET)
COMPUTER SYSTEM- This is a collection of entities (hardware, software &
livewire) that are designed to receive, process, manage & present information in a
meaningful format.
• Computer hardware – These are physical parts of a computer. e.g. Input

devices, output devices, central processing units & storage devices
• Computer software - aka programs or applications. They are classified into two
classes namely - system software & application software
• Liveware - is the computer user. Aka orgware or humanware. The user

commands the computer system to execute on instructions.
WHAT IS THE INTERNET?
Simply called “Net”
Is a medium that connects different computers altogether & makes

sure that the connection is eternal.
THE HACKER, HACKING TACTICS & THE VICTIM
What is Hacking?
Hacking is the activity of identifying weaknesses in a computer
system or a network to exploit the security to gain access to
personal data or business data.
Hacking is nothing but being able to access a system or an

application that you are not supposed to have access to. In
simple terms, hacking can be referred to as gaining
unauthorized access.
THE HACKER, HACKING TACTICS & THE VICTIM
Who is a Hacker?
A hacker is any person who uses computer
programming or technical skills to solve a
challenge or problem.
As it goes there is a good side & a bad side, there
are also people who fall somewhere in between.
TYPES OF HACKERS
• White Hat Hacker – They are the hackers referred to as

security professionals.
• Black Hat Hacker – They are one type of hacker who

uses the knowledge for malicious purposes.
• Grey Hat Hacker – They are the type of hacker who acts
as both the white Hat Hacker & the Black Hat Hacker
TYPES OF HACKERS
• Script Kiddie – They are someone who doesn’t have
the experience or lack knowledge
• Elite Hacker – They are someone who has sufficient

knowledge of how the exploit takes place.
• Green Hat Hackers - Green hat hackers are types of

hackers who’re learning the ropes of hacking.
TYPES OF HACKERS
• Blue Hat Hackers - Blue Hat Hackers are types of hackers
who’re similar to Script Kiddies. The intent to learn is
missing.
• Red Hat Hackers - are synonymous with Eagle-Eyed

Hackers. Similar to a white hat hacker but ruthless.
• State/Nation Sponsored Hackers - Government appoints

hackers to gain information about other countries.
TYPES OF HACKERS
• Hacktivist - These types of hackers intend to hack
government websites
• Malicious insider or Whistleblower - These types of

hackers include individuals working in an organization who
can expose confidential information.
• Ethical Hacker – Ethical hackers are those who are hired &
are given permission to attack the system.
PHASES OF ETHICAL HACKING (6)
1. Reconnaissance - Reconnaissance is the process of gathering
information. The information like the network range, number of
active devices, discovering the open ports & access points, etc.
Reconnaissance is of two types.
They are:
• a. Active Reconnaissance: the hacker directly interacts with
the target system to gain information.
• b. Passive Reconnaissance: the information is gathered
without interacting with the target system.
2. Scanning: the hacker tries to exploit all the vulnerabilities of
the target system.
3. Gaining Access: the hacker tries to access the target system

using the vulnerabilities that were exploited in the scanning
phase without raising any alarms.
4. Maintaining Access: one of the most important phases of Ethical
Hacking. Here, the hackers install various backdoors & payloads
onto the target system.
• The payload- term that is used for describing the activities that are
performed on a system after gaining unauthorized access.
• Backdoors help the hacker gain quicker access to the target system
in the future.
5. Clearing Tracks -an unethical phase. The hacker tries to delete
all the logs of the activities that take place during the hacking
process.
6. Reporting - Reporting is the last phase of Ethical hacking. Here,

the ethical hacker has to provide a report with all his findings, the
tools used & various vulnerabilities exploited
TYPES OF HACKING
1. Website Hacking- can be defined as a way of taking
unauthorized control over a website & its related software such as
databases & other interfaces.
2. Network Hacking- is a way of gathering all the critical

information about a network with an intent to harm the network &
block its operations.
3. Email Hacking- is a way of gaining unauthorized access to an

email account to spoof all the emails & send emails containing
spam links & third-party threats.
TYPES OF HACKING
4. Password Hacking- this is a way of recovering secret
passwords that are stored in a database or transferred over a
network.
5. Computer Hacking- is a way of gaining unauthorized access

to a computer system by compromising its credentials.
COMMON HACKING TACTICS
1. Phishing- is the most common hacking technique.
All of our inboxes & text messaging apps are filled with phishing
messages daily.
These are messages that are disguised as either an organization

(Amazon, Netflix, etc.) or a person that you trust & will, in most
cases, tell a story to trick you into clicking on a link or opening an
attachment.
PHISHING - Typically, they will:

•Inform you that someone has been trying to log into your website &
you should update your credentials.
•Claim that there’s a problem with your account or your payment info
•Ask you to confirm some personal information
•Inform you that you are eligible to register for a state or federal refund
•Offer you free stuff.
2. Bait & Switch Attack- Takes potential views from legitimate
sites towards the ones owned and created by hackers.
The advertisement may link to a legitimate website, but it will

be programmed to redirect you to a harmful site.
3. Keylogger- is a small piece of software that, when downloaded
into your computer, will record every keystroke.
The key logger will capture every keystroke on the keyboard,

every username, password & credit card number, etc., exposing
all of your data & personal information.
4. Denial of Service (DoS\DDoS) Attacks- is a hacking
technique designed to flood your web server with a myriad of
requests to the point that it overloads the web server resulting
in a website crash.
5. ClickJacking Attacks- The clickjacking element could be a
button on a web page that, when clicked, performs another
function, allowing others to take control of the computer.
The host website may not be aware of the existence of the

clickjacking element.
6. Cookie Theft- The cookies in your web browsers (Chrome,
Safari, etc.) store personal data such as browsing history,
username, & passwords for different sites we access.
Hackers will send I.P. (data) packets that pass through your
computer, & they can do that if the website you are browsing
doesn’t have an SSL (Secure Socket Layer) certificate.
Websites that begin with HTTPS:// are secure, whereas sites

that start with HTTP:// (no ‘S’) do not have SSL & are NOT
considered secure.
7. Viruses & Trojans- These are malicious software programs
that, when installed on your computer, will send your data to the
hacker.
They can also lock your files, spread to all the computers
connected to your network, & perform many other nasty actions.
INTERNATIOAL DIMENSIONS OF
CYBERCRIME
• Criminals in an electronic world can ignore international boundaries
since they can send information & execute commands via worldwide
networks.
• While computer hacking is one good example of an international crime

in cyberspace, there are many other crimes that are facilitated by
computer networks, such as copyright infringement, the transmission of
child pornography, and the interception of communications.
• The computer hacking cases have repeatedly raised issues that will
be of concern in all international electronic crime cases.
ISSUES RAISED BY INTERNATIONAL
COMPUTER CRIME
A. Substantive Law
B. Procedural Law
C. Operational Issues
COMPUTER CRIME
A. SUBSTANTIVE
Focuses on the substance of the crime, such as the elements of a

crime which include the prohibited conduct & the mental
element.
1. Absence of Substantive Laws

2. Extraterritorial Reach of Substantive Laws
3. Variation Among Substantive Laws
4. Conflicts Among Substantive Laws
COMPUTER CRIME
B. PROCEDURAL
This information is often provided 'only in response to court

orders issued pursuant to established criminal procedures.
1. Absence of Procedural Laws

2. Variation of Procedural Laws
3. Conflict of Procedural Laws
4. Transborder Searches
COMPUTER CRIME
C. OPERATIONAL
Indeed, differences in language, culture, & national interests
create situations ripe for misunderstandings to arise.
For all of these reasons, operational issues are among the most
intractable that arise in the course of an international computer
crime case.
1. Communication
2. Timeliness
REPUBLIC ACT NO. 10175 “CYBERCRIME
PREVENTION ACT OF 2012”
PUNISHABLE ACTS. SEC. 4. Cybercrime Offenses
(A) Offenses against the confidentiality, integrity, and availability of
computer data and systems:
The following acts constitute the offense of cybercrime punishable under
this Act:
(1) Illegal Access– The access to the whole or any part of a computer
system without right.
(2) Illegal Interception– The interception made by technical means
without the right of any non-public transmission of computer data to, from,
or within a computer system including electromagnetic emissions from a
computer system carrying such computer data.
PUNISHABLE ACTS
(3) Data Interference- The intentional or reckless alteration, damaging,

deletion, or deterioration of computer data, electronic document, or
electronic data message, without right, including the introduction or
transmission of viruses.
(4) System Interference- The intentional alteration or reckless hindering

or interference with the functioning of a computer or computer network.
REPUBLIC ACT NO. 10175
“CYBERCRIME PREVENTION ACT OF
2012”
(5) Misuse of Devices.
(i) The use, production, sale, procurement, importation, distribution, or otherwise
making available, without right.
• (aa) A device, including a computer program, designed or adapted primarily for
the purpose of committing any of the offenses under this Act; or
• (bb) A computer password, access code, or similar data by which the whole or
any part of a computer system is capable of being accessed with the intent that it be
used for the purpose of committing any of the offenses under this Act.
• (ii) The possession of an item referred to in paragraphs 5(i)(aa) or (bb) above with
intent to use said devices for the purpose of committing any of the offenses under
this section.
“CYBERCRIME PREVENTION ACT
OF 2012”
(6) Cybersquatting. – The acquisition of a domain name over the internet
in bad faith to profit, mislead, destroy reputation, & deprive others from
registering the same
Computer-related Offenses:
• (i) Similar, identical, or confusingly similar to an existing trademark
registered with the appropriate government agency at the time of the
domain name registration:
• (ii) Identical or in any way similar with the name of a person other than
the registrant, in case of a personal name; and
• (iii) Acquired without right or with intellectual property interests in it.
2012”
(A) COMPUTER-RELATED OFFENSES
(1) Computer-related Forgery.
• (i) The input, alteration, or deletion of any computer data without right
resulting in inauthentic data with the intent that it be considered or
acted upon for legal purposes as if it were authentic, regardless of
whether or not the data is directly readable & intelligible; or
• (ii) The act of knowingly using computer data which is the product of
computer-related forgery as defined herein, for the purpose of
perpetuating a fraudulent or dishonest design.
2012”
(2) Computer-related Fraud. — The unauthorized input, alteration, or
deletion of computer data or program or interference in the functioning of a
computer system, causing damage thereby with fraudulent intent:
Provided, That if no damage has yet been caused, the penalty imposable
shall be one (1) degree lower.
(3) Computer-related Identity Theft. – The intentional acquisition, use,

misuse, transfer, possession, alteration or deletion of identifying information
belonging to another, whether natural or juridical, without right:
Provided, That if no damage has yet been caused, the penalty is imposable
shall be one (1) degree lower.
(C) Content-related Offenses:
(1) Cybersex— The willful engagement, maintenance, control, or operation,

directly or indirectly, of any lascivious exhibition of sexual organs or sexual
activity, with the aid of a computer system, for favor or consideration.
(2) Child Pornography— The unlawful or prohibited acts defined &

punishable by Republic Act No. 9775 or the Anti-Child Pornography Act of
2009, committed through a computer system:
Provided, That the penalty to be imposed shall be (1) one degree higher
than that provided for in Republic Act No. 9775.
2012”
(C) Content-related Offenses:
(3) Unsolicited Commercial Communications. — The transmission
of commercial electronic communication with the use of computer
systems that seeks to advertise, sell, or offer for sale products &
services is prohibited.
(4) Libel -The unlawful or prohibited acts of libel as defined in Article

355 of the Revised Penal Code, as amended, committed through a
computer system, or any other similar means which may be devised in
the future.
2012”
SEC. 5. Other Offenses. — The following acts shall also
constitute an offense:
(a) Aiding or Abetting in the Commission of Cybercrime. –
Any person who willfully aids in the commission of any of the
offenses enumerated in this Act shall be held liable.
(b) Attempt in the Commission of Cybercrime. — Any person

who willfully attempts to commit any of the offenses enumerated
in this Act shall be held liable.
Section 6.
All crimes defined & penalized by the Revised Penal Code, as

amended, & special laws, if committed by, through & with the use
of information & communications technologies shall be covered
by the relevant provisions of this Act: Provided, That the penalty
to be imposed shall be one (1) degree higher than that
provided for by the Revised Penal Code, as amended, & special
laws, as the case may be.
SEC. 10. Law Enforcement Authorities. — The National
Bureau of Investigation (NBI) & the Philippine National
Police (PNP)
shall be responsible for the efficient & effective law

enforcement of the provisions of this Act.
The NBI & the PNP shall organize a cybercrime unit or

center manned by special investigators to exclusively handle
cases involving violations of this Act.
INCIDENT RESPONSE, PRESERVATION &
COLLECTION OF COMPUTER DATA
SEC. 12. of R.A. 10175 Real-Time Collection of Traffic Data
✔Law enforcement authorities, with due cause, shall be
authorized to collect or record by technical or electronic
means traffic data in real-time associated with specified
communications transmitted by means of a computer system.
✔Traffic data refer only to the communication’s origin,
destination, route, time, date, size, duration, or type of underlying
service, but not content, or identities.
✔All other data to be collected or seized or disclosed will
require a court warrant.
IRR of R.A. 10175 Section 12. Preservation & Retention of Computer
Data.
✔The integrity of traffic data & subscriber information shall be
kept, retained & preserved by a service provider for a minimum
period of 6 months from the date of the transaction.
✔Content data shall be similarly preserved for 6 months from the
date of receipt of the order from law enforcement authorities requiring
its preservation.
✔Law enforcement authorities may order a 1-time extension for 6
months: Provided, That once computer data that is preserved,
transmitted, or stored by a service provider is used as evidence in a
case,
INCIDENT RESPONSE, PRESERVATION
& COLLECTION OF COMPUTER DATA
Section 13. Collection of Computer Data.
✔Law enforcement authorities, upon the issuance of a court
warrant, shall be authorized to collect or record by technical or
electronic means,
✔The court warrant required under this section shall be issued
or granted upon written application, after the examination
under oath or affirmation of the applicant & the witnesses he
may produce
• Section 14. Disclosure of Computer Data. — Law enforcement
authorities, upon securing a court warrant, shall issue an order
requiring any person or service provider to disclose or submit
subscriber’s information, traffic data, or relevant data in his/its
possession or control within seventy-two (72) hours from receipt
of the order in relation to a valid complaint officially docketed and
assigned for investigation and the disclosure is necessary and
relevant for the purpose of investigation.
• Section 15. Search, Seizure, and Examination of Computer Data. — Where
a search and seizure warrant is properly issued, the law enforcement
authorities shall likewise have the following powers and duties.
• (a) To secure a computer system or a computer data storage medium;
• (b) To make and retain a copy of those computer data secured;
• (c) To maintain the integrity of the relevant stored computer data;
• (d) To conduct forensic analysis or examination of the computer data storage
medium; and
Section 15. Search, Seizure, and Examination of Computer Data
Law enforcement authorities may request for an extension of time to
complete the examination of the computer data storage medium and
to make a return thereon but in no case for a period longer than
thirty (30) days from the date of approval by the court.
• Section 16. Custody of Computer Data. — All computer data,
including content and traffic data, examined under a proper
warrant shall, within forty-eight (48) hours after the expiration of
the period fixed therein, be deposited with the court in a sealed
package, and shall be accompanied by an affidavit of the law
enforcement authority executing it stating the dates and times
covered by the examination, and the law enforcement authority who
may access the deposit, among other relevant data.
Section 16. Custody of Computer Data
• The law enforcement authority shall also certify that no
duplicates or copies of the whole or any part thereof have
been made, or if made, that all such duplicates or copies are
included in the package deposited with the court.
• Section 17. Destruction of Computer Data. — Upon expiration of the
periods as provided in Sections 13 and 15, service providers and law
enforcement authorities, as the case may be, shall immediately and
completely destroy the computer data subject to preservation and
examination
• Section 18. Exclusionary Rule. — Any evidence procured
without a valid warrant or beyond the authority of the
same shall be inadmissible for any proceeding before any
court or tribunal.
IRR OF R.A. 10175. RULE 6
• Section 26. Cybercrime Investigation and Coordinating Center;
Composition. – The inter-agency body known as the Cybercrime
Investigation and Coordinating Center (CICC), under the
administrative supervision of the Office of the President, was
established for policy coordination among concerned agencies and for
the formulation and enforcement of the national cyber security plan.
• The CICC is headed by the Executive Director of the Information
and Communications Technology Office under the Department of
Science and Technology (ICTO-DOST) as Chairperson;
• the Director of the NBI as Vice-Chairperson; and
• the Chief of the PNP, the Head of the DOJ Office of Cybercrime, and
• one (1) representative each from the private sector, non-
governmental organizations, and the academe as members.
• The DOJ Office of Cybercrime shall serve as

the Cybercrime Operations Center of the CICC
DIGITAL INVESTIGATIVE PLAN
✔Digital forensics is the science of acquiring, retrieving,

preserving & presenting data that has been processed
electronically & stored on digital media.
✔Digital forensic science is a relatively new discipline that has

the potential to greatly affect specific types of investigations &
prosecutions
PHASES OF DIGITAL INVESTIGATIVE
PLAN
1. Preparation Phase
2. Physical Forensics & Investigation
Phase
3. Digital Forensics Phase
4. Reporting & Presentation phase
5. Closure Phase
PLAN
• 1. Preparation Phase - This is the first stage of incident
handling procedures, which must be applied before handling
any investigation, the purpose of this phase is to make sure that
the operation & infrastructure can support the investigation.
• The preparation phase is divided into Pre-preparation, Case
evaluation, Preparation of detailed design for the case,
Preparation of investigation plan & Determination of required
resources.
PLAN
• 2. Physical Forensics & Investigation Phase - The goal of this
phase is to collect, preserve, analyze the physical evidence &
reconstruct what happened at the crime scene.
• The physical forensics & investigation phase can be subdivided
into Physical preservation, Preliminary survey of the physical
scene, Evaluate the physical scene, Initial documentation,
photographing & narration, Search & collection of physical
evidence & Final survey of the physical crime scene.
PLAN
• 3. Digital Forensics Phase- The goal of this phase is to identify &
collect the electronic events that occurred in the system & analyze
them so that they can be used with the results of the previous
phase to reconstruct events.
• The digital forensics phase includes sub-phases which are
Evaluation & Assessment, Acquisition of digital evidence, Survey
of the digital scene, Digital Evidence Examination, Reconstruction
of extracted data & Conclusion
PLAN
4. Reporting & Presentation phase- This phase presents the
conclusions & corresponding evidence from the investigation.
5. Closure Phase- involves reviewing the whole investigation

procedures, examining how well each of the physical & digital
investigations worked together, & whether the evidence collected
was enough to solve the case, & ensures returning of the physical
& digital properties back to their owner.
PROCEDURES IN HANDLING OF
COMPUTER/CYBERCRIME CASES
LEGAL BASIS
• - R.A. 8792 Electronic Commerce Act of 2000
• - R.A. 8484 Access Device Act
PURPOSE
• The standard operating procedure prescribes a uniform and step-by-
step process to be observed by all personnel of CIDG in the conduct
of investigation regarding Computer/Cybercrime cases.
DEFINITION OF TERMS
• COMPUTER NETWORK – is a collection of computers and devices
connected to each other. The network allows computers to communicate
with each other and share resources and information.
• ELECTRONIC MAIL – often abbreviated as e-mail or email, is a method
of exchanging digital messages, designed primarily for human use.
DEFINITION OF TERMS
• ELECTRONIC EVIDENCE – is any probative information stored or
transmitted in digital form that a party to a court case may use at trial.
• ELECTRONIC CRIME SCENE - A crime scene where there is

electronic evidence found.
ELECTRONIC CRIME SCENE PROCEDURES
• Secure and take control of the area containing the suspected electronic
media.
• The investigator should move individuals at the scene away from all
computer equipment to ensure no last-minute changes or corruption to
the data occur.
• investigators can start conducting interviews of either the suspects on
the scene or potential witnesses.
• The interviews should take place in an area where the interviews will not be
interrupted and allow for the individual to talk freely to the investigator.
• The investigator should avoid switching the computer system “on” if it is
turned “off” upon your arrival.
• Press the arrow key if the monitor is off. The arrow keys will not alter any
documents if the system is active.
• photograph the monitor to show what was on the screen at the time of your
arrival.
• The investigator will then document the crime scene by taking photographs.
• The next step is to document the crime scene even further by drawing a sketch
of the entire crime scene. The sketch will show the measurements of the
crime scene and where the evidence is located on the crime scene by their
exact distance
• After taking all the necessary photographs, the investigator must to label and
tag all the evidence located in the crime scene.
• Once the system has been labeled correctly, the investigator can place
evidence tape over the 3 ½ inch drive and the drive case. This will help the
investigator know if anyone tampers with the computer system in transit back to
the forensic lab.
• a chain of custody must be filled out to ensure the evidence is properly
tracked from investigator to investigator. A chain of custody will contain the
name of the recovering officer and the date and time he transferred the
evidence to the primary investigating officer.
ANTI-CHILD PORNOGRAPHY ACT
OF 2009
What law punishes violations of the Anti-Child
Pornography Act?
- Republic Act No. 9208

ANTI-CHILD PORNOGRAPHY ACT OF
2009
What is the evidence needed to file a case for child pornography?
• 1. Testimonial Evidence – affidavit of the complainant and witnesses
• 2. Documentary Evidence – photographs, videos, publications, records, police
records, forensic reports, and other pertinent documents
• 3. Object Evidence – computers, electronic devices, and instruments used in
taking and distributing pornography and means to control the child victims
• 4. Other evidence relevant
WARRANTS & OTHER ISSUANCES FOR
COMPUTER DATA
Cybercrime warrants
(1) Warrant to Disclose Computer Data (WDCD)
(2) Warrant to Intercept Computer Data (WICD)
(3) Warrant to Search, Seize, & Examine Computer
Data (WSSECD)
(4) Warrant to Examine Computer Data (WECD)
(1) WARRANT TO DISCLOSE COMPUTER
DATA (WDCD)
• A WDCD requires any person or service provider to disclose a
subscriber's information, traffic data, or relevant data in his/her
or its possession or control within 72 hours from receipt of the
order.
• A request for WDCD may only be filed if there is a complaint

officially docketed & assigned for investigation & the disclosure
is necessary & relevant for the investigation.
• Among others, the request for WDCD must state the relevance &
necessity of the data sought & describe particularly the
information sought to be disclosed.
(2) WARRANT TO INTERCEPT
COMPUTER DATA (WICD)
• A WICD authorizes the law enforcement authorities to listen to,
record, monitor, or conduct surveillance of the content of
communications, including the use of electronic eavesdropping
or tapping devices.
• The request for a WICD must also state the relevance &
• Also, the request must state the likely offense involved.

(3) WARRANT TO SEARCH, SEIZE, &
EXAMINE COMPUTER DATA (WSSECD)
• A WSSECD is similar to a search warrant, except the subject
matter of a WSSECD is computer data.
• The request for a WSSECD must also state the relevance &
information sought to be seized & examined.
• In addition, the request must contain an explanation of the

search & seizure strategy to be implemented.
(4) WARRANT TO EXAMINE COMPUTER
DATA (WECD)
• A WECD is a warrant issued when a computer device or system
is previously seized by another lawful method, such as a
warrantless arrest.
• Before searching any device seized, law enforcement must
apply for a WECD.
• The request for a WECD must also state the relevance &
HOW THESE WARRANTS CAN BE
OBTAINED?
• The four warrants described are only obtained by law
enforcement agencies (i.e., the PNP or the NBI) from Regional
Trial Courts specially designated to handle cybercrime cases.
• Regional Trial Courts in Quezon City, Manila City, Makati City,

Pasig City, Cebu City, Iloilo City, Davao City, & Cagayan de Oro
City are empowered to issue warrants that are enforceable
throughout the Philippines.
• The warrants shall only be effective for the length of time as
determined by the court, which shall not exceed 10 days from its
issuance.
• The court issuing the warrant may, upon motion, extend its effectivity
based only on justifiable reasons for a period not exceeding 10 days
from the expiration of the original period.
• Failure to timely file the returns for any of the issued warrants under this
Rule or to duly turn over to the court’s custody any of the items shall
subject the responsible law enforcement authorities to action for
contempt.
• Moreover, failure to comply with the orders from law enforcement

authorities shall be punished for obstruction of justice, which shall be
filed before the designated cybercrime court.
HUMAN RIGHTS & VICTIMS WELFARE
IN CONNECTION TO CYBERCRIME
Laws & policies were created to address technological advancement:
• Republic Act No. 10173 Otherwise Known as Data Privacy Act of 2012
• Republic Act No. 8972 Otherwise Known as E-Commerce Act of 2000
• Republic Act No. 9775 Otherwise Known as Anti-Child Pornography Act of 2009
• Republic Act No. 9995 Otherwise Known as Anti-Photo & Video Voyeurism Act
of 2009
• Republic Act No. 10175 Otherwise Known as Cybercrime Prevention Act of
2012
Whether this is sufficient to curtail possible breaches of the right to privacy is yet
to be determined
ENUMERATED PROCEDURES ON HOW ONE
CAN SEEK REDRESS AGAINST ONLINE
HARASSMENT:
a. Victims of online harassment cases may report through the DOJ
Cybercrime Division, the NBI Cybercrime Division & the PNP Cybercrime
Group which accepts & handles cases of such nature.
b. The reporting must be done personally by the victims.
c. When filing a report, it is necessary to present proof of cyberbullying &

harassment such as screenshots & other “receipts”
d. Once equipped with evidence, the victim will be asked to furnish a formal
complaint by submitting an affidavit narrating the crime or offense.
CHILDREN
• Based on the data that was reported by UNICEF, around 80%
of Filipino children are at risk of online sexual abuse & the
Philippines is considered a top global source of child
pornography.
• In some cases, children are molested by pornography

operators or are otherwise being forced to expose
themselves on camera to have sex with each other.
NOTABLE CASES INSTRUMENTAL TO
CYBERCRIME INVESTIGATION
The public is aware of the importance of
legislation that supports police efforts against
computer crimes.
1. The “I LOVE YOU” Computer Virus
2. Arrest of the suspect
3. Effect of the “I LOVE YOU” Virus
4. Congress’ Response
JJ MARIA GINER
✔The first Filipino to be convicted of
cybercrime, particularly hacking.
✔He was convicted in September 2005 by Manila
MTC Branch 14 Judge Rosalyn Mislos-Loja.
✔pleaded guilty to hacking the government
portal “gov.ph” & other government websites.
✔He was sentenced to one to 2 Years of
imprisonment & fined Php100,000.
✔However, he immediately applied for probation,
which was eventually granted by the court.
PHILIPPINE EMERGENCY RESPONSE
TEAM (PHCERT)
• The first computer emergency response team or CERT in the
Philippines is the PH-CERT.
• PH-CERT provides assistance or responses to cyber incidents locally. Its

Concept of Operation of providing assistance is email-based & phone-
based & on-site services are very minimal or do not exist.
• The organization has strong coordination with law enforcement

agencies through the conduct of technical training.
GOVERNMENT COMPUTER SECURITY
& INCIDENT RESPONSE TEAM (GCSIRT)
GCSIRT was created through the Task Force on Security of
Critical Infrastructure (TFSCI) & its aim is to suppress, detect &
investigate computer network intrusions & other related
Internet or computer crimes.
THE FOLLOWING ISSUES HAMPER THE
EFFECTIVE SECURITY & PROTECTION
OF PHILIPPINE CYBERSPACE:
A. Legislation against Cybercrime
B. Budgetary Constraints
C. Overlapping Roles of IT Government Bodies
D. Lack of Information Sharing, Coordination & Cooperation
E. Lack of Proper Training of Law Enforcers
F. Public Awareness
ENVIRONMENTAL LAWS
ENVIRONMENTAL LAW
• Environmental law, also known as environmental & natural resources

law, is a collective term describing the network of treaties, statutes,
regulations, and common & customary laws addressing the effects of
human activity on the natural environment.
WHAT DO ENVIRONMENTAL LAWS
REGULATE?
Environmental laws cover a wide range of topics including the
following:
1. Air Quality- Air Quality laws protect the air from pollution &
may include measures to protect the air from things like ozone
depletion.
2. Water Quality- Environmental laws may protect water from

pollution. They may also determine who can use water & how to
handle potential problems like a treat in wastewater & managing
surface runoff.
REGULATE?
3. Waste Management- Municipal waste, hazardous substances

& nuclear waste all fall in the category of waste management.
4. Contaminant Cleanup- Not all environmental law focuses on

preventing pollution. Contaminant cleanup deals with
addressing pollution after it happens.
Laws may include civil & criminal punishment for polluters.

REGULATE?
5. Chemical Safety- Chemical safety regulations manage things
like pesticide use & chemicals in products like plastic bottles.
6. Hunting & Fishing- Environmental laws may regulate &

protect wildlife populations. Lawmakers determine who can hunt
& fish & how these activities are regulated.
PHILIPPINE ENVIRONMENTAL LAWS
Environmental Law - Environmental law looks at all the factors
that pertain to an economy & its production & industry to assess
its impact on the environment & to propose regulations that
will reduce environmental harm.
MAJOR ENVIRONMENTAL LAWS
IN THE PHILIPPINES
• PRESIDENTIAL DECREE 1586 ENVIRONMENTAL IMPACT
STATEMENT (EIS) SYSTEM OF 1978
• The Environment Impact Assessment System was formally established in
1978 with the enactment of PD no. 1586 to facilitate the attainment &
maintenance of a rational & orderly balance between socio-economic
development & environmental protection. EIA is a planning & management
tool that will help the government, decision-makers, the proponents & the
affected community address the negative consequences or risks to the
environment. The process assures the implementation of environment-
friendly projects.
IN THE PHILIPPINES
Section 4. of PD 1586 Environmentally Critical Areas &

Projects.
• No person, partnership, or corporation shall undertake or operate
any such declared environmentally critical project or area
without first securing an Environmental Compliance Certificate
or his duly authorized representative.
issued by the President
IN THE PHILIPPINES
Section 5. of PD 1586 Environmentally Critical Areas &

Projects.
• - All other projects, undertakings & areas not declared by
the Presidents as environmentally critical shall be
considered non-critical & shall not be required to
submit an environmental impact statement.
IN THE PHILIPPINES
RA 6969 TOXIC SUBSTANCES, HAZARDOUS & NUCLEAR WASTE
CONTROL ACT OF 1990
• The law aims to regulate, restrict or prohibit the importation,
manufacture, processing, sale, distribution, use & disposal of
chemical substances & mixtures that present an unreasonable risk
to human health.
IN THE PHILIPPINES
RA 8749 PHILIPPINE CLEAN AIR ACT OF 1999

• The law aims to achieve & maintain clean air that meets the
National Air Quality guideline values for criteria pollutants,
throughout the Philippines, while minimizing the possible
associated impacts on the economy.
IN THE PHILIPPINES
REPUBLIC ACT 9275. PHILIPPINE CLEAN WATER ACT OF 2004
• The law aims to protect the country's water bodies from pollution
from land-based sources (industries & commercial establishments,
agriculture & community/household activities). It provides a
comprehensive & integrated strategy to prevent & minimize
pollution through a multi-sectoral & participatory approach
involving all the stakeholders.
IN THE PHILIPPINES
• RA 9003 ECOLOGICAL SOLID WASTE MANAGEMENT ACT OF
2000
• In partnership with stakeholders, the law aims to adopt a systematic,
comprehensive & ecological solid waste management program that
shall ensure the protection of public health & environment. The law
ensures proper segregation, collection, storage, treatment & disposal
of solid waste through the formulation & adaptation of best eco-waste
products.
IN THE PHILIPPINES
RA 9512 NATIONAL ENVIRONMENTAL AWARENESS &
EDUCATION ACT OF 2008
• Articulates that the state shall promote national awareness of the
role of natural resources in economic growth & the importance
of environmental conservation & ecological balance towards
sustained national development.
IN THE PHILIPPINES
Republic Act No. 8550, February 25, 1998
AN ACT PROVIDING FOR THE DEVELOPMENT, MANAGEMENT,
AND CONSERVATION OF THE FISHERIES AND AQUATIC
RESOURCES
SHORT TITLE: "The Philippine Fisheries Code of 1998."

RA 8550. THE PHILIPPINE FISHERIES CODE OF
1998."
Section 3. Application of its Provisions. -
(a) all Philippine waters including other waters over which the Philippines
has sovereignty and jurisdiction, and the country's 200-nautical mile
Exclusive Economic Zone (EEZ) and continental shelf;
(b) all aquatic and fishery resources whether inland, coastal, or offshore
fishing areas, including but not limited to fishponds, cages; and
(c) all lands devoted to aquaculture, or businesses and activities relating
to the fishery, whether private or public lands.
RA 8550. THE PHILIPPINE FISHERIES CODE
OF 1998."
Some of the prohibited acts under RA 8550

• Unauthorized Fishing or Engaging in Other Unauthorized
Fisheries Activities.
• Poaching in Philippine Waters
• Fishing Through Explosives, Noxious or Poisonous Substance,
and/or Electricity.
• Use of Fine Mesh Net.
• Fishing Or Taking of Rare, Threatened, or Endangered Species
SALIENT PROVISIONS ON RULES OF
PROCEDURE FOR ENVIRONMENTAL CASES
These Rules shall govern the procedure in environmental cases in
civil, and criminal before the Regional Trial Courts, Metropolitan
Trial Courts, Municipal Trial Courts in Cities, Municipal Trial
Courts & Municipal Circuit Trial Courts involving enforcement
or violations of environmental & other related laws.
SALIENT PROVISIONS ON RULES OF PROCEDURE
FOR ENVIRONMENTAL CASES
RULE 2. SEC. 4. Who may file-
Any real party in interest, including the government & juridical entities
authorized by law, may file a civil action involving the enforcement or
violation of any environmental law.
RULE 2. SEC. 5. Citizen suit- Any Filipino citizen in the representation

of others, including minors or generations yet unborn, may file an action
to enforce rights or obligations under environmental laws. Upon the
filing of a citizen suit, the court shall issue an order which shall contain a
brief description of the cause of action & the reliefs prayed for, requiring
all interested parties to manifest their interest to intervene in the case
within fifteen (15) days from notice thereof.
RULE 2. SEC. 8. Issuance of Temporary Environmental Protection

Order (TEPO)
If it appears from the verified complaint for the issuance of an

Environmental Protection Order (EPO) that the matter is of extreme
urgency & the applicant will suffer grave injustice & irreparable injury,
the executive judge of the multiple sale court before the raffle or the
presiding judge may issue a TEPO effective for only seventy-two (72)
hours from the date of the receipt of the TEPO by the party or person
enjoined.
CASES RULE 2. SEC. 8. Issuance of Temporary
Environmental Protection Order (TEPO)
Within the said period, the court where the case is assigned
shall conduct a summary hearing to determine whether the
TEPO may be extended until the termination of the case.
RULE 2. SEC. 10. PROHIBITION AGAINST TEMPORARY
RESTRAINING ORDER (TRO) & PRELIMINARY
INJUNCTION.
Except for the Supreme Court, no court can issue a TRO or

writ of the preliminary injunction against lawful actions of
government agencies that enforce environmental laws or
prevent violations thereof.
RULE 2 SEC. 13. SERVICE OF SUMMONS, ORDERS
& OTHER COURT PROCESSES.
• The summons, orders & other court processes may be
served by the sheriff, his deputy, or other proper court
officer or for justifiable reasons, by the counsel or
representative of the plaintiff or any suitable person
authorized or deputized by the court issuing the summons.
RULE 2 SEC. 13. SERVICE OF SUMMONS, ORDERS
& OTHER COURT PROCESSES.
Any private person who is authorized or deputized by the court to
serve summons, orders & other court processes shall for that
purpose be considered an officer of the court.
The summons shall be served on the defendant, together with a

copy of an order informing all parties that they have fifteen (15)
days from the filing of an answer.
RULE 2 SEC. 14. Verified answer. –
Within fifteen (15) days from receipt of the summons, the defendant
shall file a verified answer to the complaint & serve a copy thereof on
the plaintiff. The defendant shall attach affidavits of witnesses, reports,
studies of experts & all evidence in support of the defense.
RULE 2 SEC. 15. Effect of failure to answer. - Should the defendant

fail to answer the complaint within the period provided, the court shall
declare the defendant in default & upon motion of the plaintiff, shall
receive evidence & render judgment based thereon & the reliefs
prayed for.
RULE 3 SECTION 1. NOTICE OF PRE-TRIAL.
• RULE 3: PRE-TRIAL
• Within two (2) days from the filing of the answer to the
counterclaim or cross-claim, if any, the branch clerk of court
shall issue a notice of the pre-trial to be held not later than one
(1) month from the filing of the last pleading.
• The court shall schedule the pre-trial & set as many pre-trial
conferences as may be necessary within a period of two (2)
months counted from the date of the first pre-trial conference.
RULE 3 SEC. 3. REFERRAL TO MEDIATION
• At the start of the pre-trial conference, the court shall inquire
from the parties if they have settled the dispute; otherwise, the
court shall immediately refer the parties or their counsel, if
authorized by their clients, to the Philippine Mediation Center
(PMC) unit for purposes of mediation.
RULE 3 SEC. 3. REFERRAL TO MEDIATION
• Mediation must be conducted within a non-extendible

period of thirty (30) days from receipt of notice of referral to
mediation.
• The mediation report must be submitted within ten (10) days

from the expiration of the 30-day period
RULE 3 SEC. 4. PRELIMINARY CONFERENCE.
If mediation fails, the court will schedule the continuance of the

pre-trial. Before the scheduled date of continuance, the court may
refer the case to the branch clerk of court for a preliminary
conference for the following purposes:
• To assist the parties in reaching a settlement;
• To mark the documents or exhibits to be presented by the parties
& copies thereof to be attached to the records after comparison
with the originals;
• To ascertain from the parties the undisputed facts & admissions on
the genuineness & due execution of the documents marked as
exhibits;
RULE 3 SEC. 4. PRELIMINARY CONFERENCE.
• To record the proceedings in the “Minutes of Preliminary

Conference” to be signed by both parties or their counsels;
• To mark the affidavits of witnesses which shall be in question &

answer form & shall constitute the direct examination of the
witnesses; &
• Evidence not presented during the pre-trial, except newly

discovered evidence, shall be deemed waived.
RULE 4: TRIAL
RULE 4. SECTION 1. Continuous trial—The judge shall conduct a

continuous trial which shall not exceed two (2) months from the date of
the issuance of the pre-trial order.
RULE 4. SEC. 5. Period to try & decide—The court shall have a

period of 1 year from the filing of the complaint to try & decide the
case. Before the expiration of the one-year period, the court may
petition the Supreme Court for the extension of the period for
justifiable cause.
The court shall prioritize the adjudication of environmental cases.

RULE 5: JUDGEMENT & EXECUTION
Permanent EPO; writ of continuing mandamus.
the judgment, the court may convert the TEPO to a permanent

EPO or issue a writ of continuing mandamus directing the
performance of acts which shall be effective until the judgment is
fully satisfied.
WRIT OF KALIKASAN
Section 1. Nature of the writ. –
The writ is a remedy available to a natural or juridical person, entity

authorized by law, people’s organization, non-governmental
organization, or any public interest group accredited by or
registered with any government agency, on behalf of persons whose
constitutional right to a balanced & healthful ecology is violated, or
threatened with violation by an unlawful act or omission of a public
official or employee, or private individual or entity, involving
environmental damage of such magnitude as to prejudice the life,
health or property of inhabitants in two or more cities or provinces.
WRIT OF KALIKASAN
Section 2. Contents of the petition. - The verified petition shall
contain the following:
(a) The personal circumstances of the petitioner;
(b) The name & personal circumstances of the respondent or if the
name & personal circumstances are unknown & uncertain, the
respondent may be described by an assumed appellation;
(c) The environmental law, rule or regulation violated or threatened
to be violated, the act or omission complained
The reliefs prayed for which may include a prayer for the
issuance of a TEPO.
WRIT OF KALIKASAN
Section 2. Contents of the petition. (CONTINUATION)
(d) All relevant & material evidence consisting of the affidavits of
witnesses, documentary evidence, scientific or other expert studies,
& if possible, object evidence;
(e) The certification of the petitioner under oath that:
1. petitioner has not commenced any action or filed any claim
involving the same issues in any court, tribunal, or quasi-
judicial agency, & no such other action or claim is pending
therein;
2. if the petitioner should learn that the same or similar
action or claim has been filed or is pending, the
petitioner shall report to the court that fact within five
(5) days therefrom
Section 3. Where to file.
The petition shall be filed with the Supreme Court or with any
of the stations of the Court of Appeals.
Section 5. Issuance of the writ. - Within three (3) days from the
date of filing of the petition, if the petition is sufficient in form &
substance, the court shall give an order:
1. Issuing the writ; &
2. requiring the respondent to file a verified return. The clerk of
the court shall forthwith issue the writ under the seal of the court
including the issuance of a cease & desist order & other temporary
reliefs effective until further order.
SECTION 6. HOW THE WRIT IS SERVED.
• The writ shall be served upon the respondent by a court

officer or any person deputized by the court, who shall
retain a copy on which to make a return of service.
• In case the writ cannot be served personally, the rule on

substituted service shall apply. (by mail)
SECTION 12. DISCOVERY MEASURES.
A party may file a verified motion for the following reliefs:
(a) Ocular Inspection; order — The motion must show that an

ocular inspection order is necessary to establish the magnitude
of the violation of the threat as to prejudice the life, health or
property of inhabitants in two or more cities or provinces.
It shall state in detail the place or places to be inspected. It shall

be supported by affidavits of witnesses having personal
knowledge of the violation or threatened violation of
environmental law.
SECTION 12. DISCOVERY MEASURES.
A party may file a verified motion for the following reliefs:
(b) Production or inspection of documents or things; order –

The motion must show that a production order is necessary to
establish the magnitude of the violation of the threat as to
prejudice the life, health, or property of inhabitants in two or
more cities or provinces.
SECTION 15. JUDGMENT.
Within sixty (60) days from the time the petition is

submitted for decision, the court shall render judgment
granting or denying the privilege of the writ of kalikasan.
THE ENVIRONMENTAL PROTECTION AGENCY
Is such an agency that deals with matters that have relation only to
the protection, preservation & enhancement of the environment.
It has broad responsibility for research, standard-setting, monitoring &

enforcement with regard to five environmental hazards;
• air
• water pollution,
• solid waste disposal,
• radiation &
• pesticides
AN ACT CREATING THE ENVIRONMENTAL
PROTECTION AGENCY OF THE PHILIPPINES
Section 1. Short Title. "Environmental Protection Agency Act of
2010".
Section 3. Creation of the Agency.

There is hereby created the Environmental Protection Agency of the
Philippines to be placed under the Executive Branch, hereinafter
referred to as "EPA."
(b) The EPA shall be headed by a Chairman, appointed by the

President, with a Cabinet Rank & with the salary & privileges of
that of a Department Secretary.
AN ACT CREATING THE ENVIRONMENTAL PROTECTION
AGENCY OF THE PHILIPPINES,
Section 3. Creation of the Agency.

(c) The Chairman shall be assisted by a Vice-Chairman who
shall be appointed by the President & with the rank, salary &
privileges of a Department Undersecretary.
(d) There shall be in the EPA, Regional Executive Directors

who shall monitor & enforce environmental laws at the regional
level. He/she shall have the necessary staff support.
Section 4. Mandate. The EPA shall be the primary arm of the
government responsible for the conservation & protection of
the country's environment & natural resources.
Section 6. Organizational Structure. The EPA shall consist of

the Agency Proper, the staff offices, the staff bureaus, & the
regional/provincial/city/municipal offices.
The Agency Proper shall consist of the following:

a. Office of the Chairman;
b. Office of the Vice-Chairman;
c. Public Affairs Office; &
d. Pollution Adjudication Office.
AGENCY OF THE PHILIPPINES,
Section 7. Public Affairs Office.

• There is hereby created a Public Affairs· Office, under the Office
of the Chairman, to be headed by a Director & assisted by an
Assistant Director, which shall serve as the public information
arm of the Agency.
• It shall be responsible for disseminating information on

natural resources development policies, plans, programs &
projects & respond to public queries related to the
development & conservation of natural resources.
AGENCY OF THE PHILIPPINES
Section 12. Interim Officers.

(a) The President may authorize any person who, immediately
prior to the effective date of this Act, is immediately known as a
staunch advocate of the preservation, protection, & conservation
of the environment to act as Chairman until the office of
Chairman is for the first time filled pursuant to the provisions
of this reorganization plan or by interim appointment, as the case
may be.

(b) The President may similarly authorize any such person to
act as Vice Chairman, authorize any such person to act as
Regional Executive Director, & authorize any such person to act
as the head of any principal constituent organizational entity of
the EPA.

(c) The President may authorize any person who serves in an
acting capacity under the foregoing provisions of this section to
receive the compensation attached to the office in respect of
which he/she so serves. Such compensation, if unauthorized,
shall be in lieu of, but not in addition to, other compensation from
the Government of the Republic of the Philippines to which such
person may be entitled.
• Section 14. Periodic Performance Evaluation. The EPA is
hereby required to formulate & enforce a system of measuring &
evaluating periodically & objectively the performance of the EPA
& submit the same annually to the President, & to the Senate &
House of Representatives.
THE END
ASSESSMENT
1. refers to an order issued by the court directing or
enjoining any person or government agency to
perform or desist from performing an act in order to
protect, preserve or rehabilitate the environment.
a. Environmental protection order (EPO)

b. Mineral
c. By-product or derivatives
d. Consent decree
2. Where to file the warrant to obtain computer data?
a. MTC c. CA
b. RTC d. SC
3. How many days is the effective date of the warrant
to obtain computer data?
a. 5 days c. 15 days
b. 10 days d. 20 days
4. Failure to timely file the returns for any of the issued
warrants under this Rule or to duly turn over to the court’s
custody any of the items disclosed, intercepted, searched,
seized, and/or examined as prescribed hereunder shall be
subject the responsible law enforcement authorities to an
action for?
a. Contempt c. Omission
b. Obstruction of justice d. Criminal law
5. states that when human activities may lead to
threats of serious and irreversible damage to the
environment that is scientifically plausible but
uncertain, actions shall be taken to avoid or diminish
that threat.
a. Precautionary principle
b. Continuing mandamus
c. Strategic lawsuit against public participation (SLAPP)
d. Supreme Court
6. failure to comply with the orders from law enforcement
authorities shall be punished for?
a. Contempt c. Omission
b. Obstruction of justice d. Criminal law
7. Who promulgated the Rule on Cybercrime Warrants in
2018?
a. MTC c. CA
b. RTC d. SC
8. Onel Guzman was the dropout student who
created the I LOVE YOU virus.
a. true c. partly true
b. false d. partly false
9. The I LOVE YOU virus infected only the computer
and networks in Asian Region.
10. The court shall have this period from the filing of
the complaint to try and decide the case in relation to
environmental cases.
a. 1 year c. 6 months
b. 2 years d. 3 years
11. The Environmental Protection Agency of the
Philippines is headed by?
a. Chairperson c. Director
b. President d. Chairman
12. The primary arm of the government responsible
for the conservation and protection of the country's
environment and natural resources.
a. Philippine National Police

b. Environmental Protection agency
c. DENR
d. Department of Forestry
13. Under what branch of government does the EPA
belong?
a.Executive branch c. Legislative branch

b. Judicial branch d. Law enforcement branch
14. Who shall appoint the Chairman of the EPA?
a. Secretary c. President
b. Vice-president d. Director
15. Who shall assist the Chairman of the EPA?
a. Secretary c. President
b. Vice-president d. Director
16. Onel was convicted of cybercrime here in the
Philippines.
17. The Philippines among the countries penalizing
cybercrime.
18. The Supreme court does not allow the evidence in
electronic form.
19. GG Maria Gener was the first convicted hacker in
the Philippines.

20. The following are the issues raised about
international computer crime,except.
a. Absence of substantive law

b. Variation of substantive law
c. Duality of crime
d. Similarity of substantive law
21. Look at all the factors that pertain to an economy and its
production and industry to assess its impact on the
environment and to propose regulations that will reduce
environmental harm.
a. Criminal Law b. Environmental Law

c. Remedial Law c. Political Law
22. The law aims to achieve and maintain clean air
that meets the National Air Quality guideline values
for criteria pollutants, throughout the Philippines,
while minimizing the possible associated impacts to
the economy.
a. RA 6969 b. RA 8749
c. RA 9275 d. RA 9003
23. The law aims to regulate, restrict or prohibit the
importation, manufacture, processing, sale,
distribution, use and disposal of chemical
substances and mixtures that present unreasonable
risk tohuman health.
a. RA 6969 b. RA 8749
c. RA 9275 d. RA 9003
24. The law aims to protect the country's water
bodies from pollution from land-based sources
(industries and commercial establishments,
agriculture and community/household activities).
a. RA 6969 b. RA 8749
c. RA 9275 d. RA 9003
25. The unlawful or prohibited acts of libel as defined
in Article 355 of the Revised Penal Code, as
amended, committed through a computer system or
any other similar means which may be devised
in the future
a. cyber libel c. libel

b. cyber bullying d. cybercrime
26.is a criminal activity that either targets or uses a
computer, a computer network or a networke device.
a. Computer crime c. Crime

b. Cybercrime d. Computer virus
27. The court warrant required under the collection of
computer data shall be issued or granted upon?
a. verbal request c. upon permission from court

b. consent d. written application
28.use of computer networks to gain illicit access to
confidential information, typically that held by a
government or other organization.
a. Phishing c.Cryptojacking
b. Cyber espionage d.Ransomware attack
29. when spam emails, or other forms of
communication, are sent en masse, with the intention
of tricking recipients into doing something that
undermines their security or the security of the
organization they work for.
a. Phishing c.Cryptojacking
b. Cyber espionage d.Ransomware attack
30. Prepare _________ in which the gathering process must
be documented which should include a timestamp, digital
signatures, and signed statements.
a. list c. documents
b. chain of custody d. check list
31. The CPU can also be thought of as the
_____________ of the computer.
a. Body c. Heart
b. Brain d. Face
32. What is the bus of a computer?
a. CPU c. RAM
b. Monitor d. Motherboard
33.When a computer starts up, it begins to load
information from the hard disk into its working
memory. This working memory, called
a. CPU c. RAM
34. Carries out the commands sent to it by the
software and returns results to be acted upon.
a. CPU c. RAM
35. What are the basic components of a personal
computer, except?
a. CPU c. Inputs and outputs

b. Storage d. Processor
36. Is a medium that connects different computers
altogether.
a. Internet c. Computer hardware

b. Computer system d. Keyboard
37. A collection of entities that are designed to
receive & process the information.

38. Are physical parts/ intangible parts of a computer.

39. Is the main input device of a computer.

40. A small device used to point to and select items
on your computer screen.
a. mouse c. byte
b. CPU d. server
41. Acts as the "brain" of your computer.
a. mouse c. byte
b. CPU d. server
42. The unit of memory is called?
a. mouse c. byte
b. CPU d. server
43. The information that we get through the Internet
are stored in machines, these machines are called:
a. mouse c. byte
b. CPU d. server
44. With a warrant, persons can invoke their
constitutional right against unreasonable searches
and seizures.
a. True c. partly false
b. False d. it depends
45. Temporarily stores information that the CPU uses
while the computer is on:
a. Client c. byte
b. RAM d. server
46. These types of hackers intend to hack
government websites.
a. Hacktivist
b. Malicious insider or Whistleblower
c. Ethical Hacker
d. State/Nation Sponsored Hackers
47. These types of hackers include individuals
working in an organization who can expose
confidential information.
a. Hacktivist
c. Ethical Hacker
48. Are those who are hired and are given permission
to attack the system.
a. Hacktivist
c. Ethical Hacker
49. They use their knowledge to gain confidential
information from other countries.
a. Hacktivist
c. Ethical Hacker
50. Hackers intend to stop the attack of black hat
hackers.
a. Red Hat Hackers

b. Black Hat Hacker
c. White Hat Hacker
d. Grey Hat Hacker
51. The law enforcement agencies responsible for the
efficient and effective law enforcement of the
provisions of this RA 10175.
A. NBI and FBI C. PNP and AFP

B. NBI and CIDG D. PNP and NBI
52. The willful engagement, maintenance, control, or
operation, directly or indirectly, of any lascivious
exhibition of sexual organs or sexual activity, with
the aid of a computer system, for favor or
consideration.
a. Cybercrime c. Child pornography

b. Cybersex d. Libel
53. The unlawful or prohibited acts defined and
punishable by Republic Act No. 9775 or the Anti-
Child Pornography Act of 2009, committed through a
computer system: Provided, That the penalty to be
imposed shall be (1) one degree higher than that
provided for in Republic Act No. 9775.
a. Cybercrime C. Child pornography

b. Cybersex D. Libel
54. refers to the instruction, communication with,
storing data in, retrieving data from, or otherwise
making use of any resources of a computer system
or communication network.
A. Access C. Communication
B. Alteration D.Computer
55. refers to an electronic, magnetic, optical,
electrochemical, or other data processing or
communications device, or grouping of such
devices, capable of performing logical, arithmetic,
routing, or storage functions and which includes any
storage facility or equipment or communications
facility or equipment directly related to or operating
in conjunction with such device.
B. Alteration D.Computer
56. refers to a computer or a computer network, the
electronic medium in which online communication
takes place.
B. Alteration D. Cyber
57. The acquisition of a domain name over the
internet in bad faith to profit, mislead, destroy,
reputation, and deprive others from registering the
same.
A. Cybersquatting C. Communication
B. Alteration D. Cyberspace
58. The intentional or reckless alteration, damaging,
deletion or deterioration of computer data, electronic
document, or electronic data message, without right,
including the introduction or transmission of viruses.
A. Data C. Data interference

B. System interference D. Interception
59. refers to the collection of tools, policies, risk
management approaches, actions, training, best
practices, assurance and technologies that can be
used to protect the cyber environment and
organization and user’s assets.
A. Cyber C. Cybercrime
B. Cybersquatting D. Cybersecurity
60. The access to the whole or any part of a
computer system without right.
A. Illegal access C. Misuse of device

B. Illegal interception D. Computer forgery
61. R.A. 10175 shall be known as the:
a. Cybercrime Prevention Act of 2012

b. The Cybercrime Prevention Act of 2012
c. Cybercrime Prevention Law of 2012
d. Anti-Cybercrime Law of 2012
62. The unauthorized input, alteration, or deletion of
computer data or program or interference in the
functioning of a computer system, causing damage
thereby with fraudulent intent.
a. Computer-related Fraud
b. Computer-related Identity Theft
c. Computer-related Forgery
d. Misuse of Devices
63. The intentional acquisition, use, misuse, transfer,
possession, alteration or deletion of identifying
information belonging to another, whether natural or
juridical, without right
64.The input, alteration, or deletion of any computer data
without right resulting in inauthentic datawith the intent that
it be considered or acted upon for legal purposes as if it
were authentic, regardless whether or not the data is directly
readable and intelligible.
65. The act of knowingly using computer data which
is the product of computer-related forgery as defined
herein, for the purpose of perpetuating a fraudulent
or dishonest design.
66. The use, production, sale, procurement, importation,
distribution, or otherwise making available, without right,
A device, including a computer program, designed or
adapted primarily for the purpose of committing any of
the offenses under this Act;
67. The use, production, sale, procurement, importation,
distribution, or otherwise making available, without right, A
computer password, access code, or similar data by which
the whole or any part of a computer system is capable of
being accessed with intent that it be used for the purpose of
committing any of the offenses under this Act.
68. Refers to any computer data other than the
content of the communication including, but not
limited to, the communication’s origin, destination,
route, time, date, size, duration, or type of underlying
service.
a. Traffic data or non-content data

b. Database
c. Computer program
d. Computer system
69. Refers to a representation of information,
knowledge, facts, concepts, or instructions which are
being prepared, processed or stored or have been
prepared, processed or stored in a formalized
manner and which are intended for use in a computer
system.

b. Database
c. Computer program
d. Computer system
70. Refers to a set of instructions executed by the
computer to achieve intended results.

b. Database
c. Computer program
d. Computer system
71. There were three main issues that were raised
about cybercrime in the international dimension.
a. True c. Partly true

b. False d. Partly false
72. Substantive law focuses on the process of
applying the substance of the law.

73. Violations that occurred in a country where no
law that was enacted to punish such crime cannot be
prosecuted.

74. The variation among procedural laws can be
exacerbated by direct conflicts among the procedural
laws of different countries.

75. The substance of the criminal law may actually
conflict between various countries.

76. The integrity of traffic data and subscriber
information shall be kept, retained and preserved by
a service provider for a minimum period of ?
a. 72 hours c. 6 months
b. 1 month d. until the trial ends
77. Upon the issuance of a court warrant, shall be
authorized to collect or record by technical or
electronic means, and the service providers are
required to collect or record by technical or
electronic means and/or to cooperate and assist in
the collection or recording of computer data.
a. NBI c. CIDG
b. PNP d. Law enforcement authorities
78. Law enforcement authorities, upon securing a
court warrant, shall issue an order requiring any
person or service provider to disclose or submit
computer data, within how many hours?
a. 8 hours c. 24 hours
b. 12 hours d. 72 hours
79. Law enforcement authorities may request for an
extension of time to complete the examination of the
computer data storage medium and to make a return
thereon, but in no case for a period longer
than?
a. 3 days c. 30 days
b. 15 days d. until the examination is done
80. How many hours does the computer data,
including content and traffic data, that are examined
under a proper warrant shall be deposited in court.
a. within 24 hours c. within 72 hours

b. within 48 hours d.immediately after
81. Any evidence obtained without a valid warrant or
beyond the authority of the same shall be
inadmissible for any proceeding before any court or
tribunal is called?
a. under exclusionary rule c. inadmissible

b. fruit of poisonous tree d. invalid
82. Failure to comply with the provisions of RA
10175, specifically the order of law enforcement
agencies shall be punished of what?
a. Contempt of court c. Reclusion perpetua

b. Obstruction of Justice d. Fine
83. They are authorized to collect or record by
technical or electronic means traffic data in real-time
associated with specified communications
transmitted by means of a computer system.
a. NBI c. CIDG
b. PNP d. Law enforcement authorities
84. All other data to be collected or seized or
disclosed will require a?
a. Investigation c. warrant
b. search d. hacker
85. The preservation of computer data may be
extended for how many months?
a. 72 hours c. 6 months
b. 1 month d. until the trial ends
86. Physical Forensics and Investigation Phase is the first
stage of incident handling procedures, which must be
applied before handling any investigation, the purpose of
this phase is to make sure that the operation and
infrastructure can support the investigation.

87. Digital forensics is the science of acquiring,
retrieving, preserving and presenting data that has
been processed electronically and stored on digital
media.

88. Preparation Phase is to collect, preserve, analyze
the physical evidence and reconstruct what
happened in the crime scene.

89. Digital Forensics Phase is to identify and collect
the electronic events that occurred on the system
and analyze it.

90. Do not separate and identify all persons
[witnesses, subjects, or others at the scene and
record their location at time of entry.

91. Place labels over all the drive slots and
over the power connectors.

92. Two persons should observe evidence in place,
during recovery and being marked for identification.
Mark directly on the evidence when necessary, but
first attempt to place identifying marks on evidence
containers.

93. To avoid damage to potential evidence, remove
any floppy disks that are present, package the disk
separately, and label the package and do not remove
CDs or touch the CD drive.

94. Never turn on or operate a suspect's computer
during investigation if it is off. Determine disk
structure, model and size.

95. Prepare Chain of custody in which the gathering
process must be documented which should include
timestamp, digital signatures and signed statements.

96. How many types of cybercrime warrants do we
have?
a. 1 c. 3
b. 2 d. 4
97. What type of warrant to disclose subscriber's
information, traffic data, or relevant data in his/her or
its possession or control within 72 hours from
receipt of the order.
a.Warrant to Disclose Computer Data

b.Warrant to Intercept Computer Data
c. Warrant to search
d. Warrant to seize
98. What type of warrant authorizes the law enforcement
authorities to listen to, record, monitor, or conduct
surveillance of the content of communications, including the
use of electronic eavesdropping or tapping devices.
a.Warrant to Disclose Computer Data c. Warrant to search

b.Warrant to Intercept Computer Data d. Warrant to seize
99. What type of warrant is similar to a search
warrant, except the subject matter is computer data.
a.Warrant to Disclose Computer Data

b.Warrant to Intercept Computer Data
c. Warrant to search
d. Warrant to search, seize and examine
100. How many hours is the disclosed subscriber's
information, traffic data, or relevant data in his/her or
its possession or control upon receipt of a warrant?
a. 12 hours c. 72 hours
b. 24 hours d. Immediately after

Cyber

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cyber

Uploaded by

Copyright:

Available Formats

INTRODUCTION TO

• Cybercrime is carried out by individuals or organizations. Some

• Rarely, does cybercrime aims to damage computers for reasons

• It threatens the governments and the public upon the information

• Identity fraud - someone uses another person's personal identifying

• Cyber Extortion - the act of cyber-criminals demanding payment

• Cybercrime that targets

PROCESSING DATA: THE CPU- The CPU can be thought of as

The motherboard provides much of the “bus of the computer”

• INPUT & OUTPUT- The computer

• These input & output devices

OTHER COMPUTING DEVICES

• Computer hardware – These are physical parts of a computer. e.g. Input

• Liveware - is the computer user. Aka orgware or humanware. The user

Is a medium that connects different computers altogether & makes

Hacking is nothing but being able to access a system or an

• White Hat Hacker – They are the hackers referred to as

• Black Hat Hacker – They are one type of hacker who

• Elite Hacker – They are someone who has sufficient

• Green Hat Hackers - Green hat hackers are types of

• Red Hat Hackers - are synonymous with Eagle-Eyed

• State/Nation Sponsored Hackers - Government appoints

• Malicious insider or Whistleblower - These types of

3. Gaining Access: the hacker tries to access the target system

6. Reporting - Reporting is the last phase of Ethical hacking. Here,

2. Network Hacking- is a way of gathering all the critical

3. Email Hacking- is a way of gaining unauthorized access to an

5. Computer Hacking- is a way of gaining unauthorized access

These are messages that are disguised as either an organization

PHISHING - Typically, they will:

The advertisement may link to a legitimate website, but it will

The key logger will capture every keystroke on the keyboard,

The host website may not be aware of the existence of the

Websites that begin with HTTPS:// are secure, whereas sites

• While computer hacking is one good example of an international crime

Focuses on the substance of the crime, such as the elements of a

1. Absence of Substantive Laws

This information is often provided 'only in response to court

1. Absence of Procedural Laws

(3) Data Interference- The intentional or reckless alteration, damaging,

(4) System Interference- The intentional alteration or reckless hindering

(3) Computer-related Identity Theft. – The intentional acquisition, use,

(C) Content-related Offenses:

(1) Cybersex— The willful engagement, maintenance, control, or operation,

(2) Child Pornography— The unlawful or prohibited acts defined &

(4) Libel -The unlawful or prohibited acts of libel as defined in Article

(b) Attempt in the Commission of Cybercrime. — Any person

All crimes defined & penalized by the Revised Penal Code, as

shall be responsible for the efficient & effective law

The NBI & the PNP shall organize a cybercrime unit or

• The DOJ Office of Cybercrime shall serve as

✔Digital forensics is the science of acquiring, retrieving,

✔Digital forensic science is a relatively new discipline that has

5. Closure Phase- involves reviewing the whole investigation

• ELECTRONIC CRIME SCENE - A crime scene where there is

- Republic Act No. 9208

• A request for WDCD may only be filed if there is a complaint

• Also, the request must state the likely offense involved.

• Also, the request must state the likely offense involved.

• In addition, the request must contain an explanation of the

• Regional Trial Courts in Quezon City, Manila City, Makati City,

• Moreover, failure to comply with the orders from law enforcement

b. The reporting must be done personally by the victims.