 Digital Laws and Ethics

o Computer and Internet Crimes and the Cybercrime

o Law
o The Ten Commandments of Computer Ethics
o Applicable Philippine Laws that Penalize Cybercrime
o Intellectual Property Law
o Social Networking

COMPUTER CRIME
 Alternatively known as cybercrime, e-crime, electronic crime, or hi-tech crime. Computer crime is an act performed by a
knowledgeable computer user, sometimes called a "hacker," that illegally browses or steals a company's or individuals’
private information.

WHY DO PEOPLE COMMIT COMPUTER CRIMES?

 In most cases, someone commits a computer crime to obtain goods or money. Greed and desperation are powerful motivators
for some people to try stealing through computer crimes. Some people may also commit a computer crime because they are
pressured, or forced, to do so by another person.

CYBERCRIME
 Cybercrime is any criminal activity that involves a computer, networked device or a network.
 While most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out
against computers or devices directly to damage or disable them.

HOW DOES COMPUTER CRIME HAPPEN?

 Cyber criminals seek to exploit human or security vulnerabilities in order to steal passwords, data or money directly. The
most common cyber threats include: Hacking - including of social media and email passwords. Phishing - bogus emails
asking for security information and personal details.

Computer crime, also known as cybercrime, refers to criminal activities that are conducted through the use of computers or other
digital technologies. Criminologists have developed a number of theories to explain why individuals engage in computer crime,
including:

1. Rational Choice Theory: This theory suggests that individuals engage in computer crime because they believe it is a
profitable and low-risk activity. In other words, they weigh the potential benefits of committing a crime against the potential
risks of getting caught and punished.

2. Social Learning Theory: This theory argues that individuals learn to engage in computer crime through observing the
behaviors of others, particularly those who are close to them. They may also be influenced by media portrayals of hackers as
glamorous and successful.

3. Strain Theory: This theory posits that individuals engage in computer crime when they experience strain or pressure in their
lives, such as economic hardship or social exclusion. Computer crime may provide a way for them to alleviate their stress or
gain a sense of power and control.

4. Routine Activities Theory: This theory suggests that computer crime occurs when there is a convergence of three factors: a
motivated offender, a suitable target (such as a vulnerable computer system), and the absence of capable guardians (such as
effective cyber security measures).

5. Self-Control Theory: This theory proposes that individuals who engage in computer crime have low levels of self-control,
which makes them more likely to act impulsively and make decisions without considering the consequences.

EXPLOIT
  Is a segment of code or a program that maliciously takes advantage of vulnerabilities or security flaws in software or
hardware to infiltrate and initiate a denial-of-service (DoS) attack or install malware, such as spyware, ransom ware, Trojan
horses, worms, or viruses.
 A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular
vulnerability the system offers to intruders.
 An exploit is a program, or piece of code, designed to find and take advantage of a security flaw or vulnerability in an
application or computer system, typically for malicious purposes such as installing malware.
 An exploit is a code that takes advantage of a software vulnerability or security flaw. It is written either by security
researchers as a proof-of-concept threat or by malicious actors for use in their operations.

TYPES OF EXPLOITS

1.Computer Viruses
o A computer program that can copy itself and infect a computer without permission or knowledge of the user.
o A virus might corrupt or delete data on a computer, use e-mail programs to spread itself to other computers, or even
erase everything on a hard disk. See malicious code.
2. Worms
o A worm is a type of malicious software (malware) that replicates while moving across computers, leaving copies of
itself in the memory of each computer in its path.
o A computer worm is self-replicating malware that duplicates itself to spread to uninfected computers. Learn more
about worms and how to defend against them.
3. Trojan Horses
o A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program.
o Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.
4. Botnet
o A botnet, a blend of "robot" and "network," is a network of computers infected by malware and under the control of
a single attacking party known as the "bot-herder."
o Botnets are networks of hijacked computer devices used to carry out various scams and cyberattacks.
5. Distributed Denial-of-Service Attacks
o DDoS Attack means "Distributed Denial-of-Service (DDoS) Attack" and it is a cybercrime in which the attacker
floods a server with internet traffic to prevent users from accessing connected online services and sites.
o Distributed Denial of Service attack, the attacker enlists the help of (many) thousands of Internet users to each
generate a small number of requests which, added together, overload the target.
6. Rootkit
o Rootkit malware is a collection of software designed to give malicious actors control of a computer network or
application.
o A rootkit is a type of malware designed to give hackers access to and control over a target device.
7. E-mail Spam
o Email spam, also referred to as junk email, spam mail, or simply spam, is unsolicited messages sent in bulk by
email. The name comes from a Monty Python sketch in which the name of the canned pork product Spam is
ubiquitous, unavoidable, and repetitive.
8. Phishing
o Phishing is the most common type of social engineering, the practice of deceiving, pressuring or manipulating
people into sending information or assets to the wrong people.
o Phishing happens when a victim acts on a fraudulent email that demands urgent action.
9. Computer Fraud
o Computer fraud is defined in federal law in the Computer Fraud and Abuse Act (CFAA) as the access of a protected
computer without authorization or exceeding authorization.
o Computer fraud is any kind of fraud that is committed by means of a computer system. It typically involves making
illicit financial transfers through computer commands.
TYPES OF PERPETRATORS

1. Hackers
 A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. The term
also may refer to anyone who uses their abilities to gain unauthorized access to systems or networks in order to
commit crimes.
  Computer hackers are unauthorized users who break into computer systems in order to steal, change or destroy
information,

 What are the different types of hackers?

i. Ethical hackers or authorized hackers -- previously known as white hat hackers -- strive to operate in the
public's best interest rather than to create turmoil. Many ethical hackers who work doing pen testing were
hired to attempt to break into the company's networks to find and report on security vulnerabilities.

ii. Threat actors or unauthorized hackers -- previously known as black hat hackers -- intentionally gain
unauthorized access to networks and systems with malicious intent. This includes stealing data, spreading
malware or profiting from ransomware, vandalizing or otherwise damaging systems, often in an attempt to
gain notoriety. Threat actors are criminals by definition because they violate laws against accessing systems
without authorization, but they may also engage in other illegal activity, including corporate espionage,
identity theft and distributed denial-of-service (DDoS) attacks.

iii. Gray hat hacker’s fall somewhere between ethical hackers and threat actors. While their motives may be
similar to those two groups, gray hats are more likely than ethical hackers to access systems without
authorization; at the same time, they are more likely than threat actors to avoid doing unnecessary damage
to the systems they hack.

iv. Red hat hackers, also called eagle-eyed or vigilante hackers, are similar to ethical hackers. Red hat
hackers intend to stop unethical attacks by threat actors. While red hat hackers may have a similar intent to
ethical hackers, they differ in methodology, as red hat hackers may use illegal or extreme courses of action.

v. Blue hat hackers, also known as vengeful hackers, use hacking as a social weapon. Frequently, it is used
as a means for revenge against a person, employer or other organization. Hackers who post personal and
confidential data online to ruin reputations or attempt to gain unauthorized access to email and social media
accounts are classified as blue hats.

vi. Script kiddies are amateur, inexperienced hackers who attempt to use pre-written scripts in their hacking
efforts. Often, these are fledgling hacking enthusiasts who cause little damage.

vii. Hacktivists are organizations of hackers that use cyber-attacks to affect politically motivated change. The
purpose is to bring public attention to something the hacktivist believes might be a violation of ethics or
human rights. Hacktivism attacks may attempt to reveal evidence of wrongdoing by publicizing private
communications, images or information.

2. Malicious Insider
 A malicious insider is an insider who intends to cause damage to the organization for personal gain.
 A recently fired employee selling sensitive information to a competitor. A disgruntled employee exposing trade
secrets to the public. An employee that deletes important records and information to breach compliance regulation.

3. Industrial Spies
 Industrial espionage is the illegal and unethical theft of business trade secrets for use by a competitor to achieve a
competitive advantage.

4. Cybercriminals
 Cybercriminals are individuals or teams of people who use technology to commit malicious activities on digital
systems or networks with the intention of stealing sensitive company information or personal data, and generating
profit.
5. Hacktivism and Cyberterrorists
 Derived from combining the words 'Hack' and 'Activism', hacktivism is the act of hacking, or breaking into a
computer system, for politically or socially motivated purposes.
 Hacktivists' methods may include data theft, distributed denial of service (DDoS) attacks, website defacement, or
the use of social media to spread awareness about a cause.
  Cyberterrorism is the convergence of cyberspace and terrorism. It refers to unlawful attacks and threats of attacks
against computers, networks and the information stored therein when done to intimidate or coerce a government or
its people in furtherance of political or social objectives.
 Hacktivism is nonviolent use of illegal or legally ambiguous digital tools in pursuit of political ends.
Cyberterrorism consists of politically motivated illegal attacks against information, computer systems, programs
and data resulting in violence against noncombatant targets.

REPUBLIC ACT NO. 10175

 “Cybercrime Prevention Act of 2012” which addresses crimes committed against and through computer systems on 12
September 2012. It includes penal substantive rules, procedural rules and also rules on international cooperation.
 The Cybercrime Prevention Act of 2012 sanctions content-related offenses performed using a computer system, such as
cybersex, child pornography, and libel. In addition, unsolicited commercial communications or content that advertises or sells
products or services is also punished.

ELECTRONIC COMMERCE ACT OF 2000 (RA NO. 8792)

 Republic Act 8792 or The Electronic Commerce Act of 2000 (the "Act") aims to facilitate domestic and international
transactions through the utilization of electronic mediums and technology to recognize the authenticity and reliability of
electronic documents.
 Under the law, E-commerce Act applies to any kind of data message and electronic document used in the context of
commercial and non-commercial activities to include domestic and international dealings, transactions, arrangements,
agreements, contracts and exchanges and storage of information.

ACCESS
 Access, in the context of security, is the privilege or assigned permission to use computer data or resources in some manner.

CYBER
 Cyber is a prefix that denotes a relationship with information technology (IT). Anything relating to computing, such as the
internet, falls under the cyber category. It's worth noting cyber carries a connotation of a relationship with modern computing
and technology.

INTERCEPTION
 The action of stopping and catching something or someone before that thing or person is able to reach a particular place.
 Interception attacks allow unauthorized users to access our data, applications, or environments, and are primarily an attack
against confidentiality.
 Interception attack, a malicious actor can access private or confidential information with no legitimate authorization.

Offenses against the confidentiality, integrity and availability of computer data and systems

1. Illegal Access
 A person gains logical or physical access without permission to a network, system, application, data, or other
resource.
 A person commits the criminal offense of illegal access to a computer system when he or she accesses the whole or
any part of a computer system without right.
2. Illegal Interception
 The crime of “illegal interception” is the “interception made by technical means without right of any non-public
transmission of computer data to, from, or within a computer system including electromagnetic emissions from a
computer system carrying such computer data.”
3. Data Interference
 Interference can include suppressing, modifying, adding, transmitting, editing, deleting or otherwise damaging data,
systems, and services.
 When committed intentionally, the damaging, deleting, deterioration, alteration, or suppression of computer data
without right; includes inputting of malicious.
4. System Interference
  A person commits the criminal offense of interference with computer data when he or she damages, deletes,
deteriorates, alters, or suppresses com
5. Misuse of Devices
 Person may make available on the Internet information outlining security weaknesses in a computer system.
 “Misuse of Devices,” intends to criminalize the intentional possession of or trafficking in “hacker tools” designed to
facilitate the commission of a crime.
6. Cyber-squatting
 The term cybersquatting refers to the unauthorized registration and use of Internet domain names that are identical
or similar to trademarks, service marks, company names, or personal names.

COMPUTER-RELATED OFFENSES

1. Computer Forgery
o When a perpetrator alters documents stored in computerized form, the crime committed may be forgery. In this
instance, computer systems are the target of criminal activity.
2. Computer-related Fraud
o Using someone else's computer to access personal information with the intent to use it fraudulently. Installing
spyware or malware to engage in data mining. Violating copyright laws by copying information with the intent to
sell it.
3. Computer-related Identity Theft
o Identity theft occurs when someone uses another person's private information to commit fraud. Identity thieves often
apply for loans or open bank accounts and credit cards in other people's names.

CONTENT-RELATED OFFENSES
1. Cybersex
o Cybersex activities include not only viewing and/or downloading pornography along with masturbation,
o Cybersex, also called computer sex, Internet sex, netsex and, colloquially, cyber or cybering, is a virtual sex
encounter in which two or more people have
o Cybersex trafficking, or online sexual exploitation, is a cybercrime and a form of modern slavery.
2. Child Pornography
o Child pornography is pornography that unlawfully exploits children for sexual stimulation. It may be produced with
the direct involvement or sexual assault of a child or it may be simulated child pornography.
3. Unsolicited Commercial Communications
o A common scenario is your mobile or office phone ringing for a few brief minutes from an unknown number. Upon
answering, the caller hangs up to try and get you to return the call.
o Unsolicited communications or spam refers to emails or mobile messages that advertise products and services to a
large group of recipients without their prior request or consent.
4. Libel
o Cyberlibel refers to unlawful or prohibited acts of libel committed through a computer system or any other similar
means that may be devised in the future.
o Cyber-libel is a term used when someone has posted or emailed something that is untrue and damaging about
someone else on the Internet, including in message boards, bulletin boards, blogs, chat rooms, personal websites,
social media, social networking sites, or other published articles.

TEN COMMANDMENTS OF COMPUTER ETHICS

1. Thou shalt not use a computer to harm other people

2. Thou shalt not interfere with other people ‘s computer work
3. Thou shalt not snoop around in other people ‘s files
4. Thou shalt not use a computer to steal
5. Thou shalt not use a computer to bear a false witness
6. Thou shalt not use or copy software for which you have not paid
7. Thou shalt not use other people ‘s computer resources without authorization
8. Thou shalt not use appropriate other people ‘s intellectual output
9. Thou shalt think about the social consequences of the program you write
10. Thou shalt use a computer in ways that show consideration and respect
APPLICABLE PHILIPPINE LAWS THAT PENALIZE CYBERCRIME

REPUBLIC ACT NO. 10175 SECTION 4 PARAGRAPH 4 (LIBEL)

 (4) Libel. – The unlawful or prohibited acts of libel as defined in Article 355 of the Revised Penal Code, as amended,
committed through a computer system or any other similar means which may be devised in the future.”
 If punishable acts in Section 4(a) are committed against critical infrastructure, the penalty of reclusion temporal or a fine of at
least Five hundred thousand pesos (PhP500,000.00) up to maximum amount commensurate to the damage incurred or both,
shall be imposed.

INTELLECTUAL PROPERTY LAW

 Intellectual Property law deals with laws to protect and enforce rights of the creators and owners of inventions, writing,
music, designs and other works, known as the "intellectual property." There are several areas of intellectual property
including copyright, trademarks, patents, and trade secrets.
 It shall protect and secure the exclusive rights of scientists, inventors, artists and other gifted citizens to their intellectual
property and creations, particularly when beneficial to the people, for such periods as provided in this Act. The use of
intellectual property bears a social function.
 Republic Act No. 8293 [An Act Prescribing the Intellectual Property Code and Establishing the Intellectual Property Office,
Providing for Its Powers and Functions, and for Other Purposes] otherwise known as the Intellectual Property Code of the
Philippines.
 8293, the “Intellectual Property Code of the Philippines”, which was signed into law on June 6, 1987 and took effect on
January 1, 1998. The said law abolished the Bureau of Patents, Trademarks and Technology Transfer (BPTT) of the
Department of Trade and Industry (DTI).

SOCIAL NETWORKING

 Social networking refers to using internet-based social media sites to stay connected with friends, family, colleagues, or
customers. Social networking can have a social purpose, a business purpose, or both through sites like Facebook, Twitter,
Instagram, and Pinterest.
 Social networks are websites and apps that allow users and organizations to connect, communicate, share information and
form relationships. People can connect with others in the same area, families, friends, and those with the same interests.

TYPES OF SOCIAL NETWORK

1. Socializing: Online Communities – Facebook, WeChat, Meetme, MySpace

2. Carrier and Business Opportunities: Business Netwirks – LinkedIn, Viadeo, XING
3. Matchmaking, Soulmate: Online Matchmaking – Shaadi, Adult Friend Finder, Bharatmatrimo
4. Getting Back in Touch: Alumni Networks – Facebook, Classmates.com, Orkut

FEATURES ON SOCIAL NETWORKING

1. Messaging
2. News
3. Communities
4. Like Buttons
5. Games
6. Audio and Video Uploads