The Supreme Court has approved the rules of court in the issuance of warrants and related orders pertinent to the enforcement of punishable acts provided under the six-year-old Republic Act 10175 or the Cybercrime Prevention Act of 2012.
In an administrative matter unanimously approved adopted by the Court en banc, the rules on warrants and orders involve “the preservation, disclosure, interception, search, seizure, and/or examination, as well as the custody, and destruction of computer data” as mandated by the Cybercrime Prevention law.
The SC said that the new rules supplement the Rules of Criminal Procedure on the preliminary investigation and all stages of the prosecution of criminal action involving violations of RA 10175 with the use of information and communications technologies (ICT).
The high court said all crimes enumerated in RA 10175 are cognizable by the regional trial courts in the country and those courts specifically designated as “cybercrime courts.”
“The detection, investigation, and prosecution of cybercrime offenses necessitate a rule of procedure therefor, especially for the application, issuance, and implementation of court warrants technically-suited to the nature of cybercrime offenses,” the SC added.
Among the crimes punishable under RA 10175 are libel, cybersex, child pornography, and offenses against the confidentiality, integrity and availability of computer data and systems like illegal access, illegal interception, data interference, system interference, misuse of devices, cyber-squatting, computer related fraud, computer-related Identity theft, and unsolicited commercial communications.
A person found guilty of violation of RA 10175 may be imprisoned from six years and one day to 12 years (prision mayor) or imposed a fine ranging from P200,000 to P500,000 or both.
If a violation is committed against critical infrastructure, the penalty is a prison term ranging from 12 years and one day to 20 years (reclusion temporal) or a fine of at least P500,000 or both.
Should the violation involve child pornography, the penalty is one degree higher than that imposed in the Anti-Child Pornography Act of 2009 under RA 9775.
Corporate liability under RA 10175 is punishable by a fine ranging from P5 million to P10 million without prejudice to the criminal liability of corporate officers.
RA 10175 also tasks the National Bureau of Investigation and the Philippine National Police in the enforcement of the law, while the Department of Justice (DOJ) is mandated to create an Office of Cybercrime on matters related to international mutual assistance and extradition.
It also provided for the creation of an inter-agency body known as the Cybercrime Investigation and Coordinating Center (CICC) under the Office of the President.
Under the rules of court on cybercrime offenses, the criminal actions for violation of Section 4 (Cybercrime offenses) and/or Section 5 (Other offenses), Chapter II of RA 10175, shall be filed before the designated cybercrime court of the province or city where the offense or any of its elements is committed, or where any part of the computer system used is situated, or where any of the damage caused to a natural or juridical person took place, provided that the court where the criminal action is first filed shall acquire jurisdiction to the exclusion of the other courts. All other crimes defined and penalized by the Revised Penal Code, as amended, and other special laws, committed by, through, and with the use of ICT, as provided under Section 6, Chapter II of RA 10175, shall be filed before the regular or other specialized regional trial courts, as the case may be.
The rules also provides, among others, that “an application for a warrant under this Rule concerning a violation of Section 4 (Cybercrime Offenses) and/or Section 5 (Other Offenses), Chapter II of RA 10175 shall be filed by the law enforcement authorities before any of the designated cybercrime courts of the province or the city where the offense or any of its elements has been committed, is being committed, or is about to be committed, or where any part of the computer system used is situated, or where any of the damage caused to a natural or juridical person took place. However, the cybercrime courts in Quezon City, the City of Manila, Makati City, Pasig City, Cebu City, Iloilo City, Davao City and Cagayan De Oro City shall have the special authority to act on applications and issue warrants which shall be enforceable nationwide and outside the Philippines.
On the other hand, an application for a warrant under this Rule for violation of Section 6, Chapter II of RA 10175 (all crimes defined and penalized by the Revised Penal Code, as amended, and other special laws, if committed by, through, and with the use of ICT) shall be filed by the law enforcement authorities with the regular or other specialized regional trial courts, as the case may be, within its territorial jurisdiction in the places above-described.
Once a criminal action is instituted, a motion to quash and other incidents that relate to the warrant shall be heard and resolved by the court that subsequently acquired jurisdiction over the criminal action. The prosecution has the duty to move for the transmittal of the records, as well as the transfer of the items’ custody to the latter court.
Before issuing a warrant, the judge must personally examine in the form of searching questions and answers, in writing and under oath, the applicant and the witnesses he may produce, on facts personally known to them and attach to the record their sworn statements, together with the judicial affidavits submitted.
Any warrant issued under this Rule shall only be effective for the length of time as determined by the court, which shall not exceed a period of ten (10) days from its issuance. The court issuing the warrant may, upon motion, extend its effectivity based only on justifiable reasons for a period not exceeding ten (10) days from the expiration of the original period.
Failure to timely file the returns for any of the issued warrants under this Rule or to duly turn-over to the court’s custody any of the items disclosed, intercepted, searched, seized, and/or examined as prescribed hereunder, shall subject the responsible law enforcement authorities to an action for contempt, which procedures shall be governed by Rule 71 of the Rules of Civil Procedure, insofar as they are applicable.
Pursuant to Section 20, Chapter IV of RA 10175, failure to comply with the provisions of Chapter IV, specifically the orders from law enforcement authorities, shall be punished as a violation of Presidential Decree No. 1829, entitled ‘Penalizing Obstruction Of Apprehension And Prosecution Of Criminal Offenders.’ The criminal charge for obstruction of justice shall be filed before the designated cybercrime court that has jurisdiction over the place where the non-compliance was committed.
For persons or service providers situated outside of the Philippines, service of warrants and/or other court processes shall be coursed through the Department of Justice -Office of Cybercrime, in line with all relevant international instruments and/or agreements on the matter.
Pursuant to Section 13, Chapter IV of RA 10175, the integrity of traffic data and subscriber’s information shall be kept, retained, and preserved by a service provider for a minimum period of six ( 6) months from the date of the transaction. On the other hand, content data shall be preserved for six ( 6) months from the date of receipt of the order from law enforcement authorities requiring its preservation. Law enforcement authorities may order a one-time extension for another six ( 6) months: Provided, that once computer data that is preserved, transmitted or stored by a service provider is used as evidence in a case, the receipt by the service provider of a copy of the transmittal document to the Office of the Prosecutor shall be deemed a notification to preserve the computer data until the final termination of the case and/or as ordered by the court, as the case maybe. The service provider ordered to preserve computer data shall keep the order and its compliance therewith confidential.
Pursuant to Section 14, Chapter IV of RA 10175, law enforcement authorities, upon securing a Warrant to Disclose Computer Data (WDCD) under this Rule, shall issue an order requiring any person or service provider to disclose or submit subscriber’s information, traffic data or relevant data in his/her or its possession or control within seventy-two (72) hours from receipt of the order in relation to a valid complaint officially docketed and assigned for investigation and the disclosure is necessary and relevant for the purpose of investigation.
A WDCD is an order in writing issued in the name of the People of the Philippines, signed by a judge, upon application of law enforcement authorities, authorizing the latter to issue an order to disclose and accordingly, require any person or service provider to disclose or submit subscriber’s information, traffic data, or relevant data in his/her or its possession or control.”‹