visit us at www.wilber-learndev.com
Abbreviations Use:
visit us at www.wilber-learndev.com
ICT – Information and Communication Technology
MO – modus operandi or method of operation
RA – Republic Act
visit us at www.wilber-learndev.com
Cybercrime in brief
visit us at www.wilber-learndev.com
International Definition and Concept
visit us at www.wilber-learndev.com
There is no universally accepted definition of cybercrime. However, the following definition includes elements common to existing cybercrime definitions. Cybercrime is an act that violates the law, which is perpetrated using information and communication technology (ICT) to either target networks, systems, data, websites and technology or facilitate a crime.[1]
visit us at www.wilber-learndev.com
Cybercrime differs from traditional crime in that it “knows no physical or geographic boundaries” and can be conducted with less effort, greater ease, and at greater speed than traditional crime (although this depends on the type of cybercrime and type of crime it is being compared to). [2]
visit us at www.wilber-learndev.com
Europol (2018) differentiates cybercrime into:
visit us at www.wilber-learndev.com
1. CYBER-DEPENDENT CRIMES – any crime that can only be committed using computers, computer networks, or other forms of information communication technology; [3] and
visit us at www.wilber-learndev.com
2. CYBER-ENABLED CRIMES – e., traditional crimes facilitated by the Internet and digital technologies.
visit us at www.wilber-learndev.com
The key distinction between these categories of cybercrime is the role of ICT in the offense – whether it is the target of the offense or part of the modus operandi (or M.O.; i.e., method of operation) of the offender. [4]
visit us at www.wilber-learndev.com
When ICT is the target of the offense, this cybercrime negatively affects the confidentiality, integrity and/or availability of computer data or systems. [5]
visit us at www.wilber-learndev.com
Confidentiality, integrity, and availability make up what is known as the “CIA Triad” (Rouse, 2014): put simply, private information should stay private, it should not be changed without permission from the owner, and data, services, and systems should be accessible to the owner at all times. When the ICT is part of the M.O., the cybercrime involves a traditional crime (e.g., fraud and theft) facilitated in some way by the Internet and digital technologies.
visit us at www.wilber-learndev.com
Cybercrime can be perpetrated by individuals, groups, businesses, and nation-states. While these actors may use similar tactics (e.g., using malicious software) and attack similar targets (e.g., a computer system), they have different motives and intent for committing cybercrimes. [6]
visit us at www.wilber-learndev.com
Various studies of cybercrime have been conducted. [7] These studies have examined cybercrime through the lens of psychology, sociology, and criminology, as well as other academic disciplines.[8]
visit us at www.wilber-learndev.com
Some literature explains criminals’ actions as an outcome of rational and free choice, while other literature considers criminality as a product of internal and/or external forces.[9] Other works have examined the role of “space” in cybercrime, particularly the role of online spaces and online communities in the cultural transmission of criminal and/or delinquent values. [10]
visit us at www.wilber-learndev.com
These scientific studies on cybercrime seek to shed light on the impact of cybercrime, “the nature and extent of cybercrime, assess reactions to cybercrime and the implications of these reactions, and evaluate the efficacy of existing methods used in the control, mitigation, and prevention of cybercrime.” [11]
visit us at www.wilber-learndev.com
In the Philippine setting
visit us at www.wilber-learndev.com
1987 Philippine Constitution: Constitutional Basis and Safeguards
visit us at www.wilber-learndev.com
The Cybercrime Prevention Act of 2011 (RA 10175) is based on the 1987 Philippine Constitution, specifically on its provisions regarding the protection of the people’s rights to due process, free speech, and privacy of communication. The act aims to address online offenses such as cybercrime, online identity theft, cybersex, and other related crimes. The act also provides the legal framework for law enforcement agencies to investigate and prosecute cybercrime cases in the Philippines.
visit us at www.wilber-learndev.com
The Republic Act No. 10175 or the Cybercrime Prevention Act of 2012 is based on several provisions of the 1987 Philippine Constitution. The primary constitutional basis of the law is the protection of the people’s rights to due process, freedom of speech, expression, and information.
visit us at www.wilber-learndev.com
Article III, Section 1 of the Constitution states that “no person shall be deprived of life, liberty, or property without due process of law.”
visit us at www.wilber-learndev.com
The Cybercrime Prevention Act provides for the protection of citizens’ personal data and the protection of their rights online. This is in line with the due process clause, which guarantees the protection of individual rights and freedoms.
visit us at www.wilber-learndev.com
Article III, Section 4 of the Constitution states that “no law shall be passed abridging the freedom of speech, of expression, or of the press, or the right of the people peaceably to assemble and petition the government for redress of grievances.”
visit us at www.wilber-learndev.com
The Cybercrime Prevention Act has provisions that criminalize online libel, which is seen as a restriction of freedom of speech and expression. This has been a source of controversy and has been challenged in court as a violation of the constitutional right to free speech.
visit us at www.wilber-learndev.com
In conclusion, the Cybercrime Prevention Act of 2012 has its basis in several provisions of the 1987 Philippine Constitution, specifically in the protection of citizens’ rights to due process and freedom of speech, expression, and information. However, its provisions regarding online libel have been criticized as a potential violation of the constitutional right to free speech.
visit us at www.wilber-learndev.com
RA 10175
visit us at www.wilber-learndev.com
Declaration of Policy under Sec. 2 of RA 10175 and Sec. 2 of IRR of 10175 provides that:
visit us at www.wilber-learndev.com
“The State recognizes the vital role of information and communications industries such as content production, telecommunications, broadcasting electronic commerce, and data processing, in the nation’s overall social and economic development.
visit us at www.wilber-learndev.com
The State also recognizes the importance of providing an environment conducive to the development, acceleration, and rational application and exploitation of information and communications technology (ICT) to attain free, easy, and intelligible access to the exchange and/or delivery of information; and the need to protect and safeguard the integrity of computer, computer and communications systems, networks, and databases, and the confidentiality, integrity, and availability of information and data stored therein, from all forms of misuse, abuse, and illegal access by making punishable under the law such conduct or conducts.
visit us at www.wilber-learndev.com
In this light, the State shall adopt sufficient powers to effectively prevent and combat such offenses by facilitating their detection, investigation, and prosecution at both the domestic and international levels and by providing arrangements for fast and reliable international cooperation.”
visit us at www.wilber-learndev.com
Here, the government recognizes the important role that industries related to information and communication, such as making content, telecom, broadcasting, e-commerce, and data processing, play in the overall growth and development of the country. It also understands the importance of creating a good environment for the growth and use of technology in these industries to make sure that information can be easily shared and accessed. The government wants to make sure that computer systems, networks, and information stored in them are protected from misuse, abuse, and illegal access. To do this, the government will have the power to stop these offenses and will make them illegal. The government will also work with other countries to investigate and prosecute these crimes.
visit us at www.wilber-learndev.com
Moreover, in the Philippines, the legal approach to cybercrime is nuanced. Rather than a broad definition, the legal framework specifically outlines offenses that constitute cybercrime. This comprehensive approach involves the Cybercrime Prevention Act, which meticulously addresses various cyber threats. Additionally, the scope extends to offenses defined in the Revised Penal Code, specifically when committed through the use of information and communications technologies. This legal strategy reflects a proactive stance, acknowledging the evolving nature of criminal activities in the digital realm and ensuring that the legal system remains adept in addressing emerging challenges in the cyber landscape. [12]
visit us at www.wilber-learndev.com
Technical Challenges:
visit us at www.wilber-learndev.com
Addressing cybercrime is hindered by several technical challenges. Firstly, attribution becomes complicated as any computer connected to the Internet can communicate with another, making it challenging to trace cybercriminals. Attackers often conceal their IP addresses, complicating identification. Additionally, tools used to evade detection and hide in the darknet further complicate investigations.
visit us at www.wilber-learndev.com
Secondly, software vulnerabilities pose a significant threat. Programs, apps, and online services often have vulnerabilities, providing avenues for attackers. Detecting these vulnerabilities can be challenging, especially for large and frequently changing software projects. Zero-day vulnerabilities, exploited before detection, add another layer of difficulty, as seen in the Equifax breach of 2017.
visit us at www.wilber-learndev.com
Virtualized information technology infrastructure, such as cloud services, introduces another challenge. While organizations shift cybersecurity responsibility to cloud providers, collaboration during incidents can lead to technical and legal complications.
visit us at www.wilber-learndev.com
Legal Challenges:
visit us at www.wilber-learndev.com
The transnational nature of cybercrime introduces legal complexities. Investigators often require cross-border data access and sharing. Legal challenges include differing legal systems, variations in national cybercrime laws, rules of evidence and criminal procedure disparities, regional and multilateral treaty inconsistencies, and diverse approaches to data protection and human rights.
visit us at www.wilber-learndev.com
Ethical Challenges:
visit us at www.wilber-learndev.com
Ethical considerations are crucial in both law enforcement and broader ICT use. Beyond legal and ethical investigations, individuals, groups, companies, and governments must uphold ethical standards. The Cambridge Analytica case exemplifies the ethical concerns surrounding data collection on social media platforms. The incident emphasized the importance of integrity and ethics, even when actions are not explicitly illegal.
visit us at www.wilber-learndev.com
Operational Challenges:
visit us at www.wilber-learndev.com
Operational challenges arise in international cooperation, demanding harmonized laws between collaborating countries. Mutual legal assistance treaties can facilitate cooperation, but requests for support may be time-consuming and yield unpredictable results.
visit us at www.wilber-learndev.com
Footnotes:
[1] e.g., Goodman, and Brenner, 2002; Wall, 2007; Wilson, 2008; ITU, 2012; Maras, 2014; Maras, 2016
[2] Maras, 2014
[3] McGuire and Dowling, 2013, p. 4; Europol, 2018, p. 15
[4] UNODC, 2013, p. 15
[5] UNODC, 2013
[6] Wall, 2007
[7] see, for example, studies published by Deviant Behavior and the International Journal of Cyber Criminology
[8] Jaishankar, 2011; Chapter 11, Holt, Bossler, and Seigfried-Spellar, 2018; see also Chapters 5-9, Maras, 2016, for a review of cybercrime studies from multiple disciplines
[9] see, for example, key and classical works on criminology included in Mclaughlin and Muncie, 2013; see also Organized Crime Module 6 on Causes and Facilitating Factors of Organized Crime, for information about some of these theories
[10] Evans, 2001; see also Chapter 6, Maras, 2016
[11] Maras, 2016, p. 13
[12] See Sec. 4, 5, and 6 of RA 10175
— END OF LESSON 1 —
visit us at www.wilber-learndev.com