Chapter 3: Lesson 1 to 3

by

visit us at www.wilber-learndev.com

CHAPTER III:

visit us at www.wilber-learndev.com

LEGAL ENFORCEMENT FOR CYBERSECURITY

visit us at www.wilber-learndev.com

Coverage:

visit us at www.wilber-learndev.com

Lesson 1: The Department of Justice (DOJ) Office of Cybercrime and Assessment

Lesson 2: Powers and Functions of DOJ Cybercrime Division

Lesson 3: The Philippine National Police (PNP) Anti-Cybercrime Group (ACG)

visit us at www.wilber-learndev.com

Sources:

visit us at www.wilber-learndev.com

1) RA 10175

2) IRR of RA 10175

3) https://acg.pnp.gov.ph

4) https://acg.pnp.gov.ph/main/

visit us at www.wilber-learndev.com

Definitions of Terms:

visit us at www.wilber-learndev.com

Law enforcement authorities – refers to the National Bureau of Investigation (NBI) and the Philippine National Police (PNP) under Section 10 of the RA 10175;

Central Authority – refers to the DOJ – Office of Cybercrime;

Competent Authority – refers to either the Cybercrime Investigation and Coordinating Center or the DOJ – Office of Cybercrime, as the case may be;

NBI – National Bureau of Investigation

PNP – Philippine National Police

CICC – Cybercrime Investigation and Coordinating Center

CERT – Computer Emergency Response Team

visit us at www.wilber-learndev.com

S O F T C O P Y: Legal Enforcement for Cybercrime

visit us at www.wilber-learndev.com

LAW ENFORCEMENT AUTHORITIES.

visit us at www.wilber-learndev.com

The NBI and the PNP shall be responsible for the efficient and effective law enforcement of the provisions of RA 10175. The NBI and the PNP shall organize a cybercrime unit or center manned by special investigators to exclusively handle cases involving violations of this Act. [1]

visit us at www.wilber-learndev.com

The NBI shall create a cybercrime division to be headed by at least a Head Agent. The PNP shall create an anti-cybercrime unit headed by at least a Police Director. [2]

visit us at www.wilber-learndev.com

The DOJ – Office of Cybercrime (OOC) created under the Act shall coordinate the efforts of the NBI and the PNP in enforcing the provisions of the Act. [3]

visit us at www.wilber-learndev.com

POWERS AND FUNCTIONS OF LAW ENFORCEMENT AUTHORITIES: [4]

visit us at www.wilber-learndev.com

The NBI and PNP cybercrime unit or division shall have the following powers and functions:

visit us at www.wilber-learndev.com

1)  Investigate all cybercrimes where computer systems are involved;

2)  Conduct data recovery and forensic analysis on computer systems and other electronic evidence seized;

3)  Formulate guidelines in investigation, forensic evidence recovery, and forensic data analysis consistent with industry standard practices;

4)  Provide technological support to investigating units within the PNP and NBI including the search, seizure, evidence preservation and forensic recovery of data from crime scenes and systems used in crimes, and provide testimonies;

5)  Develop public, private sector, and law enforcement agency relations in addressing cybercrimes;

6)  Maintain necessary and relevant databases for statistical and/or monitoring purposes;

7)  Develop capacity within their organizations in order to perform such duties necessary for the enforcement of the Act;

8)  Support the formulation and enforcement of the national cybersecurity plan; and

9)  Perform other functions as may be required by the Act.

visit us at www.wilber-learndev.com

DUTIES OF LAW ENFORCEMENT AUTHORITIES: [5]

visit us at www.wilber-learndev.com

To ensure that the technical nature of cybercrime and its prevention is given focus and considering the procedures involved for international cooperation, law enforcement authorities specifically the computer or technology crime divisions or units responsible for the investigation of cybercrimes are required to submit timely and regular reports including pre-operation, post-operation and investigation results and such other documents as may be required to the Department of Justice (DOJ) for review and monitoring.

visit us at www.wilber-learndev.com

Law enforcement authorities shall act in accordance with the guidelines, advisories and procedures ISSUED and promulgated by the competent authority in all matters related to cybercrime, and utilize the prescribed forms and templates, including, but not limited to, preservation orders, chain of custody, consent to search, consent to assume account/online identity and request for computer forensic examination. [6]

visit us at www.wilber-learndev.com

DEPARTMENT OF JUSTICE (DOJ) – OFFICE OF CYBERCRIME (OOC)

visit us at www.wilber-learndev.com

Established as the Central Authority on Cybercrime Matters pursuant to Republic Act (R.A.) No. 10175 or the Cybercrime Prevention Act of 2021.

visit us at www.wilber-learndev.com

(DOJ-OOC); FUNCTIONS AND DUTIES [7]

visit us at www.wilber-learndev.com

The DOJ-Office of Cybercrime (OOC), designated as the central authority in all matters related to (1) international mutual assistance and (2) extradition.

visit us at www.wilber-learndev.com

(DOJ-OOC) + The Cybercrime Operations Center of the CICC, shall have the following functions and duties: [7]

visit us at www.wilber-learndev.com

1)  Act as a competent authority for all requests for assistance for investigation or proceedings concerning cybercrimes, facilitate the provisions of legal or technical advice, preservation and production of data, collection of evidence, giving legal information and location of suspects;

2)  Act on complaints/referrals, and cause the investigation and prosecution of cybercrimes and other violations of the Act;

3)  Issue preservation orders addressed to service providers;

4)  Administer oaths, issue subpoena and summon witnesses to appear in an investigation or proceedings for cybercrime;

5)  Require the submission of timely and regular reports including pre-operation, post-operation and investigation results, and such other documents from the PNP and NBI for monitoring and review;

6)  Monitor the compliance of the service providers with the provisions of Chapter IV of the Act, and Rules 7 and 8 hereof;

7)  Facilitate international cooperation with other law enforcement agencies on intelligence, investigations, training and capacity-building related to cybercrime prevention, suppression and prosecution;

8)  Issue and promulgate guidelines, advisories, and procedures in all matters related to cybercrime investigation, forensic evidence recovery, and forensic data analysis consistent with industry standard practices;

9)  Prescribe forms and templates, including, but not limited to, those for preservation orders, chain of custody, consent to search, consent to assume account/online identity, and request for computer forensic examination;

10)  Undertake the specific roles and responsibilities of the DOJ related to cybercrime under the Implementing Rules and Regulation of Republic Act No. 9775 or the “Anti-Child Pornography Act of 2009”; and

11)  Perform such other acts necessary for the implementation of the Act.

visit us at www.wilber-learndev.com

COMPETENT AUTHORITIES [8]

visit us at www.wilber-learndev.com

Cybercrime Investigation and Coordinating Center; Composition.

visit us at www.wilber-learndev.com

The inter-agency body known as the Cybercrime Investigation and Coordinating Center (CICC), under the administrative supervision of the Office of the President, established for policy coordination among concerned agencies and for the formulation and enforcement of the national cyber security plan, is headed by the Executive Director of the Information and Communications Technology Office under the Department of Science and Technology (ICTO-DOST) as Chairperson; the Director of the NBI as Vice-Chairperson; and the Chief of the PNP, the Head of the DOJ Office of Cybercrime, and one (1) representative each from the private sector, non-governmental organizations, and the academe as members.

visit us at www.wilber-learndev.com

The CICC members shall be constituted as an Executive Committee and shall be supported by Secretariats, specifically for Cybercrime, Administration, and Cybersecurity. The Secretariats shall be manned from existing personnel or representatives of the participating agencies of the CICC.

visit us at www.wilber-learndev.com

The CICC may enlist the assistance of any other agency of the government including government-owned and -controlled corporations, and the following:

visit us at www.wilber-learndev.com

_____1)  Bureau of Immigration;

_____2)  Philippine Drug Enforcement Agency;

_____3)  Bureau of Customs;

_____4)  National Prosecution Service;

_____5)  Anti-Money Laundering Council;

_____6)  Securities and Exchange Commission;

_____7)  National Telecommunications Commission; and

_____8)  Such other offices, agencies and/or units, as may be necessary.

visit us at www.wilber-learndev.com

The DOJ Office of Cybercrime shall serve as the Cybercrime Operations Center of the CICC and shall submit periodic reports to the CICC.

visit us at www.wilber-learndev.com

Participation and representation in the Secretariat and/or Operations Center does not require physical presence, but may be done through electronic modes such as email, audio-visual conference calls, and the like.

visit us at www.wilber-learndev.com

POWERS AND FUNCTIONS:

visit us at www.wilber-learndev.com

The CICC shall have the following powers and functions:

visit us at www.wilber-learndev.com

1)  Formulate a national cybersecurity plan and extend immediate assistance for the suppression of real-time commission of cybercrime offenses through a computer emergency response team (CERT);

2)  Coordinate the preparation of appropriate and effective measures to prevent and suppress cybercrime activities as provided for in the Act;

3)  Monitor cybercrime cases being handled by participating law enforcement and prosecution agencies;

4)  Facilitate international cooperation on intelligence, investigations, training and capacity-building related to cybercrime prevention, suppression and prosecution through the DOJ-Office of Cybercrime;

5)  Coordinate the support and participation of the business sector, local government units and NGOs in cybercrime prevention programs and other related projects;

6)  Recommend the enactment of appropriate laws, issuances, measures and policies;

7)  Call upon any government agency to render assistance in the accomplishment of the CICC’s mandated tasks and functions;

8)  Establish and perform community awareness program on cybercrime prevention in coordination with law enforcement authorities and stakeholders; and

9)  Perform all other matters related to cybercrime prevention and suppression, including capacity-building and such other functions and duties as may be necessary for the proper implementation of the Act.

visit us at www.wilber-learndev.com

COMPUTER EMERGENCY RESPONSE TEAM (CERT)

visit us at www.wilber-learndev.com

The DOST-ICT Office shall establish and operate the Computer Emergency Response Team (CERT) that shall serve as coordinator for cybersecurity related activities, including but not limited to the following functions and duties:

visit us at www.wilber-learndev.com

a)  Extend immediate assistance to the CICC to fulfil its mandate under the Act with respect to matters related to cybersecurity and the national cybersecurity plan;

b)  Issue and promulgate guidelines, advisories, and procedures in all matters related to cybersecurity and the national cybersecurity plan;

c)  Facilitate international cooperation with other security agencies on intelligence, training, and capacity-building related to cybersecurity; and

d)  Serve as the focal point for all instances of cybersecurity incidents by:

visit us at www.wilber-learndev.com

_____ 1)  Providing technical analysis of computer security incidents;

_____ 2)  Assisting users in escalating abuse reports to relevant parties;

_____ 3)  Conducting research and development on emerging threats to computer security;

_____ 4)  Issuing relevant alerts and advisories on emerging threats to computer security.

_____ 5)  Coordinating cyber security incident responses with trusted third parties at

_____ _____ _____ a)  the national and

_____ __________  b)  international levels; and

_____ 6)  Conducting technical training on cyber security and related topics.

visit us at www.wilber-learndev.com

The Philippine National Police and the National Bureau of Investigation shall serve as the field operations arm of the CERT. The CERT may also enlist other government agencies to perform CERT functions.

visit us at www.wilber-learndev.com

PHILIPPINE NATIONAL POLICE ANTI-CYBERCRIME GROUP (PNP-ACG)

visit us at www.wilber-learndev.com

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign. The Anti-Cybercrime Group investigates all cybercrimes and other crimes in which Information and Communications Technology (ICT) was used in the commission of criminal acts or the object of attack. [9]

visit us at www.wilber-learndev.com

Knowing the dangers of cybercrimes and the security threats pose in our cyberspace, the Philippine National Police (PNP) through the leadership of police Director General Allan La Madrid Purisima Chief, PNP, pushed for the activation of the PNP Anti-Cybercrime Group (ACG) on March 20, 2013 as strategic response to all cyber security challenges. [10]

visit us at www.wilber-learndev.com

The creation of ACG also highlights the Organizational Development component of the PNP Strategic Focus “CODE-P” having a centralized body that is dedicated in handling cybercrimes to enhance the overall efficiency of the PNP to solve and prevent criminality. According to the Anti-Cyber Crime Law, the PNP-ACG will also be a part of the Cybercrime Investigation and Coordinating Center (CICC), an inter-agency body under the administrative supervision of the Office of the President, for policy coordination among concerned agencies and for the formulation and enforcement of the national cyber security plan. [11]

visit us at www.wilber-learndev.com

The Philippine National Police (PNP) Through The PNP Anti Cybercrime Group will be the frontrunner in raising awareness of cyber security at all levels of government especially the PNP, and has the following goals to help in raising public awareness to the Philippine cyberspace users:

visit us at www.wilber-learndev.com

1)  The creation of a website designed to inform home and leisure users, small business owners and those who have limited knowledge and skills about cybercrime and cyber security, the dangers of unprotected internet access and possible ways to avoid known threats. The website will contain alerts and advisories and will be written in plain language to appeal to even the most unaccustomed to using the internet. It will also include information on new cyber security risks and give suggestions on how to address them.

visit us at www.wilber-learndev.com

2)  The Publication of Cyber Security Bulletins will ensure the Internet community has access to information on cyber security threats, vulnerabilities in their systems and information on how to better protect their information technology environment.

visit us at www.wilber-learndev.com

3)  Cyber security lectures and seminars for primary and secondary schools should be conducted. This promotes cyber security awareness, culminating in an annual Cyber Security Awareness Week, conducted in partnership with business, consumer groups and community organizations.

visit us at www.wilber-learndev.com

ORGANIZATIONAL FUNCTION

visit us at www.wilber-learndev.com

Director

visit us at www.wilber-learndev.com

visit us at www.wilber-learndev.com

_____1)  Direct, supervise and control the PNP ACG which shall include tactical and strategic movements, deployment and utilization of its resources for the accomplishment of the specified tasks.

_____2)  Conduct intensive and sustained operations against cybercrimes by organized crimes groups, syndicated groups, high profile personalities that use internet and computer related devices as the major component in their criminal activities;

_____3)  Strengthen its capacity and capability to implement anti-cybercrime operations, investigation and digital examination; and

_____4)  Perform other Duties as directed by Chief, PNP.

visit us at www.wilber-learndev.com

Deputy Director

visit us at www.wilber-learndev.com

_____1)  Assist the Director PNP ACG in supervising, directing and coordinating the activities of the PNP ACG pertaining to administration and operations of the group;

_____2)  Advice and assist the Director PNP ACG in the execution of policies and programs of the Group; and

_____3)  Perform other duties as the second in command in the PNP ACG or act in the latter’s absence.

visit us at www.wilber-learndev.com

Chief of Staff

visit us at www.wilber-learndev.com

_____1)  Direct, supervise and manage the administrative affairs of the group as well as to facilitate coordination among the different Divisions and units of the PNP ACG; and

_____2)  Perform other Duties as directed by the Director PNP ACG.

visit us at www.wilber-learndev.com

ADMINISTRATIVE & RESOURCE MANAGEMENT DIVISION (ARMD)

visit us at www.wilber-learndev.com

_____1)  Advise the Director, PNP ACG on matters pertaining to personnel and service support;

_____2)  Supervise, plan and coordinate the administrative functions of the group;

_____3)  Formulate and implement plans and programs pertaining to personnel matters, logistical, financial, maintenance and other administrative requirements of the group; and

_____4)  Perform other tasks as directed.

visit us at www.wilber-learndev.com

INVESTIGATION DIVISION (ID)

visit us at www.wilber-learndev.com

_____1)  Supervise and monitor the investigation of Cases Being Handled by the PNP ACG

_____2)  Operating Units and Regional Anti-Cybercrime Units (RACUS);

_____3)  Conduct research and analyze cybercrime statistics that will serve as basis or the operational development plans to enhance the Investigative Efficiency of the PNP ACG;;

_____4)  Supervise the collection of evidence and other related information and documents to ensure that proper processing of evidence is followed within the parameters set by the rules of court;

_____5)  Responsible for the maintenance of record database and statistical data pertaining to cybercrime cases;

_____6)  Consolidate evidence, data, and documents in coordination with the Legal Affairs Division, PNP ACG, cybercrime cases;

_____7)  Evaluate crime statistics to enhance successful investigation of cases;

_____8)  Responsible in the monitoring and updating of investigation Solutions (Is)

_____9)  Perform other tasks as directed.

visit us at www.wilber-learndev.com

CYBER SECURITY UNIT (CSU)

visit us at www.wilber-learndev.com

_____1)  Plan and coordinate the conduct of cyber security researches of the Group;

_____2)  Conduct studies and researches to upgrade the capability of PNP ACG to proactively counter cybercrimes and cyber threats;

_____3)  Recommend measures for the amendment of laws to enhance the operation, investigation and prosecution of cybercrimes;

_____4)  Coordinate with other agencies on matters to address cybercrime and enhance cyber security;

_____5)  Maintain the PNP ACG website and other related public web services; and

_____6)  Perform other tasks as directed.

visit us at www.wilber-learndev.com

PNP ANTI-CYBERCRIME FIELD UNITS

visit us at www.wilber-learndev.com

_____1)  Conduct anti-cybercrime and cyber security intelligence, activities, operations and investigations in the AOR;

_____2)  Implement plans, orders, directives and programs of PNP ACG in the AOR;

_____3)  Ensure submission of periodic reports and case monitoring in the regional level;

_____4)  Coordinate with other agencies in the regional level to address cybercrime and cyber security concerns in the region;

_____5)  Conduct Digital Forensic Examination on evidences submitted in the AOR;

_____6)  Conduct of necessary training at the regional level.

_____7)  Perform other tasks as directed.

visit us at www.wilber-learndev.com

visit us at www.wilber-learndev.com

Footnotes:

[1] Sec. 10 of RA 10175 and 1st Paragraph  of Sec. 9 of IRR of RA 10175

[2] 2nd Paragraph  of Sec. 9 of IRR of RA 10175

[3] 3rd Paragraph  of Sec. 9 of IRR of RA 10175

[4] Sec. 10 of IRR of RA 10175

[5] Sec. 11 of RA 10175

[6] 2nd Paragraph  of Sec. 11 of IRR of RA 10175

[7] Section 28 of IRR of RA 10175

[8] See Sec. 26, 27 and 29 of IRR of RA 10175

[9] https://www.cybersecurityintelligence.com/philippine-national-police-anti-cybercrime-group-pnp-acg-4731.html

[10] PNP- ACG Strategic Thrust On Cybercrime And Cyber Security, pp. 1

[11] https://acg.pnp.gov.ph/main/press-releases/39-pnp-activates-anti-cybercrime-group.html

visit us at www.wilber-learndev.com


Leave a Comment