• Libel and slander are types of defamatory statements.

Libel is a defamatory statement that is written. Slander is a defamatory statement that is

oral. At common law, libel and slander were analyzed under different sets of standards,
with libel recognized as the more serious wrong.

Article 358 of RPC Slander – punished by aresto mayor in it’s maximum period to prison
correctional in its minimum period if it is of a serious and insulting nature; otherwise the
penalty must be aresto menor or a fine.

 Serious slander is now punishable by imprisonment of arresto mayor in it’s

maximum period to prison correctional in its minimum period or 4 months and
1 day to 2 years and 4 months or a fine ranging from 20,000 to 100, 00. While
simple slander is punishable by arresto menor or 1 day to 1 month or a fine
not exceeding to 20,000 pesos.
 It is defined as “the speaking of base and defamatory words” which tend to
prejudice another in his reputation, office, trade, business or means of
livelihood.
The elements of oral defamation (paninirang puri)

1. There must be an imputation of a crime or of a vice or defect, real or imaginary, or

any act commission, status or circumstances
2. Oral Defamation or slander is libel committed by oral (spoken) instead of writing
3. Publicly
4. Maliciously
5. Directed to a natural or juridical person or one who is dead
6. Which tends to cause dishonor, discredit or contempt of the person defamed
The gravity depends upon;

1. The expressions used

2. The personal relation of the accused and the offended party and;
3. The special circumstances of the case

Cybersecurity and Data Protection

• Cybersecurity – the practice of protecting systems, networks, and programs from

digital attacks. It is also one of the fastest- growing challenges across the globe and is
becoming increasingly important. Furthermore, cybersecurity has enormous implications
for government security, economic prosperity, and public safety. Cyber laws have been
enacted by every nation, including the United States, South Africa, Europe, and the
Philippines.

• Data Protection – the process of safeguarding important information from corruption,

compromise, or loss. The importance of data protection increases as the amount of data
created and stored continues to grow at unprecedented rates.

• Information Technology (IT) Law refers to the law of IT, including computing and the
Internet, that governs the digital dissemination of both information and software.
• Cybercrime is a crime committed with or using information and communication
technologies such as radio, television, smartphones, computer and network, and other
communication devices.

Types of Cybercrime in the Philippines

There are various types and kinds of cybercrimes.

The 2001 Budapest Convention on Cybercrime categorizes the cybercrime offenses into
the following:

• Crimes against the confidentiality, integrity, and availability of computer data and
systems;

• Crimes related to infringements of copyright and related rights.

• Computer-related offenses;

• Content-related offenses

IT-related Laws in the Philippines

• The first recorded cybercrime in Philippines was in 2000 when Onel de Guzman
released the “I Love You” virus but was dismissed at first stage as there was no law
punishing cybercrimes at the time.

• Here are computer-related laws enacted in the Philippines as of today:

1. Cybercrime Prevention Act of 2012 (Republic Act No. 10175)

- An act addressing crimes committed against and through? Computer systems,

providing protection and safeguarding the integrity of computer, computer and
communications systems, networks, and plagiarism and databases.

2. E-Commerce Act of 2000 (Republic Act No. 8792)

- This act aims to facilitate domestic and international agreements, contracts, and
exchanges and storage of information through the utilization of electronic, mode,
instrumentality, and technology to recognize the

Authenticity and reliability of electronic documents related to such activities, and to

promote the universal use of electronic transactions in the government and by the
public.

3. Device Regulation Act of 1998 (Republic Act No. 8484)

- An act regulating the issuance and use of access devices, prohibiting fraudulent acts
committed, providing penalties, and for other purposes. The State recognizes the recent
advances in technology and the widespread use of access devices in commercial
transactions. The State shall protect the rights and define the liabilities of parties in such
commercial transactions by regulating the issuance and use of access devices.
 4. Anti-Wiretapping Law (Republic Act No. 4200)
- An act to prohibit and penalize wiretapping and other related violations of the privacy of
communication and for other purposes. It shall be unlawful for any person, not being
authorized by all the parties to any private

Communication or spoken word, to tap any wire, to secretly overhear, intercept, or

record such

Communication or spoken word by using a device commonly known as a dictograph,

walkie-talkie, or tape recorder.

5. Data Privacy Act of 2012 (Republic Act No. 10173)

-Enacted to protect individual personal information in ICT systems in the government and
the private sector. The National Privacy Commission administers and implements the
provisions of the law and ensure compliance of the country with international standards
set for data protection.

6. Anti-Child Pornography Act of 2009 (Republic Act No. 9775)

- An act defining the crime of child pornography, prescribing penalties and for other
purposes. The State recognizes the vital role of the youth in nation building, and shall
promote and protect their physical, moral, spiritual, intellectual, emotional,
psychological, and social well- being.

7. Anti-Photo and Voyeurism Act of 2009 (Republic Act No. 9995)

- An act penalizing the crime of photo and video voyeurism. Photo or video voyeurism
means the act of taking a photo or video of a person or group of persons performing a
sexual act without the latter’s consent. It also includes the act of selling, reproducing,
and broadcasting the photo, video, or recordings of such sexual act through the Internet
and similar means or device without the written consent of the person/s involved.

Cybercrime Offenses in the Philippines

The following acts constitute the offense of core cybercrime punishable in the
Philippines.

A. Offenses against the confidentiality, integrity, and availability of computer data

systems.

1. Illegal Access – refers to the access to the whole or any part of a computer system without
right.

2. Illegal Interception – refers to the interception made by technical means without right of
any non- public transmission of computer data to, from, or within a computer system
including electromagnetic emissions from a computer system carrying such computer data.

3. Data Interference – refers to the intentional or reckless alteration, damaging, deletion, or

deterioration of computer data, electronic document, or electronic data message, without
right, including the introduction or transmission of viruses.

4. System Interference refers to the intentional alteration or reckless hindering or

interference with the functioning of a computer or computer network by inputting,
transmitting. Damaging, deleting, deteriorating, altering, or suppressing computer data or
program, electronic document, or electronic data message, without right or authority,
including the introduction or transmission of viruses.

5. Misuse of Devices – refers to the use, production, sale, procurement, importation,

Distribution, or otherwise making available, without the right of a computer program or a

computer password.

6. Cyber-squatting – the acquisition of a domain name over the internet, in bad faith, to
profit, mislead, destroy reputation, and deprive others of registering the same name.

B. Computer-related Offenses

1. Computer-related Forgery – the input, alteration, or deletion of any computer data without
right, resulting in inauthentic data, regardless of whether the data is directly readable and
intelligible.

2. Computer-related Fraud – the input, alteration, or deletion of computer data or program

causing damage thereby with fraudulent intent.

3. Computer-related Identity Theft – the intentional acquisition, use, misuse, transfer, or

alteration of identifying information belonging to another, whether natural or juridical,
without right.

Overview of International IT- related Laws

• Cybercrime is a growing concern to countries at all levels of developments and affects

both consumers and sellers. While 154 countries (79%) have enacted cybercrime legislation
as of 2021, the pattern varies by region: Europe has the highest adoption rate (93%) and
Asia and the Pacific the lowest (55%).

• The evolving cybercrime landscape and resulting skills gaps are a significant challenge for
law enforcement agencies and prosecutors, especially for cross-border enforcement.

Convention on Cybercrime (Treaty #185 – Budapest Convention)

The Convention is the first international treaty on crimes committed via the Internet and
other computer networks, dealing particularly with infringements of copyright, computer-
related fraud, child pornography and violations of network security. It also contains a series
of powers and procedures such as the search of computer networks and interception.

PRIVACY AND DATA

What is RA 10173?

The Congress of the Philippines passed the Republic Act No. 10173 in 2012,
also known as the Data Privacy Act (DPA) of 2012.
The Data Privacy Act, protects individuals from unauthorized processing of
personal information that is private, not publicly available; and identifiable.

What is REPUBLIC ACT NO. 10173?

• AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN

INFORMATION AND COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND
THE PRIVATE SECTOR, CREATING FOR THIS PURPOSE A NATIONAL PRIVACY
COMMISSION, AND FOR OTHER PURPOSES.

• In 2012 the Philippines passed the Data Privacy Act 2012, comprehensive
and strict privacy legislation “to protect the fundamental human right of
privacy, of communication while ensuring free flow of information to promote
Innovation and growth.” (Republic Act. No. 10173, Ch. 1, Sec. 2).

This comprehensive privacy Law also established a National Privacy

Commission that enforces and oversees it and is endowed with rulemaking
power. On September 9, 2016, the final implementing rules and regulations
came into force, adding specificity to the Privacy Act.

DATA PRIVACY ACT — PROGRAM 1

The act further applies to the processing of the personal information of

Philippines citizens regardless of where they reside.

PROGRAM 2

One exception in the act provides that the law does not apply to the
processing of personal information in the Philippines that was lawfully
collected from residents of foreign jurisdictions – an exception helpful for
Philippines companies that offer cloud services.

What is Collection?

The act states that the collection of personal data “must be a declared,
specified, and legitimate purpose” and further provides that consent is
required prior to the collection of all personal data.
What is Consent?

Consent must be “freely given. Specific, informed,” and the definition further
requires that consent to collection and processing be evidenced by recorded
means. However, processing does not always requires consent.

What is Sensitive Personal Information?

The law defines sensitive personal information as being:

• About an individual’s race, ethnic origin, marital status, age, color, and
religious, philosophical or political affiliations;

• About an individual's health, education, genetic or sexual life of a person,

or to any proceeding or any offense committed or alleged to have
committed;

• Issued by government agencies “peculiar” (unique) to an individual, such

as social security number;

• Marked as classified by executive order or act of Congress.

Why Data Privacy is important?

The act is necessary and important precaution in a world which is moving

into digital age.

There are 3 personas involved;

1. Data Subject
2. Personal Information Controller
3. Personal Information Processor

What needs to protect?

- Name
- Address
- TIN
- SSS No.
- Contact Numbers
- Bank Account Details
- ATM Card Details
- Credit Card Details
National Privacy Commission

• The National Privacy Commission (NPC) is the independent body created

under the Data Privacy Act of 2012 (RA 10173) which mandated to
administer and implement the provisions of the Act.

OUR RIGHTS ;

- The right to be informed — your personal data should never be

collected without your consent.
- The right to access — ask whether an organization holds your
personal data and to gain reasonable access to obtain your
personal data.
- The right to object — you can object if the personal data
processing involved is based on consent.
- The right to erasure or blocking — you have the right to suspend
or withdraw of your personal data.
- The right to damages — you may claim compensation if you
suffered damages due to false obtained of your data.
- The right to file a complaint — if your personal information has
been misused.
- The right to rectify — the right to dispute and have corrected any
error in your data.
- The right to data portability — assures your data are transferred
in a secure manner.

What is the penalties in violation the RA 10173?

• The law provides separate penalties for various violations, most of which
also include imprisonment.

Separate counts exist for:

• unauthorized processing

• processing for unauthorized purposes

• negligent access

• Improper disposal

• unauthorized access or intentional breach

• concealment of breach involving sensitive personal information

• unauthorized disclosure
• malicious disclosure

What is the Fine and Imprisonment in violation the RA 10173?

• Any combination or series of acts may cause the entity to be subject to

imprisonment ranging from three to six years as well as a fine of
approximately PHP20,000 to PHP100.000.

Penalties for failure to notify

• Persons having knowledge of a security breach involving sensitive personal

information and of the obligation to notify the commission of same, and who
fail to do so, may be subject to penalty for concealment, including
imprisonment for 1 ½ to five years of imprisonment, and a fine of
approximately PHP10,000 – PHP20,000. depending upon the circumstances
additional violations might apply.

What is the violation of privacy in the Philippines?

• The penalty of imprisonment ranging from one to three years and a fine of
PHP 500,000 to PHP 2,000,000 shall be imposed on persons who knowingly
and unlawfully, or violating data confidentiality and security data systems,
breaks in any way into any system where personal and sensitive personal
information is stored.

Imprisonment

- Period ranging 6 months to 6 years.