Lesson Objectives

At the end of this lesson, learners should be able to explain Section 6 of RA 10175 and recognize that cybercrime incidents may also involve other Philippine laws.

 

RA 10175 Does Not Operate Alone

A cybercrime incident may violate more than one law. RA 10175 addresses specific cybercrime offenses, but traditional offenses under the Revised Penal Code and offenses under special laws may also be committed through ICT.

Section 6 of RA 10175 provides that crimes defined and penalized by the Revised Penal Code or special laws, when committed by, through, and with the use of ICT, are covered by the law, with the penalty generally imposed one degree higher than the penalty provided under the underlying law. The Supreme Court has upheld the constitutionality of this framework because of the distinctions between ordinary and ICT-enabled commission of crimes.

This does not mean that adding a phone or computer to any incident automatically increases the penalty. The use of ICT must be connected to the commission of the offense in the legally required manner.

 

The Data Privacy Act

Republic Act No. 10173, or the Data Privacy Act of 2012, protects personal information and regulates its processing by persons and organizations.

Personal information refers generally to information from which a person’s identity is apparent or can reasonably be determined.

Processing is a broad term that may include collecting, recording, storing, using, sharing, altering, retrieving, or deleting personal data.

A data incident may involve both cybercrime and privacy concerns. For example, an offender who illegally enters a database and steals customer information may face cybercrime issues, while the organization may also have responsibilities under data-protection law.

 

The Electronic Commerce Act

Republic Act No. 8792, or the Electronic Commerce Act of 2000, provides legal recognition for electronic documents, electronic signatures, and electronic transactions. It also contains provisions relevant to unauthorized access, interference, and certain acts involving information systems.

This law is important because it established that electronic records can have legal effect. A contract, record, or communication does not automatically become invalid merely because it exists electronically.

 

Anti-Photo and Video Voyeurism

Republic Act No. 9995, or the Anti-Photo and Video Voyeurism Act of 2009, prohibits specified acts involving the unauthorized recording, copying, reproduction, sale, distribution, publication, or broadcasting of intimate images or recordings under circumstances covered by the law.

Consent to the recording does not necessarily mean consent to publication or distribution. A person may have agreed to the creation of private material but not to its public release.

Digital distribution can multiply the harm because copies may spread quickly and remain available even after the original upload is removed.

 

OSAEC and CSAEM Law

As discussed earlier, RA 11930 now provides the specialized framework against online sexual abuse or exploitation of children and child sexual abuse or exploitation materials. It replaced RA 9775 and repealed the original cybersex offense in RA 10175.

Professionals working in schools, social services, public safety, technology, health care, or community organizations should follow lawful child-protection and reporting procedures when possible exploitation is discovered.

 

Fraud, Threats, Extortion, and Other Traditional Offenses

An offender may use messaging applications to commit threats, use social media to deceive victims, demand money through digital extortion, or use an online marketplace to commit fraud.

The technology does not erase the underlying offense. It may provide the method through which the act was committed and may affect the applicable legal framework.

For this reason, an online incident should not be analyzed using RA 10175 alone. The complete conduct must be considered.

 

Double Jeopardy and Duplicate Punishment

RA 10175 originally contained a provision that raised questions about being prosecuted under both the cybercrime law and another law for the same act. In Disini, the Supreme Court held that Section 7 was unconstitutional in specific applications involving online libel and child pornography because it could create prohibited double punishment for the same offense.

Double jeopardy is a constitutional protection against being prosecuted or punished more than once for the same offense under applicable conditions.

This does not mean that one incident can never produce several lawful charges. Separate acts with separate elements may result in separate offenses. The protection applies against improper duplicate prosecution or punishment for the same offense.

 

Professional and Practical Relevance

When reporting an incident, victims and organizations do not need to identify every possible law. Their more important task is to preserve accurate facts and evidence.

A useful incident description may explain:

  • how the first contact occurred;
  • which account or device was involved;
  • what information was requested or accessed;
  • whether money was transferred;
  • whether threats were made;
  • what material was published or withheld;
  • and what actions were taken afterward.

Legal classification can then be performed by qualified authorities.

 

Key Takeaways

  • RA 10175 works together with the Revised Penal Code and special laws.
  • Section 6 addresses crimes committed through ICT and generally imposes a higher penalty.
  • Data breaches may involve both cybercrime and data-privacy concerns.
  • Consent to create an intimate recording does not automatically include consent to distribute it.
  • One digital incident may involve several legally distinct acts.
  • Victims should focus on preserving facts rather than guessing every applicable offense.