Cybercrime Litigation: New Rules on Issuance of Cybercrime Warrants and Filing Cybercrime Cases

Recent issuances by the Supreme Court and the Department of Justice (DOJ) give rise to two important developments in the field of Cybercrime litigation. The Supreme Court recently approved A.M. No. 17-11-03-SC, or the Rule on Cybercrime Warrants, which became effective on 15 August 2018. Meanwhile, the DOJ issued Advisory Opinion No. 1, s. 2018, clarifying the roles of the National Bureau of Investigation ("NBI") and the Philippine National Police (PNP) in the prosecution of cybercrime cases.

Filing a complaint with the NBI or the PNP not a requirement for prosecuting a cybercrime case

In an Advisory Opinion, the DOJ clarified that cybercrime complaints can be filed directly with the prosecutor's office, without need of prior investigation by the NBI-Cybercrime Division or the PNP Anti-Cybercrime Group.

The Advisory Opinion was issued in the wake of cybercrime cases being dismissed by prosecutors, for failure of complainants to first initiate an investigation by the NBI-Cybercrime Division or the PNP Anti-Cybercrime Group -- citing Section 10 of the Cybercrime Prevention Act of 2012 which provides that "the NBI and the PNP shall organize a cybercrime unit or center manned by special investigators to exclusively handle cases involving violations of this Act."

The DOJ clarified that the phrase "to exclusively handle cases involving violations of this Act" in Section 10 of the Cybercrime Prevention Act of 2012 does not confer on these agencies the sole authority to investigate cybercrime cases. It only provides a limitation on the type of cases that may be handled by these agencies.

However, parties remain free to ask for these agencies' assistance, or obtain the services of private forensic experts, if needed.

Cybercrime warrants

A.M. No. 17-11-03-SC provides for the issuance of 4 types of warrants, which are briefly discussed below.

(1) Warrant to Disclose Computer Data (WDCD)

A WDCD requires any person or service provider to disclose subscriber's information, traffic data, or relevant data in his/her or its possession or control within 72 hours from receipt of the order. A request for WDCD may only be filed if there is a complaint officially docketed and assigned for investigation and the disclosure is necessary and relevant for the investigation. Among others, the request for WDCD must state the relevance and necessity of the data sought and describe particularly the information sought to be disclosed.

(2) Warrant to Intercept Computer Data (WICD)

A WICD authorizes the law enforcement authorities to listen to, record, monitor, or conduct surveillance of the content of communications, including the use of electronic eavesdropping or tapping devices. The request for a WICD must also state the relevance and necessity of the data sought and describe particularly the information sought to be disclosed. Also, the request must state the likely offense involved.

(3) Warrant to Search, Seize, and Examine Computer Data (WSSECD)

A WSSECD is similar to a search warrant, except the subject matter of a WSSECD is computer data. The request for a WSSECD must also state the relevance and necessity of the data sought and describe particularly the information sought to be seized and examined. Also, the request must state the likely offense involved. In addition, the request must contain an explanation of the search and seizure strategy to be implemented.

Upon the conduct of the seizure, law enforcement must file a return stating the (a) devices that were subject of the WSSECD and (b) the hash value of the computer data and/or the seized computer device or computer system containing such data.

(4) Warrant to Examine Computer Data (WECD)

A WECD is a warrant issued when a computer device or system is previously seized by another lawful method, such as a warrantless arrest. Before searching any device seized, law enforcement must apply for a WECD. The request for a WECD must also state the relevance and necessity of the data sought and describe particularly the information sought to be disclosed. Also, the request must state the likely offense involved.

Upon the conduct of the seizure, law enforcement must file a return stating the (a) devices that were subject of the WECD and (b) the hash value of the computer data and/or the seized computer device or computer system containing such data.

How these warrants can be obtained

The four warrants described above are only obtained by law enforcement agencies (i.e., the PNP or the NBI) from Regional Trial Courts specially designated to handle cybercrime cases. Thus, private complainants will need to coordinate with such agencies if such warrants are to be obtained.

Notably, Regional Trial Courts in Quezon City, Manila City, Makati City, Pasig City, Cebu City, Iloilo City, Davao City, and Cagayan de Oro City are empowered to issue warrants that are enforceable throughout the Philippines

Why these developments affect you

With the clarification issued by the DOJ, clients have more leeway in deciding whether to involve law enforcement agencies in an investigation preparatory to the filing of a cybercrime complaint against an individual.

Also, clients who are encountering legal difficulties in proceeding with a cybercrime complaint, or who may have a complaint dismissed for failure to involve the NBI or PNP, may make use of the DOJ's Advisory Opinion.

Clients involved in cybercrime litigation may avail of the remedies afforded by the 4 new warrants, in coordination with law enforcement agencies.

Meanwhile, considering that these warrants can be directed at "service providers" -- broadly defined as an entity that provides users the ability to communicate using a computer system or that processes or stores computer data on behalf of a communication service or user -- clients providing internet services, those providing platforms for communications and social media, and the like, should be prepared to respond to such warrants.

Explore More Insight
View All