Ng: Cybercrime law and your company-A A +A
By Wilson Ng
Thursday, October 11, 2012
ON WEDNESDAY, Rik Amores of the Information and Communications Technology Office in Region 7, and I were speakers at a technology forum hosted by the Canadian Chamber of Commerce in Cebu. The topic was Internet security and the discussion quickly revolved around the new Cybercrime Prevention Act 2012, which hogged the headlines for the last few days.
This is known as Republic Act 10175 and a copy is available on the Internet. Before commenting on the issue, it may help to read the original copy of the law. It is not long - probably about three to four pages. There has been vociferous objections to it and as I wrote this, it was handed a temporary restraining order for 120 days so it will not be in effect at least until January next year.
Meantime, I think there may be some revisions that will be debated. As many have pointed out, the bill is good except for some provision like online libel, which is a bit too harsh as it allows authorities to imprison a person who maligns another for up to 12 years, which some people take as an abridgment of free speech.
The law puts teeth to crimes like hacking, online fraud, child pornography and piracy, which is a good thing. A few years back, a Filipino created the ILOVEU virus and it infected millions of computers worldwide and caused hundreds of millions in damages and yet the person was able to go scot-free because none of our laws saw it as a crime. Under the new law, he would have been held accountable.
As I wrote last week, one of the defects for me pertains to making cybersex illegal.
Cybersex as defined there was “the willful engagement, maintenance, control, or operation, directly or indirectly, of any lascivious exhibition of sexual organs or sexual activity, with the aid of a computer system, for favor or consideration.”
This provision is focused on the supposedly rampant industry we have of undressing in front of the computer camera for customers (mostly from abroad) for money. As I noted, this is probably a very narrow view and is unlikely to solve the problem. I have hopes for solving child pornography or at least minimizing them because the law states that pedophiles should be caught and jailed. However, in prostitution, our laws say it is illegal to sell such services, which means it should be illegal to procure these services. As far as I know, authorities routinely apprehend prostitutes but rarely the people who hire them and until the law makes it clearly that both buyers and sellers are liable, it will never solve the problem.
When I landed in Jakarta International Airport, I immediately saw this huge sign – “Both the person giving a bribe and the person taking the bribe will be charged.” I think that has a big effect and is more effective.
The other provision which I hope some people will also look into is the issue of corporate liability. It means that if a cybercrime is committed by individuals in employ of a corporation and under that corporation’s directive, the individual is liable and the corporation can also be liable for damages of up to P10 million.
But it does not stop there. It says that if an individual commits an illegal act even without the corporation’s instruction or knowledge but using corporate resources, it can still be held accountable if the law sees that the crime was committed due to lack of control or supervision by the company. That is a signal that companies should now draw strong policy and enforce it strictly. For instance, they should make sure their employees do not engage in spamming or downloading of illegal software or other crimes, else they will be liable too. (www.twitter.com/wilsonng)
Published in the Sun.Star Cebu newspaper on October 12, 2012.