Cybersecurity—Philippines—Q&A guide [Archived, 2019 edition]

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Cybersecurity—Philippines—Q&A guide [Archived, 2019 edition]
  • 1. Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?
  • 2. Which sectors of the economy are most affected by cybersecurity laws and regulations in your jurisdiction?
  • 3. Has your jurisdiction adopted any international standards related to cybersecurity?
  • 4. What are the obligations of responsible personnel and directors to keep informed about the adequacy of the organisation’s protection of networks and data, and how may they be held responsible for inadequate cybersecurity?
  • 5. How does your jurisdiction define cybersecurity and cybercrime?
  • 6. What are the minimum protective measures that organisations must implement to protect data and information technology systems from cyberthreats?
  • 7. Does your jurisdiction have any laws or regulations that specifically address cyberthreats to intellectual property?
  • 8. Does your jurisdiction have any laws or regulations that specifically address cyberthreats to critical infrastructure or specific sectors?
  • 9. Does your jurisdiction have any cybersecurity laws or regulations that specifically restrict sharing of cyberthreat information?
  • More...

Cybersecurity—Philippines—Q&A guide [Archived, 2019 edition]

This Practice Note contains a jurisdiction-specific Q&A guide to cybersecurity in Philippines published as part of the Lexology Getting the Deal Through series by Law Business Research (published: November 2019).

Authors: SyCip Salazar Hernandez & Gatmaitan—Rose Marie M. King-Dominguez; Ruben P Acebedo II

1. Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?

The Cybercrime Prevention Act of 2012 (CPA) defines the following as cybercrimes:

  1. offences against the confidentiality, integrity and availability of computer data and systems (illegal access, illegal interception, data interference, system interference, misuse of devices and cybersquatting);

  2. computer-related offences (computer-related forgery, computer-related fraud and computer-related identity theft); and

  3. content-related offences (cybersex, child pornography, unsolicited commercial communications and libel).

The CPA appointed the National Bureau of Investigation (NBI) and the Philippine National Police (PNP) as enforcement authorities and regulates their access to computer data, creating the Cybercrime Investigation and Coordinating Center (CICC) as an inter-agency body for policy coordination and enforcement of the national cybersecurity plan, and an Office of Cybercrime within the Department of Justice (DOJ-OC) for international mutual assistance and extradition.

The Supreme Court’s Rule on Cybercrime Warrants (AM No. 17-11-03-SC) governs the application and grant of court warrants and related orders involving the preservation, disclosure, interception, search, seizure or examination, as well as the custody and destruction of computer data as provided under

Popular documents