Of Cybercrimes and Present Times

(Last of Two Parts)

Cyber-Perling

Matters became more muddled with the confusing case of Esperlita “Perling” Garcia. Last October 18, Garcia was arrested on the charge of libel for a post she made to Facebook the previous year in April 2011. Carlito Pentecostes, Jr., Mayor of Gonzaga Town in Cagayan Province since before 2011, had filed the charge against Garcia for a Facebook post in which she depicts Pentecostes as harassing community leaders who were planning to stage an anti-mining demonstration.

Presidential Spokesman Edwin Lacierda insisted that Garcia’s was not a cybercrime case but instead a conventional libel case under the Revised Penal Code. After all, Garcia was arrested just nine days after the Supreme Court had slapped the Anti-Cybercrime Law with a TRO, holding back its implementation.

However, the timing of the arrest shortly after the approval of the new law, coupled with the already well known intent of the law to extend the scope of libel to acts committed online, and the allegation of a crime committed through Facebook, the epitome of online social networking, all enforced the perception that the arrest was an invocation, albeit misguided, of the temporarily suspended Anti-Cybercrime Law.

Cyber-Perling-Cause Page on Facebook. Screenshot by Gelzon dela Cruz. — Cyber-Perling Cause Page on Facebook. Screenshot by Gelzon dela Cruz.

Activists have been spurred into putting up the “Cyber-Perling” Facebook page, to document and call attention to Garcia’s case. Despite arguments to the contrary and the current restraint on the Anti-Cybercrime Law, Garcia’s case has been taken as sign of authoritarian rule under the new law. And the 62-year-old Garcia, president of a group opposing magnetite mining in the area of Gonzaga Town by Chinese and Taiwanese firms, seems the perfect casting choice—an ideal David to the Goliaths of big mining, and of big government.

Exit Clause

Among the newest developments in the Anti-Cybercrime story are the statements made to GMA News last week by senior officials of the Department of Justice (DOJ) about extricating the libel clause from the new law. GMA News reported that at the 3rd Regional Cybercrime Conference in Manila last May 23, Justice Secretary Lila De Lima had said that the DOJ is “contemplating introducing or proposing to Congress certain enhancements” to the Anti-Cybercrime Law. Then GMA News continued to report that Geronimo Sy, head of the DOJ Cybercrime Office, had disclosed that the DOJ had never supported the libel clause of the Anti-Cybercrime Law and said, “Definitely, the libel provision is out in the enhanced version of the Cybercrime Prevention Act.”

But by now, those who oppose the Anti-Cybercrime Law have already cast a wider net. Beating the DOJ to the draw, they’ve already argued that the new law has fundamental flaws that cannot be resolved by simply excising objectionable clauses—the libel clause in particular. Why, they could even say that the new law’s flaws led to its misuse in intimidating Garcia, she with her Facebook activism, even before the TRO on it was lifted. And the inelegance of the libel clause—finally detected after its insertion under the radar—is brandished as evidence that the whole Anti-Cybercrime Law is somehow tainted, a notion that even now is repudiated by the DOJ’s intent to remove the clause. Though circular at times, the combination of these arguments presents a compelling case for junking the whole Anti-Cybercrime Law, possibly even defeating a standard separability clause that keeps the law in effect when some of its provisions are rendered invalid.

Lingering Vulnerability

Any party that might want to deprive the Philippines of cybercrime legislation would be satisfied by the turn of events—they could not have done better even if they had somehow managed to orchestrate the reactions from both sides of the debate. But instead of contemplating far-fetched conspiracy theories, it would be more productive to look at the dangers of still not having a comprehensive cybercrime law more than a dozen years after the Love Bug outbreak.

Virus attacks are now a constant. Everyone at some point in time will have malware attempting to invade his tablet, his computer, his server, his network, and all the Internet hosts where he keeps an account. Reports from top competing IT security firms consistently point to poorly paid but highly skilled programmers in Asia and Eastern Europe turning to organized cybercrime to get a lot richer, much faster. And, confirmed instances of state-sponsored hacking such as the ones done with the Stuxnet and Flame worms conjure up images of cyberwar with armies of hackers put to task.

The E-Commerce Law, which came a little too late to prosecute the Love Bug’s maker, does at least name hacking and piracy as punishable offenses. It was a good start, but that was a decade ago. The law has been tested in cases that led to convictions both for hacking and piracy. There’s the first case: the conviction of a hacker who attacked government websites back in 2005, though he requested and was granted the lighter sentence of probation under the bargain he struck for his guilty plea. Then there’s the conviction of the call center agent who hacked and used the credit card details of his employer’s customers—this one carried the full sentence of two years imprisonment and the equivalent of $5,000 in fines. And there’s the chemist whose case was settled before imminent conviction for theft of proprietary cosmetic formulas. But all of these have been for crimes committed, and had effect, only in the Philippines.

The Internet is a borderless construct where criminals of one nationality can easily prey on the citizens of another. While extradition treaties might provide the means for authorities to apprehend suspects in crimes committed in other countries, there is the rational, more active option of joining the global community in supporting the Convention on Cybercrime. But the cybercrime legislation that could gain the Philippines entry into this community, a community that rose up because of the Love Bug debacle, is now on hold until further notice. So now, once again and still, the Philippines is deprived of the comprehensive legislation that could signify its readiness to join with allies in common defense against legions of cybercriminals.

The ramifications of this vulnerability are far-reaching and tangible. A repeat of the Love Bug outbreak now would show the country as still not having any cybercrime legislature that could have made it more credible when it again declares that it will bring the culprit to justice. If and when this happens, can the Philippines really blame other nations if they simply dismiss the oft-repeated promise? And, with recent events showing that public opinion on the global stage—now amplified on social media that did not exist in 2000—can have an immediate effect on the security of Filipinos both abroad and on native soil, should the country not expect a less tolerant, more forceful reaction from other nations if the Philippines permits yet another Love Bug debacle?