Cybercrime Law: BAND Memorandum on GR 203469 (Cruz et al vs Aquino et al)

ORIGINAL

*,\'a^^ "it' ' 1.01^

LOUIS "BAROK" C. BIRAOGO,

REPUBLIC OF THE PHILIPPINE 2113 MAR I I

NATIONAL BUREAU OF INVESTIGATION, at al. ,Respondents.

X

ALAB NG MAMAMAHAYAG (ALAM), at al. ,Petitioners,

SUPREME COURTMANILA

E^^

X

SIi^'I^;^:^,:1:3 Co^^^

- versus -

B

OFFICE OF THE PRESIDENT, at al. ,

Petitioner,

X

JOSE JESUS M. DISINl, JR. , at al. ,

11 4: 112

- versus -

G. R. No. 203299

THE SECRETARY OF JUSTICE, at al. ,Respondents.

X X

SENATOR TEOFISTO DL GUINGONA 111,Petitioner,

Respondents.X

- versus -

G. R. No. 203306

THE EXECUTIVE SECRETARY, at al. ,

Petitioners,

X

ALEXANDER ADONIS, at al. ,

- versus -

G. R. No. 203335


X

Respondents.

- versus -

G. R. No. 203359

Petitioners,

X

Respondents.X

G. R. No. 203378

.

HON. RAYMOND V. PALATINO, at al. ,

HON. PAQUITO N. OCHOA, JR. , at al. ,

X

Bagong A1yansang Makabayan Secretary GeneralRENATO M. REYES, JR. , at al. ,

Petitioners,

- versus -

Petitioners,

HIS EXCELLENCY BENIGNO SIMEON C. AQUINO111, at al. ,

Respondents.

Respondents..-----------X

X

MELENCIO S. STA. MARIA, at al. ,

- versus -

G. R. No. 20339, .

HON. PAQUITO OCHOA, at al. ,

X

.-.-------------X

NATIONAL UNION OF JOURNALISTS OF THE

PHILIPPINES, at al. ,Petitioners,

- versus -

G. R. No. 203407

Petitioners,

THE EXECUTIVE SECRETARY, at al. ,Respondents.

X---....-----------------------x

PAUL CORNELIUS T. CASTILLO, at al. ,

Respondents.

- versus -

G. R. No. 203440

.-X

THE HON. SECRETARY OF JUSTICE, et. al. ,Respondents.

X

- versus -

G. R. No. 203453

Petitioners,

---X

G. R. No. 203454

2

,

.

ANTHONY IAN M. CRUZ, at al. ,

HIS EXCELLENCY BENIGNO S. AQUINO, at al. ,Respondents.

X

PHILIPPINE BARASSOCIATION, INC. ,

- versus -

HIS EXCELLENCY BENIGNO S. AQUIN0 1/1, at al. ,Respondents.

Petitioners,

X

Bayan MunaCoLMENAREs,

- versus -

--.... X

G. R. No. 203469

Petitioner,

EXECUTIVE SECRETARY PAQUITO OCHOA, JR. ,Respondent.

Representative

X

NATIONAL PRESS CLUB OF THE PHILIPPINES,INC. , at al. ,

Petitioner,

- versus -

NERI J.

Petitioner,

G. R. No. 203501. .

X

OFFICE OF THE PRESIDENT, at al. ,

X

PHIUPPINE INTERNET FREEDOM ALLIANCE, at al. ,Petitioners,

- versus -

G. R. No. 203509


X

X

- versus -

Respondents.

G. R. No. 20351.5

X

Respondents.

G. R. No. 2035/8

X

3

o

.

.

Petitioners ANTHONY IAN M. CRUZ; MARCELO R. LANDICHO;BENJAMIN NOEL A. ESPINA; MARCK RONALD C. RIMORIN; JULIUS D.RocAs; OLIVER RICHARD v. ROBiLLo; AARON ERICK A. LozADA; GERARDADRIAN P. MAGNAYE; JOSE REGINALD A. RAMOS; MA. ROSARIO T. JUAN;BRENDALYN P. RAMIREZ; MAUREEN A. HERMITANIO; KRISTINE JOY S.REMENTILLA; MARICEL O. GRAY; JULIUS IVAN F. CABIGON; BENRALPH S.YU; CEBU BLOGGERS SOCIETY, INC. PRESIDENT RUBEN B. LIGERA JR. ; andPINOY ExpATIOFW BLOG AWARDS, INC. COORDINATOR PEDRO E. RAHON("Petitioners") in G. R. No. 203469, by counsel, and unto the Honorable Court,respectfully submit the instant Memorandum, on the basis of the followingpresentation:

MEMORANDUM

Respondents want it to be this simple: Trust us. Fear not. We will not do youharm. Respondents would like us to rest well on their word - that they would do theright thing.

With all due respect, it should not be that simple.

Good intentions will not, and should not, carry the day for the State. Trustingthe implementation of a far-reaching law to nothing more than good intentions andveiled assurances betrays the fleeting nature of law enforcement. Respondentswould like us to believe that they would do the right thing, that they will only employthe expansive and unprecedented law enforcement powers granted unto them bylaw with careful discretion, that law-abiding citizens should not fear, that only thosewith ill will have 00 safe haven - but they do not want to be circumscribed by the lawto have to do so.

PREFATORY

That is unacceptable. We are, after all, subject to the Rule of Law, not the ruleof men - however good-intentioned they are.

Thus, when measured by the yardstick of our fundamental civil and politicalrights, it is readily and abundantly clear that Republic Act No. 101.75, otherwiseknown as the Cybercrime Prevention Act of 201.2 ("Cybercrime Prevention Act"), failsto protect, preserve and defend our collective freedoms as a people, as enshrinedand jealously guarded by our Constitution. We cannot rest well, if at all, when ourindividual and collective democratic freedoms can be dishonored any moment by theimplementation of a law that is unprecedented in the manner by which it seeks tocurtail the rights of the very citizens that are the beneficiaries of freedoms fought forand freedoms won.

4

0'

.

~

Thus, in light of this grave context, conferred upon the Judiciary is theponderous duty to rein in the Legislative and Executive Branches of Government totheir own allocated places under the Constitution. In the landmark case of Mathuryv. Madison, 5 U. S. 137 (1803), the United States Supreme Court enunciated theprinciple of judicial review, thus: "It is emphatically the province and duty of thejudicial department to say what the law is. "

In the Philippines, the Honorable Court's power of judicial review is conferredon the Judicial Branch of Government as stated in Section I, Article Vlll of theConstitution. Such power of judicial review was early on exhaustively expounded onin Angora v. Electoral Commission, 63 Phil. 1.39 (1936), in which the HonorableCourt discoursed that "when the judiciary mediates to allocate constitutionalboundaries, it does not assert any superiority over the other departments; it does notin reality nullify or invalidate an act of the legislature, but only asserts the solemn andsacred obligation assigned to it by the Constitution to determine conflicting claims ofauthority under the Constitution and to establish for the parties in an actualcontroversy the rights which that instrument secures and guarantees to them. "

As the final arbiter of all legal controversies and the last bulwark ofdemocracy in this jurisdiction, the Honorable Court is tasked with the most noble andawesome duty to up hold the Constitution and protect the liberties of citizens. As heldin Bengzon v. Onion, 208 SCRA 133 (1992), "Itlhe Constitution is the basic andparamount law to which all other laws must conform and to which all person,including the highest official of the land, must defer. " It is, therefore the mandate ofthe Honorable Court, as the guardian of the Constitution, to see to it that "the officersin each branch of government do not go beyond their constitutionalIy allocatedboundaries and that the entire government itself or any of its branches does notviolate the basic liberties of the people. "

Indeed, the Honorable Court is herein called upon to vindicate rightssafeguarded by the fundamental law, particularly in this instance when both theLegislative and Executive Branches of Government intend to employ against citizensa crude tool to b!udgeon their most cherished and jealously guarded fundamentalcivil rights. Stated otherwise, petitioners plead that the Honorable Court will "makethe hammer fall heavily" against acts that betray the people's will as expressed in theConstitution. ILuz Farms v. Secretary of the Department of Agrarian Reform, 1.92SCRA 51 (1990); Association of Small Landowners of the Philippines, Inc. v.Secretary of Agrarian Reform, 1.75 SCRA 343 (1989)l

5

,

.

~

The instant Petition for Certiorori and Prohibition was filed by petitionersunder Rule 65 of the Rules of Court to nullify and enjoin the implementation of theCybercrime Prevention Law. Petitioners particularly assail the constitutionality andlegality of the following Assailed Provisions of the Cybercrime Prevention Act:

(1) SECTION 4(c)(4) separately criminalizing acts of libel, as definedunder Article 355 of the Revised Penal Code, as amended, that arecommitted through a computer system or any other similar means thatmay be devised in the future ("Cyber Libel");

SECTION 5 criminalizing acts that aid or abet the commission of anyoffense punish able under the Cybercrime Prevention Act, as well asthe attempt to commit the same, including Section 4(c)(4) on CyberLibel;

NATURE OF THE PETITION

(2)

(3) SECTION 6 imposing a higher penalty for the commission of anyoffense punish able under the Cybercrime Prevention Act, i. e. , one (1)degree higher than that provided under the Revised Penal Code, asamended, and special laws;

SECTION 7 providing that a prosecution under the CybercrimePrevention Act shall be without prejudice to any liability for violation ofany provision of the Revised Penal Code, as amended, or speciallaws;

(4)

(5) SECTION 1.2 authorizing any and all law enforcement authorities, withdue cause, to collect andlor record by technical or electronic meanstraffic data in real-time without prior judicial warrant, sanction andlorapproval; and

(6) SECTION 19 authorizing the Department of Justice ("DoJ") to restrictandlor block access to computer data that are prima locie found to beviolative of the provisions of the Cybercrime Prevention Act.

The other provisions of the Cybercrime Prevention Act that flow fromthe above Assailed Provisions are likewise assailed by the instantPetition, including the provisions that authorize the disbursement ofpublic funds for the implementation of the law.

(7)

6

Q

.

\

In the face of the Assailed Provisions, the Honorable Court is petitioners' on Ially in up holding their in alienable civil rights under the Constitution, most especiallthe following indisputable entitlements under the Bill of Rights:

. RIGHT To DUE PROCESS OF LAWRIGHT To EQUAL PROTECTION OF THE LAWS

"Section I. No person shall be deprived of life, liberty, orproperty without due process of law, nor shall any person be deniedthe equal protection of the laws. "

. RIGHTAGAINST UNREASONABLESEARCHES AND SEIZURES

"Section 2. The right of the people to be secure in theirpersons, houses, papers, and effects against unreasonable searchesand seizures of whatever nature and for any purpose shall beinviolable, and 00 search warrant or warrant of arrest shall issueexcept upon probable cause to be determined personally by the judgeafter examination under oath or affirmation of the complainant and thewitnesses he may produce, and particularly describing the place to besearched and the persons or things to be seized. "

. RIGHT To PRIVACY OF COMMUNICATIONAND CORRESPONDENCE

"Section 3. (1) The privacy of communication andcorrespondence shall be inviolable except upon lawful order of thecourt, or when public safety or order requires otherwise, as prescribedby law.

(2) Any evidence obtained in violation of this or the precedingsection shall be in admissible for any purpose in any proceeding. "

. RIGHT To FREE SPEECH AND EXPRESSION

"Section 4. No law shall be passed abridging the freedom ofspeech, of expression, or of the press, or the right of the peoplepeaceably to assemble and petition the government for redress ofgrievances. "

7

*

\

. RIGHT AGAINST DOUBLE JEOPARDY

"Section 21. No person shall be twice put in jeopardy ofpunishment for the same offense. If an act is punished by a law and anordinance, conviction or acquittal under either shall constitute a bar toanother prosecution for the same act. "

Now more than ever, therefore, with all due respect, the power of judicialreview must not be abrogated or abandoned by the Honorable Court. Otherwise, theother branches of Government will be able to operate as they very well please evenbeyond their fences, to the detriment of citizens.

The sovereign citizens have entrusted to the Honorable Court the immensepower and authority of the judicial pen to hold sway the purse and the sword to theirown allocated places under the Constitution. Beyond dispute, judicial review is notsupremacy but duty. Verily, when the Honorable Court mediates to allocateconstitutional boundaries or invalidates the acts of co-equal bodies, it is up holdingnot its own supremacy but the supremacy of the Constitution, particularly when themost cherished and jealously guarded civil and political rights that are protected byno less than the Constitution hang in the balance.

Similarly, Iudicial review is essential for the maintenance and enforcement ofthe separation of powers and the balancing of powers among the three greatdepartments of government through the definition and maintenance of theboundaries of authority and control between them. " As it is, "mudicial review is thechief, indeed the only, medium of participation - or instrument of intervention - of thejudiciary in that balancing operation. " IFroneisco v. House of Representatives, 41.5SCRA 44 (2003)l

The writs of certiorari and prohibition are, thus, invoked by petitioners on theground that there is 00 other plain, speedy, and adequate remedy to them in theordinary course of law and procedure other than to institute the instant Petition tonullify the Assailed Provisions. Petitioners, thus, avail of the instant Petition pursuantto Sections I and 2 of Rule 65 of the Revised Rules of Court. Through the writs ofcertiorari and prohibition, it is humbly sought that judgment be rendered an nulling theAssailed Provisions and prohibiting their subsequent implementation andlorenforcement in any manner whatsoever.

I. On 04 June 201.2, respondent House of Representatives passed theCybercrime Prevention Act, which is a consolidation of Senate Bill No. 2796 andHouse Bill No. 5808.

STATEMENT OF FACTUAL ANTECEDENTS

8

,

.

,

2. On 05 June 201.2, respondent Senate of the Philippines passed theCybercrime Prevention Act, which is, as previously stated, a consolidation of SenateBill No. 2796 and House Bill No. 5808.

3. On 12 September 201.2, respondent Aquino signed the CybercrimePrevention Act into law as Republic Act No. 10/75.

4. On 18 September 201.2, the Cybercrime Prevention Act was publishedin two (2) newspapers of general circulation in the Philippines.

4.1. Section 31 of the Cybercrime Prevention Act providesthat said law "shall take effect fifteen (15) days after the completion ofits publication in the Official Gazette or in at least two (2) newspapersof general circulation. "

4.2. Considerlng that the Cybercrime Prevention Act waspublished in two (2) newspapers of general circulation in thePhilippines on 18 September 201.2, the same took effect on 03October 2012.

5. On 04 October 201.2, petitioners filed the instant Petition before theHonorable Court within the reglementary period provided under Section 4 of Rule 65of the Rules of Court. Thus, the instant Petition is timely and seasonably filed.

6. On 09 October 201.2, he Honorable Court issued a TemporaryRestraining Order ("TRO") against the enforcement of the Cybercrime PreventionAct, effective for one hundred twenty (120) days, or until 06 February 201.3. In thesame Order, the Honorable Court likewise set the instant consolidated cases for OralArguments on 15 January 201.3.

7. On 03 December 201.2, respondent filed their Consolidated Commentwith Partial Moniestofun dated 03 December 201.2 ("Consolidated Comment").

8. On 04 January 201.3, the Honorable Court, through the Member InCharge of the instant consolidated cases, Justice Roberto A. Abad, called theparties' counsel to discuss the procedures for the Oral Arguments, including thelimitation of the issues to be tackled thereon, which were embodied in the HonorableCourt's Advisory dated 09 January 201.3.

9

9. On 15 January 201.3, designated speakers argued the case on behalfof all petitioners before the Honorable Court.

1.0. On 29 January 201.3, the Solicitor General argued the case for allrespondents before the Honorable Court. It should be noted, however, that 00official, agent or representative of the State defended Section 19 of the CybercrimePrevention Act.

1.1. In open session, and as confirmed by the Honorable Court'sResolution dated 29 January 2013, petitioners were required to file their respectiveMemoranda.

1.2. Subsequently, in a Resolution dated 05 February 201.3, the HonorableCourt extended indefinitely the TRO it previously issued against the enforcement ofthe Cybercrime Prevention Act.

13. Thus, in compliance with the directive of the Honorable Court,petitioners respectfully file the instant Memorandum incorporating their Reply torespondents' Consolidated Comment in compliance with the Resolution dated 1.1December 201.2 issued by the Honorable Court.

WHETHER PETITIONERS HAVE LEGAL STANDING To INSTITUTEAND MAINTAIN THE INSTANT PEnnON.

11

WHETHER SECTION 12 OF THE CYBERCRIME PREVENTION ACTIs PATENTLY UNcoNSTiTUTioNAL CONSIDERING THAT IT

VIOLATES AN INDIVIDUAL'S RIGHT To PRIVACY AND THEPRIVACY OF COMMUNICATION AND CORRESPONDENCE

UNDER SECTION 3, ARTICLE in OF THE CONSTITUTION.

ISSUES

1/1

WHETHER SECTION 12 OF THE CYBERCRIME PREVENTION ACT

Is PATENTLY UNcoNSTiTUTioNAL CONSIDERING THAT ITVIOLATES AN INDIVIDUAL'S RIGHT To UNREASONABLE

SEARCHES AND SEIZURES UNDER SECTION 2, ARTICLE in OFTHE CONSTITUTION.

1.0

IV

WHETHER SECTION 19 OF THE CYBERCRIME PREVENTION ACTIs NULL AND VOID FOR BEING UNcoNSTiTUTioNALCONSIDERING THAT IT Is VIOLATivE OF THE DUE PROCESSCLAUSE UNDER SECTION I, ARTICLE in OF THECONSTITUTION.

V

WHETHER SECTION 19 OF THE CYBERCRIME PREVENTION ACTIs NULL AND VOID FOR BEING UNCONSTiTUTiONALCONSIDERING THAT IT Is VIOLATivE OF THE RIGHT OFCITIZENS AGAINST UNREASONABLE SEARCHES AND

SEIZURES UNDER SECTION 2, ARTICLE in OF THECONSTITUTION.

Vl

WHETHER SECTION ^9 OF THE CYBERCRIME PREVENTION ACTIs NULL AND VOID FOR BEING UNcoNSTiTUTioNALCONSIDERING THAT IT Is VIOLATivE OF THE RIGHT OF THE

PEOPLE To FREEDOM OF SPEECH UNDER SECTION 4, ARTICLE1/1 OF THE CONSTITUTION.

Vll

WHETHER SECTIONS 4(C)(4), 5,6, AND 7 OF THE CYBERCRIMEPREVENTION ACT ARE NULL AND VOID FOR BEING

UNCONSTITUTIONAL CONSIDERING THAT THEY ARE

VIOLATIVE OF THE DUE PROCESS CLAUSE UNDER SECTION I,ARTICLE in OF THE CONSTITUTION AND OF THE FREE SPEECH

CLAUSE UNDER SECTION 4, ARTICLE in OF THECONSTITUTION.

Vlll

WHETHER SECTION 6 OF THE CYBERCRIME PREVENTION ACT

Is NULL AND VOID FOR BEING UNcoNSTiTUTioNAL

CONSIDERING THAT IT Is VIOLATivE OF THE EQUALPROTECTION CLAUSE UNDER SECTION I, ARTICLE in OF THECONSTITUTION.

1.1

.

.

I. Petitioners Have Legal Standing To InstituteAnd Maintain The Instant Petition.

In Pimentel v. Office of the Executive Secretary, at at. , 462 SCRA 622(2005), the Honorable Court discussed the issue of legal standing as follows:

AR^

"The petitioner in every case must therefore be an aggrievedparty in the sense that he possesses a clear legal right to be enforcedand a direct interest in the duty or act to be performed. tLegaspi v. CivilService Commission, 1.50 SCRA 530 (1987)l The Court will exerciseits power of judicial review only if the case is brought before it by aparty who has the legal standing to raise the constitutional or legalquestion. 'Legal standing' means a personal and substantial interest inthe case such that the party has sustained or will sustain direct injuryas a result of the government act that is being challenged. The term'interest' is material interest, an interest in issue and to be affected bythe decree, as distinguished from mere interest in the questioninvolved, or a mere incidental interest. tJoy, I v. PresidentialCommission on Good Government, 225 SCRA 568 (1993)l

The question in standing is whether a party has alleged such apersonal stake in the outcome of the controversy as to assure thatconcrete adverseness which sharpens the presentation of issues uponwhich the court so largely depends for illumination of difficultconstitutional questions. IGOnzales v. Nan/nan, 337 SCRA 733(2000)l"

Petitioners respectfully submit that they have legal standing to institute andmaintain the instant Petition considering that the matter at bar involves an issue ofutmost and far-reaching constitutional importance, i. e. , the constitutionality of theAssailed Provisions of the Cybercrime Prevention Act, which are in directcontravention with the most cherished and jealously guarded fundamental civil rightsthe enshrined in the Constitution. IKilosbayan Foundation, at o1. v. ExecutiveSecretary, at at. , 526 SCRA 353 (2007)l Thus, the instant Petition is filed to ensurethat the questioned official acts of the Legislative and Executive Branches of theGovernment are within the limits allowed by the Constitution.

xxx

1.2

.

In any event, the Honorable Court has highlighted its liberal stance withrespect to a petitioner's locus standi where said petitioner raises an issue oftranscendental significance and importance to the people, as in the case of theinstant Petition considering the broad effect of the Assailed Provisions on the mostcherished and jealously guarded fundamental civil rights under the Constitution thatare intrinsic and in alienable. 100vid v. Arroyo, 489 SCRA 1.60 (2006); Tomd v.Secretary of Energy, 281 SCRA 330 (1997); GUM" v. Executive Secretary, 21.1SCRA 219 (1992); OSmeiici v. Commission on Elections, 199 SCRA (1991);Boseo v. Philippine Amusements und Gaining Corporation, 1.97 SCRA 52(1991); Dam v. Singson, 180 SCRA 496 (1989), Armeta v. Dingl"sun, 84 Phil.368 (1949)l

As will further be discussed, the determination of the constitutionality of theAssailed Provisions, which involves the curtailment of the most cherished andjealously guarded fundamental civil and political rights under the Constitution, is nodoubt an issue of transcendental significance and importance presented by an actualcontroversy.

A justiciable controversy has been defined as one "where there is an actualcontroversy, or the ripening seeds of one exists between the parties, all of whom aresuijuris and before the court, and that the declaration sought will help in ending thecontroversy. A doubt becomes a justiciable controversy when it is translated into aclaim of right which is actually contested. " lintemutional Hardwood and VeneerCompany of the Philippines v. University of the Philippines and Jose C.Campos, Jr. , 200 SCRA 554 (1991)l A case is ripe for adjudication when somethinghad by then been accomplished or performed by either branch. ITUn v. Moonpogal,43 SCRA 677 (1972)I

In this case, a review of the entirety of the Cybercrime Prevention Act wouldreveal that there is in fact already an actual case that requires the Honorable Courtto exercise its power of judicial review. In view of the peculiar character of theCybercrime Prevention Act and its Assailed Provisions, the actual passageand effectivity of the law constitutes the actual case or controversy at handconsidering that the law itself constitutes a eneral warrant to all citizens thatthe far-reaching and expansive powers of the State under the law will bearupon conduct and speech deemed unacceptable by unclear and uncheckedstandards.

In particular, since the Cybercrime Prevention Act authorizes the DoJ todetermine a prima focie violation of the law, virtually every piece of data uploaded incyberspace is subject to search and, not unlikely, seizure by law enforcementauthorities. Every piece of data and information in the digital world - an ever-growing ocean - is now effective Iy the subject of a general warrant without^nydetermination of robable cause, in violation of Section 2, Article in of theConstitution and Section 4, Rule 1.26 of the Rules of Court, as well as ruling

1.3

,

.

,

case law. 1stonehill vs. Diokn0, 20 SCRA 383 (1967); Vowelo vs. Court o1Appeals, 427 SCRA 658 (2004); People of the Philippines vs. Tuan, 628 SCRA226 (2010)I

Accordingly, where a violation of the Constitution has occurred, as in thiscase due to the peculiar nature if the Assailed Provisions, the issue is a justiciablecontroversy. The question, therefore, of whether there has been compliance with orviolation of the most cherished and jealously guarded fundamental civil rights underthe Constitution is for the Honorable Court to pass upon. tDisomongcop v.Datumonong, 444 SCRA 203 (2004), citing mindci v. Angora, 272 SCRA 18(1997)I

In view of the constitutional and legal infirmity of the Assailed Provisions,petitioners hereby invoke the Honorable Court's power of judicial review and comesnow before the Honorable Court with an earnest plea to correct a grave and seriousinjustice and transgression of the Constitution that impinge upon petitioners' mostcherished and jealously guarded fundamental civil rights, which include, aspreviously mentioned, Sections I, 2,3,4, and 21, Article 1/1 of the Constitution.

As it stands, the Cybercrime Prevention Act is a quantum leap backwards thatdestroys the very fabric of the free eXchange of ideas that has allowed democracy tothrive in this country. Moreover, the Cybercrime Prevention Act is contrary to thecommitment to transparency that the present dispensation has supposedlychampioned. Moreover, Cybercrime Prevention Act is a direct assault to the time-honored principle of each citizen's right to privacy, which is the in alienable right of anindividual to be let alone. This much was enunciated by Justice Louis Brandeis of theUnited States Supreme Court in his dissent in 01mste"d v. United States, 277 U. S.438 (1928), viz. :

"The right to be let alone - the most comprehensive of rights,and the right most valued by civilized men. To protect that right, everyunjustifiable intrusion by the Government upon the privacy of theindividual, whatever the means employed, must be deemed a violationof the Fourth Amendment. "

The Honorable Court has likewise accorded due deference to the right to belet alone. In City o1 Manila v. Lagui0 455 SCRA 308 (2005), the Honorable Courtheld that the right to be let alone is the beginning of all freedom - it is the mostcomprehensive of rights and the right most valued by civilized men. By its verynature and purpose, the concept of liberty compels respect for the individual whoseclaim to privacy and interference demands respect.

1.4

,

.

The right to be let alone is a fundamental right that extends to the informationplatforms and media offered by technology. A simple post or shout-out through aTwitter account or Facebook page may, to some, be undeserving of legal protection.However, such seemingly simple and mundane acts of sharing opinions andperspectives on various subject matters may well be considered as the naturalconsequence of the evolving concept of the right to privacy, the right to be let alone.More so, it should be underscored that a person does not waive, shed or otherwisegive up his right to privacy simply because he or she used a different medium ofcommunication, such as the internet.

It is unfortunate, even alarming, to note that although the Legislature had allthe opportunity to craft a law that is, and should be, responsive to the evolving times,it instead produced a Panopticon that will not hesitate to strike down any and allonline acts and utterances that are deemed undesirable and unacceptable accordingto the fleeting and subjective standards of law enforcement authorities, without thebenefit of any judicial oversight or sanction. Given these grave circumstances, thePresident had the corresponding opportunity, even the duty, to veto the all-embracing law on behalf of millions of freedom-loving citizens yet he did not see it fitto protect, preserve and advance the rights of his constituents in the face of amammoth legislation.

As a result, a regime of round-the-clock surveillance - a constant axe hangingoverhead, ready to strike - effective Iy chills and silences legitimate action, thought,free discussion, and dissent. Indeed, as consistently held by the Honorable Court, inthe realm of the political life of a nation, debate on public issues should beuninhibited, robust, and wide open and that it may well include vehement, causticand sometimes unpleasantly sharp attacks on government and public officials.IAdiong v. Commission on Elections, 207 SCRA 71.2 (1992); New York TimesCo. v. Sumvan, 376 U. S. 254 (1964/1

When, as in this case, the Legislative and Executive Branches of Governmentact in complete defiance of the clear letter and spirit of the Constitution, it is thesacred duty of the Honorable Court to up hold the fundamental law and,consequently, strike down the Assailed Provisions in order to am rin the mostcherished and jealously guarded fundamental rights of citizens under the aegis of ademocracy that was painfulIy fought for by great forebears who stand to bedishonored and disgraced by the implementation of legislation that is unprecedentedin the manner by which it seeks to curtail the rights of the very citizens that are thebeneficiaries of freedom fought and won - until now.

Otherwise, fear would be abundant as fundamental freedoms fall by thewayside.

1.5

.

.

Significantly, the Honorable Court's judicial power, as anchored on Section I,Article Vlll of the Constitution, includes the duty to determine whether there has beena grave abuse of discretion amounting to lack or excess of jurisdiction on the part ofany branch of the Government, particularly with respect to the passage of theCybercrime Prevention Act and its Assailed Provisions:

"Section I. xxx Judicial power includes the duty of the courtsof justice to settle actual controversies involving rights which arelegally demandable and enforceable, and to determine whether orriot there has been a grave abuse of discretion amounting to lackor excess of jurisdiction on the part of any branch orinstrumentality of the government. " IEmphasis suppliedI

In the instant case, the requisites for the Honorable Court's exercise of itspower of judicial review are present, namely: (1) there is actual case or controversycalling for the exercise of judicial power; (2) petitioners have legal standing andpersonal and substantial interests to challenge the Assailed Provisions consideringthat petitioners will sustain direct injury as a result of the implementation andlorenforcement thereof; (3) the question of constitutionality is raised at the earliestpossible opportunity; and (4) the issue of constitutionality is the very lis inoto of theinstant Petition. IFrancisco v. House of Representatives, 41.5 SCRA 44 (2003)l

In this regard, petitioners hereby respectfully submit and contend that theAssailed Provisions violate the clear letter and spirit of the Constitution. Moreover,what is assailed by the instant Petition is not merely the Assailed Provisionsthemselves but also the grave abuse of discretion on the part of the Legislative andExecutive Branches of Government in enacting the Cybercrime Prevention Act,including the Assailed Provisions thereof, in spite of patent constitutional and legalinfirmities. Therefore, with all due respect, the Honorable Court must rule on theconstitutional issue as it is unavoidably necessary to the decision of the instantPetition. ISOtto v. Commission on Elections, 76 Phil. 51.6 (1946); Luz Forms v.Secretary of Agrarian Reform, 192 SCRA 51 (1990)I

11. Section 12 Of The Cybercrime Prevention ActIs Patently Uriconstitutional Considering ThatIt Violates An Individual's Right To PrivacyAnd The Privacy Of Communication AndCorrespondence Under Section 3, Article in OfThe Constitution.

The Honorable Court in People v. Tudtud, 41.2 SCRA 142 (2003), held thatthe Bill of Rights as the bedrock of constitutional government such that if the peopleare stripped naked of their rights as human beings, democracy cannot survive andgovernment becomes meaningless. This is why the Bill of Rights occupies a positionof primacy in the fundamental law way above the articles on State power.

1.6

,

.

.

With all due respect, this is precisely why petitioners invoke the very same Billof Rights - the citizens' scroll of entitlements - to strike down the Assailed Provisionsof the Cybercrime Prevention Act, as well as all other provisions that flow therefrom.

At the heart of the Cybercrime Prevention Act looms a great threat to citizens'fundamental rights. Section 12 thereof grants and bestows upon law enforcementauthorities unbridled authority to collect andlor record data with respect to acommunication's origin, destination, route, time, date, size, duration or type ofunderlying service in real time without prior judicial warrant:

"Section 1.2. Real-Time Collection of Traffic Data. - Lawenforcement authorities, un^e^e, shall be authorized tocollect or record by technical or electronic means traffic data inreal-time associated with specified communications transmittedby means of a computer system.

Traffic data refer only to the communication's origin,destination, route, time, date, size, duration, or type of underlyingservice, but riot content, nor identities.

All other data to be collected or seized or disclosed will requirea court warrant.

Service providers are required to cooperate and assist lawenforcement authorities in the collection or recording of the above-stated information.

The court warrant required under this section shall only beissued or granted upon written application and the examination underoath or affirmation of the applicant and the witnesses he may produceand the showing: (1) that there are reasonable grounds to believe thatany of the crimes enumerated hereinabove has been committed, or isbeing committed, or is about to be committed: (2) that there arereasonable grounds to believe that evidence that will be obtained isessential to the conviction of any person for, or to the solution of, or tothe prevention of, any such crimes; and (3) that there are 00 othermeans readily available for obtaining such evidence. " tEmphasis andunderscoring suppliedl

Section 1.2, for all intents and purposes, search and seizure before adetermination of probable cause occurs, violating Sections 2 and 3, Article 111 of theConstitution, which protect citizens' most cherished and jealously guardedfundamental civil and political rights, thus:

1.7

,

*

,

"Section 2. The right of the people to be secure in theirpersons, houses, papers, and effects against unreasonable searchesand seizures of whatever nature and for any purpose shall beinviolable, and 00 search warrant or warrant of arrest shall issueexcept upon probable cause to be determined personally by the judgeafter examination under oath or affirmation of the complainant and thewitnesses he may produce, and particularly describing the place to besearched and the persons or things to be seized.

Section 3. (1) The privacy of communication andcorrespondence shall be inviolable except upon lawful order of thecourt, or when public safety or order requires otherwise, as prescribedby law.

(2) Any evidence obtained in violation of this or the precedingsection shall be in admissible for any purpose in any proceeding. "

With all due respect, petitioners submit that Section 12 of the CybercrimePrevention Act is a blatant violation of an individual's right to privacy and of theprivacy of communication and correspondence, as guaranteed by the Constitution. Infact, even respondents in their Oral Arguments before the Honorable Court on 29January 201.3 admitted that Section 12 of the Cybercrime Prevention Act impacts onthe constitutional right to privacy. '

The existence of constitutionalIy and statutorily protected zones of privacyhas been consistently recognized by the Honorable Court. In Ople v. Torres, 293SCRA 141 (1998), the Honorable Court explained thus:

"Assuming, arguendo, that A. 0. No. 308 need not be thesubject of a law, still it cannot pass constitutional muster as anadministrative legislation because facial Iy it violates the right toprivacy. The essence of privacy is the 'right to be let alone. ' In the1,965 case of Griswold v. Connecticut, the United States SupremeCourt gave more substance to the right of privacy when it ruled thatthe ri ht has a constitutional foundation. It held that there is a rightof privacy which can be found within the penumbras of the First, Third,Fourth, Fifth and Ninth Amendments, xxx

I., Transcript of Stenographic Notes (n"SN") of the Oral Arguments, 29 January 2013.

1.8

,

.

t

In the 1968 case of Morfe v. Mutuc, we adopted the Griswoldruling that there is a constitutional right to privacy. Speaking thruMr. Justice, later Chief Justice, Enrique Fernando, we held:

The Griswold case invalidated a Connecticut

statute which made the use of contraceptives a criminaloffense on the ground of its amounting to anuriconstitutional invasion of the right of privacy ofmarried persons; rightful Iy it stressed 'a relationshiplying within the zone of privacy created by severalfundamental constitutional guarantees. ' It has widerimplications though. The constitutional right to privacyhas come into its own.

XX)(

rivac.

i to endentl

So it is likewise in our jurisdiction. Tl^o

itself

prot^tmn. The language of Prof. Einerson isparticularly apt: 'The concept of limited government hasalways included the idea that governmental powers stopshort of certain intrusions into the personal life of thecitizen. This is indeed one of the basic distinctions

between absolute and limited government. Ultimate andpervasive control of the individual, in all aspects of hislife, is the hallmark of the absolute state. In contrast, a

as

it is full

such

of its identification with libert ; in

.

Is

deservin

accorded

s stern of limited overriment safe uards a rivate

sector, which belongs to the individual, firmlydistinguishing it from the public sector, which the state

of constitutional

can control. Protection of his

reco nition

rotection in other words of t e diinte rit of t e individual - has beeo e incre s'n Ijin onant a modern SOCjet has develo ed. All theforces of a technolo ical a e - industrializationurbanizatiothe area of rivac and f cilitate intrusion into it. In

modern terms, the capacity to maintain and support thisenclave of private life marks the difference between ademocratic and a totalitarian society. '

and or anization - o erate to narrow

right of privacy is recognized and enshrined in several provisionsof our Constitution. It is ex ressl reco nized in Section 3 I of the

Indeed, if we extend our judicial gaze we will find that the

rivale sector

Bill of Rights :

It and

1.9

,

,

.

Q

(1) The privacy of communication'Sec. 3.

and correspondence shall be inviolable except uponlawful order of the court, or when public safety ororder requires otherwise as prescribed by law. '

Other facets of the right to privacy are protected in variousprovisions of the Bill of Rights, viz:

'Sec. I. No person shall be deprived of life,liberty, or property without due process of law, nor shallany person be denied the equal protection of the laws.

Sec. 2. The right of the people to be secure intheir persons, houses, papers, and effects againstunreasonable searches and seizures of whatever nature

and for any purpose shall be inviolable, and 00 searchwarrant or warrant of arrest shall issue except uponprobable cause to be determined personally by thejudge after examination under oath or affirmation of thecomplainant and the witnesses he may produce, andparticularly describing the place to be searched and thepersons or things to be seized.

Sec. 6. The liberty of abode and of changing thesame within the limits prescribed by law shall riot beimpaired except upon lawful order of the court. Neithershall the right to travel be impaired except in the interestof national security, public safety, or public health, asmay be provided by law.

XXX

Sec. 8. The right of the people, including thoseemployed in the public and private sectors, to formunions, associations, or societies for purposes notcontrary to law shall not be abridged.

xxx

20

Sec. 1.7. No person shall be compelled to be awitness against himself. "' tEmphasis and underscoringsuppliedI

In Polio v. Constantno-Dovid, 659 SCRA 189 (2011), the Honorable Courtheld that Section 3, Article 111 of the Constitution is the embodiment of the protectionof privacy of communications and correspondence, which is a fundamental personalright protected by the fundamental law:

"In its 1,964 ruling in Griswold v. Connecticut, the U. S. SupremeCourt declared that the ri ht to rivac was a fundamental ersonalrighi;

Morfe v. Mutuc emphasized the significance of privacy bydeclarin that ' t he ri ht to be let alone is indeed the be innin of

all freedom. ' The description hewed very closely to that earlier madeby Justice Brandeis in 01smead v. United States that the right^belet alone was the most 'coin rehensive of ri hts and the ri htsmost valued b

suppliedl

Section 12 of the Cybercrime Prevention Act enables law enforcementofficers to probe through a sphere of citizens' privacy - personal expressions,opinions, communications and correspondences without prioriudicialwarrant.

XXX

With all due respect, it is respectfully submitted that Section 12 is patentlyuriconstitutional as it violates a citizen's right to privacy and of privacy ofcommunication and correspondence.

civilized men. "' IEmphasis and underscoring

A. An Individual Has A Reasonable

Expectation Of Privacy Of PersonalElectronic Data, Communications AndCorrespondence.

The Honorable Court had another occasion to discuss issues related to the

right to privacy in Miguel v. Gordon, 504 SCRA 704 (2006), wherein is was heldthat in evaluating a claim for violation of privacy, it must be determined whether aperson has a reasonable expectation of privacy, and whether State intrusion hasviolated such exception:

21

*

~

.

laws. Within these zones, any form of intrusion is impermissible unlessexcused by law and in accordance with customary legal process. Themeticulous regard we accord to these zones arises not only from ourconviction that the right to privacy is a 'constitutional right' and 'theright most valued by civilized men, ' but also from our adherence to theUniversal Declaration of Human Rights which mandates that, 'no oneshall be subjected to arbitrary interference with his privacy' and'everyone has the right to the protection of the law against suchinterference or attacks. '

"Zones of rivac.

are reco nized and

Constitutioncreate zones of

Ou

alone' or the 'ri ht to determine what how much to whom andwhen information about himself shall be disclosed. ' Section 2

Bill of R' hts

guarantees 'the right of the people to be secure in their persons,houses, papers and effects against unreasonable searches andseizures of whatever nature and for any purpose. ' Section 3renders inviolable the 'privacy of communication andcorrespondence' and further cautions that 'any evidenceobtained in violation of this or the preceding section shall bein admissible for any purpose in any proceeding. '

rotected in our

rovides at least tworivac

.

e shrined in Article in of the

It hi in hts a erson's 'ri ht to be letuarantees that ex lieitl

ust determine whether a erson has exhibited a reasonableex ectation of

In evaluating a claim for violation of the right to privacy, a court

been violated b unreasonable overninent intrusion. " Em hasis

and underscoring suppliedl

It is respectfully submitted that citizens have a reasonable expectation ofprivacy to Traffic Data, which Section 12 of the Cybercrime Prevention Act permitslaw enforcement authorities, using the incomprehensible standard of due cause, tocollect or record in real-time. It is likewise submitted that Section 1.2, being anunreasonable State intrusion, violates this constitutional expectation.

rivac and if so whether that ex ectation has

In POWo v. Constantino-DC1vid, sunro, the Honorable Court, adopted theruling of the United States Supreme Court in Kotz v. United States, 389 U. S. 437(1967), wherein it was held that the use of a telephone in an enclosed boothconstitutes a reasonable expectation of privacy:

"In the 1,967 case of Katz v. United States, the Us SupremeCourt held that the act of FBI agents in electronically recording aconversation made by petitioner in an enclosed public telephone booth

22

,

~

.

violated his right to privacy and constituted a "search and seizure".Because the etitioner had a reasonable ex ectatio of rivacUsIn

rotection of the Fourth Amendment extends to such area. In theconcurring opinion of Mr. Justice Harlan, it was further noted that theexistence of privacy right under prior decisions involved a two-foldrequirement: first, that a person has exhibited an actual (subjective)expectation of privacy; and second, that the expectation be one thatsociety is prepared to recognize as reasonable (objective)."

the enclosed booth to make a ersonal tele hone call the

In United States v. Andrus, 483 F. 3d 711 (10th Cir. 2007), the United StatesCourt of Appeals for the Tenth Circuit held that computers contain a repository ofprivate information over which owners have a reasonable expectation of privacy:

"Courts considering the issue have attempted to analogizecomputers to other items more commonly seen in Fourth Amendmentjurisprudence. Individuals' ex ectations of rivac in coin utershave been likened to their e

or briefcase. ' United States v. Aaron, 33 Fed. Appx. 1.80, 1.84 (6thCir. 2006) (unpublished). Password-protected files have beencompared to a 'locked footlocker inside the bedroom. ' Trulock v.Freeh, 275 F. 3d 391,403 (4th Cir. 2001).

In

Given the pervasiveness of computers in American homes, thiscourt must reach some, at least tentative, conclusion about thecategory into which personal computers fall. A personal computer isoften a repository for private information the computer's owner doesnot intend to share with others.

ectations of rivac.

IFlor most people, their computers are theirmost private spaces. People commonly talk aboutthe bedroom as a very private space, yet when theyhave parties, all the guests - including perlectstrangers - are invited to toss their coats on thebed. But if one of those guests is caught exploringthe host's computer, that will be his last invitation.

in 'a suitcase

United States v. Gourde, 440 F. 3d 1065, 1077 (9th Cir. 2006)(en banc) (Kleinfeld, J. , dissenting). See generally Onn S. Kerr,Searches and Seizures in a Digital World, 11.9 Harv. L. Rev. 531,569(2005) ('tCIOmputers are playing an ever greater role in daily lifeand are recording a growing proportion of it. . . . [T]hey are postalservices, playgrounds, jukeboxes, dating services, movie theaters,daily planners, shopping malls, personal secretaries, virtual diaries,

23

,

~

~

and more. . . . Each new software application means another aspect ofour lives monitored and recorded by our computers. '). Becauseintimate i formalo is commonl stored on coin uters it seemsnatural that coin uters should fall into the same Gate osuitcases footlockers or other ersonal items that 'commandhi h to ree of rivac .' Salinas-Can0,959 F. 2d at 864. " IEmphasisand underscoring suppliedl

Further, in Katz v. United States, sunro, the United States Supreme Courtheld that a person has a reasonable expectation of privacy over privatecommunications except what a person It^ exposes to the public:

"For the Fourth Amendment protects people, not places. Whata person knowingIy exposes to the public, even in his own homeor office, is riot a subject of Fourth Amendment protection. SeeLewis v. United States, 385 U. S. 206,210; United States v. Lee, 274U. S. 559, 563. But what he seeks toan area accessible to the

pratee^. See Rios v. United States, 364 U. S. 253; Ex paneJackson, 96 U. S. 727,733. "

The Cybercrime Prevention Act allows law enforcement authorities to monitorandlor record traffic data associated with specified communications transmitted bymeans of a computer system. Traffic Data is defined under Section 12 of theCybercrime Prevention Act as supposedly limiting itself to non-content information:

as

a

. "Traffic data refer only to the communication's origin,destination, route, time, date, size, duration, or type of underlyingservice, but not content, nor identities. "

ublic

reserve as

Notably, Section 3(p) of the Cybercrime Prevention Act categorical Iy definesTraffic Data as non-content data, yet it does riot limit the same to the enumerationcontained therein:

in a be constitutional I

rivate even in

data other than the content of the communication includin

limit^, the communication's origin, destination, route, time, date,size, duration, or type of underlying service. "

"(p) Traffic data or nori-content data refers to any computer

The dichotomy of the foregoing provisions notwithstanding, Section 1.2 of theCybercrime Prevention Act violates the constitutional right to privacy and of privacyof communication and correspondence. To reiterate, an individual loses his right to

rivac over electronic data on I when one intends the same to be made ublic.

but riot

24

.

\

In this respect, central to the understanding of an individual's exposure in thedigital world or in cyberspace, it is necessary to understand the extent of anindividual's online footprint, thus:

"It is without a doubt that the advent of information technologyand, in particular, the Internet has had an impact on the private life ofcitizens in developed (and increasingly in developing) countries notseen since the industrial revolution. The "digitalisation" of everydaytasks such as reading the newspaper, listening to music and evenshopping for groceries has changed the face of public life to a pointwhere many people now find it difficult to imagine a day without accessto a computer. No more is this the case than in the area ofcommunication. Where previous generations managed to sustainpersonal and business relationships by way of postal letters, todayeven the smallest disturbance in the telecommunications system hasthe potential to bring businesses, from high street retailers to blue chipcompanies, to their knees. In our working practices we have becomeentirely reliant on e-mail and the WorldwideWeb.

What is less appreciated by many using the newtechnologies is just how much information about oneself, one'shabits and one's personal lives one leaves behind during thatonline shopping spree, when texting friends or sending a quick e-mail. These footprints of people going about their daily businessare known in the IT and communications industry as"communications data". They include a variety of informationgenerated in the context of making telephone calls, sending andreceiving e-mails and accessing the Internet.

In the case of e-mail, the data may include the time the e-mail was sent, the addressee and the size of the file. In the caseof a telephone call they may include the number called, thenumber from which the call was made, and the length of the call.An ISP providing access to the Internet will keep a log of the timeaccess was initiated and terminated and, in the case of access tothe WorldwideWeb, the URLs of websites visited and the order inwhich they were accessed. Collectively, such data are known as"traffic data". Communications data also include personalinformation relating to the identity of the person making thephone Gall or accessing the Internet such as name, billingaddress, etc. , commonly known as "subscriber data". Finally,where calls are made using a mobile phone call, the mobilephone provider will also be able to establish the location of thecaller at the time of the call ("location data").

25

*

It is widely held, that "as the technology and businessmodels evolve, communications data will provide a very rich andcolourful picture of an individual's interactions, associations,activities, thereabouts, and interests". This applies, in particular, totraffic data. As Caspar Bowden, then Director of the Foundation forInformation Policy Research (F1PR) explains:

'Traffic data constitutes a near complete mapof private life: whom everyone talks to (by e-mailand phone), where everyone goes (mobile phonelocation co-ordinates), and what everyone readsonline (websites browsed)."' tEmphasis suppliedI

It should be underscored that Traffic Data, when in the hands of a party thatmay connect such Traffic Data to other confidential data about an individual, resultsin unimaginable repercussions to an individual's right to privacy:

"Digital traffic data in the hands of the average person may notbe personally identifiable, but could take on a very differentsignificance in the possession of someone able to link a pseudonym -either an IP address or some other unique identifier - with a particularindividual, either by technical or legal means. Under suchcircumstances, otherwise non-personally-identifiable data could easilyreveal intimate details of an individual's personal lifestyle or privatedecisions and therefore would be deserving of ^ 8 protection. Thispoint relates both to the values represented by the data and therelationship of the subject of the data to the third party who is inpossession or control of it both aspects will be explored in more detaillater in the paper. "

In this light, by way of an example, Traffic Data is akin to the data we see inphone bills. Telecommunications service providers andlor companies have access toand record the numbers a certain phone line connects to, the duration of thecommunication, the date and time of the call made and the frequency of theconnection. However, despite these data being available to service providers,subscribers have a reasonable expectation of privacy to these data. Subscribersexpect service providers to keep said data as confidential and service providers havea contractual obligation to do so.

2Judith Rauhofer, "Just because you're paranoid, doesn't mean they're riot after you: Legislative developments in relationto the mandatory retention of communications data in the European Union", (2006) 3:4 SCRIPTed 322<hip:nunw. law. ed. an. uldahrclscript-edlv013-41nuhofer. asp> at 323-33.Jason Young, "Surfing While Muslim: Privacy, Freedom Of Expression 8 The Unintended Consequences Of CybercrimeLegislation", International Journal of Communication Law and Privacy, Issue 9, Special Issue on Cybercrime at page 15myinter 2004/2005).

a

26

,

\

Considering that Traffic Data constitutes "a near complete map of private life",and considering further that a majority of the users of electronic media and theInternet are probably unaware that their messages or transactions contain TrafficData and are similarly unaware of the extent of their online presence, and are, thus,ignorant of the privacy repercussions of their Traffic Data, it cannot be stated thatdisclosure to ISP's constitutes a waiver of the reasonable expectation of privacy:

"Thus it would seem that as much as our own ignoranceabout what actually takes place behind the screen encourages usto make false assumptions about our online privacy, so too doesthe trust we place in our service providers. Every day, acrosscyberspace, people engage in very private behaviour on the publicInternet. They engage in virtual sex, submit income tax returns,research health ailments, pay bills, collaborate with co-workers, makepurchases, plan vacations, enter contests and so forth. Much of thisactivity is done in the clear and all of this information is submitted, oneway or the other, through providers. Does the mere fact thatindividuals engage in these kinds of activities mean that they 00 longerhold reasonable expectations of privacy in the information disclosed tothird parties? Does it imply some kind of trust relationship betweensubscriber and the recipient of the information? Does it suggest acertain level of ignorance on the part of the subscriber as to exactlywhat happens when they click 'Send?"' IEmphasis suppliedI

As such, law enforcement officials cannot just demand for this kind ofinformation from service providers without any prioriudicial intervention in the form ofa search warrant. Precisely because said Traffic Data are private information notintended for public consumption. Even respondents in their Oral Argumentsadmitted that Traffic Data is private data and is confidential and covered by acitizen's right to privacy:

UusTiCE CARPiO:

Okay. So, you don't consider as confidential how many times youcall a certain person, how long you talk to a certain person, foryou it's not private, it's not covered by privacy.

SOLICITOR GENERAL JARDELEZA:

It is confidential, Your Honor. It is covered by my privacy, but youallow the State where there is a law enforcement reason, that is whydue cause. But then ..... linterruptedj

4Young, sunro, at pages 31-33.

27

\

~

.

JUSTICE CARPIO:

I never allowed the State ..... If I have a right to privacy, I want to keepit. But the law says: 'No, you cannot keep It. ' That's why we are heretoday. We have to determine whether there is a reasonableintrusion into your right of privacy. You agree that these areprivate data, correct?

SOLICITOR GENERALJARDELEZA:

Yes, Your Honor, but my response, Your Honor, is if we follow that lineof reasoning, the case of the hacker, Your Honor .....

JUSTICE CARPIO:

Yes, but you can always go to the judge to get a search warrant.The judge is always there. If you want, we can designate a judge24 hours a day. You can go to his house.


I agree with you, Your Honor. I would wish that the Congress hadlegislated appearance before a judge. But I'm saying, as it is, that'swhy in our argue ..... in our Memo ..... we say it is constitutional but ourview, and we say this with utmost respect to the Congress, personally,Your Honor, my rights will be better protected if there is judicialintervention. We have said that in the Memo, Your Honor.

JUSTICE CARPIO:

Okay. So, let's put it in perspective now. You said that you agreedwith me that this traffic data is private data, your own, it iscovered by privacy, correct?


Yes, Your Honor. "' IEmphasis suppliedl

This is precisely why, as correctly stated by Senior Associate Justice AntonioT. Carpio, when phone bills are delivered to subscribers, said bills are placed insealed envelopes, the contents of which are intended only for the recipient's privateconsumption and discretion. ' Thus, said data are intended to be private despite thefact that it was generated by the service provider. Therefore, in reference to theinside-outside data dynamics referred to by the respondents, law enforcementauthorities are not empowered to demand from, for instance, the postal office,

5

BPages 50-52, TSN of the Oral Arguments, 29 January 2013.Page 53, TSN of the Oral Arguments, 29 January 201.3.

28

.

~

,

information as to where certain mails are intended to be delivered, when the mailshall reach the intended recipient, the quantity of mails delivered by or to a certainperson, and the like. These data are also reasonably expected to be private and asearch warrant is necessary to obtain them.

What then is the difference of Traffic Data from other data to afford lawenforcement officers an unbridled access to such? Petitioners respectfully submitthat there is none. As quoted above, even respondents in their Oral Argumentsmanifested their agreement that Traffic Data is private data. Accordingly, TrafficData, as defined in the Cybercrime Prevention Act, is within the scope of citizens'reasonable expectancy of privacy and should be protected from unreasonablegovernment intrusion.

Likewise, in Guest v. Lets, 225 F. 3d 325,333 (6th Cir. 2001), the UnitedStates Court of Appeals for the Sixth Circuit held that information voluntarilyconveyed to a systems operator is outside the scope of the reasonable expectationof privacy:

"Courts have applied this principle to computer searches andseizures to conclude that computer users do not have a legitimateexpectation of privacy in their subscriber information because theyhave conveyed it to another person~the system operator. See Maxwell,45 M. J. at 41.8; United States v. Kerinedy, 81 F. Supp. 2d 11.03, 11.10(D. Kan. 2000) (rejecting a privacy interest in subscriber informationcommunicated to an internet service provider)"

Clearly, from the foregoing, an individual loses his reasonable expectation ofprivacy only when there is a voluntary act of disclosing the same.

In the case at hand, even in the event that 00 such voluntary act exists, lawenforcement authorities are granted unbridled discretion to monitor and record trafficdata despite the lack of relinquishment of an individual's reasonable expectation ofprivacy over the same.

An individual's traffic data is vastly different from subscriber data, or evenemail addresses, which an individual voluntarily discloses in the course of utilizingelectronic media. Most individuals reasonably expect that their electronictransactions or communications sent from the sanctity of their own homes andpersonal electronic communication devices (over which there is a recognizedreasonable expectation of privacy) shall remain private and inviolable.

29

I

.

.

Today, technology has provided ordinary citizens, as well as bloggers andnetizens, the opportunity to do the most private of acts through electronic devicesand the Internet. In fact, most of the things individuals usually do in the privacy oftheir homes and abodes outside the probing eyes of the public can now be done inthe digital world or cyberspace. Though in varying degrees, the Internet has becomean extension not only of everyone's lives. Thus, it has become a new sphere whereind'v'd I Id d h I ' ' "individuals could and should reasonably expect that their online activities are keptprivate and outside intrusion by the State. In fact in Kotz v. United States, sunro,the United States Supreme Court stressed that a protection of a person's right to beleft alone is akin to the protection of not only one's home but of one's life:

from other forms of governmental invasion. But the rotection of"Other provisions of the Constitution protect personal privacy

erson's eneral ri ht to

other 00 to - is like the rotection of his ro ert and of hisvery_^, left largely to the law of individual States. " (Emphasis andunderscoring supplied)

Pertinently, in United States v. Warshak, 631 F. 3d 266 (6th Cir. 2010), itwas held that even email that passes through a third party Internet Service Provider("ISP") is still covered by the protection of the right to privacy, thus:

rivac

principles. First the re

- his ri ht to be let alone b

thr u h a communications network is a

"In confronting this question, we take note of two bedrock

me dinen consider tion. See ibid. ; United States v. U. S. Dist.Court, 407 U. S. 297, 313 (1972) ('tTlhe broad and unsuspectedgovernmental incursions into conversational privacy which electronicsurveillance entails neoessitate the application of Fourth Amendmentsafeguards. '). Second, the Fourth Amendment must keethe in exorable march of technolo ical ro ress or its uarantees

unl^ish. See Kyllo v. United States, 533 U. S. 27,34(2001) (rioting that evolving technology must not be permitted to 'erodethe privacy guaranteed by the Fourth Amendment'); see also Orin S.

fact that information is bein

Kerr, Applying the Fourth Amendment to the Internet: A GeneralApproach, 62 Stan. L. Rev. 1005, 1,007 (2010) (arguing that 'thedifferences between the facts of physical space and the facts of theInternet require courts to identify new Fourth Amendment distinctionsto maintain the function of Fourth Amendment rules in an online

environment').

aramount Fourt

assed

ace with

XXX

30

,

.

.

If we accept that an email is analogous to a letter or aphone call, it is manifest that agents of the government cannotcompel a commercial ISP to turn over the contents of an emailwithout triggering the Fourth Amendment. An ISP is theintermediary that makes email communication possible. Emails mustpass through an ISP's servers to reach their intended recipient. Thus,the ISP is the functional equivalent of a post office or a telephonecompany. As we have discussed above, the police may riot stormthe post office and intercept a letter, and they are likewiseforbidden from using the phone system to make a clandestinerecording of a telephone call - unless they get a warrant, that is.See JOGobsen, 466 U. S. at 1.14; Katz, 389 U. S. at 353. It only standsto reason that, if government agents compel an ISP to surrender thecontents of a subscriber's emails, those agents have therebyconducted a Fourth Amendment search, which neoessitatescompliance with the warrant requirement absent some exception. "IEmphasis and underscoring suppliedl

Although, through the dichotomy, the Cybercrime Prevention Act makes afeeble attempt to avoid unconstitutionality, the same is still violative of theConstitution. Respondents, themselves, even recognize the danger of Section1.2 by admitting that it barely passes the tests of constitutionality:

"JUSTICE CARPIO:

But the law defines traffic data now. And the policeman will go toPLDT: 'This is the low. I don't need a search warrant to get this kind o1data. ' So, PLDT will give. Is that constitutional? Does that violate yourright to privacy?


Our answer, Your Honor, is it is it is constitutional

because under the present state of the law, this Court or previousCourts have not said that traffic data is covered by the constitutionalright to privacy. That is why, Your Honor, in our Memorandum we sayit is constitutional ..... it is constitutional but linterruptedl

JUSTICE CARPIO:

It is constitutional until we declare it is not, that's what you are saying?


If I may ..... but ..... barely. lintelruptedj

31.

.

.

.

JUSTICE CARPIO:

I want to know what is really the law? Is itconstitutional? It doesn'tforget about our decision, what do you think? Would you, if it happensto you, would you raise the defense of Privacy?


If it happens to me, Your Honor, I cannot argue privacy because thedata, the data on telephone, is external data, Your Honor. Therefore, ifYour Honor please, but that is not covered by privacy, but, YourHonor, as we have said in our Memo and with all due respect to theCongress, taking as instructive the experience, for example, in theUnited States, in that jurisdiction, springing from the same premise thatthere is 00 constitutional right to privacy, their Congress gave astatutory right. Traffic data can be exercised only if the trigger is riotany kind of law enforcement authority but a Federal United Statesattorney going to a judge, Your Honor, but that is statutoryfutonuptedj

JUSTICE CARPIO:

But that is not here. Here, it's any police officer can do it.

.....


That is why, Your Honor, I am saying it is constitutional, but barely.That's my answer, Your Honor. "' IEmphasis suppliedI

It is significant to note that respondents have pointed to the alarmingcharacter of Section 19 of the Cybercrime Prevention Act as early as in theirConsolidated Comment, when the Office of the Solicitor General stated in an honestand unequivocal manner that

"In this Comment, the Office of the Solicitor General vigorouslydefends the constitutionality of R. A. No. 1,0175, in its entirety, exceptonly as to Section 1.9, on restricting or blocking access. With all duerespect to the Congress, the OSG submits that Section 19 ifconstitutionalIy impermissible, because it permits a form of finalrestraint on s eech without rior 'udicial determination. As to Section

.....

1.2, on the real time collection of traffic data, the OSG defends itsconstitutionality. However, again with all due deference to theCongress, the OSG submits that the Con ress inariwisdom consider amendin

'udicial authorization. "' IEmphasis and underscoring suppliedl

7

aPages 47 and 48, TSN of the Oral Arguments, 29 January 2013.Pages 7 and 8, Consolidoted Comment.

the Section to ovide forin Its

nor.

32

,

.

,

.

Lest citizens' most cherished and jealously guarded fundamental civiland political rights hang in the balance, for a law that affects the lives ofmillions upon millions of Filipinos, barely is riot good enough - it will never begood enough. It does riot even come close to even the faintest shadow ofconstitutionality.

Section 12 of the Cybercrime Prevention Act states that the content andidentity of the participants to the intercepted Traffic Data shall neither be monitorednor recorded. Nevertheless, Traffic Data encompasses the origin, destination, route,time, date, size, duration, or type of data. Once such data is acquired, it becomeseasy for law enforcement authorities to verify identities through other investigativemethods. The acquisition of such Traffic Data is, thus, the critical jump-off point orspringboard for violations of an individual's right to privacy - again, all without thebenefit of judicial intervention.

Worse, Section 12 of the Cybercrime Prevention Act allows the collection orrecording of traffic data connected to "specified communications". No definition isprovided with respect to the scope of "specified communications". If this were takento mean that law enforcement authorities possess a suspicion as to the nature of thecommunications, or the identity of the parties which they cannot substantiate, thenthe gathering of data relating to the origin, destination, route, time, date, size,duration, or type of such data would be in the nature of a fishing expedition whichcannot be countenanced by the Honorable Court. IRoxas v. Moonpogal-Arroyo,630 SCRA 211 (2010)l

In fact, in United States v. Jones, 565 Us , 132 S. Ct. 945 (2012), theUnited States Supreme Court held that attaching a Global Positioning System("GPS") device to a vehicle, and the Government's use of that device to monitor thevehicle's movements, constitutes a search contrary to the constitutionalIy guaranteedright against unreasonable searches and seizures.

Moreover, respondents' vigorously-defended distinction that data otherthan Traffic Data to be seized or disclosed shall require a judicial interventionthrough a court warrant is nothing more than a paper distinction that cannotserve to protect an individual's reasonable expectation to privacy. To reiterate,once law enforcement authorities acquire the origin, destination, route, time,date, size, duration or type of data (or what respondents supposedlycharacterize as "outside" data), the content andlor identities of the targetedindividuals are easily verifiable through other means. Consequently, therequirements of judicial intervention andlor court warrant to determine nori-traffic (or "inside" data) has been rendered nugatory and meaninglessconsidering that an unreasonable intrusion into the individual's sphere ofprivacy has already been made and is irreversible.

33

.

.

.

Further, it is arguable that majority of the users of electronic media, such asthe internet, are unaware that their messages or transactions contain traffic data,which under the Section 12 of the Cybercrime Prevention Act, may be monitored bylaw enforcement authorities under the convenient justification of "due cause".

Verily, the Constitution protects not only content and identity but allincidentslaspects of communication and correspondence, including who a personchooses to talk to, how long that person chooses to correspond with them, themanner by which they converse or correspond, among others, Thus, the wholeprocess of communication and correspondence is zealously protected by theConstitution and can only be curtailed by lawful warrant upon probable cause. That'sprecisely the safeguard provided for by the judicial process, which the AssailedProvisions, particularly Section 12 of the Cybercrime Prevention Act, totally anduriapologetically disregard.

There being 00 relinquishment of the reasonable expectation of privacy overthe same, Traffic Data cannot be subjected to search and seizure by lawenforcement authorities under the flimsy excuse of "due cause" as an individual hasa reasonable expectation of privacy over the same. Everyone has a right to privacy,communication and correspondence that should be respected - by Constitutionalcommand.

B. Section 12 Of The CybercrimePrevention Act Constitutes AnUnreasonable Government Intrusion

As It Lacks Safeguards AgainstPossible Abuses By Possessors OfAcquired Data.

With all due respect, it is submitted that Section 12 of the CybercrimePrevention Act constitutes unreasonable Government intrusion into an individual's

right to privacy and of privacy of communication and correspondence as it lacks anysafeguards whatsoever against possible abuse of the data acquired.

In Ople v. Torres, supro, the Honorable Court held that the absence ofsafeguards for the potential misuse of data gathered through government regulationis a potential threat to the Bill of Rights. Likewise, indefinite ness as to the purpose ofthe data to be gathered will give rise to potential abuses by authorities. In said case,Administrative Order No. 308 required the use of biometric scanners to record allgovernment transactions of an individual. The Honorable Court held that theabsence of guidelines and safeguards constitutes a violation of the right to privacy:

34

,

.

"xxx Considering the banquet of options available to theimplementors of A. 0. No. 308, the fear that it threatens the ri ht torivac of our co Ie is riot roundless.

xxx This is an admission that the PRN will not be used solelyfor identification but for the generation of other data with remoterelation to the avowed purposes of A. 0. No. 308. Orearl^theindefinite ness of A. 0. No. 308 can ive the overninent the rovinauthorit to store and retrieve infor ation for a or OSe otherthan the i entification of the individual throu h his PRN.

The potential for misuse of the data to be gathered under A. 0.No. 308 cannot be under played as the dissenters do. Pursuant to saidadministrative order, an individual must present his PRN everytime hedeals with a government agency to avail of basic services andsecurity. His transactions with the government agency will necessarilybe recorded - whether it be in the computer or in the documentary fileof the agency. The individual's file may include his transactions forloan availments, income tax returns, statement of assets and liabilities,reimbursements for medication, hospitalization, etc. The more frequentthe use of the PRN, the better the chance of building a huge andformidable information base through the electronic linkage of the files.The data may be gathered for gainful and useful governmentpurposes; but the existence of this vast reservoir of personalinformation constitutes a covert invitation to misuse, atemptation that may be too great for some of our authorities toresist. " [Emphasis supplied]

In the instant case, even a cursory perusal of Section 12 reveals a dearth ofinformation as to what purpose the data gathered shall be used for. Nowhere inSection 12 can be seen the limits of the use of the data gathered by law enforcementauthorities. Simply put, under Section 1.2, law enforcement authorities are given theunrestrained power to secure data for whatever purpose they may deem fit. This ispatently contrary to the Honorable Court's pronouncement in Ople v. Torres, sunro.

Notably in Ople v. Torres, supro, the offending law likewise attempted tomake a distinction between certain forms of data without specifying how such datashall be segregated. To this, the Honorable Court ruled thus:

will be limited to the name address and other basic ersonalinformation

"We can even rant ar uendo that the coin uter data file

assum tion will riot save A. 0. No. 30

infirmit

about

for a ain said order does riot tell us in clear and

the individual Even

from constitutionalthat hos itable

35

,

.

.

Gate oneal terms how these inform tionh ridled. It does riot rovide who s all control and access thedata under wha circumstances and for whatfactors are essential o safe uard the rivac and uarant theinte rit of the information. Well to note, the, computer linkage givesother government agencies access to the information. Yet, there areno controls to guard against leakage of information. When theaccess code of the control programs of the particular computer systemis broken, an intruder, without fear of sanction or penalty, can makeuse of the data for whatever purpose, or worse, manipulate the datastored within the system. " IEmphasis and underscoring suppliedl

Applying the foregoing to the instant case, Section 12 likewise attempts todistinguish between traffic and non-traffic data without providing the procedure ofsegregating the same. Moreover, the Cybercrime Prevention Act is bereft ofsafeguards to control the access and handling of such data. Neither does theCybercrime Prevention Act guarantee the integrity of such data, nor does it providemeasures against possible leakage of information.

at hered shall be

From the foregoing, it is clear the threat of potential abuse enunciated in Oplev. Torres, supro, is likewise extant in the Cybercrime Prevention Act. Section 12thereof, if left uriabated, would invite potential misuse of data gathered and sanctionviolations of the right to privacy. Thus, Section 12 is an unwarranted State intrusioninto an individual's reasonable expectation of privacy and should, therefore, bestruck down and declared uriconstitutional.

or OSe. These

C. Section 12 Of The CybercrimePrevention Act Constitutes AnUnreasonable Government Intrusion

As It Renders Existing SafeguardsAgainst Invasion Of Privacy, As Well

CommunicationsAs And

Correspondence, Nugatory.

The Honorable Court has conclusive Iy held that the right to privacy isprotected not only by the Constitution but by statutory law, as well. In Marquez v.Desiert0,359 SCRA 772 (2001), the Honorable Court held thus:

laws. The Civil Code provides that "telvery person shall respect thedignity, personality, privacy and peace of mind of his neighbors andother persons" and punishes as action able torts several acts formeddling and prying into the privacy of another. It also holds a publicofficer or employee or any private individual liable for damages for anyviolation of the rights and liberties of another person, and recognizes

"Zones of rivac are reco nized a d rotecte in our

36

,

.

.

the privacy of letters and other private communications. The RevisedPenal Code makes a crime of the violation of secrets by an officer, therevelation of trade and industrial secrets, and trespass to dwelling.Invasion of privacy is an offense in special laws like the Anti-Wiretapping Law, the Secrecy of Bank Deposits Act, and theIntellectual Property Code. " IEmphasis and underscoring suppliedl

Moreover, the provisions on the Rules of Court regarding the privacy andlorconfidentiality of certain information are a form of protection of an individual's right toprivacy. [Ople v. Torres, supro]

In light of the importance placed on an individual's right to privacy, theHonorable Court promulgated A. M. No. 08-,.-,. 6-SC, otherwise known as the Rule onthe Writ of Habeas Data, Section I of which states that said writ is a remedyavailable to persons whose right to privacy in life, liberty or security is threatened:

available to any person whose ri ht tosecurity is violated or threatened by an unlawful act or omissionof a public official or employee, or of a private individual or entityengaged in the gathering, collecting or storing of data orinformation regarding the person, family, home andcorrespondence of the aggrieved party. " IEmphasis andunderscoring suppliedl

"Section I. Habeas Data. - The writ of habeas data is a remedy

In Roadguez v. Moonpagal-Arroyo, 660 SCRA 84 (2011), the HonorableCourt held that the writ of habeas data is a remedy to protect a person's right tocontrol information regarding oneself. It is a remedy to protect information al privacy:

"Meanwhile, the writ of habeas data provides a judicialremedy to protect a person's right to control informationregarding oneself, particularly in instances where such

rivac

information is be in collected throu h unlawful means in order to

in life, liberty or

achieve unlawful ends. As an inde endent and summa reined

to protect the right to privacy - especially the right to illf^privacy- the proceedings for the issuance of the writ of habeas datadoes not entail any finding of criminal, civil or administrative culpability.If the allegations in the petition are proven through substantialevidence, then the Court may (a) grant access to the database orinformation; (b) enjoin the act complained of; or (0) in case thedatabase or information contains erroneous data or information, orderits deletion, destruction or rectification. "

37

4

.

.

Section 12 of the Cybercrime Protection Act renders the remedy of the Writ ofHabeas Data nugatory and irrelevant. To relterate, the Writ of Habeas Data seeks toprevent the unwarranted intrusion of public officials, such as law enforcementauthorities, into one's private information, yet Section 12 of the CybercrimeProtection Act allows law enforcement authorities to collect and monitor traffic dataon the flimsy justification of "due cause". Clearly, the Cybercrime Protection Act

sanctions the evils which the Writ of Habeas Data seeks to prevent.

Moreover, as discussed, there is 00 limitation present under Section 12 of theCybercrime Prevention Act with regard to the purpose of the collection andmonitoring of traffic data, as well as the allowable ends within which law enforcementauthorities may utilize such seized data. It does not require a stretch of logic toconclude that nothing in Section 12 of the Cybercrime Prevention Act hinders lawenforcement authorities from potentially using gathered data to perpetuale violationsagainst an individual's right to privacy with respect to life, liberty, and security.

Finally, the Writ of Habeas Data seeks to protect individuals from threats tothe right to privacy in life, liberty or security from unlawful acts of public officials.Section 12 of the Cybercrime Prevention Act is wholly contrary to the foregoing sinceit provides government sanction to actions of law enforcement authorities, whichwould otherwise be an unlawful intrusion into an individual's right to privacy.

From the foregoing, it is clear that Section 12 of the Cybercrime PreventionAct seeks to render the Honorable Court's laudable actions to safeguard anindividual's right to privacy nugatory. This cannot be countenanced and, thus,Section 12 of the Cybercrime Prevention Act must be struck down.

1/1. Section 12 Of The Cybercrime Prevention ActIs Patently Uriconstitutional Considering ThatIt Violates An Individual's Right ToUnreasonable Searches And Seizures.

Section 2, Article in of the Constitution, which is recognized as a form ofprotection of an individual's right to privacy, provides the standard of probable causebefore searches and seizures may be conducted:

"Sec. 2. The right of the people to be secure in their persons,houses, papers, and effects against unreasonable searches andseizures of whatever nature and for any purpose shall be inviolable,and 00 search warrant or warrant of arrest shall issue except uponprobable cause to be determined personally by the judge afterexamination under oath or affirmation of the complainant and thewitnesses he may produce, and particularly describing the place to besearched and the persons or things to be seized. "

38

,

.

,

Probable cause has been defined as "a reasonable ground of suspicionsupported by circumstances sufficiently strong in themselves to induce a cautiousinari to believe that the person accused is guilty of the offense charged. " tPeople ofthe Philippines v. Tnn, 634 SCRA 773 (2010)I

Pertinently, Section 12 of the Cybercrime Prevention Act allows lawenforcement authorities to collect or record an individual's traffic data upon theexistence of "due cause". However, the terms "collect" and "record" are, in reality,euphemisms for "seizure without due process of law". Thus, the foregoing is patentlycontrary to the constitutional protection against unwarranted searches and seizures.

First of all, neither the Cybercrime Prevention Act, nor other pertinent laws,define "due cause". Thus the absence of a standard of "due cause" allows lawenforcement authorities to determine for themselves whether or not the recording orcollecting of data is necessary or lawful. Moreover, the possibility exists that lawenforcement authorities may set a standard far below the standard of probablecause for the seizure of data under Section 1.2.

Respondents themselves in their Oral Arguments agree that the power givento law enforcers to collect and record traffic data is subject to abuse and that that theCybercrime Prevention Act is not clear on how "due cause" should be determined:

"JUSTICE DEL CASTILLO:

Counsel, it seems to me now that because Congress did not define,the phrase "due cause" in Section 12 of the Cybercrime Law, thispower now of government to collect and record traffic data issubject to abuse. You were saying earlier that any policeman whobelieves that a crime has been committed or would just for instance inthe example you gave earlier could go to any of the processservers, at any of the service providers and collect data?


That is right, Your Honor. "' IEmphasis suppliedl

Respondents likewise tellingIy agreed, as previously stated, that citizens'"rights would be better protected if there is judicial intervention. ""

9

1.0Page 67, TSN of the Oral Arguments, 29 January 201.3.Pages 50 and 51, TSN of the Oral Arguments, 29 January 201.3

39

.

.

.

Further, as initially discussed, the seizure of data espoused under Section 12of the Cybercrime Prevention Act is not anchored on a specific purpose for thecollection of the same. Section 12 does not state the purpose for the seizure or useof such data, e. g. for criminal prosecutions and other legitimate State interests. Theconsequence of the foregoing is that law enforcement authorities are granted nighunlimited justification to intrude upon a person's right to privacy. This unbridleddiscretion granted to law enforcement authorities effective Iy deprives an individual ofhis constitutionalIy assured protection against unwarranted searches and seizures,as well as his constitutional right to privacy and the privacy of communication andcorrespondence. Respondents admitted that "a more robust procedural safeguard"would have been better than giving a blanket authority to law enforcers to inspecteach and every traffic data available, thus:

"JUSTICE LEONEN:

Yes, but in 101.75 it simply says that the government can come in fordue cause. It does not say that it's a judicial authority irispite of the factthat Section 3 says upon lawful order of the court. But to be fair,counsel, there is a qualifier, "or when public safety or order requiresotherwise as prescribed by law". But looking at the CybercrimeRegulation Act, would you say that there is enough judicial Iydeter minable standards to say when public safety or order requiresotherwise or are we not giving too much a blanket authority to theauthorities to inspect every packet of data that is available out there?

SOLICITOR GENERALJARDELEZA:

As we said in our comment, Your Honor, the regime cuts it too closefor comfort. You know, as we say, it's constitutional but we agreethere can be more robust procedural safeguards, Your Honor. ""IEmphasis suppliedl

However, Section 12 of the Cybercrime Prevention Act cannot be cured by itsimplementing rules and regulations. Section 1.2, as it is written, stands as a generalwarrant to everyone to which the law shall apply.

In Vowelo v. Court of Appeals, 427 SCRA 658 (2004), the Honorable Courtruled that the property to be seized must be particularly described so as to precludeany possibility of seizing any other property

"The things to be seized must be described withparticularity. Technical precision of description is not requires. It isonly necessary that there be reasonable particularity and certaintyas to the identity of the property to be searched for and seized, so

ItPages 72 and 73, TSN of the Oral Arguments, 29 January 201.3.

40

,

I

that the warrant shall riot be a mere roving commission. Indeed,the law does not require that the things to be seized must be describedin precise and minute detail as to leave 00 room for doubt on the partof the searching authorities. If this were the rule, it would be virtuallyimpossible for the applicants to obtain a warrant as they would notknow exactly what kind of things to look for. Any description of theplace or things to be searched will enable the officer making thesearch with reasonable certainty to locate such place or thing issufficient.

However, the requirement that search warrants shallparticularly describe the things to be seized makes general searchesunder them impossible and prevents the seizure of one thing under awarrant describing another. As to what is to be taken, nothing is left tothe discretion of the officer executing the warrant. Thus, the specificproperty to be searched for should be so particularly described as topreclude any possibility of seizing any other property. " IEmphasissuppliedI

Section 12 of the Cybercrime Prevention Act allows the law enforcementofficers to search and seize traffic data without any clear standard to determine withreasonable particularity and certainty as to what data should be collected andrecorded.

In this connection, it is elementary that rules and regulations are limited andcircumscribed by the provisions of its law it is implementing. An administrativeagency has 00 power to amend or unduly expand the law it implements through themere issuance of rules and regulations. ITeoxon v. Members of the Board ofAdministrators, 33 SCRA 585 (1970)l Further, as stated in Peloez v. AuditorGeneral, 122 Phil. 965 (1965):

"Congress may delegate to another branch of the governmentthe power to fill in the details in the execution, enforcement oradministration of a law, it is essential, to forestall a violation of theprinciple of separation of powers, that said law: (a) be complete initself - it must set forth therein the policy to be executed, carried outor implemented by the delegate - and (b) fix a standard - the limitsof which are sufficiently deter minate or deter minable - to which thedelegate must conform in the performance of his functions. Indeed,without a statutory declaration of policy, the delegate would, ineffect, make or formulate such policy, which is the essence ofevery law; and, without the aforementioned standard, there wouldbe no means to determine, with reasonable certainty, whether thedelegate has acted within or beyond the scope of his authority.Hence, he could thereby arrogate upon himself the power, not only to

41

.

*

.

make the law, but, also - and this is worse - to unmake it, byadopting measures inconsistent with the end sought to be attained bythe Act of Congress, thus nullifying the principle of separation ofpowers and the system of checks and balances, and, consequentlyundermining the very foundation of our Republican system. "IEmphasis suppliedl

Moreover, Section 12 of the Cybercrime Prevention Act allows the real-timemonitoring and seizure of traffic data. In light of the unchecked discretion granted tolaw enforcement authorities to determine for themselves whether there exists ajustification for resort to Section 12 of the Cybercrime Prevention Act, it opens thepossibility to a 2417 intrusive surveillance by law enforcement authorities withoutprobable cause as justification for the same. This clearly constitutes an untowardintrusion into an individual's right to privacy and the privacy of communication andcorrespondence.

From the foregoing, the vague standard of "due cause" cannot in any waywhatsoever substitute for the recognized standard of probable cause found in theConstitution without violating an individual's right against unreasonable searches andseizures, as well as his right to privacy and the privacy of communication andcorrespondence.

With all due respect, the Honorable Court cannot afford to give Section 12 ofthe Cybercrime Prevention Act a chance. It provides such sweeping authority tointrude into our privacy unnecessarily. There is 00 need to provide law enforcementofficers the power to collect and record traffic data to curtail cybercrime. Existinglaws already provide law enforcement officers the power to investigate on a certaincriminal act, without first collecting and recording traffic data, in order to build basisfor asking a search and seizure warrant of traffic data from the courts. In Katz v.United Sures, sunro, the United States Supreme Court held that the investigationconducted by the authorities before they began their warrantless electronicsurveillance would have been enough to grant them judicial warrant to perform suchelectronic surveillance and, thus, the conducted surveillance would have beenupheld:

"The question remaining for decision, then, is whether thesearch and seizure conducted in this case complied with constitutionalstandards. In that regard, the Government's position is that its agentsacted in an entirely defensible manner: They did not begin theirelectronic surveillance until investigation of the petitioner's activitieshad established a strong probability that he was using the telephone inquestion to transmit gambling information to persons in other States, inviolation of federal law. Moreover, the surveillance was limited, both inscope and in duration, to the specific purpose of establishing thecontents of the petitioner's unlawful telephonic communications. The

42

, .

agents confined their surveillance to the brief periods during which heused the telephone booth, 1.4 and they took great care to overhearonly the conversations of the petitioner himself.

Accepting this account of the Government's actions asaccurate, it is clear that this surveillance was so narrowlycircumscribed that a duly authorized magistrate, properly notifiedof the need for such investigation, specifically informed of thebasis on which it was to proceed, and clearly apprised of theprecise intrusion it would entail, could constitutional Iy haveauthorized, with appropriate safeguards, the very limited searchand seizure that the Government asserts in fact took place. Onlylast Term we sustained the validity of 1389 U. S. 347, 3551 such anauthorization, holding that, under sufficiently 'precise and discriminatecircumstances, ' a federal court may empower government agents toemploy a concealed electronic device 'for the narrow andparticularized purpose of ascertaining the truth of the . . . allegations'of a 'detailed factual affidavit alleging the commission of a specificcriminal offense. ' OSborn v. United States, 385 U. S. 323,329 -330.Discussing that holding, the Court in Berger v. New York, 388 U. S. 41said that 'the order authorizing the use of the electronic device' inOSborn 'afforded similar protections to those of conventional

warrants authorizing the seizure of tangible evidence. ' Through thoseprotections, 'no greater invasion of privacy was permitted thanwas necessary under the circumstances. ' Id. , at 57. Here, too, asimilar 1389 U. S. 347,3561 judicial order could have accommodated"the legitimate needs of law enforcement" by authorizing the carefullylimited use of electronic surveillance. " tEmphasis and underscoringsuppliedl

Moreover, the collection of Traffic Data under Section 12 of the CybercrimePrevention Act cannot be likened to a valid warrantiess search of a moving vehicleand to that under exigent circumstances since these exceptions to the rule do notdispense with the requirement of probable cause. The Honorable Court in Animg, Jr.v. Commission on Elections, 237 SCRA 424 (1994), reiterated the wisdom ofVatmonte v. de Villa, 1.78 SCRA 21.1 (1989), holding that a warrantless searchconducted by law enforcement officers require that said officers had reasonable orprobable cause to believe before the search that a crime is being committed:

"An extensive search without warrant could only be resorted toif the officers conducting the search had reasonable or probable causeto believe before the search that either the motorist was a law offenderor that they would find the instrumental ity or evidence pertaining to thecommission of a crime in the vehicle to be searched. The existence of

probable cause justifying warrantless search is determined by the factsof each case. "

43

,

~

~

.

Unlike the standard required for valid warrantless searches, only the flimsyand unprecedented "due cause" is required from law enforcement officers incollecting and recording traffic data. Furthermore, in cases of warrantless searchesof moving vehicles and in cases of exigent circumstances, law enforcement officersalready have past experiences as basis to determine what situations call for awarrantless search of a moving vehicle or when there is exigency to warrant swiftaction. In the case of collecting and recording traffic data, however, law enforcementauthorities would be dealing with this information for the first time, without specificstandard to follow notwithstanding the grave danger it poses upon the fundamentalright to privacy.

In fact, respondents in their Consolidated Comment conceded that thestatutory protection provided by Section 12 of the Cybercrime Prevention Act palesin comparison to the Pen Register Act and the PATRIOT Act in the United States interms of safeguards in the collection of Traffic Data considering that the foreignstatutes require the issuance of a judicial warrant prior to any electronic surveillanceover Traffic Data:

"Indeed compared to the statutory protection afforded by thePen Register Act and the Patriot Act to the collection of traffic data inthe United States, the protection afforded by Section 12 of R. A. No.10/75 is minimal. Still, they afford some protection. "" IEmphasisand underscoring suppliedI

Although respondents argue in their Consolidated Comment that "thedecision on the range of the protection" afforded to citizens "resides in thewisdom of the Congress" and that the Cybercrime Prevention Act "could havebeen crafted to provide more robust procedural safeguards respecting thecollection of trafficlnon-content data, i. e. , at a minimum requiring that therequest be made by an attorney of the Department of Justice to a judge; thatthe information likely to be obtained is relevant to an ongoing investigation;and that the collection be made only after the issuance of a judicial warrant"",the issue before the Honorable Court is riot of wisdom but of constitutionality.It is respectfully submitted, therefore, that no amount of legislative wisdom orprerogative can legitimize an uriconstitutional statutory enactment.

Again, for a law that affects the lives of millions upon millions ofFilipinos, barely is not good enough - it will never be good enough. TheCybercrime Prevention Act does riot even come close to even the faintestshadow of constitutionality.

12

13Pages 1.38 and 1.39, Consolidated Comment.Page1.39, Consolidated Comment.

44

,.

.

The other provisions of the Cybercrime Prevention Act that flow from theAssailed Provision likewise suffer the same fatal flaw, including the provisions thatauthorize the disbursement of public funds for the implementation of the law.

IV. Section 19 Of The Cybercrime Prevention ActIs Null And Void For Being UriconstitutionalConsidering That It Is Violative Of The DueProcess Clause Under Section I, Article 111 OfThe Constitution, For Failing To Provide AnyProcedural Safeguards In Its ImplementationAndlOr Enforcement.

It is significant to note that respondents have conceded as uriconstitutionalSection 19 of the Cybercrime Prevention Act. In plain, ordinary and unmistakablelanguage, respondents stated in their Consolidated Comment that

"In this Comment, the Office of the Solicitor Generalvigorously defends the constitutionality of R. A. No. 101.75, in itsentiret exce

access. With all due respect to the Congress, the OSG submitsthat Section 19 if constitutional Ierm'ts a form of final restraint on s eech without nor 'udicial

determination. "" Em hasis and underSCO '

In view of the position taken by the Office of the Solicitor General with respectto Section 19 of the Cybercrime Prevention Act, the Honorable Court, in its Advisorydated 09 January 201.3, gave the Congress the opportunity to defend theconstitutionality of said provision. During the Oral Arguments on 15 January 201.3,the Honorable Court asked to be clarified whether any representative of theCongress will be arguing for Section 1.9, to which the Solicitor General respondedthat he has not been so advised. " Subsequently, in a Monies tofun dated 17January 2013, the Office of the Solicitor General informed the Honorable Court that"the lawyers for both Houses of Congress have informed the undersigned that theywill not argue for the constitutionality of Section 1.9". The Solicitor General reiteratedthis during the Oral Arguments on 29 January 2013. " Thus, it cannot be more clearthat 00 official, agent or representative of the State chooses to defend this draconianprovision.

on I as to Section 19 on restrictin or blockin

jin ermissible because it

During the Oral Arguments on 29 January 201.3, respondents, as part of theirconcession with respect to the unconstitutionality of Section 1.9, even admitted thatthe victory will belong to all parties if the Honorable Court strikes down said provisionlaw, thus:

14

15Page 7, Consolidated Comment.

Pages 10 and 1.1, TSN of the Oral Arguments, 15 January 2013.Page 12, TSN of the Oral Arguments, 29 January 2013.

16

45

,

,

~

,

"SOLICITOR GENERAL JARDELEZA:

xxx We take seriously the claim that 10/75 overreaches into protectedfreedoms particularly the freedom of speech and expression and theright to privacy. We do so, for we in the OSG, equally with thepetitioners are committed to the protection of our constitutionalfreedoms. We too believe, Your Honors, that freedom of speech isdelicate, vulnerable, and needs breathing space to survive. We toobelieve that without speech, discussions of our most abiding concernsas a nation will be stifled. In fact Your Honors it is in this s int thathe OSG after much thou ht has come to our conclusion thatSection 19 of 10/75 as worded jin ermissivels eech

etitioners. Your Honors wit res ect we humbl submit thatshould his Honorable Court strike down Section 19 the vietowill belon to all of us to 11 of us who cherish free s eech and

or concession has been chalked u as a vieto

^ion. xxx"" IEmphasis and underscoring suppliedI

Indeed, Section 19 of the Cybercrime Prevention Act must be struck down forbeing uriconstitutional. In particular, said provision is being violative of the DueProcess Clause under Section I, Article 111 of the Constitution, which provides:

"Section I. No person shall be deprived of life, liberty orproperty without due process of law, nor shall any person be deniedthe equal protection of the laws. "

Procedural due process simply means procedural fairness. In the early caseof Lopez v. Director of Lands, 47 Phil. 23,32 (1924), procedural due process hasbeen fittingIy articulated to mean a "law which hears before it condemns". Althoughadmitted Iy the requirements of procedural due process may differ depending on thekind of proceeding, i. e. judicial or quasi-judicial, 00 one can deny the heart of dueprocess is to provide a person a real and genuine (as opposed to illusory)opportunity to be heard and present his or her side.

intrudes intofor the

In this connection, Section 19 of the Cybercrime Prevention Act empowersthe Department of Justice ("DoJ") to issue orders restricting andlor blocking datathat are found primojocie in violation of said law. However, in plain and direct terms,it fails to provide the owner of the target computer the opportunity to explain whysuch computer or data should not be restricted andlor blocked. The CybercrimePrevention Act fails to provide any procedural rules and standards on how Section19 shall be enforced, much less any procedure as to how persons affected oraggrieved by the implementation andlor enforcement may be heard in their defense.

L7Page 1.7, TSN of the Oral Arguments, 29 January 2013.

46

,

,

,

Hence, Section 19 does riot give ample protection to citizens, especially bloggersand netizens, due to the lack of judicial intervention in the determination of a primalocie violation, which will justify the restriction andlor blocking of websites.

Even a cursory glance of the Cybercrime Prevention Act readily reveals that itdoes not provide any procedural rules and standards on how Section 19 shall beenforced, much less any procedure as to how persons affected or aggrieved by theimplementation andlor enforcement may be heard in their defense. This will simplyleave the DoJ with unbridled discretion to issue orders restricting andlor blockingaccess to computer data that alleged Iy are in prima focie violation of the CybercrimePrevention Act, without, however, giving the owners of said targeted computer dataeven an iota of opportunity to explain why said computer data should not berestricted andlor blocked.

InterestingIy, the quantum of evidence required under Section 19 of theCybercrime Prevention Act to set into motion the authority given to the DoJ to issuerestricting andlor blocking access to computer data is only the very low standard ofprima focie evidence. It is of 00 secret that prima locie evidence is the lowest amongthe hierarchy of quantum of evidence needed to sustain valid a decision or action onthe part of the government. In fine, this Honorable Court has defined prima factoevidence as "evidence which, if unexplained or uricontradicted, is sufficient to sustaina judgment in favor of the issue it supports, but which may be contradicted by otherevidence". IWCi-neon v. People o1 the Philippines, 510 SCRA 429 (2006)l Althoughprima focie evidence may be contradicted by other evidence, it may very well bereiterated with the risk of being redundant that there are actually 00 proceduralsafeguards in the Cybercrime Prevention Act through which the affected oraggrieved persons may present such contradicting evidence.

Hence, with such low degree of evidence required, coupled with the obviousdearth of procedures in the Cybercrime Prevention Act on how the persons affectedor aggrieved by its implementation could contest or contradict such prima moleevidence, there is clearly 00 doubt that the DoJ has now been given omnipotentpower in issuing orders restricting andlor blocking access to computer data. In thisregard, the DoJ can virtually bring down any website it deems unacceptable underthe all-encompassing pretense of "prima focie evidence", without regard as towhether the aggrieved party has been able, much less given a real opportunity, topresent his side and defend himself. There can never be a justification for themenace to and the threat of abridging the most cherished and jealously guardedfundamental civil rights, particularly in this instance the right of the people to dueprocess, which Section 19 of the Cybercrime Prevention Act inevitably creates.

Thus, in view of the foregoing alone, Section 19 of the Cybercrime PreventionAct should be struck down for violating the Due Process Clause of the Constitution.The other provisions of the Cybercrime Prevention Act that flow from the AssailedProvision likewise suffer the same fatal flaw, including the provisions that authorizethe disbursement of public funds for the implementation of the law.

47

,

.

,

V. Section ^9 Of The Cybercrime Prevention ActIs Null And Void For Being UriconstitutionalConsidering That It Is Violative Of The RightOf Citizens Against Unreasonable SearchesAnd Seizures, As Provided Under Section 2,Article in Of The Constitution, For Failing toSatisfy The Requirements of A Finding OfProbable Cause Prior To A Search.

Section 19 of the Cybercrime Prevention Act should likewise be declared nulland void for being violative of Section 2, Article in of the Constitution, whichprovides:

"Section 2. The right of the people to be secure in theirpersons, houses, papers, and effects against unreasonable searchesand seizures of whatever nature and for any purpose shall beinviolable, and 00 search warrant or warrant of arrest shall issueexcept upon probable cause to be determined personally by the judgeafter examination under oath or affirmation of the complainant and thewitnesses he may produce, and particularly describing the place to besearched and the persons or things to be seized. "

Section 19 of the Cybercrime Prevention Act is clearly violative of Section 2,Article 111 of the Constitution, since it authorizes the issuance of a seizure warrantunder the following circumstances: (1) issuance by a person, other than a_. judge; (2)issuance on the basis of only a prim^gele showing, instead of a finding of probablecause, of any violation of the provisions of the Cybercrime Prevention Act; and (3)issuance without the required examination under oath of a complainant and thewitnesses that may be produced.

As it stands, Section 19 of the Cybercrime Prevention Act authorizes the DoJto issue an order to restrict andlor block access to computer data that are primalacrein violation of the same law. It must be pointed out that restricting andlor blockingaccess to computer data has a very similar, if not the same, effect of seizing thetarget data. In essence, by restricting andlor blocking access to computer data, theauthor thereof is deprived of his ownership over his intellectual creation or hiscopyright over the data, while the owner or proprietor of the media where it wasdisplayed, i. e. owner of a website, is deprived of his right to operate such site - bothin the same manner that an owner of a physicalItangible thing or object seized isdeprived of his rights over said object. Thus, before restricting or blocking access tocomputer data must be authorized, the requirements for valid seizures as mandatedunder Section 2, Article in of the Constitution must be present and complied with.

48

.

In connection with restriction andlor blocking of computer data, Orin Kerr, inhis article e t'tl d F rth A ' ' 'his article entitled Fourth Amendment Seizures of Computer Data, emphasizedthat when the intended recipient of information transmitted through the Internet failsto receive such information as sent, there is already an interception:

"xxx A seizure of moving or movable property occurs onlywhen government action alters the path or timing of its intendedpossession or transmission. Copying data as part of its usualcourse of transmission or storage does riot seize anything,because its intended path or timing has not been interrupted. Asa result, treating copying as a seizure does not require the conclusionthat routine computer use implicates constant Fourth Amendmentseizures. Government copying of computer data seizes that data onlywhen it copies the data outside the expected course of its transmissionor possession. "" IEmphasis suppliedl

Interception in this case would amount to a seizure of data. Hence, if the DoJrestricts andlor blocks information sent through the Internet upon a finding that thereis a prima focie violation of the Cybercrime Prevention Act, there would already be aseizure, even before the finding of a probable cause, in violation of Section 2, Article1/1 of the Constitution and Section 4, Rule 1.26 of the Rules of Court, as well as rulingcase law. 1stonehill vs. Diokn0, 20 SCRA 383 (1967); Vowelo vs. Court ofAppeals, 427 SCRA 658 (2004); People of the Philippines vs. Turn, 628 SCRA226 (2010)l

Furthermore, it has been POSited that even if data uploaded is non-personallyidentifiable, it may lead to the revelation of intimate details about the sender:

"Digital traffic data in the hands of the average person may notbe personally identifiable, but could take on a very differentsignificance in the possession of someone able to link a pseudonym -either an IP address or some other unique identifier - with a particularindividual, either by technical or legal means. Under suchcircumstances, otherwise non-personally-identifiable data could easilyreveal intimate details of an individual's personal lifestyle or privatedecisions and therefore would be deserving of ^ 8 protection. Thispoint relates both to the values represented by the data and therelationship of the subject of the data to the third party who is inpossession or control of it both aspects will be explored in more detaillater in the paper. ""

18

L9Onn Kerr, Fourth Amendment Seizures of Computer Data, 11.9 YALE L. J. 700 (2010).Jason Young, "Surfing While Muslim: Privacy, Freedom Of Expression 8 The Unintended Consequences Of CybercrimeLegislation", International Journal of Communication Law and Privacy, Issue 9, Special Issue on Cybercrime at page 15myinter 2004/2005).

49

4 .

In this connection, Section 19 of the Cybercrime Prevention Act empowersthe DoJ to issue orders restricting andlor blocking data that are found primulaeie inviolation of said law. To be able to assess said data and determine if there is indeeda violation of the law, the DoJ has to look at and study the actual data being sentbefore it even reaches the intended receiver. From this perspective, there wouldalready be a search of the data. And as a consequence of this search, information isnow in the hands of DoJ, even before it procures a warrant.

Related Iy, DoJ Assistant Secretary Geronimo L. Sy, who is also designatedas the Head of the DoJ Office of Cybercrime, discussed the Cybercrime PreventionAct during the forum held on 09 October 201.2 and recognized the broad powerlodged with the DoJ, thus admitting:

"xxx You know, in our saying, we always have a saying that wehave good intention in a lot of things that we do, but the highway tohell is also paved with good intentions. We don't trust our goodintentions. We need the private sector, we need civil society, andwe need academe to watch government, to make sure that ourgood intentions are mixed with good methods for good results.We don't trust ourselves; we have good intentions. To do what isright, but we don't want to be complacent and trust ourselves justto do the right thing. We need you to watch us, we need it to lookat us and say 'Hey! That's out of bounds, stop. We need you there,eyes on the ball. ""' IEmphasis suppliedI

Taking cue from the admission of Assistant Secretary Sy that even the DoJ- the Government agency that is tasked to enforce the Cybercrime Prevention Act -needs the private sector to check on the DoJ, the agency itself recognizes the broadand unchecked powers given to it by the law. Indeed, if the text of the CybercrimePrevention Act itself sets limitations on the power of the DoJ to restrain andlor blockwebsites - such as a requirement for judicial intervention prior to the actualrestriction andlor blocking of websites - then there would have been a constitutionallayer of protection as to the power granted to the State and the manner throughwhich it will be exercised. However, the same is wanting in the CybercrimePrevention Act, thus making it uriconstitutional.

It should be emphasized that the potential for abuse of law enforcementpowers under the Cybercrime Prevention Act is neither far-fetched nor remote. Thisis evident from the disposition of Assistant Secretary Sy himself when he practicallyencouraged the public to hack websites durlng the same forum hosted by the DoJ:

20

Page 1.1, Transcript of the Forum on the Cybercrime Prevention Act, 09 October 201.3.

50

, .

"xxx Because of your presence here today, we would like toconvert this forum into a collaborative forum of doing the IRR to seehow we can move forward. We're developing a new model ofcybercrime enforcement in the world. Let me repeat that cybercrimeenforcement in the world. Can you imagine all the hacktivism, allthe hacktivists for the past two weeks and sa 'Ok in the nexttwo weeks wh don't we hack all the child orn sites? Wh don'we hack all t e edo hilia sites? Wh don't we hack x z sites thatare bad for SOCiet ?' Can ou jina ine unleas ieach individual usin crowdsourcin technolo

uttin

instead of attackistate resources? xxx" Em hasis

As quoted above, Assistant Secretary Sy made a clear and categorical publicstatement inciting and even encouraging the public to hack websites that he referredto as "bad for society. " Said public remarks clearly and categorical Iy incited andencouraged the public to violate the provisions of the Cybercrime Prevention Act thatthe DoJ is mandated to implement, as well as other criminal laws that the DoJ istasked to enforce.

a sto at least inaria e some of thoverninent

If a senior official of the DoJ is so cavalier as to incite the public to violate thevery law his agency is tasked to enforce and implement, it is not unreasonable to bealarmed that his subordinates would follow his lead. Petitioners certainly hope not.But what assurances do citizens have that law enforcement authorities will not

perform or countenance the performance of violations of the Constitution? None,unfortunately. That is precisely the problem with the Assailed Provisions: thepotential for abuse is limitless and effortless.

ebsites and brin in

the ower of

and then final Ibad

As it stands, therefore, the strict safeguards against unreasonable seizuresand seizures protected under the Constitution have been completely disregarded, orworse, entirely eliminated. Thus, on this score, Section 19 of the CybercrimePrevention Act should be adjudged uriconstitutional and of 00 legal effectwhatsoever.

roblems

down

Vl. Section 19 Of The Cybercrime Prevention ActIs Null And Void For Being UriconstitutionalConsidering That It Is Violative Of The RightOf The People To Freedom Of Speech UnderSection 4, Article in Of The Constitution.

Likewise, Section 1.9, in relation to Section 4(c)(4), of the CybercrimePrevention Act, runs afoul with the constitutional Iy protected freedom of speech,particularly as it constitutes prior restraint. Prior restraint has been defined and

51

,

,

understood as "official governmental restrictions on the press or other forms ofexpressions in advance of actual publication or dissemination. xxx The mereprohibition of government interference before words are spoken or published wouldbe an inadequate protection of the freedom of expression if the government couldpunish without restraint after publication. xxx Hence, the guarantee of freedom ofexpression also means a limitation on the power of the state to impose subsequentpunishment. ,, 21

Section 19 of the R. A. No. 101.75 is undeniably prior restraint, in the form ofsubsequent punishment, i. e. , the DoJ's issuance of orders restricting or blockingaccess to computer data. This would definitely have a chilling effect on petitionersand citizens, thereby effective curtailing and rendering nugatory the constitutionalIysafeguarded right to freedom of speech and of expression.

In Chorez v. Gonzoles, 545 SCRA 441 (2008), the Honorable Court clarifiedthat a law which has an effect of prior restrain is presumed to be uriconstitutional andthe government the government bears a heavy burden of proving its constitutionality.Needless to state, courts should only sustain the constitutionality of law constitutingprior restraint only if there is a showing that a compelling state interest neoessitatingsuch prior restraint, thus:

"Only unprotected expression may be subject to prior restraint.However, any such prior restraint on unprotected expression musthurdle a high barrier. First, such prior restraint is pus^uriconstitutional. Second the over ninent bears a he aof rovin the constitutional it of the nor restraint.

Courts will subject to strict scrutiny any government actionimposing prior restraint on unprotected expression. The governmentaction will be sustained if there is a compelling State interest, andprior restraint is necessary to protect such State interest. In sucha case, the prior restraint shall be narrowly drawn - only to the extentnecessary to protect or attain the compelling State interest. " tEmphasisand underscoring suppliedI

In applying the foregoing doctrines to the instant Petition, there is clearly 00showing of any state interest sufficient to compel and warrant up holding of the priorrestraint, which Section 19 of the Cybercrime Prevention Act operational izes.

21

burden

Jonguin G. Belnas, SJ, THEL987CONSTiTUTioNOFTHEPHiLiPPiNEs:AGOMMENTARY253 (2009).

52

,

.

.

In this connection, Assistant Secretary Sy admitted that before a website canbe restricted or blocked, the clear und present danger rule has to be met '' InSohenck v. United States, 249 U. S. 47 (1919), Justice Oliver We ridell Holmes Jr.defined clear und present donger rule as:

"xxx The question in every case is whether the words used areused in such circumstances and are of such a nature as to create aclear and present danger that they will bring about the substantiveevils that Congress has a right to prevent. It is a question of proximityand degree. xxx"

In Gonzoles v. Commission on Elections, 27 SCRA 835 (1969), theSupreme Court emphasized that there is still a need for the court to weigh theinterests involved, to wit:

"However useful the 'clear and present danger' formulation wasin the appraisal of a specific type of situation, there is fairly extensiverecognition that it is not a rule of universal applicability and validity, notan auto atic mechanism that relieves a court of the need for carefulscrutin of the fea ures of a iven situation and evaluation of thecoin etin interests involved. " Em hasis su lied

It must be noted that under Section 1.9, the power to find a prima focie casefor the restriction andlor blocking of website is lodged with the DoJ. Under Section1.9, the role of the court is supposedly not needed and, in fact, convenientlydispensed with. Thus, taking into consideration the admission of Assistant SecretarySy, Section 1.9 goes against the settled standard of clear und present danger.

In reality, 00 matter how innocent the wording of the law or provision may be,Section 1.9 stifles a person's voice and covers his ears. It is a Cyber Gag Rule thatcuts off individuals from one another. It silences the originator of communication andprevents the intended recipients from hearing the message, without regard for itslegitimacy and protected nature under the Constitution. As such, Section 19 is aeuphemism; the State is actually telling its citizens to shut-up. It looks benign but, inreality, it means curtailment of the most cherished and jealously guarded civil andpolitical rights under the Constitution.

Measured even by this standard alone, the Assailed Provisions fail to passconstitutional scrutiny.

22

Pagell, Transcript of the Forum on the Cyberchine Prevention Act, 09 October 2013.

53

,

,

.

Vll. Sections 4(c)(4), 5, 6, And 7 Of TheCybercrime Prevention Act Are Null And VoidFor Being Uriconstitutional Considering ThatSaid Provisions Are Violative Of The DueProcess Clause Under Section I, Article in OfThe Constitution And Of The Free SpeechClause Under Section 4, Article in Of TheConstitution.

:

Section 4(c)(4) of the Cybercrime Prevention Act broadens the definition oflibel provided in Article 355 of the Revised Penal Code, as amended. Notably, saidprovision adds the use of computer system or any other similar means that may bedevised in the future as means of committing the crime of libel. Axiomatically, thecomplexity of the cyber world cannot be disregarded and be put on the same footingas the conventional means of committing libel under the Revised Penal Code.Otherwise stated, the elements of libel cannot find application in the computer realmin the absence of specific definitions to govern the same.

Section 4, Article in of the Constitution provides:

"Section. 4. No law shall be passed abridging the freedom ofspeech, of expression, or of the press, or the right of the peoplepeaceably to assemble and petition the government for redress ofgrievances. "

In Chovez v. Gonzales, supro, the Honorable Court emphasized theimportance of this constitutional guarantee:

"Freedom of expression allows citizens to expose and checkabuses of public officials. Freedom of expression allows citizens tomake informed choices of candidates for public office. Freedom ofexpression crystalIizes important public policy issues, and allowscitizens to participate in the discussion and resolution of such issues.Freedom of expression allows the competition of ideas, the clash ofclaims and counterclaims, from which the truth will likely emerge.Freedom of expression allows the airing of social grievances,mitigating sudden eruptions of violence from marginal ized groups whootherwise would not be heard by government. Freedom of expressionprovides a civilized way of engagement among political, ideological,religious or ethnic opponents for if one cannot use his tongue to argue,he might use his fist instead. "

54

*

.

.

Verily, the Free Speech Clause prohibits both prior restraint and subsequentpunishment that have the effect of unduly curtailing expression. This includes the"chilling effect" on protected speech that comes from statutes violating free speech.Truly, a person who does not know whether .his speech constitutes a crime orwhether he will be prosecuted by the Government under an over broad or vague lawmay simply refuse to speak to avoid being charged of a crime. The chilling effectresults in deafening silence. This is exactly what Sections 4(c)(4), 5 and 6 of theCybercrime Prevention Act perpetuate to the detriment of petitioners' most cherishedand jealously guarded civil rights under the Constitution.

Petitioners do not doubt the intention of the lawmakers in passing theCybercrime Prevention Act. Petitioners are fully aware of the abuses and crimeswhich they intent to curtail such as child pornography and computer related fraud,which they support completely. But the Government should not get ahead of itselfand declare "martial law" within the cyber realm. Petitioners cannot emphasizeenough that in this technological age, almost everyone is connected throughcomputer systems, be it through the internet or applications in mobile phones. Sadly,the provisions of the law tend to deter the technologically advanced population frommoving forward.

Article 353 of the Revised Penal Code, as amended, defines libel, to wit:

"Art. 353. Definition of libel. - A libel is a public and maliciousimputation of a crime, or of a vice or defect, real or imaginary, or anyact, omission, condition, status, or circumstance tending to cause thedishonor, discredit, or contempt of a natural or juridical person, or toblacken the memory of one who is dead. "

To be liable for the crime of libel, the following elements must be shown toexist: (a) the allegation of a discreditable act or condition concerning another; (b)publication of the charge; (0) identity of the person defamed; and (d) existence ofmalice. IBrill"rite v. Court of Appeals, 440 SCRA 541 (2004)l Further, Article 355of the Revised Penal Code provides that libel is committed by means of writing,printing, lithography, engraving, radio, phonograph, painting, theatrical exhibition,cinematographic exhibition or any similar means. After the passage of theCybercrime Prevention Act, added to the list is the use of computer systems andsimilar means as may be devised in the future:

Article 355 of the Revised Penal Code, as amended, committedthrou h a coin uter s stern or an other similar means which in a be

"(4) Libel. - The unlawful or prohibited acts of libel as defined in

devised in the future. " Em hasis and underSCOrin su lied

55

.

Computer system on the other hand is defined in Section 3 of the CybercrimePrevention Act as "any device or group of interconnected or related devices, one ormore of which, pursuant to a program, performs automated processing data. Itcovers any type of device with data processing capabilities including, but not limitedto, computers and mobile phones xxx. " Practically, computer system covers blogs,Facebook, Twitter and other platforms for social media interaction. However, howare the elements of libel applied in the use of computer systems? For instance, whatconstitutes publication? Is posting a status or comment on Facebook, consideringthat only your friends will see them, considered publication? Does liking, re-tweetingor sharing someone's blog or post constitute publication?

Petitioners are not taking the position that the crime of libel should be strickenoff the statute books of this jurisdiction. Rather, petitioners challenge Section 4(c)(4)of the Cybercrime Prevention Act since said provision lacks coinprehensiblestandards to afford citizens with reasonable minds notice of what conduct should beavoided.

The fundamental legal principle of voidjor vagueness provides that a statutecan be struck down as uriconstitutional if it lacks sufficient definite ness and

particularity that men of common intelligence must necessarily guess at its meaningand differ in its application. [Estrada v. Sandiganboyon, 369 SCRA 394 (2001)]Thus, a statute - or a provision thereof, as in this case - is repugnant to Section I,Article I of the Constitution prtncipally for two (2) reasons: first, the average citizen isnot given notice of what conduct to avoid; second, law enforcement authorities aregiven unbridled discretion to implement the statute, which lacks sufficient standardsand definite ness to begin with. However, it is not only the Constitution's Due ProcessClause that is violated by the vagueness of Section 4(c)(4) of the CybercrimePrevention Act. The provision's vagueness also has grave and far-reachingimplications on citizens' right to free expression.

Written into the statute books, Section 4(c)(4) of the Cybercrime PreventionAct is so vague that it constitutes an effective prior restraint to every citizen, includingbloggers and netizens. Indeed, if citizens do not know what illegal or unlawfulconduct to avoid, then it is better to refrain from doing andlor saying anything at all,Iest the heavy arm of the State be forthcoming. This is precisely the chilling effect thevague and sweeping language of Section 4(c)(4) of the Cybercrime Prevention Actbreeds on the people, thereby instilling a regime of prior restraint on freedom ofexpression, which is most cherished by petitioners.

The defect in the Cybercrime Prevention Act cannot be cured by theImplementing Rules and Regulations. In Ople v. Torres, at at, supro, the HonorableCourt struck down Administrative Order No. 308, which mandated an adoption of aNational Computerized Identification Reference System, as uriconstitutional on thegrounds, among others, that the issuance lacked reasonable standards to safeguarda person's right to privacy, it is so widely drawn that a minimum standard for a

56

.

.

.

reasonable expectation of privacy cannot be inferred from its provisions and thereare 00 controls to guard against leakage of information. Thus, the Honorable Courtheld:

"Unlike the dissenters, we prescind from the premise that theright to privacy is a fundamental right guaranteed by the Constitution,hence, it is the burden of government to show that A. 0. No. 308 isjustified by some compelling state interest and that it is narrowlydrawn. A. 0. No. 308 is predicated on two considerations: (1) theneed to provide our citizens and foreigners with the facility toconveniently transact business with basic service and social securityproviders and other government instrumental ities and (2) the need toreduce, if not totally eradicate, fraudulent transactions andmisrepresentations by persons seeking basic services. It is debatablewhether these interests are compelling enough to warrant the issuanceof A. 0. No. 308. But what is not arguable is the broadness, thevagueness, the over breadth of A. 0. No. 308 which if implemented willput our people's right to privacy in clear and present danger.

The heart of A. 0. No. 308 lies in its Section 4 which providesfor a Population Reference Number (PRN) as a "common referencenumber to establish a linkage among concerned agencies" through theuse of "Biometrics Technology" and "computer application designs. "

In the last few decades, technology has progressed at agalloping rate. Some science fictions are now science facts. Today,biometrics is no longer limited to the use of fingerprint to identifyan individual. It is a new science that uses various technologies inencoding any and all biological characteristics of an individual foridentification. It is noteworthy that A. 0. No. 308 does riot statewhat specific biological characteristics and what particularbiometrics technology shall be used to identify people who willseek its coverage. Considering the banquet of options availableto the implementors of A. 0. No. 308, the fear that it threatens theright to privacy of our people is not groundless.

XXX

A. 0. No. 308 should also raise our antennas for a further

look will show that it does riot state whether encoding of data islimited to biological information alone for identification purposes.In fact, the Solicitor General claims that the adoption of theIdentification Reference System will contribute to the "generation ofpopulation data for development planning. " This is an admission that

57

.

,

.

the PRN will not be used solely for identification but for the generationof other data with remote relation to the avowed purposes of A. 0. No.308. Clearly, the indefinite ness of A. 0. No. 308 can give thegovernment the roving authority to store and retrieve informationfor a purpose other than the identification of the individualthrough his PRN.

The potential for misuse of the data to be gathered underA. 0. No. 308 cannot be underplayed as the dissenters do.Pursuant to said administrative order, an individual must present hisPRN everytime he deals with a government agency to avail of basicservices and security. His transactions with the government agencywill necessarily be recorded- whether it be in the computer or in thedocumentary file of the agency. The individual's file may include histransactions for loan availments, income tax returns, statement ofassets and liabilities, reimbursements for medication, hospitalization,etc. The more frequent the use of the PRN, the better the chanceof building a huge and formidable information base through theelectronic linkage of the files. The data may be gathered forgainful and useful government purposes; but the existence ofthis vast reservoir of personal information constitutes a covertinvitation to misuse, a temptation that may be too great for someof our authorities to resist.

We can even grant, arguendo, that the computer data file willbe limited to the name, address and other basic personal informationabout the individual. Even that hospitable assumption will not saveA. 0. No. 308 from constitutional infirmity for again said order doesriot tell us in clear and categorical terms how these informationgathered shall be handled. It does riot provide who shall controland access the data, under what circumstances and for whatpurpose. These factors are essential to safeguard the privacy andguaranty the integrity of the information. Well to note, the computerlinkage gives other government agencies access to the information.Yet, there are no controls to guard against leakage of information.When the access code of the control programs of the particularcomputer system is broken, an intruder, without fear of sanction orpenalty, can make use of the data for whatever purpose, or worse,manipulate the data stored within the system.

It is plain and we hold that A. 0. No. 308 falls short of assuringthat personal information which will be gathered about our people willonly be processed for unequivocally specified purposes. The lack ofproper safeguards in this regard of A. 0. No. 308 may interfere with theindividual's liberty of abode and travel by enabling authorities to trackdown his movement; it may also enable unscrupulous persons to

58

,

,

.

access confidential information and circumvent the right against self-inchmination; it may pave the way for "fishing expeditions" bygovernment authorities and evade the right against unreasonablesearches and seizures. The possibilities of abuse and misuse ofthe PRN, biometrics and computer technology are accentuatedwhen we consider that the individual lacks control over what canbe read or placed on his ID, much less verify the correctness ofthe data encoded. They threaten the very abuses that the Bill ofRights seeks to prevent.

The ability of a sophisticated data center to generate acomprehensive cradle-to-grave dossier on an individual and transmitit over a national network is one of the most graphic threats of thecomputer revolution. The computer is capable of producing acomprehensive dossier on individuals out of information given atdifferent times and for varied purposes. It can continue adding to thestored data and keeping the information up to date. Retrieval of storeddata is simple. When information of a privileged character finds its wayinto the computer, it can be extracted together with other data on thesubject. Once extracted, the information is putty in the hands of anyperson. The end of privacy begins.

Though A. 0. No. 308 is undoubtedly not narrowly drawn, thedissenting opinions would dismiss its danger to the right to privacy asspeculative and hypothetical. Again, we cannot countenance such alaidback posture. The Court will not be true to its role as the ultimateguardian of the people's liberty if it would not immediately smother thesparks that endanger their rights but would rather wait for the fire thatcould consume them.

We reject the argument of the Solicitor General that anindividual has a reasonable expectation of privacy with regard tothe National ID and the use of biometrics technology as it standson quicksand. The reasonableness of a person's expectation ofprivacy depends on a two-part test: (1) whether by his conduct, theindividual has exhibited an expectation of privacy; and (2) whether thisexpectation is one that society recognizes as reasonable. The factualcircumstances of the case determines the reasonableness of the

expectation. However, other factors, such as customs, physicalsurroundings and practices of a particular activity, may serve to createor diminish this expectation. The use of biometrics and computertechnology in A. 0. No. 308 does not assure the individual of areasonable expectation of privacy. As technology advances, the levelof reasonably expected privacy decreases. The measure of protectiongranted by the reasonable expectation diminishes as relevanttechnology becomes more widely accepted. The security of the

59

.

computer data file depends not only on the physical in accessibility ofthe file but also on the advances in hardware and software computertechnology. A. 0. No. 308 is so widely drawn that a minimumstandard for a reasonable expectation of privacy, regardless oftechnology used, cannot be inferred from its provisions.

The rules and regulations to be drawn by the IACC cannotremedy this fatal defect. Rules and regulations merely implement thepolicy of the law or order. On its face, A. 0. No. 308 gives the IACCvirtually unfettered discretion to determine the metes and bounds ofthe ID System. [Emphasis in the original]

Moreover, it is an elementary principle in constitutional and administrative lawthat an executive issuance cannot expand, modify or change the terms of a statute.Rules and regulations are limited and circumscribed by the provisions of its law it isimplementing. An administrative agency has 00 power to amend or unduly expandthe law it implements through the mere issuances of rules and regulations. tTeXon v.Members of the Board o1 Administrators, 33 SCRA 585 (1970)l Administrativeagencies are only allowed to "fill up the details" of an already complete statute.Clearly, the Cybercrime Preventive Act suffers from fatal infirmities that cannot besalvaged by implementing rules and regulations.

In this regard, Section 4(c)(4), in relation to Section 1.2, of the CybercrimePrevention Act violates citizens' right to privacy in asmuch as personal and privatecommunications and correspondence can be looked into by the law enforcementauthorities even in the absence of a lawful order or even when the exigencies ofpublic safety or order do riot warrant the same. Moreover, as held in Ople v. Torres,at at, supro, the Honorable Court ruled that since the right to privacy is afundamental right guaranteed by the Constitution, it is the burden of the State toshow that government action is justified by some compelling state interest and that itis narrowly drawn. Moreover, incursions into the right to privacy must beaccompanied by proper safeguards and well-defined standards to preventuriconstitutional invasions, none of which exist in the Assailed Provisions.

To make matters worse, with all due respect, Section 5 of the CybercrimePrevention Act provides:

"Section 5. Other Offenses. - The following acts shall alsoconstitute an offense:

(a). Aiding or Abetting in the Commission of Cybercrime. -Any person who willfully abets or aids in the commissionof any of the offenses enumerated in this Act shall beheld liable.

60

, .

(b).

How is aiding and abetting committed? Is sharing or reposting an allegedlibelous blog a violation of the foregoing? Is lending your computer to a blogger whoposted an alleged libelous article abetting? Clearly, the questions to the abovecannot be answered with certainty, or at the very least, by merely reading theprovisions thereof. Even a person who is skilled and well versed in computertechnology will find it difficult to be apprised of what constitutes a violation of theforegoing provisions. Indeed, vagueness of the Assailed Provisions of theCybercrime Prevention Act renders the same void.

Attempt in the Commission of Cybercrime. - Any personwho willfully attempts to commit any of the offensesenumerated in this Act shall be held liable. "

A statute or act suffers from the defect of vagueness when it lackscoinprehensible standards that men of common intelligence must necessarily guessat its meaning and differ as to its application. It is repugnant to the Constitution in tworespects: (1) it violates due process for failure to accord persons, especially theparties targeted by it, fair notice of the conduct to avoid; and (2) it leaves lawenforcers unbridled discretion in carrying out its provisions and becomes an arbitraryflexing of State muscle. tRomualdez v. Sandiganboy, In, 435 SCRA 371 (2004);People of the Philippines v. Namri0, 1.65 SCRA 186 (1988)I This was reiterated bythe Honorable Court in People of the Philippines v. Sinn, 600 SCRA 476 (2009):

crime, the to is Iature must inform the citizen with re sonablewhat acts it i tends to

"xxx in exercising its power to declare what acts constitute a

understandable rule of conduct and know what acts it is his dut to

avoid. This requirement has come to be known as the void-forvagueness doctrine which states that "a statute which either forbids orrequires the doing of an act in terms so vague that men of commonintelligence must necessarily guess at its meaning and differ as to itsapplication, violates the first essential of due process of law".[Emphasis and underscoring supplied]

Respondents, in their Consolidated Comment, POSit that the terms aiding andabetting are clear and need 00 express definition. Citing jurisprudence, respondentsargue that a criminal statute does not become void just because of its reference togeneral terms and there is 00 constitutional or statutory duty on the part of thelawmakers to define every word in a law, as long as the intent can be gathered fromthe entire act.

rohibit so that he may have a certain


recision

61

.

.

.

Respondents totally miss the point. The complexity of the digital world orcyberspace iridispensably dictates a reasonable certainty of the terms aiding andabetting in connection with the enumerated offenses. Otherwise, unwitting bloggersand netizens will be at the mercy of law enforcement authorities. Worse, Section 5 ofthe Cybercrime Prevention Act is bereft of limits, descriptions or standards thatwould guide netizens as to what are prohibited acts.

Moreover, respondent argues that the test in determining the ambiguity of astatute is whether the words convey a sufficiently definite warning with respect to theproSCribed conduct based on common understanding and practice. " Whatrespondents fail to realize is the fact that the above-cited test presupposes anexisting common understanding and practice. The digital world or cyberspace, inrelation to cybercrime, is a novel concept and an unexplored frontier. There is 00common understanding and practice as to what acts are socially deplorable andtherefore merit suppression. As stated above, does sharing a link, re-posting anarticle, or liking a status, the contents of which are subsequently adjudged as acybercrime, constitute aiding or abetting? Section 5 of the Cybercrime PreventionAct offers 00 answers to these questions. Indeed, the enactment of the CybercrimePrevention Act was supposed to be step towards understanding and establishingsuch norms. Unfortunately, the law instead of clarifying matters further muddles thesituation at the expense of innocent bloggers and netizens.

In an effort to defend the validity of Section 5, respondents refer to existingpenal statutes that punish aiding and abetting of criminal acts. " The comparison ismisplaced, however, precisely because the laws cited either have commonunderstanding and practice as to what acts are prohibited or there is a reasonablecertainty as to what acts are proSCribed. Take for example Presidential Decree No.532, otherwise known as the Anti-Piracy and Anti-Highway Robbery Law, whichpenalizes aiding pirates or highway robberslbrigands or abetting piracy or highwayrobberyIbrigandage and cites instances which can be considered as aiding orabetting, to wit:

"Section 4. Aiding pirates or highway robberslbrigands orabetting piracy or highway robberyIbrigandage. Any person whoknowingIy and in any manner aids or protects pirates or highwayrobberslbrigands, such as giving them information about themovement of police or other peaee officers of the government, oracquires or receives property taken by such pirates or brigandsor in any manner derives any benefit therefrom; or any person whodirectly or indirectly abets the commission of piracy or highway robberyor brigandage, shall be considered as an accomplice of the principaloffenders and be punished in accordance with the Rules prescribed bythe Revised Penal Code.

24

25Page 90, Consolidated Comment.Page 91, Consolidoted Comment.

62

,

~

.

.

It shall be presumed that any person who does any of the actsprovided in this Section has performed knowingIy, unless the contraryis proven. " tEmphasis suppliedI

Unlike the above-quoted statute, Section 5 of the Cybercrime Prevention Actdoes not even provide a clue as to what acts are prohibited. Considering that thedynamics of the digital world or cyberspace are much more complex than highwayrobbery and piracy, it is beyond cavil that the Cybercrime Prevention Act shouldclarify and distinctly express what acts are impermissible.

To be sure, an examination of the Cybercrime Prevention Act reveals anabsolute lack of definition of the terms "aiding or abetting" as written in Section 5(a)thereof. Section 5(b) suffers from the same infirmity as the Cybercrime Law fails todefine what constitutes an "attempt" to commit a cybercrime. Therefore, the lack ofconcrete definitions deprives an individual of a reasonable standard of conduct thatwould serve as a guide to avoid criminal liability. Simply, a person is left guessing asto whether his actions may constitute a violation of Section 5.

The following eXchange during the Oral Arguments on 15 January 201.3 drawout the legitimate concerns about the vagueness, over breadth and in applicability ofSection 5 of the Cybercrime Prevention Act:

"JUSTICE ABAD:

Willful aiding or abetting so it cannot be innocent aiding or abetting in asense if it's a. .... there's need to be a criminal intent?

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE ABAD:

So, he is aware that a crime is being committed or will be committedand he aids or abets it. I wonder if you in the Internet if you received,let us say a libelous material or a libelous blog and it enters youraccount, and it says there, Sometimes it says you like, it says you likethat comment, and you say, you say, you liked it. Well, if you say youlike it, it's just an expression of your feeling or opinion regarding that.Although, sometimes they tell me that it's not just you like it but if yousay you liked it, it is repeated. You know knowingIy that it will go intoyour followers or to those who are connected to you it will appear therealso. In a sense you are passing it already. Now, if you hear falserumor for example, a false, a defamatory statement, you hear it and

63

,

.

.

then you did not originate it, you did not publish it in the senseoriginally but you passed it on, you whispered it to your. .... tosomebody saying, do you know that this fellow is like this and like this?So in a sense you have adopted it and you have yourself published it.Do you agree with that?

ATTY. MATIBAG:

Well, if you made it possible for a third person to know it, Your Honor,it is a form of publication.

JUSTICE ABAD:

Yes, yes, so that if it appears in your computer, in your address, I don'tknow what you called it but. .... I have a Facebook also if it appears inmy screen and I say I like it, then probably it will appear in my otherfriends and in a sense I have published it.

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE ABAD:

Am I not as guilty as the person who originated it? Like the whisperthat is passed on from one person to another?

ATTY. MATIBAG:

Your Honor, that is why this lack of sufficient specific standardsunder this Section 5 (a) might convince a prosecutor to prosecuteanyone in those circumstances.

JUSTICE ABAD:

Well, libel, libel is a law provides a sufficient standard as I was arguingalthough you are telling me that. ...

ATTY. MATIBAG:

In aiding or abetting, Your Honor, or even in willful attempt. ..

JUSTICE ABAD:

Many had been convicted of libel because the standard, there's neverbeen except one case you said that was raised where the question ofstandard for determining whether a crime has been committed, that

64

,

*

.

.

that person is forewarned concerning what wrong he is going tocommit then he has knowledge of it. He knows that this is a wrong, heknows that this is a malicious statement being passed on to him andthen he is going to pass it to another. He I does not assumeresponsibility for it?

ATTY. MATIBAG:

Yes, Your Honor, but, but, but, but. ....

JUSTICE ABAD:

So that is abetting or what do you call that the other?

ATTY. MATIBAG:

Aiding, Your Honor.

JUSTICE ABAD:

So he may be responsible. He is liable for that.

ATTY. MATIBAG:

Yes, Your Honor, but there are many instances when even thepure acts of protected speech would be considered as aiding orabetting because in the example earlier of John and Bert, Bert merelysuggested knowing, knowing the intent.

JUSTICE ABAD:

There was 00 crime committed there because he did not write thearticle.

JUSTICE ABAD:

Yeah, that's why it's an attempt, Your Honor. 5 (b) punishes attempt.

JUSTICE ABAD:

No, he did not write it at all. What do you mean attempt? Well. ...

ATTY. MATIBAG:

Well, there may be aiding or abetting in an attempted stagebecause in the concept of an aiding or abetting it is considered as. ....

65

.

,

JUSTICE ABAD:

Well, the problem I don't know, I don't know so much on how you can,what's there, what was the legislative explanation, the explanation ofthe legislators concerning the meaning of attempt there? It was just, Ithought of it, I am going to write it but I did not write it. Is that anattempt?

ATTY. MATIBAG:

Well, if we follow. ....

JUSTICE ABAD:

..... perform some of. ....

ATTY. MATIBAG:

Commences the execution, Your Honor.

JUSTICE ABAD:

The criminal act or something, there's a criminal intent in the firstplace. He wanted to join the Palanca contest. ...

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE ABAD:

Its not criminal intent.

ATTY. MATIBAG:

Yeah, but the problem is. ...

JUSTICE ABAD:

And then he did not even write it.

ATTY. MATIBAG:

Yeah. .. But the problem with the law, Your Honor, is covers also theunlawful and prohibited acts of the Anti-Child Pornography Act, And inAnti-Child Pornography Act, the mere creation of even a story

66

b

.

,

depicting even a real or simulated sexual activity of a child or even aperson regardless of age as long as it is portrayed as a child alreadyconstitutes child pornography. And if we follow Section 5 (b) regardingattempt, then John commences the execution of the offense but hedoes riot perform all the acts of execution by reason of some cause oraccident other the. ....

JUSTICE ABAD:

I think he gave a general plot of what he wants to write but nothingabout it is in itself what you called this lecherous or lascivious, there'snothing there. Just a general plot of a 1.6-year old pretending aneighteen, claimed to be sixteen selling sex, whatever.

ATTY. MATIBAG:

That's only for purposes of showing his intention, Your Honor.Because when you are talking about sexual abuse.

JUSTICE ABAD:

No, what I'm saying is that there is 00 crime committed yet under thatcircumstance, under your example,

ATTY. MATIBAG:

Well, if we follow Section 5 (a) and (b), Your Honor, there wouldbe. Because that's how the prosecution would interpret aiding orabetting and attempt. In the respondents' comment, they simplyfollow the standard definition of attempt, according to Article 6 ofthe Revised Penal Code. And they simply want to follow thejurisprudence regarding aiding or abetting. If we strictly followthose things, that would be the scenario, Your Honor, that evenacts that are pure speech would be a subject of prosecution.Because of lack of standards, Your Honor, instead of this kind ofprovision, Your Honor, the Legislature should have first statedexamples of Acts of aiding or abetting or possibly examples ofacts of attempt. And also possibly to state or enumerateexclusions to those instances, to those prohibited instances.Because, Your Honors, in the Cybercrime offenses, there areCybercrime offenses there that involved language, okay, like theunlawful commercial transmissions or in spains. So, how couldthere be an attempt that is punish able under the Cybercrime lawwhen it only involves language? When the guilty mind would onlyarise after the consummation? So, the only way for them toprosecute attempted stage in aiding or abetting in thoseinstances would be to punish acts that would involve protectedspeech.

67

.

.

.

.

JUSTICE ABAD:

Okay. Thank you. "" IEmphasis suppliedl

The vagueness and over breadth of Section 5 of the Cybercrime PreventionAct is shown by the incongruence between the effect of applying said provision tocybercrimes, on the one hand, and crimes under the Revised Penal Code, on theother hand:

UusTicE PERALTA:

I'm asking you this because if this one paragraph (a) is a portion thatthere conspiracy principle and paragraph (b) is attempt on thecommission of Cybercrime, then there will be 00 more distinctionbecause paragraph 5 under Section 8 as to the penalty there is 00distinction as to the penalty under paragraph (a) and paragraph (b)?

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE PERALTA:

Both acts are punished with one degree lower to that the penaltyprovided for in any of the offenses under this Code.

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE PERALTA:

That's why I'm asking you. Okay. Now, you also said that this violatesthe overbreadth doctrine

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE PERALTA:

Can you tell us what's the violation for that overbreadth doctrine?

26Pages 155-160, TSN of the Oral Arguments, 15 January 2013

68

.

,

.

.

ATTY. MATIBAG:

In my example Your Honor, it does not only, it does not only want toprosecute and punish unlawful conduct or unlawful speech. It alsopunishes protected speech because it does not make any distinctionat all. Because in the preparatory stages of this Cybercrimeoffenses, sometimes you cannot really tell intention, speciallywhen, like in unlawful commercial transactions Your Honor, howcan a person be charged with attempted or aiding or abetting inunlawful commercial transactions when it only involves languageadvertising, when it is supposed to punish only theconsummated stage, Your Honor.

JUSTICE PERALTA:

Yeah.

ATTY. MATIBAG:

And there may be other instances and you are only typing on thecomputer, you are not yet finished.

JUSTICE PERALTA:

And there's no, there's no actual, there's no definition of attemptunder the law.

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE PERALTA:

So all, so all the acts under all the prohibited acts under the lawmay be in their attempted stage.

ATTY. MATIBAG:

Yes, Your Honor.

JUSTICE PERALTA:

So every time that there is already an attempted stage, itbecomes consummated. Because already punishable.

ATTY. MATIBAG:

It's already punish able, Your Honor. It consummated attemptedstage.

69

,

.

.

JUSTICE PERALTA:

Yeah. Thank you. "" [Emphasis supplied]

Moreover, in this connection, even a casual reading of Section 4(c)(4) of theCybercrime Prevention Act clearly shows its vagueness and deficiencies in definingthe crime of Cyber Libel. Worse, the law fails to mention how the person committingCyber Libel can be identified. Article 360 of the Revised Penal Code provides whoare the persons responsible for libel:

"Art. 360. Persons responsible. - Any person who shall publish,exhibit, or cause the publication or exhibition of any defamation inwriting or by similar means, shall be responsible for the same.

The author or editor of a book or pamphlet, or the editor orbusiness manager of a daily newspaper, magazine or serialpublication, shall be responsible for the defamations contained thereinto the same extent as if he were the author thereof. xxx"

Nevertheless, the same definition cannot be simply adopted and applied tothe cyber world for the obvious reason that people can simply use fake names oraccess computers in common libraries or computer shops. Simply tracing the IPaddress and imputing the crime to the owner of the computer system used will notsuffice. It is elementary that criminal statutes are to be strictly construed. No personshould be brought within their terms who is not clearly within them, nor should anyact be pronounced criminal which is not clearly made so. tUnited States v. Ab, IdSuntos, 36 Phil. 243 (1917)l

With all due respect, although the State has the power to regulate conductharmful to the public welfare and order, it cannot do so at the expense of thepeople's constitutionalI^guaranteed rights. The overbreadth doctrine prohibits thestate from imposing regulations that sweep unnecessarily broadly into protectedfreedoms. In Southern Hemisphere v. Anti-Terrorism Council, et. o1, 632 SCRA146 (2010), the Honorable Court explained the overbreadth doctrine in relation to thevagueness doctrine thus:

"A statute or act suffers from the defect of vaguenesswhen it lacks cornprehensible standards that men of commonintelligence must necessarily guess at its meaning and differ asto its application. It is repugnant to the Constitution in two respects:(1) it violates due process for failure to accord persons, especially the

27Pages 1.61 and 1.62, TSN of the Oral Arguments, 15 January 2013.

70

*

.

.

.

parties targeted by it, fair notice of the conduct to avoid; and (2) itleaves law enforcers unbridled discretion in carrying out its provisionsand becomes an arbitrary flexing of the Government muscle. Theoverbreadth doctrine, meanwhile, decrees that a governmentalpurpose to control or prevent activities constitutional Iy subject tostate regulations may riot be achieved by means which sweepunnecessarily broadly and thereby invade the area of protectedfreedoms.

As distinguished from the vagueness doctrine, the over breadthdoctrine assumes that individuals will understand what a statuteprohibits and will accordingly refrain from that behavior, even thoughsome of it is protected. " [Emphasis supplied]

In Southern Hemisphere v. Anti-Terrorism Council, et. o1, supro, theHonorable Court refrained from applying the over breadth doctrine on the premisethat the law in question seeks to penalize conduct and not speech. The same cannotbe said in the case of the Cybercrime Prevention Act, particularly Section 5 inrelation to Section 4(c) (4), which explicitly regulates speech.

Section 4(c)(4) penalizes the unlawful or prohibited acts of libel in Article 355of the Revised Penal Code, committed through a computer system or any othersimilar means by which may be devised in the future. On the other hand, Section5(a) punishes any person who willfully abets or aids in the commission of any of theoffenses enumerated, including libel. Taking these two provisions together, anyperson who aids or abets in the commission of cyber libel is criminally liable.

This takes us back to the proverbial question: What constitutes aiding orabetting? Or more precisely, what constitutes aiding and abetting cyber libel? Again,the law does not provide any answer. This patent lack of a definition or standardcreates a chilling effect on bloggers and netizens. With a sword of Darnocleshanging over their heads, bloggers and netizens are left with 00 choice but to treadcarefully with their posts and articles on the Internet. What was once a free market ofideas now becomes a restricted space where every utterance may be suspect togovernment regulation. Surely, the right of every citizen, whether a blogger,netizen, or an ordinary person to freely express their opinions weighs morethan any vague and overbroad government regulation.

Now, with respect to Section 7 of the Cybercrime Prevention Act, the ruleagainst double jeopardy is provided in Article 1/1, Section 21 of the 1,987 Constitution,thus:

I

71

*.

.

.

"Section 21. No person shall be twice put in jeopardy ofpunishment for the same offense. If an act is punished by a law and anordinance, conviction or acquittal under either shall constitute a bar toanother prosecution for the same act. "

For double jeopardy to exist, the following elements must concur: (1) a firstjeopardy must have attached prior to the second; (2) the first jeopardy must haveterminated; and (3) the second jeopardy must be for the same offense as the first.Parenthetical Iy, legal jeopardy attaches only (a) upon a valid indictment, (b) before acompetent court, (0) after arraignment, (d) a valid plea having been entered; and (e)the case was dismissed or otherwise terminated without the express consent of theaccused. tCuison v. Court of Appeals, 289 SCRA 159 (1998); Guerrero v. Courto1 Appeals, 257 SCRA 703 (1996); People of the Philippines v. Yingon, 58 Phil.851 (1933)l

In this light, Sections 6 and 7 of the Cybercrime Prevention Act provides:

"Section. 6. All crlmes defined and penalized by the RevisedPenal Code, as amended, and special laws, if committed by, throughand with the use of information and communications technologies shallbe covered by the relevant provisions of this Act: Provided, That thepenalty to be imposed shall be one (1) degree higher than thatprovided for by the Revised Penal Code, as amended, and speciallaws, as the case may be. " IEmphasis and underscoring suppliedl

Section 7. Liability under Other Laws. - A prosecution underthis Act shall be without prejudice to any liability for violation of anyprovision of the Revised Penal Code, as amended, or other speciallaws. "

Under this regime, a crime as defined by the Revised Penal Code can beprosecuted separately under Section 6 of the Cybercrime Prevention Act. Moreover,a prosecution under the Cybercrime Prevention Act is without prejudice to anyliability for violation of any provision of the Revised Penal Code.

Thus, what is being punished under Section 7, in relation to Section 6, of theCybercrime Prevention Act is the exact act punish able under the Revised PenalCode. In fact, the Cybercrime Prevention Act merely adopts and incorporates allelements of the felonies under the Revised Penal Code and other special laws andsanctions, encourages even, a separate and distinct prosecution under theCybercrime Prevention Act for the same offense. This is most certainly violative ofthe Constitution and should be struck down without hesitation.

72

*

.

.

In People of the Philippines v. PnPa, 79 SCRA 81 (1977), the HonorableCourt had occasion to highlight the significance of the proSCription against doublejeopardy. The Honorable Court held that such prohibition is "a sacred principle ofcriminal jurisprudence, and is a part of the universal law of reason, justice, andconscience. It is founded on the maxim non bis in Idem (not twice for the same) ornemo debet bis vexori pro uria at eodem eauso (no one ought to be twice vexed forone and the same cause"

Although case law has regarded double jeopardy to be a matter of defense, alaw that blatantly permits a person to be punished twice for the same act, should bestruck down as uriconstitutional. A law that sanctions an impending jeopardy, is initself, repugnant to the fundamentals of due process. " It is, therefore, submitted thatcourts should not wait for double jeopardy to be raised as a defense before theCybercrime Prevention Act can be struck down as uriconstitutional. The fact that thewording of the law clearly permits the possibility of double jeopardy, givesprosecutors and law enforcement authorities unwarranted discretion to select thosewhom they believe should be prosecuted for a graver offense. To rule otherwise willrender the purpose behind its prohibition pointless.

Under Section 7 of the Cybercrime Prevention Act, an offense punish ableunder the same Act may be prosecuted separately from a felony punish able underthe Revised Penal Code and other special laws. This is explicit from the wording ofthe law such that it rovides that "a rosecution under this Act shall be without

PI:g^ to any liability for violation of any provision of the Revised Penal Code, asamended, or special laws. " Hence, the commission of an offense throughcyberspace, as provided under the Cybercrime Prevention Act, shall be considerednot merely as a qualifying circumstance, but treated as an entirely new crime.

It must be emphasized that the commission of an offense in cyberspace,merely provides the means upon which the crime may be committed. The use of theInternet or any information and communications technology ("ICT") is not thereforean additional element to the commission of the crime. For instance, Cyber Libel isstill the very same libel punished when committed through the use of traditionalmedia. In fact, libel committed through the use of the internet is already punishedunder Article 355 of the Revised Penal Code under "similar means", to wit:

"Art. 355. Libel means by writings or similar means. - A libelcommitted by means of writing, printing, lithography, engraving, radio,phonograph, painting, theatrical exhibition, cinematographic exhibition,or an similar means shall be unished b rision correccional in its

minimum and medium periods or a fine ranging from 200 to 6,000pesos, or both, in addition to the civil action which may be brought bythe offended party. " (Emphasis and underscoring supplied)

28Buylosis v. Chavez, 202 SCRA 405 (1991) (Sariniento, J. , dissenting)

73

.

.

.

,

There is therefore 00 justification for a separate prosecution for the exactsame act, especially since the Cybercrime Prevention Act merely incorporates thesame elements under the Revised Penal Code and other special laws. In fact,respondents previously admitted in their Consolidated Comment that Section 6 of theCybercrime Prevention Act indeed operates as a qualifying circumstance" and thatthere is 00 new crime involved considering that the Cybercrime Prevention Actmerely provided another means to commit the same crimes that are alreadypunished by the Revised Penal Code and other special penal laws.

Although there are instances where prosecution under the Revised PenalCode and under special laws may be done separately, the rationale behind itsdistinction should be taken in consideration. For instance, it is well settled that anaccused may be prosecuted separately for Estafa under the Revised Penal Codeand for a violation of the Batas Painbansa Bilang 22, otherwise known as theBouncing Checks Law. This, however, should not be used as justification for thedouble prosecution under the Cybercrime Prevention Act. In the case of Ado v.Virala, 172 SCRA 336 (1989), the Honorable Court considered the distinctionbetween these two crimes:

"A scrutiny of the two laws involved shows that the two offensespunished therein are different and distinct from each other. In thecrime of Estafa by postdating or issuing bad checkls under theRevised Penal Code, deceit and damage are two essentialelements of the offense and have to be established with satisfactoryproof to warrant convictions (People v. Grospe, 1.57 SCRA 1.54) withthe further requisite that deceit in causing the defraudation must beprior to or simultaneous with the commission of the fraud. Forviolation of the Bouncing Checks Law under B. P. 22, on the otherhand, . these elements are riot necessary, the essential elementbeing knowledge on the part of the maker or drawer of the check of theinsufficiency of his funds. The grayamen of the offense is the act ofmaking and issuing a worthless check or a check that is dishonoredupon its presentation for payment and not the non-payment of anobligation. (People v. Grospe, Ibid, citing Lozano v. Martinez, 1.46SCRA 323; Dingle v. Intermediate Appellate Court, 1.48 SCRA 595. )

Distinction between estafa and BP 22 is further found in their

nature. Whereas the offense under article 315, par. 2(d) of theRevised Penal Code is a matum in se requiring proof of criminalintent on the part of the offender as an essential ingredient focusingmainly on the damage caused to the property rights of the victim, thecrime under B. P. 22 makes the mere act of issuing a worthless


74

,.

.

,

check maium prohibitum wherein criminal intent need not be provedbecause it is presumed and considered a violation thereof as onecommitted against publicinterest. "IEmphasis suppliedl

Hence, while the distinction between BP 22 and Estafa is clearly defined, thesame may not be said in favor of the Cybercrime Prevention Act. First, the elementsunder the Cybercrime Prevention Act merely incorporates the elements under theRevised Penal Code and other special laws. Second, while prosecution for BP 22and Estafa is initiated under the Revised Penal Code and under a special penal law,the Cybercrime Prevention Act allows prosecution under both special laws.

Clearly, although the Congress has the power to make laws and define thecrimes punished therein, it may not pass a law that is repugnant to the fundamentalprinciples of the Constitution and the rights protected thereby. It is the duty of boththe Legislature and the Honorable Court to up hold the principles of the fundamentalcharter such that when faced with a law that violates the same, the Honorable Courtshould not hesitate to render it uriconstitutional. tPerulta v. COMELEC, 82 SCRA 30(1978)l

Lastly, as previously stated, it should be pointed out that deficiencies in theCybercrime Prevention Act cannot be cured in its Implementing Rules andRegulations. As early as 1,970, in Teoxon v. Members of the Board o1Administrators, supro, the Honorable Court held that the power to promulgate rulesin the implementation of a statute is necessarily limited to what is provided for in thelegislative enactment. Its terms must be followed for an administrative agency cannotamend an Act of Congress. tUnited BF Homeowners v. BF Homes, 31.0 SCRA 304(1999)l Clearly, .the vagueness of the above-mentioned provisions cannot be curedby its implementing rules and regulations without duly expanding the law. Thus, theAssailed Provisions are fatal beyond resuscitation.

The other provisions of the Cybercrime Prevention Act that flow from theAssailed Provisions likewise suffer the same fatal flaw, including the provisions thatauthorize the disbursement of public funds for the implementation of the law.

Vlll. Section 6 Of The Cybercrime Prevention ActIs Null And Void For Being UriconstitutionalConsidering That It Is Violative Of The EqualProtection Clause Under Section I, Article inOf The Constitution.

Section 6 of the Cybercrime Prevention Act provides:

75

,.

.

,

"Section. 6. All crimes defined and penalized by the RevisedPenal Code, as amended, and special laws, if committed by, throughand with the use of information and communications technologies shallbe covered by the relevant provisions of this Act: Provided, That thepenalty to be imposed shall be one (1) degree higher than thatprovided for by the Revised Penal Code, as amended, and speciallaws, as the case may be. "

The import of the foregoing provision is that all the crimes punish able underprovisions of the Revised Penal Code, such as libel, if committed through the use ofa computer system or other similar means, the penalty to be imposed shall be one(1) degree higher. Otherwise stated, by committing the same crime, but using adifferent means specifically, computer systems, the penalty is harsher.

At the onset, the foregoing provision is again susceptible to variousinterpretations. For instance, if ICT is used in committing only one element of thecrime, will the foregoing provision find application? Does the mere use of ICTautomatically increase the penalty regardless of intent or reasonable connection tothe consummation of the alleged crime?

It should be emphasized in this regard that Section I, Article 111 of theConstitution guarantees the equal protection of the laws:

"Section I. No person shall be deprived of life, liberty, orproperty without due process of law, nor shall any person be deniedthe equal protection of the laws. "

In Philippine Amusements und Gaining Corporation v. Bureau of InternalRevenue, 645 SCRA 338 (2011), the Honorable Court explained:

"Equal protection requires that all persons or things similarlysituated should be treated alike, both as to rights conferred andresponsibilities imposed. Similar subjects, in other words, should notbe treated differently, so as to give undue favor to some and unjustlydiscriminate against others. The guarantee means that 00 person orclass of persons shall be denied the same protection of laws which isenjoyed by other persons or other classes in like circumstances. The"equal protection of the laws is a pledge of the protection of equallaws. " It limits governmental discrimination. The equal protectionclause extends to artificial persons but only irisofar as their property isconcerned. "

76

.

.

.

.

Nevertheless, the foregoing is without exception. In City of Manila v. Loguio,supro, the Honorable Court held:

"Legislative bodies are allowed to classify the subjects oflegislation. If the classification is reasonable, the law may operate onlyon some and not all of the people without violating the equal protectionclause. The classification must, as an indispensable requisite, not bearbitrary. To be valid, it must conform to the following requirements: I)It must be based on substantial distinctions. 2) It must be germane tothe purposes of the law. 3) It must not be limited to existing conditionsonly. 4) It must apply equally to all members of the class. "

Clearly, there can be a valid classification provided that the followingrequisites are present: (1) It must be based on substantial distinctions; (2) It must begermane to the purposes of the law; (3) It must not be limited to existing conditionsonly; and (4) It must apply equally to all members of the class. IQuinto, at o1. v.COMELEC, 606 SCRA 258 (2009)l

However, the instant case could not even pass the first requisite of having asubstantial distinction. The standard is satisfied if the classification or distinction isbased on a reasonable foundation or rational basis and is not palpably arbitrary.Icentral Bank Employees' Association v. Bangko Sentral rig Pinpinas, 446SCRA 299 (2004)l Crimes committed by the use of ICT cannot be reasonablytreated as more grave or heinous as to sweepingIy increase the penalty by onedegree higher than if committed without it. Indeed, the provision arbitrarilydiscriminates between two crimes that have exactly the same elements. At any rate,substantive due process requires that the law itself, not merely the procedures bywhich the law would be enforced, is fair, reasonable, and just. tAssociatedCommunications und Wireless Services, Ltd. v. Dumla0, 392 SCRA 269 (2002)lThus, the unreasonableness of the provision violates substantive due process andshould be rendered void.

To reiterate, Section 6 of the Cybercrime Prevention Act does not rest onsubstantial distinction. There is 00 difference between crimes committed with or

without the use of ICT. Crimes committed with ICT cannot be reasonably treated asmore grave or heinous as to sweepingIy increase the penalty by one degree higherthan if committed without it. The provision arbitrarily discriminates between crimesthat have exactly the same elements. It must be emphasized that ICT crimes are nota special class. It is just part of a bigger class that is the class of crimes in general.

Respondents argue that Section 6 is effectiveIy a qualifying circumstance, "thereby justifying the imposition of a higher penalty. To bolster their position,respondents argue that "cybercrimes" are not bound by time and geography and are


77

,

.

.

.

easily committed due to its accessibility. " Respondents, however, forget that a crime- whether committed with the use of ICT or committed by ordinary means - has thesame elements. The mere fact that a crime was committed using ICT does not justifythe imposition of a higher penalty. The use of ICT is just a modality or a means ofcommitting the crime. It does not differentiate it from other crimes under the RevisedPenal Code or other special laws; neither does it make the crime more perverse. TheInternet's scope of reach is riot really as extensive as other forms of media and it isnot always as accessible as respondents would like the Honorable Court to believe.Hence, respondents' arguments miserably fail to satisfy even just the firstrequirement of substantial distinction.

Furthermore, the aforementioned provision should also be struck down on theground of void for vagueness. Section 6 of the Cybercrime Prevention Act uses theterm information and communications technologies but nowhere is the word definedin the Definition of Terms under Section 3 thereof or any part of the law for thatmatter. Is it referring to a computer or maybe computer systems? Does it includecellular phones and facsimile? The answer, unfortunately, is not found in the law.Nullo poeno sine lege. There is 00 crime when there is 00 law punishing it. Or in thecase of Cybercrime Prevention Act, there is 00 crime when the law does not clearlydefine the crime.

Respondents, however, argue that the term information und communicationstechnologies is defined elsewhere in Executive Order No. 269 and Republic Act No.8792, otherwise known as the Electronic Commerce Act of 2000. " These definitions,however, are nowhere to be found in the law. Had the Congress intended to usethese definitions, it should have at least made the appropriate references. If theCongress intended to use the definitions provided in RA 8792, as respondentsadvance, then the legislators should not have defined the terms computer andservice provider in the Cybercrime Prevention Act for these two words are alsodefined in RA 8792.

In addition, an all-sweeping application of the penal provision creates furtherambiguities and confusion in its application. First, what is one degree higher inspecial penal laws? Second, what is the Cybercrime Prevention Act's effect oncrimes already including the use of ICT or computer system as one of its elements?

Although it is easy enough to define what one degree higher is for crimesdefined in the Revised Penal Code, the same cannot be said for crimes definedunder special penal laws where the nomenclature of the Revised Penal Code is notused. The penalty of one degree higher cannot be determined with particularity jestwe leave its determination to a magistrate who may arbitrarily choose a penaltywithin the confines of the given range, or a penalty higher than the maximum. Takingfor example Republic Act No. 91.65, Comprehensive Dangerous Drugs Act of 2002,Section 5(2) of which provides:

at

32Pagei. 03, Consolidated Comment.Page 97, Consolidated Comment.

78

,.

.

.

"Section 5. Sole, Trading, Administration, Dispensation,Delivery, Distribution and Transportation of Dangerous Drugs ond/orControlled Precursors and Essential Chemicals. - xxx

The penalty of imprisonment ranging from twelve (12)years and one (1) day to twenty (20) years and a fine ranging fromOne hundred thousand pesos (PIO0,000.00) to Five hundredthousand pesos (P500,000.00) shall be imposed upon any person,who, unless authorized by law, shall sell, trade, administer, dispense,deliver, give away to another, distribute, dispatch in transit or transportany controlled precursor and essential chemical, or shall act as abroker in such transactions. [Emphasis supplied]

A drug dealer who sells cocaine, a prohibited substance, through the Internetwould then be liable under Section 6 of the Cybercrime Prevention Act, and,according to said section, his penalty is one degree higher than the range of twelve(12) years and one (1) day to twenty (20) years. What then is the one-degree-higherpenalty of that range? Is it upwards of twenty (20) years and one (1) day, or only amaximum of twenty (20) years? There lies the difficulty in the application of thepenalty envisioned by Section 6 of the Cybercrime Prevention Act. The properpenalty cannot be determined and imposed properly.

The following eXchange during the Oral Arguments on 15 January 201.3apropos:

"JUSTICE PERALTA:

Did I get you correctly that there's a, your observation on the increaseof penalty by one degree may riot be applicable in special laws?

CONG. GOLMENARES:

Yes, Your Honor please, because I find it difficult to comprehend howa special law which says that an offense is, penalized by three years tosay thirteen years (13) years, for example, can be raised by onedegree.

JUSTICE PERALTA:

You are saying that only the penalties under the Revised Penal Codeare graduated.

79

,,

.

.

CONG. coLMENAREs:

No, Your Honor, there are some special laws that use the scale ofpenalties,

JUSTICE PERALTA:

The penalties on the Revised Penal Code are graduated.

CONG. CoLMENARES:

Yes, Your Honor.

JUSTICE PERALTA:

So there could be one degree lower, there could be one degreehigher.

CONG. coLMENAREs:

Yes, Your Honor.

JUSTICE PERALTA:

Special Laws if they provide penalties under the Revised Penal Code,there's 00 problem.

CONG. GOLMENARES:

Yes, Your Honor.

JUSTICE PERALTA:

You will also apply the provisions on the Revised Penal Code becausethe special law adopts the nomenclature of penalties under theRevised Penal Code.

CONG. coLMENAREs:

Yes, Your Honor.

JUSTICE PERALTA:

The problem is, if the special law does not adopt the penalties underthe Revised Penal Code then you cannot probably graduate thepenalties like for example, the penalty of six (6) years and one day tofifteen (15) years, what would be the penalty higher than twelve (12)

80

,.

.

,

years to one (1) day to fifteen (15) years, there is none. But under thelaw it says, one degree higher punish able under the Revised PenalCode or special penal laws.

CONG. CoLMENAREs:

Yes, you're correct, Your Honor.

JUSTICE PERALTA:

So, did I get you correctly?

CONG. coLMENAREs:

Yes, Your Honor. "" IEmphasis suppliedl

An ambiguity also arises when a penal law already includes the use ofcomputer system as an element. RA 8792, for example, penalizes the act of hackinga computer system or server, thus:

"Section 33. Penalties. ~ The following acts shall be penalizedby fine andlor imprisonment, as follows:

(a) Hacking or crackling with refers to unauthorizedaccess into or interference in a computersystemiserver or information and communicationsystem; or any access in order to corrupt, alter,steal, or destroy using a computer or othersimilar information and communication devices,without the knowledge and consent of the ownerof the computer or information andcommunications system, including theintroduction of computer viruses and the like,resulting in the corruption, destruction, alteration,theft or loss of electronic data messages orelectronic documents shall be punished by aminimum fine of One Hundred Thousand pesos(P 100,000.00) and a maximum coinmensurateto the damage incurred and a mandatoryimprisonment of six (6) months to three (3) years;XXX. "

Would it mean, therefore, that hacking would automatically involve a violationof two laws simultaneously, the Cybercrime Prevention Act and the ElectronicCommerce Act? Or will the use of a computer system be absorbed by hacking

33Pages 76-78, TSN of the Oral Arguments, 15 January 201.3.

81

,.

.

.

thereby negating the existence of a violation under Cybercrime Prevention Act?These questions however cannot be answered by the present formulation of theCybercrime Prevention Act. With all due respect, it is so poorly drafted that theambiguities it creates amounts to its unconstitutionality.

Lastly, on the issue of prescription, it should be noted that the period ofprescription is determined by its penalty. " Hence a law whose penalty cannot bedetermined, will also mean that its prescription cannot be determined withparticularity.

Truly, this oppressive law will take us backwards as far as free onlinediscourse is concerned. Expressing thoughts and ideas through social media is anadvancement made possible by modern technology. Verily, information shared oncyberspace must not be censored, suppressed or taken down based on theforegoing vague provisions of the Cybercrime Preventive Act.

In compliance with the Honorable Court's directive in its Resolution dated 29January 201.3, petitioners, thus, respectfully offer the following scenarios for theconsideration of the Honorable Court.

I.

COMPLIANCE

A judge uses an office-issued laptop to access Inquirer. net. In sodoing, the laptop activates the computer program called Java so thatthe browser could properly display the website's contents. Butunknown to the judge, the Java program in his machine is riot updatedand has been taken over by hankers. That laptop has been taken over

discreetly and unlawful Iy - by a hacker and could then do thehacker's bidding.

Examples:

. ht

. hit

venturebeat. coin 201.3 02 15 facebook-hacked

2.

technolo

34

WWW. the lobeandmail. coin technol

warnin article731.9 60

Section I of Act No. 3326, as amended by Act. No. 3763, provides:"Section I. Violations penalized by special acts shall, unless otherwise provided in such acts,

prescribe in accordance with the following rules: (a) after a year for offences punished only by a fine orby imprisonment for not more than one month, or both; co) after four years for those punished byimprisonment for more than one month, but less than MD years; (0) after eight years for those punishedby imprisonment for two years or more, but less than six years; and (d) after twelve years for any otheroffence punished by imprisonment for six years or more, except the GIIme of treason, which shallprescribe after twenty years: Provided, however, That all offences against any law or part of lawadministered by the Bureau of Internal Revenue shall prescribe after five years, Violations penalized bymunicipal ordinances shall prescribe alertwo months. "

The Clerk of Court and the Court Administrator exchanged PDFversions of court documents. Along the way, in alware found its way in

oracle-u dates-'ava-afterus-issues-hackerbusiness

82

,.

.

*

the PDF documents. Sensitive information from officialhave been compromised.Examples:. ht

. hit

3.

nunv. cn c. coin I 10050231.8

toda .coin s or .xhtml?stor id=00200081. GEAY8full ski =Imin. soi-tech

What if law enforcement authorities search and seize a hostingprovider that provides webspace to a number of websites? Thephysical seizure of the servers will unduly affect many users of thesame servers.

DotPH offers shared hosting to many websites using the .ph domain.What happens if law enforcement orders the seizure, search andexamination of the servers when it alleged Iy is running after a hacker?Is there any safeguard that only a specific user account - and not thewhole server - would be affected? A big majority of websites in thePhilippines use shared hosting.

To address the above scenarios, the investigation to be conducted by lawenforcement authorities will most likely be triggered not by Section 12 of theCybercrime Prevention Act but by the complaint or report of the affectedpersonslparties. Assuming that said affected personslparties cooperate in theinvestigation, law enforcement authorities will be able to get enough specificinformation amounting to probable cause as a means to secure a narrowly-drawnsearch warrant for the limited purpose of accessing relevant trafficlnon-traffic data.This is the traditional investigative track that need not be dependent on the effectivityor implementation of the Cybercrime Prevention Act.

However, even without a complainant, it is respectfully submitted that theapparent benefits of retaining and preserving Section 12 of the CybercrimePrevention Act is outweighed by the fact that, as admitted by the Solicitor Generalhimself, said provision barely passes the tests of constitutionality. " Moreover, asheld in Ople v. Torres, sunro, the Honorable Court held that the absence ofsafeguards for the potential misuse of data gathered through government regulationis a potential threat to the Bill of Rights. In this case, the unbridled discretion grantedto law enforcement authorities trumps the apparent benefits to law enforcement.

4.

computers

\

The powers vested by the Congress on law enforcement authorities under theCybercrime Prevention Act are an expansion of executive authority crying out forjudicial oversight. On a matter of such weight, "trust us" isn't good enough - in fact, it

35Pages 47 and 48, TSN of the Oral Arguments, 29 January 2013.

CLOSING

83

..

.

,\

will never be good enough. It is so far removed from even the faintest shadow ofconstitutionality that, with all due respect, the Honorable Court has sufficient basis toexpunge the draconian law from this jurisdiction's statute books.

Although petitioners pray for the declaration of unconstitutionality of specificAssailed Provisions of the Cybercrime Prevention Act, the other provisions that flowfrom the above Assailed Provisions should likewise be struck down by the HonorableCourt, including those that grant expansive law enforcement powers to Stateauthorities the authorize disbursement of public funds for its implementation.

Venty, when the parts of a statute are so mutually dependent and connected,as conditions, considerations, inducements, or compensations for each other, as towarrant a belief that the Legislature intended them as a whole, the nullity of one partwill vitiate the rest. In making the parts of the statute dependent, conditional, orconnected with one another, the Legislature intended the statute to be carried out asa whole and would not have enacted it if one part is void, in which case if some partsare uriconstitutional, all the other provisions thus dependent, conditional, orconnected must fall with them. lintod v. Secretary of Energy, 281 SCRA 330(1997)l

It is time, therefore, to sound the death knell for a law that will not hesitate tostrike down any online conduct and utterance deemed undesirable by the subjectivestandards of law enforcement authorities, without the benefit of judicial oversight.

WHEREFORE, it is most respectfully prayed, upon due consideration of themerits, that

(a) The Assailed Provisions of the Cybercrime PreventionAct be DECLARED NULL AND VOID for being uriconstitutional; and

(b) Respondents, andlor anybody acting in their behalfandlor under their direction, be PERMANENTLY ENJOINED fromimplementing the Assailed Provisions of the Cybercrime PreventionAct, including any and all actions undertaken under authority of orpursuant thereto.

PRAYER

Petitioners likewise pray for other reliefs just and .equitable under thepremises.

84

I \.

Makati City for the City of Manila, Metro Manila, 1.1 March 201.3.

KRIST

PTR

JAM S . PURISIMA

67669 - 01/08/13 - Taguig CityI - 01/02/13 - PPLM

Roll of Attorneys No. 52576

Counsel for Petitioners

ANTHONY IAN M. CRUZ, MARCELO R. LANDICHO,BENJAMIN NOEL A. ESPINA, MARCK RONALD C. RIMORIN,

JULIUS D. RocAs, OLIVER RICHARD v. ROBiLLo,AARON ERICK A. LOZADA, GERARD ADRIAN P. MAGNAYE,

JOSE REGINALD A. RAMOS, MA. ROSARIO T. JUAN,BRENDALYN P. RAMIREZ, MAUREEN A. HERMITANIO,

KRISTINE JOY S. REMENTILLA, MARICEL O. GRAY,JULIUS IVAN F. CABIGON, BENRALPH S. YU,RUBEN B. LIGERA JR. , and PEDRO E. RAHON

MCLE Compliance No. 111-00, .3982 - 05/04/10

61F LTA Building, 1.18 Perea StreetLegaspi Village, Makati City

1,229 Metro Manila

Telephone No. : (632)503.5272Email: toby. punsima@ginail. coin

,,

.

Copy FurnishedIBy Registered Mall

OFFICE OF THE SOLICITOR GENERAL

Counsel for Respondents134 Amorsolo Street

Legaspi Village, 1,229 Makati City

ATTY. VICTOR C. AVECILLA

Counsel for Petitioner [G. R. No. 203299]No. 1.15 Manveles Street Sari Jose Village 3Barangay Binan, City of Binan, Laguna

RENTA PE CAUSING SABARRE CASTR0 8. ASSOCIATES

Counsel for Petitioners IG. R. No. 2033061Unit I, 2368 JB Roxas Street corner Leon Guinto StreetMalate, Manila

^0^,^^^^^^^^ ^^*\^A1T'^^ Q'O\(I^(I^ ^^ * ^0 ^

Q^,.^' ^11!) ^^, 0 I

DISIN1 8 DISINI LAW OFFICE

Counsel for Petitioners IG. R. No. 2033351320 Philippine Social Science CenterCommonwealth Avenue, Diliman, Quezon City

GANA ATIENZA AVISADO LAW OFFICES

Counsel for Petitioner [G. R. No. 203359]31F HPL Building60 Senator Gil Puyat Avenue, Makati City

ROQUE 8 BUTUYAN LAW OFFICESCounsel for Petitioners IG. R. No. 2033781Unit 1904 Antei 2000 Corporate Center1.21 Valero Street, Salcedo Village, Makati City

Of^--1' \^^ - ^'^ 0'2.

ATTY. JAMES MARK TERRY L. RIDON

Counsel for Petitioners [G. R. No. 20339L]89 K-7-Street

Kamias, Quezon City

NATIONAL UNION OF PEOPLES' LAWYERS

Counsel for Petitioners tG. R. No. 203407131F Erythrina BuildingNo. I Maaralin Street corner Malatag Street, Quezon City

ATTYS. MELENCIO STA. MARIA, ET AL.

01^^^^ ^!. 0 , 12^c)^

OA ^' ^.o I .:^0'I

O'^^ ^!0 ^?)0^

Counsel for Petitioners [G. R. No. 203440]mm' mm" """ am"' am""" '""""'""""" ^"f" 0 . ^'50^

D^-^^' ^Q - I'^^ O CD

20 Rockwell Drive, Rockwell Center, Makati City

17-1^^\^10 12>0.1---

DAj" ^ ' 11^0 ^^"'~

, *

.

*

FREE LEGAL ASSISTANCE GROUP tFLAGlCounsel for Petitioners IG. R. No. 2034531Unit 408 ACL Suites

721.3th Avenue, Cubao, Quezon City

ATTYS. PAUL CORNELIUS T. CASTILLO a RYAN D. ANDRES

Petitioners [G. R. No. 203454]61F Tuscan Building1.14 V. A. Rufino Street, Makati City

ATTY. RODEL A. CRUZ

Counsel for Petitioner IG. R. No. 2035011Philippine Bar Association, Suite 347 Valero Plaza1.24 Valero Street, Salcedo Village, 1,200 Makati City

SOLIS MEDINA LIMPINGCO AND FAJARDO LAW OFFICES

Counsel for Petitioner IG. R. No. 2035011

Unit 11.06 East Tower, Philippine Stock EXchange Centre IQ^,^^j? ^(:) I-':" I';^'EXchange Road, Ortigas Center, Pasig City

11^^Î' ^0 , ^,,^ô

ATTY. EDSEL F. TUPAZ

Counsel for Petitioner [G. R. No. 203509]41 N. Romualdez Street

BF Homes Subdivision, 11.20 Quezon City

SANTILLAN-FELIX MAGBANUA AND MELIA LAW OFFICE

Counsel for Petitioners IG. R. No. 2035/51Unit 1,106 Prestige TowerF. Ortigas Jr. Road, Ortigas Center, Pasig City

GUEVARRA MENDOZA AND ESPIRITU LAW OFFICES

Counsel for Petitioners tG. R. No. 2035/81Suite 602 Richmonde Plaza Hotel

21 Sari Miguel Avenue, Ortigas Center, Pasig City

SAN JUAN TAYAG LEE AND VERGARA LAW OFFICE

Counsel for Petitioners tG. R. No. 2035/81Unit 805 Xavierville SquareXavierville Avenue, Quezon City

DEAN JOHN PAOLO ROBERTO L. A. VILLASOR

Counsel for Petitioner IG. R. No. 2035/81

School of Law, University of Negros Occidental-Recoletos ^>4^',^" \!^:) - ^3 grtSt. Augustine Hall, 51 Lizares Avenue, 61.00 BaOolod City

ATTY. SHERYL L. OLAlÔCounsel for Mr. Rovelio V. Quevedo and Mr. William H. TorresUnit 1,409 East Tower, Philippine Stock EXchange CenterEXchange Road, Ortigas Center, Pasig City

D^^^Î' ^^> ^^^^

I>A' ,I, .0 ^ '^ "'

D'7"',^' I, Ô

O, ^* ^" ^, 0 . I 31 I^

, ,,, ,. 11

01^^f' ^10 - I*^^ V:-I

015Î' ^. 0 ^^^7

I""' '^!, 0 - I 3 I '

,

.

,

THE HONORABLE CLERK OF COURT

Supreme CourtPadre Faura, Manila

Madam:

Please be informed that the undersigned counsel was unable to personallyserve copies of the foregoing Memorandum and was constrained to serve saidMemorandum by registered mail to the above-named parties, as evidenced by theattached Affidavit o1 Service by Registered Moil, due to lack of material time and

EXPLANATION FOR SERVICE BY REGISTERED MAIL

available manpower to effect service by personal delivery.

KRIS JAME URISIMA

Cybercrime Law: BAND Memorandum on GR 203469 (Cruz et al vs Aquino et al)

Documents

Transcript of Cybercrime Law: BAND Memorandum on GR 203469 (Cruz et al vs Aquino et al)