Atty. Gregorio B. Austral, CPA
Cybercrime Warrants: Issues and Concerns
The Rule on Cybercrime Warrants became effective on August 15, 2018. The Rule sets forth the procedure for the application and grant of warrants and related orders involving the preservation, disclosure, interception, search, seizure, and/or examination, as well as the custody, and destruction of computer data as provided under the Cybercrime Prevention Act of 2012 (RA 10175).
The Rule allows law enforcement authorities to secure a Warrant to Disclose Computer Data (WDCD) requiring any person or service provider to disclose or submit subscriber’s information, traffic data or relevant data in his/her possession or control. Another warrant that can be issued under the Rule is the WICD or the Warrant to Intercept Computer Data authoring law enforcement authorities to listen to, record, monitor, or conduct surveillance of the content of communications, including procuring of the content of computer data, either directly, through access and use of a computer system or indirectly, through the use of electronic eavesdropping or tapping devices, at the same time that the communication is occurring. The third cybercrime warrant which the law enforcers may secure is the Warrant to Search, Seize and Examine Computer Data (WSSECD) which authorizes them to search the particular place for items to be seized and/or examined.
When the designated cybercrime court decides to issue any of these warrants against an individual, this will result in a legally authorized intrusion of a person’s privacy. A person’s right to privacy is his right to voluntary and temporary withdraw from the general society through physical or psychological means. In legal parlance, privacy equates to the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. One category of privacy is privacy from unwanted intrusions which relates to physical or electronic invasion. Another category is the privacy of personal information which concerns the rights of individuals to control information about themselves (D.C. Kennedy, In Search of a Balance Between Police Power and Privacy in the Cybercrime Treaty, Richmond Journal of Law and Technology, 2002).
The issuance of cybercrime warrants may result in the collection of private data of an individual aside from the information related to the commission of a cybercrime which is the only information the law enforcement authorities have a legitimate purpose of collecting. For example, in the course of the implementation of a WICD, law enforcer’s activities such as listening to, recording, monitoring, or surveillance of the content of communications, may result in the collection of a person’s PINS or passwords of his bank accounts, SSS accounts, email accounts or credit card information which may be totally unrelated to the cybercrime the person is accused of committing. How can a person be assured that the law enforcement authorities will not share these valuable personal information such as driver’s license data, health records, or tax documents to another person?
Although the Rule provides for some safeguards to protect the unnecessary intrusion of a person’s private information, one study points out that the safeguards are basically crafted for physical search and seizure. The search and seizure of a computer data is totally different from physical search and seizure. Despite these safeguards, there is a high probability that the safeguards will not work to prevent an unnecessary intrusion. In a physical search, the search warrant needs to identify with specificity the places and things to be searched and seized. How will the judge make a particular description of a computer data when the latter are coded in digits of 1 and 0 and are in a machine-readable form?
The prevention of cybercrimes or the prosecution of ones already committed poses a serious risk of violation of an individual’s right to privacy. It is important that our cybercrimes court must be circumspect in the issuance of cybercrime warrants bearing in mind that a suspect has a great potential of becoming another victim of a cybercrime.