Republic Act No. 10175 punishes far more than the cyber libel most people associate with it. Section 4 groups cybercrime into three categories: offenses against the confidentiality, integrity, and availability of computer data and systems (illegal access, illegal interception, data and system interference, misuse of devices, cyber-squatting); computer-related offenses (computer-related forgery, fraud, and identity theft); and content-related offenses (cybersex, child pornography committed through a computer system, unsolicited commercial communications, and libel committed through a computer system).
Cyber libel is only one offense in a much longer list
Public conversation about the Cybercrime Prevention Act tends to focus almost entirely on cyber libel, since it is the provision most often invoked in disputes over social media posts. But Section 4 of RA 10175 defines a full taxonomy of cybercrime offenses, most of which have nothing to do with libel at all — they target hacking, fraud, and identity theft carried out through computer systems.
Category 1: Offenses against confidentiality, integrity, and availability of data
This category covers the classic “hacking” offenses:
- Illegal Access — accessing the whole or any part of a computer system without right.
- Illegal Interception — intercepting, by technical means and without right, any non-public transmission of computer data to, from, or within a computer system.
- Data Interference — intentionally or recklessly altering, damaging, deleting, or degrading computer data without right, including introducing viruses.
- System Interference — intentionally or recklessly hindering the functioning of a computer or network by inputting, damaging, deleting, or altering data without authority, including through viruses.
- Misuse of Devices — producing, selling, or distributing a device or password designed for committing any of these offenses, or possessing such an item with intent to use it for that purpose.
- Cyber-squatting — acquiring a domain name in bad faith to profit from, mislead, or damage the reputation of a trademark holder or another person, or to deprive them of registering it themselves.
Category 2: Computer-related offenses
- Computer-related Forgery — inputting, altering, or deleting computer data without right, producing inauthentic data intended to be acted upon as if genuine; or knowingly using such forged data for a fraudulent or dishonest purpose.
- Computer-related Fraud — unauthorized input, alteration, or deletion of computer data or interference with a computer system, causing damage with fraudulent intent. If no damage has yet resulted, the penalty is one degree lower.
- Computer-related Identity Theft — the intentional acquisition, use, misuse, transfer, possession, alteration, or deletion of another person's identifying information without right. Again, the penalty is one degree lower if no damage has yet occurred.
Category 3: Content-related offenses
- Cybersex — the willful engagement in, or operation of, any lascivious exhibition of sexual organs or activity, with the aid of a computer system, for favor or consideration.
- Child Pornography — acts already punishable under the Anti-Child Pornography Act, when committed through a computer system, carrying a penalty one degree higher than under that Act itself.
- Unsolicited Commercial Communications — sending commercial electronic messages advertising products or services without the recipient's prior consent, subject to specific exceptions (existing customer relationships, a working opt-out mechanism, and no disguised or misleading sender information).
- Libel — libel as already defined under Article 355 of the Revised Penal Code, when committed through a computer system “or any other similar means which may be devised in the future.”
Why this matters beyond the libel headline
A person whose email or social media account is hacked, whose identity is stolen to open accounts or make purchases, whose business data is deleted or corrupted by a disgruntled employee, or who registers a domain name in bad faith to extort a trademark owner, is dealing with a distinct cybercrime offense under RA 10175 — entirely separate from any libel question. Each of these carries its own elements and its own evidentiary requirements, generally centered on proving the act was done “without right” and, for the fraud and identity theft offenses, establishing (or the absence of) actual resulting damage.
Where to report
Cybercrime complaints in the Philippines are generally filed with the PNP Anti-Cybercrime Group or the NBI Cybercrime Division, who have the specialized capacity to trace digital evidence, request data preservation from service providers, and build the technical case that these offenses typically require.
Frequently Asked Questions
Is hacking into someone's account a crime under RA 10175? Yes. Accessing the whole or any part of a computer system without right is defined as Illegal Access under Section 4(a)(1) of RA 10175, a distinct offense from cyber libel.
Is identity theft a cybercrime in the Philippines? Yes. Computer-related Identity Theft — the intentional acquisition, use, or misuse of another person's identifying information without right, through a computer system — is specifically penalized under RA 10175 Section 4(b)(3).
Does cyber libel require a docket number or new definition of libel? No. RA 10175 Section 4(c)(4) simply applies the existing libel definition under Article 355 of the Revised Penal Code to acts committed through a computer system or similar means.
Where should someone report a cybercrime in the Philippines? Generally with the PNP Anti-Cybercrime Group or the NBI Cybercrime Division, both of which have the technical capacity to investigate hacking, fraud, and identity theft offenses under RA 10175.
This commentary is for general informational purposes only and does not constitute legal advice. For guidance specific to your situation, please consult a licensed attorney.
If you have questions about your rights or options under Philippine law, our firm is available to assist. You may reach us via Viber or WhatsApp, call us at 0995 433 5550, or send an email to vivasnobles@gmail.com. We look forward to hearing from you.