Computer Dark NightSponsored

Outdated, conflicting policies affect PH response to rising online abuse and exploitation of children

Special Report

Everyone was forced to stay at home and adapt to the new normal when the enhanced community quarantine was imposed in Metro Manila and some parts of Luzon due to COVID-19 in March. As the virus continues to spread in the country, along with the issue, is the alarming increase of cases of sexual abuse and exploitation among children on the internet.

To boost efforts in curtailing online sexual abuse and exploitation of children (OSAEC), digital services provider PLDT and its wireless unit Smart Communications Inc. (Smart), have urged lawmakers to amend “conflicting provisions” of the Republic Act (RA) 9775 or the Anti-Child Pornography Act of 2009.

OSAEC is the production of the sexual abuse or exploitation of a minor for a third party who is not in the physical presence of the victim for online publication, of visual depictions (e.g. photos, videos, live streaming), in exchange for compensation.

“Some provisions in the Anti-Child Pornography Law are holding us back because they encroach on the rights of citizens and contradict existing laws particularly RA 10173 or the Data Privacy Act of 2012 and RA 10175 or the Cybercrime Prevention Law,” said Atty. Roy Cecil Ibay, Vice President for Legal and Regulatory Affairs, Smart, in previous statements.

Expert: Cybersex trafficking is a ‘family-based crime’

Organized, concerted, targeted efforts may help prevent online sexual abuse of children

Republic Act (RA) 9775 or the Anti-Child Pornography Act of 2009

Section 9 of RA 9775 mandates internet service providers (ISPs) to monitor and block illicit content that promotes child pornography passing through their servers. It also orders them to install software that will filter out any form of child porn.

ISP in RA 9775 is defined as a person or entity that supplies or proposes to supply, an internet carriage service to the public.

In a position paper submitted to the Department of Justice (DOJ), the telco company pointed out that this contradicts another sentence in the same section declaring that “Nothing in this section may be construed to require an ISP to engage in the monitoring of any user, subscriber or customer or the content of any communication of any such person.”

PLDT/Smart noted that traffic data or information about the message’s origin, destination, route, and size among other things are considered property, thus they should be protected against unreasonable searches and seizures under the Bill of Rights.

The PLDT Group also cited the case of Disini vs Secretary of Justice 2014 where the Supreme Court struck down Section 12 of the Cybercrime Prevention Act referring to the real-time collection of traffic data by authorities because “the power is virtually limitless, enabling law enforcement agencies to engage in “fishing expedition,” choosing whatever specified communication they want.”

It argued that if the Secretary of Justice, who is supposed to be the bastion of legal knowledge and despite prima facie finding, could not order the blocking of the offending computer data without a judicial warrant, it asked, “How much more private entities such as ISPs, including the PLDT group.”

It also wanted the government to clarify the terms “blocking” and “filtering,” arguing that “blocking” may refer to an attempt to access a website but is prevented from doing so, which “makes it a technical measure intended to restrict access.”

On the other hand, “filtering” may refer to an instance when a subscriber uploads an offensive material and telcos are expected to screen and immediately remove them once posted.

“Both contend that these responses ‘reek of all the elements of censorship or prior restraint, which violates constitutionally guaranteed right to freedom of speech and of expression’,” it said.

DICT asks ISPs to comply with RA 9775

The Department of Information and Communications Technology (DICT) insisted that ISPs should comply with RA 9775 on the installation of blocking or filtering technologies.

“ISPs have not installed detection software to block uploading and downloading of child pornography pursuant to RA 9775. ISPs, not only in the Philippines, do not yet have the algorithms to automatically scan video images as they can still (image),” the DICT Cybersecurity told Back End News in an email interview.

The DICT Cybersecurity said that reporting of suspected child sexual abuse materials on ISP platforms should be expanded and strengthened through compulsory reporting legislation in all States and the provision of higher quality information in reports.

“Government and non-government service providers should guarantee a collaborative, trauma-informed, appropriate, and all-inclusive system of care exists to address the unique needs of OSEC survivors on an individual, family, and community level,” the DICT said.

It also said that technology platforms should identify and implement measures for proactive detection of live streaming OSEC.

NPC’s stance

However, the National Privacy Commission (NPC) emphasized that the ISPs could not install a detection software that would block the uploading and downloading of child pornography and online live-streaming of sexual abuse of children.

“We refer to the case of Disini v. Secretary of Justice where the Supreme Court declared unconstitutional Section 19 of the Cybercrime Prevention Act of 2012,” the NPC told Back End News.

Section 19 of the law says, “When a computer data is prima facie found to [violate] of the provisions of this act, the DOJ shall issue an order to restrict or block access to such computer data.” This provision empowers the DOJ to restrict or block access to computer data. Should the detection software be available for ISPs, the NPC said that this might be considered as a violation of the Constitution.

Data Privacy Act of 2012 amendment

The NPC, which has the power to investigate and act on complaints about data privacy violations, said that it has been participating in the discussion of the pending substitute bill in the House of Representatives (HOR) on the amendment of the Data Privacy Act of 2012.

“The substitute bill expressly recognizes the need for such personal data processing, especially data sharing, to the pertinent public authority in relation to investigation and prosecution of these offenses, subject of course to strict adherence to all applicable substantive and procedural processes,” it said.

With this proposed amendment, the Privacy Commission is “hopeful” that the law enforcement and investigative agencies would no longer encounter difficulties to access necessary personal data.

PCTO’s position

The Philippine Chamber of Telecom Operators (PCTO), the umbrella organization of telco entities and ISPs in the country, stressed that the installation of filtering software does not guarantee the total absence of child pornography on the internet.

“The reason is that purveyors of child pornography simply build alternate websites, URLs, and dynamic IP address[es], as fast as ISPs block them. Even worse, these illicit activities use popular social media platforms that are readily accessible and shareable to others, but next to impossible to block,” the PCTO said.

The telco operators group also underscored that the consumers of illegal content use Virtual Private Networks (VPN) to bypass any blocking and filtering software.

“It is therefore unfair for ISPs to be depicted in media as enablers of child pornography even if these unwanted contents constitute only a tiny fraction of the content that is available online,” it said.

The PCTO advised the DOJ to consider amending RA 9775 to rectify the statutory conflicts on the provisions of the law to protect the welfare of children online.

Unicef: Weaknesses in the legal framework

The United Nations International Children’s Emergency Fund (Unicef) research emphasized that there is perceived overlapping of laws on OSAEC and overlapping mandates of agencies involved.

“Telcos, ISPs say the term ‘proper authorities’ is ambiguous (can either mean the NBI, PNP, or the courts). [The] lack of enforcement of law and sanctions to compel the private sector (i.e., ISPs, telcos) to cooperate with law enforcement on OSAEC cases,” it said.

According to Unicef Philippine Kids Online Survey, about 2 in 10 children are vulnerable victims of online sexual abuse and exploitation, and that boys are as vulnerable as girls. The survey concluded that nearly half of the children (48%) said that the internet is not safe for them. Out of the 18% of children with unwanted sexual experience online, 17% said that family members are involved (parents and young siblings).

Cyber tips of alleged OSAEC involving Filipino children had tripled during the quarantine period from March to May of this year, the National Center of Missing and Exploited Children (NCMEC) said.

The DOJ Office of Cybercrime (DOJ-OOC) correspondingly reported that there was a 264% increase from 76,561 cases in 2019 to 279,166 cases in the same months.

Child Rights Network’s call to address legal gaps

The Child Rights Network (CRN), the largest alliance of organizations and agencies advocating for children’s rights legislation in the Philippines, called on the national and local governments to immediately address the legal gaps that hinder the prosecution of OSEC cases especially in this time of COVID-19.

“These laws have several gaps that make it difficult to prosecute OSEC cases. These gaps include the lack of clearly defined rules delineating the obligations of social media networks (e.g. Facebook and Twitter), internet cafes, or lessors of business establishments, banks, money remittance centers, and credit card companies in relation to shutting down OSEC,” the CRN said.

The alliance network affirmed that there is a need to strengthen the capacity of government authorities to implement OSEC-related laws and ensure that crimes are investigated and perpetrators are punished accordingly.

It asserted that reporting and referral lines should be widely and actively disseminated to empower victims and witnesses to report cases of abuse and exploitation.