Philippine Lawbytes 138: Dr. Ramiscal for the Philippine National Police Investigators: Trends in Anti-Cybercrime Measures (Copyright by Dr. Atty. Noel G. Ramiscal)

I was given the opportunity by the UP POPLAW to lecture for our brothers and sisters in blue on the topic “Cybercrime” as part of the Philippine National Police (PNP) Investigation Officers Basic Course” (IOBC) Class 98-2018, and the “Criminal Investigation Course” Class 561-2018, Seminar on Laws and Jurisprudence for the PNP.

Dr. Atty. Noel G. Ramiscal at his lecture for the PNP Officers and Investigators at UP Diliman, July 4, 2018

The PNP has a competent Anti-Cybercrime Group (ACG), so I took it upon myself to introduce some concepts and developments in this quite expansive area, that these fine investigators may not have yet encountered in their work, or must be apprised of to update their awareness.

Dr. Atty. Noel G. Ramiscal during his lecture for the PNP Officers and Investigators in UP Diliman, July 4, 2018

The Implementing Rules and Regulations of the Philippine Cybercrime Prevention Act or R.A. 10175 defined a “computer” to include “any storage facility or equipment or communications facility or equipment directly related to or operating in conjunction with such device. It covers any type of computer device including devices with data processing capabilities like mobile phones, smart phones, computer networks and other devices connected to the internet.” What this basically meant is that all e-devices that operate with a computing device should also be considered a computer. Due to this, the scope of the task of any PNP cybercrime investigator has been tremendously widened. The Internet of Things (IoT) devices which I briefly discussed, as well as social media, and other e-devices that suspects can use to communicate, or can contain incriminating evidence are all part of the e-data net that cybercrime investigators must now cast. Due to this reality, the possibility of electronic evidence being tampered with, altered, destroyed or lost, is magnified, especially if the e-data are located in different countries, and can be remotely controlled or manipulated.

The PNP Officers and Investigators who gave Dr. Ramiscal a standing ovation in his Lecture at UP Diliman, July 4, 2018

One significant matter I imparted to them is the fact that e-data privacy crimes under the Data Privacy Law or R.A. 10173 are cybercrimes. And while the National Privacy Commission is the governing agency on this law, the help of cybercrime investigators may be needed to establish evidence of culpability. On this regard, I showed them several cases, among which included the COMELEC e-data breaches, that have caused a lot of dismay, disgust and actual and potential damage to the welfare and safety of each individual Philippine voter whose sensitive personal information, down to his/her voting history and biometrics have been disclosed to, and sold to, and bought by nefarious third party e-data traffickers. I discussed several aspects of digital identity fraud, including synthetic ID fraud, that I have handled.

Some of the PNP Officers and Investigators who attended Dr. Ramiscal’s Lecture, UP Diliman, July 4, 2018

I endeavored to go thru the gamut of different cyber scams and fraudulent activities that abound online, from virtual fraudulent states, to digital misappropriation of intellectual property, social media crimes, to ransomware but our three-hour session was just not enough.

Some of the PNP Officers and Investigators who attended Dr. Ramiscal’s Lecture, UP Diliman,, July 4, 2018

I always have a deep respect for the work of our dear brothers and sisters in blue who put themselves in harm’s way to keep us safe. I have met and worked with several cops whose integrity, honesty and dedication are unquestioned. But I was not prepared for the generous reception they gave to me. For the first time in my almost two decades stint as a lecturer and trainer, the wonderful attendees of these two classes actually rose from their seats and gave me a standing ovation! My mother who was with me, and I, will never forget that moment! To them, thank you for your awesomeness! God Bless us!

Philippine Lawbytes 137: Dr. Ramiscal for the Philippine National Police Crime Laboratory Unit Officers: Appreciation of Electronic Evidence and Anti-Forensics (Copyright by Dr. Atty. Noel G. Ramiscal)

April 19, 2018 was a momentous occasion for me because it was the first time I had the chance to meet the relatively young, smart and dedicated men and women of the Philippine National Police (PNP) Crime Laboratory Unit and share with them my lecture on “Legal Issues in Electronic Discovery and Presentation of Electronic Evidence” for their “Scene of Crime Operations Course Class 25” at the Soliven Room, UP College of Law, Diliman, Quezon City. This was part of the UP POPLAW Seminar on Laws and Jurisprudence for the PNP.

Dr. Ramiscal at his lecture on Electronic Evidence for the PNP Crime Lab officers at UP last April 19, 2018

Since some of the police officers here are first responders in crime scenes, I discussed with them the nature of electronic data, its different types and some of the protocols for handling some of its various manifestations in e-devices.I sought to disabuse their minds of any erroneous notion that e-data is only the ones stored in computers. Once any form of evidence is processed and analyzed by a computer, the data generated by the computer from the data would be considered e-data, and therefore, potential electronic evidence.

Dr. Ramiscal in action during his lecture on Electronic Evidence for the PNP Crime Lab officers at UP last April 19, 2018

I went thru some of the challenges and differences between e-data and physical evidence. Clear DNA evidence, for example, uncontaminated hair, blood, saliva, semen, mucous secretions are relatively finite, particular, preservable, “tangible” and obey the physical laws of nature. But e-data exist in a universe of bits of ones and zeros, are not readily readable to the average human eyes and they are not truly meant to be preserved, as they are subject to corruption, degradation, and destruction over time and technological changes.

Dr. Ramiscal with Col. Callaua and all the police officers of the PNP Crime Lab who attended his lecture on Electronic Evidence UP last April 19, 2018

It is in this lecture that I discussed for the first time “anti-forensics”. The antithesis to “cyberforensics”, these consist of measures and techniques that criminals and those seeking to thwart the discovery of incriminating e-data, use. Scholarship on this area is uneven. While there is a lot of literature on “hiding” technologies like steganography and cryptology, and wiping utilities, there is a dearth of knowledge and research on tools and techniques that one can use to attack the cyberforensic software and tools. I discussed a very recent attack (2016) on a forensic duplicator and write blocker device and pointed out how the attack could render certain techniques of establishing integrity and authenticity of e-data, e.g., digital hashing, inutile and unreliable.

Dr. Ramiscal with Col. Callaua at his lecture on Electronic Evidence for the PNP Crime Lab at UP last April 19, 2018

I also shared with our brothers and sisters in blue, some of the approaches I have made in presenting electronic evidence in court, which hopefully helped them in the moot court that they had several days after my lecture. Our three hour time together was too short, and I trust that there would be a follow-up session training. I would like to express my gratitude to UP Law Assoc. Dean Gisella Dizon Reyes, Ms. Eleanor Arzadon of UPIGLR and everyone who made this possible. I also would like to thank Col. Callaua, and the gracious and enthusiastic attendees of Class 25, who stayed through out my lecture and made me feel truly appreciated. Thank you all! God Bless Us!

Philippine Lawbytes 136: Dr. Ramiscal for the Department of Justice: Electronic Evidence in the Prosecution of Extra-Judicial Killers (Copyright by Dr. Atty. Noel G. Ramiscal)

The Department of Justice and the UPIAJ invited me as a Technical Expert on Administrative Order 35, series 2012, (Creating The Inter-Agency Committee On Extra-Legal Killings, Enforced Disappearances, Torture And Other Grave Violations Of The Right To Life, Liberty And Security Of Persons) in the training sessions they conducted for prosecutors and police personnel at Roma Hotel, in Tuguegarao Cagayan from March 5 to 9, 2018. I was assigned to tackle the role of electronic evidence in the prosecution of extrajudicial killers.

Dr. Ramiscal at his first DOJ MCLE LECTURE as Technical Expert at the Roma Hotel, Tuguegarao, Cagayan, March 6, 2018

To fulfill my duties, I gave two lectures. The first “Ethical and Procedural Issues, and a Critique of the Electronic Evidence Discovery and Presentation for Prosecuting AO 35 Offenses”, basically lays down many of the legal challenges I saw in gathering, preserving and presenting incriminating electronic evidence, especially against State actors and State agents.

Dr. Ramiscal at his first DOJ MCLE LECTURE as Technical Expert on Ethical and Procedural Issues on E-Discovery at the Roma Hotel, Tuguegarao, Cagayan, March 6, 2018

The Minnesota Protocol of 2016 [United Nations Manual on the Effective Prevention and Investigation of Extra-Legal, Arbitrary, and Summary Executions] provided that:

 All material located at a crime scene should be considered potentially relevant to the investigation. Material that may be found at a crime scene includes, but is not limited to, the following:

 (d) Digital evidence, such as mobile phones, computers, tablets, satellite phones, digital storage devices, digital recording devices, digital cameras and closed-circuit television (CCTV) footage

While the Philippines does have the Rules of Electronic Evidence, it has not been amended since 2002. I criticized several of its crucial provisions that are both technologically and legally erroneous, proven by the many different IT and legal developments in, and outside of the Philippines, within the almost twenty years that had passed when these Rules were first promulgated by the Supreme Court in 2001. The DOJ drafted a Manual on the Investigation and Prosecution of Cybercrimes and Related Cases which it submitted to the Supreme Court for en banc approval in October 2016. As of now, that Draft Manual had not yet been released by the Supreme Court.

Dr. Ramiscal at his second DOJ MCLE LECTURE as Technic al Expert on the presentation of electronic evidence, at the Roma Hotel, Tuguegarao, Cagayan, March 9, 2018

I delineated in my lecture the thorny issues in some of the Draft’s provisions with my suggestions as to how to correct them. Most significantly, I also presented for the first time, my suggestions on how to protect and observe the electronic due process rights of an accused, so as to protect the latter’s human rights.

My second lecture on “Suggested Guide Questions for Electronic Evidence Sources”, came as a response for the need, observed by the UPIAJ and the DOJ’s TWG, of guidance by the prosecutors in presenting electronic evidence in court. I delivered it after the moot court presentation made by some prosecutors. The situational context of my lecture was that I presented it as if, I am a Judicial Information Security Officer of the Court advising the moot court judge, actual Judge Calpatura, on how to appreciate the e-evidence presented before him.

JudgeCalpatura sharing his insight on a point raised by Dr. Ramiscal during Dr. Ramiscal’s MCLE lecture last March 9, 2018

Thru this lecture, I shared with the attendees some techniques, questions and tips on how to present computer generated e-data, metadata, text messages, emails, traffic and subscriber information, digital photographs, website shots, and social media evidence. Judge Calpatura was a real trouper, and I am grateful to the DOJ and the UP IAJ for giving me this chance to share my experience and the fruits of my research to the attendees. God Bless!

Philippine Lawbytes 135: Dr. Ramiscal for the lawyers of the Resorts World, and the John Gokongwei Summit Group: Corporate Electronic Data and Evidence Management (Copyright by Dr. Atty. Noel G. Ramiscal)

I have been fortunate to expand my advocacy to cover the management of corporate e-data on two occasions for big time corporations in the Philippines these past few months. Last March 13, 2018, I lectured before the lawyers of the John Gokongwei Summit Group at the Crowne Plaza Hotel, and on May 24, 2018, I gave several talks before the lawyers of Resorts World and its affiliated companies at the Marriott Hotel in Pasay, under the auspices of ACCESS/Adamson University and ACLEx/Centro Escolar University, respectively.

Dr. Ramiscal at his MCLE lecture on Trends in Handling Corporate E-Data for the lawyers of the Resorts World and affiliated companies, at Marriott Hotel, May 24, 2018

In these lectures, I introduced the lawyers to the different conceptions of e-data, their types and definitions under Philippine laws and most crucial for corporations, the different sources where corporate e-data can be stored, accessed and found. Responsible access to corporate e-data is one of the cornerstones to good corporate e-data management.

Dr. Ramiscal at his MCLE lecture on Legal Issues in the Management of Corporate E-Data for the lawyers of the Resorts World and affiliated companies, at Marriott Hotel, May 24, 2018

It is crucial that corporations have established written policies that are made known, signed and understood by their employees, and actually enforced, on matters like access and use of the company’s databases; the personal information of its clients, vendors, employees and officers; and its electronic assets including its social media accounts and e-intellectual properties.

I discussed the growing trend of rogue employees and officers who become members of the dark web to sell crucial damning or illegal information about their employers or seek monetary compensation for stealing their employers’ electronic assets or destroying their employers’ computing systems. Proof of these, is the rise of threat intelligence firms and software analytics tools that seek to unmask the illegal activities of these rogues.

Dr. Ramiscal’s MCLE lecture on Electronic Evidence Discovery for the lawyers of the John Gokongwei Summit Group at Crowne Plaza Hotel, March 13, 2018

Data privacy and security concerns are topmost priorities for any corporation that is serious in keeping its existence.

Some lawyers of the John Gokongwei Summit Group who attended Dr. Ramiscal’s MCLE lecture on Handling of Electronic Evidence at Crowne Plaza Hotel, March 13, 2018

I talked about the different types of cryptographic systems that can and should be employed by companies to encrypt their e-data and guard their secrets against their rivals and competitors. There is a consensus among cybersecurity firms and analysts that it takes about several months to several years before corporations actually realize that their systems and e-data have been hacked and stolen. I apprised the attendees of the necessity to secure cybersecurity insurance for their firms, to protect their corporations from threats and future eventualities like these.

Dr. Ramiscal with some of the wonderful lawyers of Resorts World at his MCLE lectures at Marriott Hotel, May 24, 2018

Furthermore, I gave the participants several tips and strategies in handling e-data, from its preservation, to discovery and presentation in courts. But given that our time is quite limited, I was able to impart to them, only the very basic pointers. I would like to thank everyone involved from the providers to the participants who made these events particularly auspicious and enjoyable for me. God Bless!