Tuesday, October 5, 2010

ebron james

a

<iframe src="http://www.keepandshare.com/doc/2281322/1301912?da=y&ifr=y" width="900" height="700" scrolling="yes" frameborder="1"></iframe>

a

http://www.keepandshare.com/doc/2280850/andrew-resume-new-doc-october-5-2010-12-12-pm-101k

Monday, October 4, 2010

a

http://www.keepandshare.com/doc/2280853/kyon-resume-doc-october-5-2010-12-13-pm-252k

Monday, August 30, 2010

COM ETHICS

Computer Ethics is the branch of philosophy that analysis the nature and social impact of computer technology as well as the standards of conduct which pertain to proper use computers. It involves social issues, such as access rights, working place monitoring, censorship and junk mail; professional issues such as professional responsibility and code of conduct; legal issues such as legal obligations, data protection, computer misuse and software piracy. 
Within a relative short period of time, computer technology has created huge new possibilities and also the ethical and social implication on both business and individual’s life.  However, ethical framework and laws lag behind all the new innovations, to fill the vacuum, it needs timely effort to make laws, to corporate with company policy, personal policy and social conventions.  Computer ethics is at its relatively young stages.


Ethics in Information Technology
Computers and information systems are used everywhere in society. New technologies are invaluable tools but they may have serious ethical consequences. The way an information technology tool affects sensitive issues has a direct impact on its effectiveness and usability. It may be difficult for users and stakeholders to adopt a computer system if they feel that its use violates important values and interests. To take advantage of a computer tool may not be easy in situations dominated by ethical conflicts. There is a great risk that expensive but necessary computer systems are abandoned because of scandals and conflicts. There is also a risk that ethically controversial systems are used suboptimally, that persons may get hurt, and that organizations may be damaged if they hesitate to use otherwise importand and necessary computer tools.

Ethics in IT aims at the construction of tools that can be applied in systems development and use for the consideration of significant ethical aspects. The application of suitable ethical tools is a prerequisite to consider significant aspects in all phases of computer systems development, implementation and use. Ethical tools are necessary not only to construct a system that avoids conflicts with significant moral principles but mainly to build a successful system that will play a significant role in satisfying the most important values of users and stakeholders.

History of Computer Ethics

A Very Short History of Computer Ethics
Terrell Ward Bynum
[This article was published in the Summer 2000 issue of the American Philosophical Association’s Newsletter on Philosophy and Computing]
The Foundation of Computer Ethics
Computer ethics as a field of study was founded by MIT professor Norbert Wiener during World War Two (early 1940s) while helping to develop an antiaircraft cannon capable of shooting down fast warplanes. One part of the cannon had to “perceive” and track an airplane, then calculate its likely trajectory and “talk” to another part of the cannon to fire the shells. The engineering challenge of this project caused Wiener and some colleagues to create a new branch of science, which Wiener called “cybernetics” – the science of information feedback systems. The concepts of cybernetics, when combined with the digital computers being created at that time, led Wiener to draw some remarkably insightful ethical conclusions. He perceptively foresaw revolutionary social and ethical consequences. In 1948, for example, in his book Cybernetics: or control and communication in the animal and the machine, he said the following:
It has long been clear to me that the modern ultra-rapid computing machine was in principle an ideal central nervous system to an apparatus for automatic control; and that its input and output need not be in the form of numbers or diagrams but might very well be, respectively, the readings of artificial sense organs, such as photoelectric cells or thermometers, and the performance of motors or solenoids.... we are already in a position to construct artificial machines of almost any degree of elaborateness of performance. Long before Nagasaki and the public awareness of the atomic bomb, it had occurred to me that we were here in the presence of another social potentiality of unheard-of importance for good and for evil. (pp. 27 – 28)
In 1950 Wiener published his monumental computer ethics book, The Human Use of Human Beings, which not only established him as the founder of computer ethics, but far more importantly, laid down a comprehensive computer ethics foundation which remains today – half a century later – a powerful basis for computer ethics research and analysis. (However, he did not use the name “computer ethics” to describe what he was doing.) His book includes (1) an account of the purpose of a human life, (2) four principles of justice, (3) a powerful method for doing applied ethics, (4) discussions of the fundamental questions of computer ethics, and (5) examples of key computer ethics topics. (Wiener 1950/1954, see also Bynum 1999)

Wiener made it clear that, on his view, the integration of computer technology into society will constitute the remaking of society – the “second industrial revolution” – destined to affect every major aspect of life. The computer revolution will be a multifaceted, ongoing process that will take decades of effort and will radically change everything. Such a vast undertaking will necessarily include a wide diversity of tasks and challenges. Workers must adjust to radical changes in the work place; governments must establish new laws and regulations; industry and business must create new policies and practices; professional organizations must develop new codes of conduct for their members; sociologists and psychologists must study and understand new social and psychological phenomena; and philosophers must rethink and redefine old social and ethical concepts.

Neglect, Then a Reawakening
Unfortunately, this complex and important new area of applied ethics, which Wiener founded in the 1940s, remained nearly undeveloped and unexplored until the mid 1960s. By then, important social and ethical consequences of computer technology had already become manifest, and interest in computer-related ethical issues began to grow. Computer-aided bank robberies and other crimes attracted the attention of Donn Parker, who wrote books and articles on computer crime and proposed to the Association for Computing Machinery that they adopt a code of ethics for their members. The ACM appointed Parker to head a committee to create such a code, which was adopted by that professional organization in 1973. (The ACM Code was revised in the early 1980s and again in the early 1990s.)

Also in the mid 1960s, computer-enabled invasions of privacy by “big-brother” government agencies became a public worry and led to books, articles, government studies, and proposed privacy legislation. By the mid 1970s, new privacy laws and computer crime laws had been enacted in America and in Europe, and organizations of computer professionals were adopting codes of conduct for their members. At the same time, MIT computer scientist Joseph Weizenbaum created a computer program called ELIZA, intended to crudely simulate “a Rogerian psychotherapist engaged in an initial interview with a patient.” Weizenbaum was appalled by the reaction that people had to his simple computer program. Some psychiatrists, for example, viewed his results as evidence that computers will soon provide automated psychotherapy; and certain students and staff at MIT even became emotionally involved with the computer and shared their intimate thoughts with it! Concerned by the ethical implications of such a response, Weizenbaum wrote the book Computer Power and Human Reason (1976), which is now considered a classic in computer ethics.

In 1976, while teaching a medical ethics course, Walter Maner noticed that, often, when computers are involved in medical ethics cases, new ethically important considerations arise. Further examination of this phenomenon convinced Maner that there is need for a separate branch of applied ethics, which he dubbed “computer ethics.” (Wiener had not used this term, nor was it in common use before Maner.) Maner defined computer ethics as that branch of applied ethics which studies ethical problems “aggravated, transformed or created by computer technology.” He developed a university course, traveled around America giving speeches and conducting workshops at conferences, and published A Starter Kit for Teaching Computer Ethics. By the early 1980s, the name “computer ethics” had caught on, and other scholars began to develop this “new” field of applied ethics.

Among those whom Maner inspired in 1978 was a workshop attendee, Terrell Ward Bynum (the present author). In 1979, Bynum developed curriculum materials and a university course, and in the early 1980s gave speeches and ran workshops at a variety of conferences across America. In 1983, as Editor of the journal Metaphilosophy, he launched an essay competition to generate interest in computer ethics and to create a special issue of the journal. In 1985, that special issue – entitled Computers and Ethics – was published; and it quickly became the widest-selling issue in the journal’s history. The lead article – and winner of the essay competition – was James Moor’s now-classic essay, “What Is Computer Ethics?.” where he described computer ethics like this:
A typical problem in computer ethics arises because there is a policy vacuum about how computer technology should be used. Computers provide us with new capabilities and these in turn give us new choices for action. Often, either no policies for conduct in these situations exist or existing policies seem inadequate. A central task of computer ethics is to determine what we should do in such cases, i.e., to formulate policies to guide our actions. Of course, some ethical situations confront us as individuals and some as a society. Computer ethics includes consideration of both personal and social policies for the ethical use of computer technology. (p. 266)
In Moor’s view computer ethics includes, (1) identification of computer-generated policy vacuums, (2) clarification of conceptual muddles, (3) formulation of policies for the use of computer technology, and (4) ethical justification of such policies.
A Standard-setting Textbook
1985 was a watershed year for computer ethics, not only because of the special issue of Metaphilosophy and Moor’s classic article, but also because Deborah Johnson published the first major textbook in the field (Computer Ethics), as well as an edited collection of readings with John Snapper (Ethical Issues in the Use of Computers). Johnson’s book Computer Ethics rapidly established itself as the standard-setting textbook in university courses, and it set the research agenda in computer ethics for nearly a decade.

In her book, Johnson defined computer ethics as a field which examines ways that computers “pose new versions of standard moral problems and moral dilemmas, exacerbating the old problems, and forcing us to apply ordinary moral norms in uncharted realms.” (p. 1) Unlike Maner (see Maner 1996), with whom she had discussed computer ethics in the late 1970s, Johnson did not think that computers created wholly new ethical problems, but rather gave a “new twist” to already familiar issues such as ownership, power, privacy and responsibility.

Exponential Growth
Since 1985, the field of computer ethics has grown exponentially. New university courses, research centers, conferences, articles and textbooks have appeared, and a wide diversity of additional scholars and topics have become involved. For example, thinkers like Donald Gotterbarn, Keith Miller, Simon Rogerson, and Dianne Martin – as well as organizations like Computer Professionals for Social Responsibility, the Electronic Frontier Foundation and ACM-SIGCAS – have spearheaded developments relevant to computing and professional responsibility. Developments in Europe and Australia have been especially noteworthy, including new research centers in England, Poland, Holland, and Italy; the ETHICOMP series of conferences led by Simon Rogerson and the present writer; the CEPE conferences founded by Jeroen van den Hoven; and the Australian Institute of Computer Ethics headed by John Weckert and Chris Simpson.
The Future of Computer Ethics?
Given the explosive growth of computer ethics during the past two decades, the field appears to have a very robust and significant future. How can it be, then, that two important thinkers – Krystyna Górniak-Kocikowska and Deborah Johnson – have recently argued that computer ethics will disappear as a branch of applied ethics?

The Górniak Hypothesis – In her 1995 ETHICOMP paper, Górniak predicted that computer ethics, which is currently considered just a branch of applied ethics, will eventually evolve into something much more. It will evolve into a system of global ethics applicable in every culture on earth:
Just as the major ethical theories of Bentham and Kant were developed in response to the printing press revolution, so a new ethical theory is likely to emerge from computer ethics in response to the computer revolution. The newly emerging field of information ethics, therefore, is much more important than even its founders and advocates believe. (p. 177)

The very nature of the Computer Revolution indicates that the ethic of the future will have a global character. It will be global in a spatial sense, since it will encompass the entire Globe. It will also be global in the sense that it will address the totality of human actions and relations. (p.179)

Computers do not know borders. Computer networks… have a truly global character. Hence, when we are talking about computer ethics, we are talking about the emerging global ethic. (p. 186)

…the rules of computer ethics, no matter how well thought through, will be ineffective unless respected by the vast majority of or maybe even all computer users. This means that in the future, the rules of computer ethics should be respected by the majority (or all) of the human inhabitants of the Earth.... In other words, computer ethics will become universal, it will be a global ethic. (p.187)
According to the Górniak hypothesis, “local” ethical theories like Europe’s Benthamite and Kantian systems and the ethical systems of other cultures in Asia, Africa, the Pacific Islands, etc., will eventually be superseded by a global ethics evolving from today’s computer ethics. “Computer” ethics, then, will become the “ordinary” ethics of the information age.

The Johnson Hypothesis – In her 1999 ETHICOMP paper, Deborah Johnson expressed a view which, upon first sight, may seem to be the same as Górniak’s:

I offer you a picture of computer ethics in which computer ethics as such disappears.... We will be able to say both that computer ethics has become ordinary ethics and that ordinary ethics has become computer ethics. (Pp. 17 – 18)

But a closer look at the Johnson hypothesis reveals that it is very different from Górniak’s. On Górniak’s view, the computer revolution will eventually lead to a new ethical system, global and cross-cultural in nature. The new “ethics for the information age,” according to Górniak, will supplant parochial theories like Bentham’s and Kant’s – theories based on relatively isolated cultures in Europe, Asia, Africa, and other “local” regions of the globe.

Johnson’s hypothesis, in reality, is essentially the opposite of Górniak’s. It is another way of stating Johnson’s often-defended view that computer ethics concerns “new species of generic moral problems.” It assumes that computer ethics, rather than replacing theories like Bentham’s and Kant’s, will continue to presuppose them. Current ethical theories and principles, according to Johnson, will remain the bedrock foundation of ethical thinking and analysis, and the computer revolution will not lead to a revolution in ethics.

At the dawn of the 21st century, then, computer ethics thinkers have offered the world two very different views of the likely ethical relevance of computer technology. The Wiener-Maner-Górniak point of view sees computer technology as ethically revolutionary, requiring human beings to reexamine the foundations of ethics and the very definition of a human life. The more conservative Johnson perspective is that fundamental ethical theories will remain unaffected – that computer ethics issues are simply the same old ethics questions with a new twist – and consequently computer ethics as a distinct branch of applied philosophy will ultimately disappear.
References
Terrell Ward Bynum, ed. (1985), Computers and Ethics, Basil Blackwell (published as the October 1985 issue of Metaphilosophy).

Terrell Ward Bynum (1999), “The Foundation of Computer Ethics,” a keynote address at the AICEC99 Conference, Melbourne, Australia, July 1999.

Krystyna Górniak-Kocikowska (1996), “The Computer Revolution and the Problem of Global Ethics” in Terrell Ward Bynum and Simon Rogerson, eds., Global Information Ethics, Opragen Publications, 1996, pp. 177 – 190, (the April 1996 issue of Science and Engineering Ethics)

Deborah G. Johnson (1985), Computer Ethics, Prentice-Hall. (Second Edition 1994).

Deborah G. Johnson (1999), “Computer Ethics in the 21st Century,” a keynote address at ETHICOMP99, Rome, Italy, October 1999.

Deborah G. Johnson and John W. Snapper, eds. (1985), Ethical Issues in the Use of Computers, Wadsworth.

Walter Maner (1978), Starter Kit on Teaching Computer Ethics (Self published in 1978. Republished in 1980 by Helvetia Press in cooperation with the National Information and Resource Center for Teaching Philosophy).

Maner, Walter (1996), “Unique Ethical Problems in Information Technology,” in Terrell Ward Bynum and Simon Rogerson, eds., Global Information Ethics, Opragen Publications, 1996, pp. 137 – 52, (the April 1996 issue of Science and Engineering Ethics).

James H. Moor (1985), “What Is Computer Ethics?” in Terrell Ward Bynum, ed. (1985), Computers and Ethics, Basil Blackwell, pp. 266 – 275.

Joseph Weizenbaum (1976), Computer Power and Human Reason: From Judgment to Calculation, Freeman.

Norbert Wiener (1948), Cybernetics: or Control and Communication in the Animal and the Machine, Technology Press.

Norbert Wiener (1950/1954), The Human Use of Human Beings: Cybernetics and Society, Houghton Mifflin, 1950. (Second Edition Revised, Doubleday Anchor, 1954. This later edition is better and more complete from a computer ethics point of view.)


The Ten Commandments of Computer Ethics

1. Thou shalt not use a computer to harm other people.
2. Thou shalt not interfere with other people's computer work.
3. Thou shalt not snoop around in other people's computer files.
4. Thou shalt not use a computer to steal.
5. Thou shalt not use a computer to bear false witness.
6. Thou shalt not copy or use proprietary software for which you have not paid.
7. Thou shalt not use other people's computer resources without authorization or proper compensation.
8. Thou shalt not appropriate other people's intellectual output.
9. Thou shalt think about the social consequences of the program you are writing or the system you are designing.
10. Thou shalt always use a computer in ways that ensure consideration and respect for your fellow humans.

CODES OF ETHICS

CODES OF ETHICS

 Introduction

Iowa State University's Code of Computer Ethics and Acceptable Use policy provides for access to information technology (IT) resources and communications networks within a culture of openness, trust, and integrity. In addition, Iowa State University is committed to protecting itself and its students, faculty, and staff from unethical, illegal, or damaging actions by individuals using these systems.

Purpose

The purpose of this policy is to outline the ethical and acceptable use of information systems at Iowa State University. These rules are in place to protect students, faculty, and staff, i.e., to ensure that members of the Iowa State University community have access to reliable, robust IT resources that are safe from unauthorized or malicious use.
Insecure practices and malicious acts expose Iowa State University and individual students, faculty, and staff to risks including virus attacks, compromise of network systems and services, and loss of data or confidential information. Security breaches could result in legal action for individuals or the university. In addition, security breaches damage the university's reputation and could result in loss of services. Other misuses, such as excessive use by an individual, can substantially diminish resources available for other users.

Scope

The Code of Computer Ethics and Acceptable Use policy is an integral part of the IT Security policy and applies to faculty, staff, and students as well as any other individuals or entities who use information and information technology at Iowa State University. This policy applies to all equipment owned or leased by Iowa State University and to any privately owned equipment connected to the campus network and includes, but is not limited to, computer equipment, software, operating systems, storage media, the campus network, and the Internet.
Securing and protecting these significant and costly resources from misuse or malicious activity is the responsibility of those who manage systems as well as those who use them. Effective security is a team effort involving the participation and support of every member of the Iowa State University community who accesses and uses information technology.
Therefore, every user of university IT resources is required to know the policies and to conduct their activities within the scope of the ISU Code of Computer Ethics and Acceptable Use policy, the ISU Information Technology Security Policy, and the Policies, Standards, and Guidelines for Best Practices for IT security. Failure to comply with this policy may result in loss of computing privileges and/or disciplinary action.

Policy Statement


1. Privacy and Confidentiality


Iowa State University desires to provide the highest level of privacy possible for users of its information technology systems and to assure their rights of free speech and intellectual freedom are protected and uninhibited. At the same time Iowa State University is required by federal and state laws to keep certain information confidential. To the extent permitted by law and university policy, Iowa State University maintains and protects both the privacy of individuals and the confidentiality of official information stored on its information technology systems. Privacy and confidentiality must be balanced with the need for the university to manage and maintain networks and systems against improper use and misconduct.

2. Exceptions to Privacy of Information

Iowa State University may access, monitor, or disclose confidential or personal information residing on its information networks and systems in the following situations:
  • State and Federal Law
    All information including the personal, academic, or research data and files residing on university systems is subject to state and federal laws and regulations requiring its disclosure.
  • Access Accounts to Conduct Business or Research
    Faculty and staff may need access to accounts of other faculty and staff when that individual is not available but access is needed to conduct university business or further research. Approval to access the account should be given either by prior proxy access by the individual's account or by written recommendation and justification by the individual's department chair or Director and approval by the individual's Dean or Vice President.
  • Investigations
    Iowa State University may access or monitor accounts and equipment during the course of an investigation of misconduct, violations of law, or violations of university policy by students or employees. Access must be approved in writing by the Vice President for Business and Finance, Vice President for Academic Affairs or other designee acting on the basis of university policy and law. In accessing the account or equipment university officials are expected to avoid accessing information that is personal and irrelevant to the investigation.
  • Official University Business
    As part of their assigned responsibilities, Iowa State University faculty and staff may have access to confidential information and are restricted to using it only for purposes associated with the requirements of their position.
  • Internal Administrative Disclosure
    Disclosure or use of any personal or confidential information for extraordinary circumstances must be approved in writing by the Vice President for Business and Finance, Vice President for Academic Affairs or other designee acting on the basis of university policy and law.
  • Maintenance of ISU Network and Systems
    Iowa State University reserves the right to maintain its information systems; to audit networks and systems on a periodic basis to ensure compliance with security policies; and to locate, and to resolve security breaches or other situations that potentially impact the reliability, robustness, or security of the campus network and systems infrastructure. Individuals performing these functions or others may have access to personal and confidential information and are restricted to using it only for purposes associated with their position.
  • Legal Process
    Iowa State University may disclose confidential or personal information in response to a lawfully issued subpoena, court order or other compulsory legal process. In order to comply with court rules and compulsory process, attorneys in the Office of University Counsel may require or conduct targeted searches of electronic files to find material relevant to a subpoena or litigation involving the University. In accessing the files attorneys shall work with IT staff to limit access to material that is relevant to the subpoena or litigation.
  • Health and Safety Emergency
    In the event of a health or safety emergency, Iowa State University may disclose confidential or personal information necessary and relevant to addressing the emergency situation.
  • Authorization
    Iowa State University may access or disclose confidential or personal information relating to an individual student or employee upon the written authorization of the individual student or employee.

3. Protection of Information and Security Practices

The development of policy and practices to protect information and to increase security of information technology resources is an ongoing process. This document along with the ISU Information Technology Security Policy is intended to identify key security issues for which individuals, colleges, departments, and units are responsible. The third document, Policies, Standards, and Guidelines for Best Practices for IT Security, is an extension of the first two and includes the most current security requirements and recommendations adopted by the university. This Code of Computer Ethics and Acceptable Use policy highlights acceptable and unacceptable use policies. Individuals are responsible for understanding these basic principles as well as for familiarizing themselves with and complying with additional policies and practices as they are defined in Policies, Standards, and Guidelines for Best Practices for IT Security.

3.1. Protection of Information

In a university environment students, faculty, and staff create, store and have access to many sources of information. The level of security practices required for various information types depends on who has created the information, who is maintaining the information, the nature of the information itself, and whether there are specific federal and/or state laws or university requirements or guidelines associated with the use and distribution of the information. Information can be defined very generally in many ways such as public, private, confidential, personal, academic, etc. For the purposes of this policy, information is categorized as either university information or individual information. Within university information, there are also very specific definitions for certain types of information.

3.1.1. University Information

As an institution, the university has many types of official information including student records, financial records, health and insurance records, personnel records, and other business records. In addition, colleges, departments, and other units may have other types of internal business information specific to their areas.
  • Confidential information is defined by federal and/or state law and university policy and includes information such as student educational records, personnel information; financial information, and health and insurance records. All faculty, staff, and students are responsible for knowing and complying with university policies that apply to confidential information. See Notification of Rights Under FERPA and policies on Health Information Privacy and Security (HIPAA), Student Records, Employee Records, and Social Security Number Protection.
  • Business information includes all other information created and maintained for the purpose of operating the university. All faculty and staff are responsible for knowing and complying with university policies that apply to business information, including the policies on Records Management and Information Disclosures.
  • Colleges, departments and units are responsible for securing confidential and business information maintained on the systems under their authority as required by federal and/or state law and university security policy. In addition, they are responsible for developing appropriate security practices for their internal business information.
  • Students, faculty and staff are responsible for accessing only that confidential or business information for which they are authorized and using that information only for the purposes for which it is intended. The Office of the Registrar maintains helpful information regarding confidentiality.
  • Students, faculty and staff are required to comply with security practices established by the university or their college, department or administrative units to protect confidential or business information.

3.1.2. Individual Information

Individual information includes academic, research, personal and business correspondence, and other records created and managed by individual students, faculty, or staff. As creators and managers of this information, individuals are responsible for securing and protecting their information.
Individual information should be protected based on the level of risk associated with its loss or misuse. Colleges, departments, central information technology providers and other units may assist individuals by offering services including secure storage of files with systematic copying of data and/or archiving. Nonetheless, individual students, faculty and staff are ultimately responsible for securing their own information and should take action to assure their individual data is protected to the level they deem adequate.

3.2. Password Security

Users are responsible for the security of computer systems passwords, personal account passwords (e.g. Net-ID passwords) and personal identification numbers (PINs) and will be held accountable for any activities linked to their accounts. Users must follow established university standards for maintaining and managing passwords.

3.3. User Security Practices

Users are required to be aware of and employ security practices established by the university and their colleges, departments or administrative offices to prevent unauthorized access to their computers. Security breaches can often be linked to the actions individuals take or fail to take when using information technology resources (e.g., leaving their computers logged into applications while away from their desks, storing written copies of passwords in obvious places, using insecure methods for transferring information).

3.4. Security for IT Systems

Computer systems can become transmitters of viruses, denial of service attacks, open file exchange services, and other malicious electronic activities. E-mail messages, websites, inter-relay chat, and other applications used by faculty, staff, and students are often the sources of these problems. To prevent these malicious activities, individuals are required to be aware of and comply with university policies relating to the use of these applications. Among specific requirements are the ongoing use of approved virus-scanning software, the timely application of security patches and upgrades to operating systems and other software, and prompt implementation of security measures posted by the university, colleges, departments, or units in response to specific security threats.

3.5. Reporting Security Breaches

Effective security practice includes the prompt and appropriate response to breaches in security. It is, therefore, incumbent upon all individuals to report incidents in which they believe computer or network security has been jeopardized. In some cases local action is sufficient; in others, where the risk to confidential information or university-wide security is high, a university-level response will be implemented. Individuals are responsible for reporting security incidents and for taking action as recommended or directed by the IT Security Response Team as outlined in the IT Security Incident Reporting policy.

4. Unacceptable Use

Users are prohibited from engaging in any activity illegal under local, state, federal, or international law or in violation of university policy. The categories and lists below are by no means exhaustive, but attempt to provide a framework for activities that fall into the category of unacceptable use.

4.1. Excessive Non-Priority Use of Computing Resources

Priority for the use of information technology resources is given to activities related to the university's missions of teaching, learning, research, and outreach. University computer and network resources are limited in capacity and are in high demand. To conserve IT resource capacity for all users, individuals should exercise restraint when utilizing computing and network resources. Individual users may be required to halt or curtail non-priority use of information technology resources, such as recreational activities and non-academic, non-business services.

4.2. Unacceptable System and Network Activities

Unacceptable system and network activities include:
  • Engaging in or effecting security breaches or malicious use of network communication including, but not limited to


    • obtaining configuration information about a network or system for which the user does not have administrative responsibility.
    • engaging in activities intended to hide the user's identity, to purposefully increase network traffic, or other activities that purposefully endanger or create nuisance traffic for the network or systems attached to the network.
  • Circumventing user authentication or accessing data, accounts, or systems that the user is not expressly authorized to access.
  • Interfering with or denying service to another user on the campus network or using university facilities or networks to interfere with or deny service to persons outside the university.

4.3. Unauthorized Use of Intellectual Property

Users may not use university facilities or networks to violate the ethical and legal rights of any person or company protected by copyright, trade secret, patent, or other intellectual property, or similar laws or regulations. Violations include, but are not limited to:
  • Except as provided by fair use principles, engaging in unauthorized copying, distribution, display or publishing of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books, or other copyrighted sources; copyrighted music or video; and the installation of any copyrighted software without an appropriate license.
  • Using, displaying or publishing licensed trademarks, including Iowa State University's trademarks, without license or authorization or using them in a manner inconsistent with terms of authorization.
  • Exporting software, technical information, encryption software, or technology in violation of international or regional export control laws.
  • Breaching confidentiality agreements or disclosing trade secrets or pre-publication research.
  • Using computing facilities and networks to engage in academic dishonesty prohibited by university policy (such as unauthorized sharing of academic work, plagiarism).

4.4. Inappropriate or Malicious Use of IT Systems

Inappropriate or malicious use of IT systems includes:
  • Setting up file sharing in which protected intellectual property is illegally shared.
  • Intentionally introducing malicious programs into the network or server (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.).
  • Inappropriate use or sharing of university-authorized IT privileges or resources.
  • Changing another user's password, access, or authorizations.
  • Using an Iowa State University computing asset to actively engage in displaying, procuring or transmitting material that is in violation of sexual harassment policy or laws, hostile workplace laws, or other illegal activity.
  • Using an Iowa State computing asset for any private purpose or for personal gain. Refer to the policy on Personal Use and Misuse of University Property.

4.5. Misuse of E-mail and Communications Activities

Electronic mail (e-mail) and communications are essential in carrying out the activities of the university and to individual communication among faculty, staff, students and their correspondents. Individuals are required to know and comply with the university's policy on Mass E-Mail and Effective Electronic Communication. Some key prohibitions include:
  • Sending unsolicited e-mail messages, including the sending of "junk mail" or other advertising material to individuals who did not specifically request such material, except as approved under the policy on Mass E-Mail and Effective Electronic Communication.
  • Engaging in harassment via e-mail, telephone, or paging, whether through language, frequency, or size of messages.
  • Masquerading as someone else by using their e-mail or internet address or electronic signature.
  • Soliciting e-mail from any other e-mail address, other than that of the poster's account, with the intent to harass or to collect replies.
  • Creating or forwarding "chain letters" or solicitations for business schemes.
  • Using e-mail originating from within Iowa State's networks for commercial purposes or personal gain.
  • Sending the same or similar non-business-related messages to large numbers of e-mail recipients or newsgroups.

5. Enforcement

The University Code of Computer Ethics and Acceptable Use policy is enforced through the following mechanisms.

5.1. Interim Measures

The university may temporarily disable service to an individual or a computing device, when an apparent misuse of university computing facilities or networks has occurred, and the misuse:
  • is a claim under the Digital Millennium Copyright Act (DMCA);
  • is a violation of criminal law;
  • has the potential to cause significant damage to or interference with university facilities or services;
  • may cause significant damage to another person; or
  • may result in liability to the university.
An attempt will be made to contact the person responsible for the account or equipment prior to disabling service unless forbidden by law enforcement authorities or Information Technology Services staff determine immediate action is necessary to preserve the integrity of the university network. In any case, the user shall be informed as soon as possible so that they may present reasons in writing why their use is not a violation or that they have authorization for the use.

5.2. Suspension of Services and Other Action

Users may be issued warnings, may be required to agree to conditions of continued service, or have their privileges suspended or denied if:
  • After hearing the user's explanation of the alleged violation, a central IT provider has made a determination that the user has engaged in a violation of this code or,
  • A student or employee disciplinary body has determined that the user has engaged in a violation of the code.
For minor first-time violations the expectation is that a warning will be sufficient. For repeat violations temporary or permanent denial of access to or suspension of computing or network services will be considered.

5.3. Disciplinary Action

Violations of the ISU Code of Computer Ethics and Acceptable Use policy may be referred for disciplinary action as outlined in the Student Disciplinary Regulations and applicable faculty and staff handbooks or collective bargaining agreement.

Computer Issues

COMPUTER ETHICS ISSUES

Computer Crime 

Every society much make decisions on how to handle crime. In most cultures a judicial system is established. The difficulty with computer crime is it extends country boundaries and is also a topic that is subject to heavy political debate. The first issue is that of finding criminal activity. The easiest method would be a big brother approach were every computer connected to a network would be monitored for illegal activity. This could also be done in a networked approach, where each Internet Service Provider (ISP) would watch their own users and the report potentially criminal behavior to authorities. In the United State, the FBI is trying to standardize this process through their Carnivoire project. The ethical dilemma is that these monitoring techniques invade personal privacy while on the Internet. A system should be established that will allow people there right to privacy and free assembly while dampening the amount of criminal activity that exists today on the Internet.
 
Types of Computer Crime 

Typically, computer crime can be categorized by the type of activity which occurs.  Four basic categories are utilized in describing computer crime.  These are:  theft, fraud, copyright infringement, and attacks.

 1. Theft.  Theft in computer crime may refer to either unauthorized removal of physical items such as hardware or unauthorized removal or copying of data or information.    It is well known that laptop computers are targeted at airports and restaurants.  The prize garnered with theft of a laptop is usually the data or information such as passwords for corporate systems contained on the laptops rather than the hardware.

 2. Fraud.  Fraud on the Internet may run the gamut from credit card offers which are utilized only
to capture personal information, to investor postings which promote a stock or investment offer
to encourage investment which will benefit the person posting the information, to medical and
pharmaceutical -related sites which purport to provide correct medical advice or sell altered
medications.


 3. Copyright infringement.  The Internet has provided a unique opportunity and environment for copyright infringement.  This type of computer crime encompasses use of software, music, etc which is not appropriately acquired ( purchased).  Software piracy occurs more easily with the ability to post files for downloading all over the world.  However, another more costly copyright infringement occurs when trademarks and logos of corporations are posted on non-authorized web sites.  Some criminals utilize the trademarks and logos to appear to be a legitimate site to perpetrate fraud.  Many corporations have employees or consulting contractors who constantly crawl the web to sniff out illegal usage of trademarks and logos.

 4. Attacks on organizations and individuals.  Attacks on organizational information systems may be either physical or logical.  There are several instances of web sites, products, and individuals
being libeled or attacked by individuals or groups.  One of the classic examples was the attack on Proctor and Gamble as an occult organization.  AOL and other ISPs cooperate fully with criminal justice systems to reveal identities of those deploying web sites of question.


Denial of Service Attacks (DoS) target specific web sites and associated servers.  Some of the newsworthy examples of DoS during 2000 - 2001 have occurred at Microsoft.com, eBay.com, and Amazon.com.  Web servers and connections can only handle so much traffic so Denial of Service (DoS) usually take the form of one of two ways:
 - Coordinated attack (typically from unsuspecting desktops) to a particular IP address or
    URL requesting a page - overwhelms server and DoS occurs
 - Attack sends incomplete packets so that traffic gets jammed with requests for re-send.

In this era of computer "viruses" and international spying by "hackers" who are thousands of miles away, it is clear that computer security is a topic of concern in the field of Computer Ethics. The problem is not so much the physical security of the hardware (protecting it from theft, fire, flood, etc.), but rather "logical security", which Spafford, Heaphy and Ferbrache divide into five aspects: 
 1.  Privacy and confidentiality
 2.  Integrity -- assuring that data and programs are not modified without proper
      authority
 3.  Unimpaired service
 4.  Consistency -- ensuring that the data and behavior we see today will be the same
      tomorrow
 5.  Controlling access to resources


Malicious kinds of software, or "programmed threats", provide a significant challenge to computer security. These include "
viruses", which cannot run on their own, but rather are inserted into other computer programs; "worms" which can move from machine to machine across networks, and may have parts of themselves running on different machines; "Trojan horses" which appear to be one sort of program, but actually are doing damage behind the scenes; "logic bombs" which check for particular conditions and then execute when those conditions arise; and "bacteria" or "rabbits" which multiply rapidly and fill up the computer's memory.

MALWARE 

There are several classes of activities which may also harm information systems and supporting technology.  These activities may result in criminal charges depending upon the circumstances and impact on information systems.  Currently, these activities fall within classes of viruses, worms, Trojan Horse, time bomb, logic bomb, and trapdoors.

1. Viruses.  A virus is a program with intent to harm or render a computer system useless.  The virus method of attack is to attach itself to specific files such as data files.  It is not a free standing program.  It copies itself when the infected file is executed.


A virus can damage data, delete files, erase your hard drive, or just cause annoying screen displays or sounds.  Viruses may hide within macros of Word or Excel documents.  Some viruses are programmed to trigger execution on a particular date or time.  Viruses do not cause hardware damage.  Viruses spread from file to file.  There are thousands of documented viruses!!!!  Some recent examples of viruses include the Melissa, Chernobyl, and Michelangelo.


Most virus protection software provides monthly updates to ensure that the computer system is covered from recent virus discoveries.  Two of the more popular versions of virus protection include Norton (Symantec) and Mc Afee.


2. Worms.  Worms are another destructive program designed to create instability information systems and supporting technology.  Worms differ from viruses in that a worm is a free standing program.  A worm executes on its own functionality.  Worms spread from computer system to computer system rather than from file to file.
Examples of notorious worms include the July and August, 2001 attack of CODE RED on IIS servers.  IIS (Internet Information Services) is part of the Microsoft Windows Server operating system which provides internet connectivity.  Servers including federal government web sites, Qwest DSL servers, and other corporate or governmental sites were hit.


A worm can reply to e-mails while attaching itself to the e-mail; can destroy File Allocation System (FAT) on Windows systems and other similar attacks on other files systems on hard drives.  Because worms are free standing, they can spread on their own and do not require  human intervention to spread.  Thus, in some ways, worms are more lethal than viruses.


3. Trojan Horse.  This software derives its name from the Greek mythology depicting war activity between the Greeks and Trojans of Troy.  The Greeks pretended to depart the besieged Troy but left behind a giant wooden horse as a “gift”.  The Trojans brought the horse within the gates of Troy and Greek warriors were hidden in the horse.  The Greek warriors then captured Troy. Therefore, the Trojan Horse appears to have one function but in reality does something else.

Pornography or porn is the portrayal of explicit sexual subject matter for the purposes of sexual excitement and erotic satisfaction. It is rampant within society. It is an epidemic that is damaging the lives of young people, destroying marriages, producing false views of sex and beauty, and degrading women. The pornography industry has increased rapidly, and its increased availability has weakened moral and public standards that have traditionally stood opposed to pornography. The combination of the weakening moral standard and the increased availability has caused its effects to become even more widespread, making proper teaching about pornography a necessity.


HACKER 

Introduction
Unlike most computer crime / misuse areas which are clear cut in terms of actions and legalities (e.g. software piracy), computer hacking is more difficult to define. Computer hacking always involves some degree of infringement on the privacy of others or damage to computer-based property such as files, web pages or software. The impact of computer hacking varies from simply being simply invasive and annoying to illegal. There is an aura of mystery that surrounds hacking,and a prestige that accompanies being part of a relatively "elite" group of individuals who possess technological savvy and are willing to take the risks required to become a true "hacker". An interesting alternative view of how hackers positively impact areas such as software development and hacker ideology is presented in Technology and Pleasure: Considering Hacking Constructive.
Even attempting to define the term "hacker" is difficult. Perhaps the premiere WWW resource in introducing individuals to hacking is the The New Hacker's Dictionary (http://www.logophilia.com/jargon/jargon_toc.html), a resource which encompasses everything from hacker slang, jargon, hacker folklore, writing style and speech to general appearance, dress, education and personality characteristics. According to The New Hacker's Dictionary, a hacker can be defined as:
  1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
  2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.
  3. A person capable of appreciating hack value.
  4. A person who is good at programming quickly.
  5. An expert at a particular program, or one who frequently does work using it or on it.
  6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.
  7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.
  8. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. Hence 'password hacker', 'network hacker'. The correct term for this sense is cracker.
Even within hacker society, the definitions range from societally very positive (dare I say characteristic of gifted and talented individuals) to criminal. In his book, "Fighting Computer Crime: A New Framework for Protecting Information" (1998), Donn B. Parker lists two basic principles hacker live by:
  1. The belief that information sharing is a powerful good and that it is the ethical duty of hackers to share their expertise by writing free software and facilitating access to information and to computing resources whenever possible.
  2. The belief that system cracking for fun and exploitation is ethically OK as long as the cracker commits no theft, vandalism or breach of confidentiality.
Parker differentiates between benign and malicious hackers based on whether damage is performed, though in reality all hacking involves intrusion and a disregard for the efforts, works and property of others.

Issues
A number of issues arise in considering hacking from the educator perspective. First, we need to consider the fact that the public perception of hackers is mixed, and that "hacking" and "being considered a hacker" can be quite appealing to students who are going through developmental periods in which they are defining themselves, as well as challenging authority and rules. There is often a Robin Hood mentality to early actions, though it is unclear exactly who "the poor" are, and how they are "being compensated". Second, the anonymity of actions which hackers perform against others often enhances the severity of actions. For example, an adolescent who would never consider picking someone's pocket or physically damaging someone else's property or home, might be quite willing to steal people's credit card numbers or destroy poorly protected business or government files, since files and credit card numbers are not tangible entities, and the damage is done anonymously.
The media often presents these individuals in a glamorous light. Adolescents may fantasize about their degree of technological skills and, lacking the social skills required to be accepted well by others, move online in search of those who profess to have technological skills the students desire. A simple search using the term "hacker" with any search engine results in hundreds of links to illegal serial numbers, ways to download and pirate commercial software, etc. Showing this information off to others may result in the students being considered a "hacker" by their less technologically savvy friends, further reinforcing antisocial behavior. In some cases, individuals move on to programming and destruction of other individuals programs through the writing of computer viruses and Trojan horses, programs which include computer instructions to execute a hacker's attack. If individuals can successfully enter computers via a network, they may be able to impersonate an individual with high level security clearance access to files, modifying or deleting them or introducing computer viruses or Trojan horses. As hackers become more sophisticated,they may begin using sniffers to steal large amounts of confidential information, become involved in burglary of technical manuals, larceny or espionage.

Ways to Minimize Potential for Hacking
There are a number of ways for schools to minimize potential for hacking.
  1. Schools need to clearly establish acceptable use policies and delineate appropriate and inappropriate actions to both students and staff.
  2. Students and staff need to instructed regarding hacking, the mentality associated with it, the consequences of various hacking actions and possible consequences of interacting and forming online relationships with anonymous individuals who claim to be proficient in invading others' privacy.
  3. The use of filters may be considered in reducing access to unauthorized software serial numbers and hacking-related materials, newsgroups, chatrooms and hacking organizations.
  4. Teachers need to be aware of student activities in the computer labs and pay special attention to things they hear in terms of hacking behavior.
Many schools have taken intiative in having teachers work with technology-oriented students who exhibit many of the characteristics which may eventually lead to hacking-type behaviors. Recent web-based activities and competitions, including ThinkQuest, Web to the Edge and ExploraVision, are outstanding opportunities for these and other technologically oriented students to utilize their interests, energies and abilities in a postive way.

Computer addiction


Computer addiction refers to the excessive amounts of time spent on the computer. The preoccupation can cause problems with relationships and even with work performance. The time spent on the computer does not refer to work-related activities.


The list of signs and symptoms mentioned in various sources for Computer addiction includes the 12 symptoms listed below:
 1. Anxiety if access to computer denied
 2. Persistent need to spend excessive amount of time on the computer
 3. Neglecting other duties in order to spend time on the computer
 4. Forgoing social activities in order to spend time on the computer
 5. Neglecting family relationships in order to spend time on the computer
 6. Compulsive need to spend time on the computer
 7. Feeling empty when not at the computer
 8. Feeling irritable when not at the computer
 9. Feeling depressed when not at the computer
 10. Lying to other people about amount of time spent on the computer
 11. Social isolation
 12. Withdrawing from other pleasurable activities

ORDINANCES AND INTERNATIONAL LAWS

CITY ORDINANCES

CITY ORDINANCE IN MANILA

SECTION 1. It is hereby declared the policy of the City Government of Manila to bring
order to the operation of commercial establishments involved in certain computer-aided
and electronic endeavors in the course of affirming the general welfare under Section 16
and 458(a) of Republic Act Number 7160, otherwise known as the Local Government
Code, by guiding them away from certain forms of entertainment which are potentially
detrimental to their intellectual and moral well-being that may lead to truancy.

 SECTION 2. As used in this Ordinance, the terms-

 a)   “Interactive Entertainment Shops” shall refer to the following establishments
      in  existence  that  other  interactive  entertainment,  whether  or  not  in
      combination with other commercial undertakings:
 1.  Computer rental Centers;
 2.  Internet Cafes;
 3.  Video Game Arcades; and
 4.  Other business establishments offering similar services that are and may hereafter be created 
 b)   “Interactive Entertainment” shall refer to video games, web browsing, and over-the-internet communication
 c)   “Computer Rental Center” shall refer to any establishment engaged in the       business of renting out more than one micro-computer (generally known as personal computer), videogame console and other similar gaming platform
 
d) “Internet café” shall refer to any establishment basically offering over-the-
      internet communication and interactive entertainment combined with coffee or
     
refreshments in a snack-bar environment
 e)   “Videogame Arcade” shall refer to any establishment engaged in the business
      offering arcade video games utilizing dedicated game machines other than
      conventional game systems
 f)   “Video Games” shall refer to PC games, console games, and arcade games
 g) “Videogame Consoles” shall refer to a specifically- designed set top
 h) “Over-the-Internet Communication shall refer to any online communication, whether real-time or otherwise, utilizing computer terminals with the aid of video and/or audio connection, available in establishments enumerated in Paragraph ‘a’ hereof, which are deemed Over-the-internet Communication Shops, and shall include, but are not limited, to the following services: 
1.  Electronic Mail (or E-mail)
2.  Instant messaging
3.  Online Forum
 i)    “Class Hours” shall refer to the required time period for classes in any given school day that has to be attended to by the student as prescribed by his/her       school
 j)    “Out-of-school minor” shall refer to any youngster, below eighteen (18) years
      of age, who is not enrolled in any elementary or high-school institution or
      otherwise without any proof of schooling

 SECTION 3. The following prohibition shall be strictly complied with relative to the operation of computer rental centers, internet cafes and videogame arcades within the City of Manila:

 a)   No student belonging to the elementary and high school levels shall have access to any form of video games or be allowed entry to any computer rental center, internet café or videogame arcade for no definite purpose during class  hours from Monday to Friday of any given week, unless any such day fails on a legal holiday, or otherwise during the period of conclusion of the school year or the suspension thereof. In order to obtain access, such student shall show  proof  of  exemption  as  reflected  in  the  identification  card,
registration/enrollment  papers  and/or  original  copy  of  the  weekly  class schedule duly issued by the office of the school principal and attested by the class adviser.
 b)   Elementary and high school students shall be allowed to make use of the Internet:   provided, however, that such use shall solely be for educational and/or wholesome browsing and research purposes and under the supervision of the computer rental center or the Café’s manager or staff.
 c)   Elementary and high-school students shall be allowed to gain access to over-the internet communication: provided however, that such access shall solely be for wholesome communication purposes and under the supervision of the computer rental center or the Café’s manager or staff.
 d)   Out-of-School minors shall be allowed to gain access to any interactive entertainment and communications on any given day of the week; provided, however, that such access be limited to wholesome use and under the supervision of the computer rental center or the Café’s manager or staff; provided, further, that the same shall be without prejudice to the provisions of  Subsections ‘e’ and ‘f’ hereof.
 e)   In no case shall pornography or on-line gambling be allowed to any customer. For this purpose, a prohibitive sign with the words “NO PHORNOGRAPHY AND GAMBLING ALLOWED” boldly printed thereon shall be posted at the upper portion of every computer monitor. 
 f)   In all instance where access to computers rental centers, internet cafes and videogame arcades is allowed under the preceding subsections, the same shall  in no case last beyond 10:00 p.m. of any given day, except when accompanied by a parent, adult family member or guardian during curfew hours. 

 SECTION   4.  For  the  implementation  of  Section            3  of  this  Ordinance,  all owners/proprietors and staff of computer rental centers, internet cafes and videogame arcades shall: 
 a)  Positively determine the presence of elementary and high school students by their uniforms or similar clothing, identification cards, study materials and other similar items as well as their familiarity of regular customers. The physical  features  of  out-of-school  minors  shall  qualify  for  prohibition purposes. 
 b)  Provide transparency on the frontage of such establishments as well as adequate standard lighting of the interior premises to allow unimpeded outside view.
 c)  Program, activate or otherwise install a security system on all computer terminals or networks to prevent any access to pornographic sites or on-line gambling,

 SECTION 5. Upon the approval of this Ordinance, the Office of the City Mayor or any of its  duly  authorized  representative  departments/bureaus  shall  conduct  random, unannounced inspection on all establishments herein mentioned to ascertain compliance with the provisions of this Ordinance. Upon written complaint, the Manila Police or the Punong Barangay or his duly appointed official having territorial jurisdiction over such establishments/s shall conduct their own investigation to verify the fact of any violation. 

 SECTION 6. The Office of the Mayor shall formulate the necessary rules and guidelines for the efficient implementation of this Ordinance.

 SECTION 7. Any owner/proprietor of any interactive entertainment and communication
shop who violates or causes the violation of this Ordinance shall be punished as follows:
 a)  For the first Offense- a fine of One Thousand Pesos (P1,000.00)
 b)  For the Second Offense- a fine of Three Thousand Pesos (P3,000.00), or an imprisonment for a period not exceeding six (6) months, or both in the discretion of the court, including the suspension of the business permit; and 
 c)  For the Third and Subsequent Offenses-   a fine of Five Thousand Pesos (P5,000.00), or an imprisonment for a period of the court, including the revocation of the business permit. 














CFAA-Computer Fraud and Abuse Act - 1986 It is a felony : 
  • to commit unauthorized access to a Federal computer system with the intent to steal or commit fraud or inflict malicious damage.
It is a misdemeanor: 
  • to traffic in passswords.
(enforced by Secret Service or other authorized federal agency)  Electronic Communications Privacy Act -1986 
specifies which electronic communications are private and prohibits the unauthorized access to and disclosure of private communications. 
CDA-Communications Decency Act - 1996 
It a felony to transmit obscene or offensive material over the Internet.  This Act was challenged by the ACLU and the challenge was upheld.  The CDA was overturned in 1997. 
Web Copyright Law - 1997
An infringement of someone's copyright protected property valued at least $1000 can be prosecuted even if there is no profic from the crime.  The penalty can be from $100,000 to $250,000.  A jail term of up to 3 years may be imposed if the infringement is for a violation of property valued at over $2,500.00.  For a second offense, the violator could get 6 years in prison. 
COPA - Child Online Protection Act - 1998
 makes it a federal crime (penalties up to $50,000 per violation and a sentence of up to 6 months in jail) to transmit material that is harmful to children over the Internet for commercial purposes.  This act is being challenged in Federal Court as a violation of the First Amendment. 
 
Digital Millennium Copyright Act - October 28, 1998
sets new rules for downloading, sharing, and viewing copyrighted material online. It also sets new safeguards for software, music, and written works on the Internet, and outlaws technologies that  crack copyright protection. The penalty can be up to $2,500 per act of circumvention. 
Virginia Computer Crimes Act
It is a felony: 
  • to use a computer to commit fraud
  • to maliciously access a computer without authorization and damage, copy, or remove files. 
It is a misdemeanor: 
  • to use a computer to examine private files without authorization
SAFE  - 1999
The House Judiciary Committee approved the Safety and Freedom through Encryption (SAFE) Act of 1999 (H. R. 850) on March 24. The legislation would relax U.S. export controls on encryption, but contains a controversial provision that creates a new federal crime for the use of encryption to conceal criminal conduct.  The legislation, introduced by Rep. Bob Goodlatte (R-Va.), would give U. S. citizens the right to choose any type of encryption to protect their confidential information and prohibits the government from requiring a key to U.S. consumers' computer systems.  Update as of July 13, 1999 - On July 13, 1999,  the House International Relations Committee passed the Security And Freedom through Encryption (SAFE) Act, sponsored by Bob Goodlatte, by a vote of 33 to 5.  Now it needs to go to the House of Representatives for a vote. 

REPUBLIC ACTS OF PHILIPPINES


 Republic Act 9775  was authored by Rep. Darlene Antonino-Custudio, Rene Velarde, Datu Arroyo, Narcisco Santiago.
“The La Salle researchers praise Republic Act 9775 for its intentions. But it identifies areas where “sneaking surveillance and filtering” could happen against the moral aims of the law. ___The Anti-Child Pornography Law is a landmark legislation which seeks to criminalize the following: the production of Child Pornography, including of computer graphics, cell phones or other ICTs; the publication, transmission, selling, distribution, broadcasting, exporting, and importing of Child Pornography; and the possession or access to any Child Pornography with or without the intent to publish.

Republic Act 9775: Need to balance morality issues with human rights

Categorically, the law provides major responsibilities to Internet Service Providers (ISPs) to conduct filtering of websites that may be subject to Child Pornography. Section 9 of the law states: “All Internet service providers (ISPs) shall notify the Philippine National Police (PNP) or National Bureau of Investigation (NBI) within seven (7) days from obtaining facts and circumstances that any form of child pornography is being committed using its server or facility . . . furthermore, an ISP shall preserve such evidence for purposes of investigation and prosecution by relevant authorities . . .”
The newly enacted Republic Act 9775, the Anti-Child Pornography Law, could be misused or even abused to curb Filipinos’ right to use the Internet and deprive them of other civil liberties. This is the carefully weighed warning made by scholars at De La Salle University’s Institute of Governance, who have made urgent policy recommendations that must be considered by those drafting R.A. 9775’s implementing rules and regulations.

The La Salle Institute of Governance (LSIG) released the findings of the research project on January 15. R.A. 9775, a consolidation of a House and a Senate bill, was passed on October 13 and signed by President Gloria Arroyo on November 17.


The law creates an “Inter-Agency Council Against Child Pornography led by the Department of Social Welfare and Development, with a membership composed of the heads of the Department of Justice, Department of Labor and Employment, Department of Science and Technology, Philippine National Police, Commission on Human Rights, Commission on Information and Communication Technology, National Telecommunications Commission, Council for the Welfare of Children, Philippine Center on Transnational Crime, Optical Media Board and National Bureau of Investigation” and include representatives from child-focused nongovernment organizations.


The Council is tasked by the law to “promulgate the implementing rules and regulation within 90 days of the effectivity” of Act. This means R.A. 9775’s IRR must be promulgated by February 17. Those who are drafting the IRR would benefit from the LSIG study “Patrolling the Internet: Mapping the Policy Terrain.” We in The Manila Times believe the experts drafting the IRR should heed its recommendations.


Groups concerned with the protection of children, foremost of which is PREDA, headed by a Times columnist, Fr. Shay Cullen, praise the law.


Fr. Shay says R.A. 9775 is “the first major step forward in protecting children from being sexually exploited through the making and distribution of images of them being sexually abused. The law is hard hitting and among other things prohibits the possession, making, distribution, display, and the attempt to access or transmit on the internet or by cell phone any illegal images depicting sexual activity with or of children or their private parts.”


It is, says Fr. Shay, “one of the few pieces of anti-child pornography legislation in the world that requires by law Internet Server Providers [ISPs] to install filtering software that will block access to web sites though the Internet that contains illegal images of children as defined under the act.”


The La Salle study shows that in many countries, like
Britain and many others in Western Europe, ISPs do use filtering software voluntarily.

In addition, “all operators and business establishments have to know and report to the police within seven days any violation of the act in their premises.”


The law strictly outlaws any attempt to knowingly access with reasonable knowledge any child pornography with or without the intent to publish, sell, distribute or broadcast the images.


Under R.A. 9775 the Internet Service Providers must reveal, when asked by the police, the identities of the offenders—their clients trying to access child pornography over the Internet through their servers.


Many ISPs and the association of Internet cafes (see separate story “Internet cafes question law’s provisions”) oppose the required installation of filters and the imposition of the duty to monitor—or spy on—and report child-porno addicts. As the LSIG study documents it, some industry people see this provision of the law as an invasion of privacy and a form of censorship.


The
La Salle study tells us of a scenario, brought up at a roundtable held for the research study by Wynthrop Yu, chair of the Philippine Internet Commerce Society, in which a person’s name is on the “blacklist” submitted by the ISP. That person only wound up visiting the porno website for something else—not the
porno—or in error. But the government agents are now justified to do surveillance on the person’s usage of the Internet and perhaps of other matters about him.

While generally in favor of throwing out pornography, especially child pornography, from the Internet, the authors of the La Salle study recommend that the authorities must carefully balance morality issues with human-rights protection.

We believe this is an extremely valid point, especially remembering that in our country anti-communist and anti-dissident police and military groups have violated human rights to the point of murder… By Rene Bass





Republic of the Philippines
Congress of the Philippines

Metro Manila
Twelfth Congress
Third Regular Session


Begun and held in Metro Manila, on Monday, the twenty-eight day of July, two thousand three.
Republic Act No. 9292             April 17, 2004
AN ACT PROVIDING FOR A MORE RESPONSIVE AND COMPREHENSIVE REGULATION FOR THE REGISTRATION, LICENSING AND PRACTICE OF PROFESSIONAL ELECTRONICS ENGINEERS, ELECTRONICS ENGINEERS AND ELECTRONICS TECHNICIANS, REPEALING REPUBLIC ACT NO. 5734, OTHERWISE KNOWN AS THE "ELECTRONICS AND COMMUNICATIONS ENGINEERING ACT OF THE PHILIPPINES", AND FOR OTHER PURPOSES
Be it enacted by the Senate and House of Representatives of the Philippines in Congress assembled:
ARTICLE I
GENERAL PROVISIONS
Section 1. Short Title. - This Act shall be known as the "Electronics Engineering Law of 2004".
Section 2. Statement of Policy. - The State recognizes the importance of electronics engineering in nation-building and development. The State shall therefore develop and nurture competent, virtuous, productive and well-rounded Professional Electronics Engineers, Electronics Engineers and Electronics Technicians whose standards of practice and service shall be excellent, qualitative, world-class and globally competitive through inviolable, honest, effective and credible licensure examinations and through regulatory measures, programs and activities that foster their integrity, continuing professional education, development and growth.
Section 3. Definition and Interpretation of Terms. - As used in this Act, the following terms shall mean:


(a) Electronics - the science dealing with the development and application of devices and systems involving the flow of electrons or other carriers of electric charge, in a vacuum, in gaseous media, in plasma, in semiconductors, in solid-state and/or in similar devices, including, but not limited to, applications involving optical, electromagnetic and other energy forms when transduced or converted into electronic signals.
(b) Professional Electronics Engineer - a person who is qualified to hold himself/herself out as a duly registered/licensed Professional Electronics Engineer under this Act and to affix to his/her name the letters "PECE".
(c) Electronics Engineer - a person who is qualified to hold himself/herself out as a duly registered/licensed Electronics Engineer under this Act and to affix to his/her name the letters "ECE".
(d) Electronics Technician - a person who is qualified to hold himself/herself out as a duly registered/licensed Electronics Technician under this Act and to affix to his/her name the letters "ECT".
(e) Electronics and Communications Engineer - a person who is qualified to hold himself/herself out as a duly-registered/licensed Electronics and Communications Engineer under Republic Act No. 5734.
(f) Computer - any of a variety of electronic devices that is capable of accepting data, programs and/or instructions, executing the programs and/or instructions to process the data and presenting the results.
(g) Information and Communications Technology - the acquisition, production, transformation, storage and transmission/reception of data and information by electronic means in forms such as vocal, pictorial, textual, numeric or the like; also refers to the theoretical and practical applications and processes utilizing such data and information.
(h) Communications - the process of sending and/or receiving information, data, signals and/or messages between two (2) or more points by radio, cable, optical wave guides or other devices and wired or wireless medium
(i) Telecommunications - any transmission, emission or reception of voice, data, electronic messages, text, written or printed matter, fixed or moving pictures or images, words, music or visible or audible signals or sounds, or any information, intelligence and/or control signals of any design/format and for any purpose, by wire, radio, spectral, visual/optical/light, or other electronic, electromagnetic and technological means.
(j) Broadcast, Broadcasting - an undertaking the object of which is to transmit audio, video, text, images or other signals or messages for reception of a broad audience in a geographical area via wired or wireless means.
(k) Industrial Plant - includes all manufacturing establishments and other business endeavors where electronic or electronically-controlled machinery or equipment are installed and/or are being used, sold, maintained, assembled, manufactured or operated.
(l) Commercial Establishment - shall include but not be limited to office buildings, hotels, motels, hospitals, condominiums, stores, apartments, supermarkets, schools, studios, stadia, parking areas, memorial chapels/parks, watercraft and aircraft used for business or profit, and any other building/s or area/s for business purposes, where electronic or electronically-controlled machinery or equipment are installed and/or are being used, sold, maintained, assembled, manufactured or operated.
(m) Consulting Services - as used in this Act, shall include services requiring adequate technical expertise, experience and professional capability in undertaking advisory and review, pre-investment or feasibility studies, design, planning, construction, supervision, management and related services, and other technical studies or special studies in the field of electronics engineering.
(n) Accredited Professional Organization - the integrated and accredited national organization of Professional Electronics Engineers, Electronics Engineers and Electronics Technicians.

Section 4. Categories of Practice. - The following shall be the engineering and technician categories covered by this Act:


(a) Professional Electronics Engineer (PECE)
(b) Electronics Engineer (ECE)
(c) Electronics Technician (ECT)

Section 5. Nature and Scope of Practice of Electronics Engineering and Electronics Technician Professions.


(a) The scope and nature of practice of the Electronics Engineer shall embrace and consist of any work or activity relating to the application of engineering sciences and/or principles to the investigation, analysis, synthesis, planning, design, specification, research and development, provision, procurement, marketing and sales, manufacture and production, construction and installation, tests/measurements/control, operation, repair, servicing, technical support and maintenance of electronic components, devices, products, apparatus, instruments, equipment, systems, networks, operations and processes in the fields of electronics, including communications and/or telecommunications, information and communications technology (ICT), computers and their networking and hardware/firmware/software development and applications, broadcast/broadcasting, cable and wireless television, consumer and industrial electronics, electro-optics/photonics/opto-electronics, electro-magnetics, avionics, aerospace, navigational and military applications, medical electronics, robotics, cybernetics, biometrics and all other related and convergent fields; it also includes the administration, management, supervision and regulatory aspects of such works and activities; similarly included are those teaching and training activities which develop the ability to use electronic engineering fundamentals and related advanced knowledge in electronics engineering, including lecturing and teaching of technical and professional subjects given in the electronics engineering and electronics technician curriculum and licensure examinations.
(b) The scope and nature of practice of the Professional Electronics Engineer shall embrace and consist of all of the above plus the sole authority to provide consulting services as defined in this Act and to sign and seal electronics plans, drawings, permit applications, specifications, reports and other technical documents prepared by himself/herself and/or under his direct supervision.
(c) The scope and nature of practice of the Electronics Technician profession shall embrace and consist of any non-engineering work or activity relating to the installation, construction, operation, control, tests and measurements, diagnosis, repair and maintenance, manufacture and production, sales and marketing of any electronic component/s, device/s, products, apparatus, instruments, equipment, system/s, network/s, operations and processes located on land, watercraft, aircraft, industrial plants or commercial establishments, including the teaching and training of technical and professional subjects given in the electronics technician curriculum and licensure examinations.

ARTICLE II
PROFESSIONAL REGULATORY BOARD OF ELECTRONICS ENGINEERING
Section 6. Composition of the Board. - There is hereby created a Professional Regulatory Board of Electronics Engineering, hereinafter referred to as the Board, under the administrative control and supervision of the Professional Regulation Commission, hereinafter referred to as the Commission, composed of a chairman and two (2) members who shall be appointed by the President of the Philippines from the three (3) recommendees per position chosen and ranked by the Commission, which recommendees shall in turn be chosen from the five (5) nominees for each position submitted by the accredited professional organization, in accordance with rules and regulations presently in existence or that may be promulgated for such purpose.
Section 7. Powers and Functions of the Board. - The Board is vested with the authority to:


(a) Administer/Implement the provisions of this Act;
(b) Administer oaths in connection with the administration of this Act;
(c) Adopt an official seal of the Board;
(d) Issue, suspend or revoke Certificates of Registration and accordingly the Professional Identification Cards of Professional Electronics Engineers, Electronics Engineers or Electronics Technicians, or otherwise suspend the holder thereof from the practice of his/her profession, for any justifiable cause and after due process;
(e) Maintain a roster of Professional Electronics Engineers, Electronics Engineers and Electronics Technicians;
(f) Issue, suspend and/or cancel special permits to foreign Professional Electronics Engineers, Electronics Engineers or Electronics Technicians in accordance with the provisions of this Act;
(g) Prescribe, amend or revise the requirements for licensing of Professional Electronics Engineers, and prepare, adopt and issue the syllabi of the subjects for the licensure examination for Electronics Engineers and Electronics Technicians, and prepare the questions therefore, in strict conformance with the scope of the syllabi;
(h) Adopt a program for the full computerization of the licensure examination;
(i) Grant registration without examination, subject to review and approval by the Commission, in accordance with the provisions of this Act;
(j) Study, examine and recommend, in coordination with the Commission on Higher Education (CHED) and the Technical Education and Skills Development Authority (TESDA), and in consultation with other concerned government entities and the accredited professional organization, the essential requirements as to curricula and facilities of schools, colleges or universities, seeking permission to open courses or programs or already offering courses or programs in electronics engineering, electronics technician and related courses or programs and to see to it that these requirements, including employment of qualified faculty members, are properly complied with: Provided, That within three (3) years after the effectivity of this Act, the Board shall, in coordination with CHED, TESDA, and in consultation with other concerned government entities and the accredited professional organization, review and define/re-define the curricula for electronics engineering, electronics technician and/or allied courses or programs for the purpose of re-aligning, revising and/or consolidating the same and/or otherwise defining the minimum requirements by means of which graduates of related or allied courses or programs can qualify to take the Electronics Engineer and Electronics Technician licensure examinations;
(k) Inspect educational institutions and based on their findings thereon, recommend to CHED and/or the TESDA and/or other government entities concerned with the granting of school permits or authorization, the opening, improvement/upgrading or closure of colleges or schools and universities offering electronics engineering and electronics technician courses or programs;
(l) Adopt and administer a Code of Ethics and a Code of Technical Standards of Practice for Professional Electronics Engineers, Electronics Engineers and Electronics Technicians in the Philippines;
(m) Promulgate rules and regulations on the scope of practice of Professional Electronics Engineers, Electronics Engineers and Electronics Technicians;
(n) Promulgate a program for continuing professional education and/or development of Professional Electronics Engineers, Electronics Engineers and Electronics Technicians;
(o) Prescribe the minimum manning and manpower requirements for Professional Electronics Engineers, Electronics Engineers and Electronics Technicians in industrial plants and commercial establishments for purposes of ensuring compliance with the provisions of this Act and all other ordinances, laws, rules and regulations that may be enacted hereinafter;
(p) Formulate, prescribe and adopt such rules and regulations for electronics installations in industrial plants, commercial establishments and other buildings or structures covered by the National Building Code of the Philippines, in coordination with the Department of Public Works and Highways (DPWH), other concerned agencies, representatives of industry and the Accredited Professional Organization;
(q) Study the conditions affecting the Professional Electronics Engineering, Electronics Engineering and Electronics Technician professions in the Philippines, and whenever necessary, exercise the powers conferred by this and other Acts, and adopt such measures as may be deemed proper for the enhancement and advancement of the professions and/or the maintenance of high professional, ethical and technical standards, and for this purpose, the Board may personally or through subordinate employees of the Commission or member/s of the Accredited Professional Organization, duly authorized by the Board and approved by the Commission, conduct ocular inspection or visit industrial plants and commercial establishments where Professional Electronics Engineers, Electronics Engineers and Electronics Technicians are employed for the purpose of determining compliance with the provisions of law relative thereto, in accordance with established policies promulgated by the Commission;
(r) Hear and decide violations of this Act, its implementing rules and regulations, the Code of Ethics and the Code of Technical Standards of Practice for the profession, and for this purpose, issue subpoena ad testificandum and/or subpoena duces tecum to secure attendance of witnesses and the production of documents in connection with the charges presented to and/or any investigation pending before the Board;
(s) Delegate the hearing or investigation of administrative cases filed before it to authorized officers of the Commission, except in cases where the issue involved strictly concerns the practice of the Professional Electronics Engineering, Electronics Engineering and Electronics Technician Professions, in which case the hearing shall be presided over by at least one (1) member of the Board assisted by a Legal or Hearing Officer of the Commission;
(t) Promulgate resolutions, orders and/or decisions on such administrative cases: Provided, That such resolutions, orders and/or decisions shall be subject to appeal within fifteen (15) days from receipt thereof with the Commission, which may affirm or reverse the same, dismiss the case, deny the appeal or remand the case to the Board for further action or proceeding: Provided, further, That if after fifteen (15) days from the receipt of such decision no appeal is taken therefrom to the Commission, the same shall become final and immediately enforceable;
(u) Submit an annual action plan and corresponding report at the beginning and close of each fiscal year on the activities, proceedings and accomplishments of the Board for the year, incorporating therein any recommendation to the Commission; and
(v) Discharge such other powers and functions as the Board and the Commission may deem necessary for the practice of the profession and the upgrading, enhancement, development and growth of the Professional Electronics Engineer, Electronics Engineer and Electronics Technician professions in the Philippines. Except those in administrative cases, all resolutions embodying rules and regulations and other policies and measures issued and/or promulgated by the Board shall be subject to the review and approval by the Commission.

Section 8. Qualifications of Board Members. - The chairman and members of the Board must possess the following qualifications at the time of their appointment:


(a) Be a citizen and a resident of the Philippines for at least five (5) consecutive years prior to his/her appointment;
(b) Be of good moral character and integrity;
(c) Be a holder of a valid Certificate of Registration and a valid Professional Identification Card as a Professional Electronics Engineer, duly qualified to practice as a Professional Engineer in the Philippines;
(d) Be a member of good standing of the Accredited Professional Organization;
(e) Be in active practice of the electronics engineering profession for at least ten (10) years prior to his appointment, either in self-practice, or employment in government service and/or in the private sector;
(f) Must not have any pecuniary interest, directly or indirectly, in any school, academy, college, university or institution conferring an academic degree and/or certification/accreditation necessary for admission to the practice of Electronics Engineering and/or Electronics Technician or where review classes in preparation for the licensure examination are being offered or conducted nor shall he/she be a member of the faculty or of the administration thereof prior to taking his/her oath of office; and
(g) Must not have been convicted of an offense involving moral turpitude.

Section 9. Term of Office. - The members of the Board shall hold office for a term of three (3) years from date of appointment or until their successors shall have been appointed and qualified and may be re-appointed once for another term. Any vacancy occurring within the term of a member shall be filled for the unexpired portion of the term only: Provided, That the member appointed to serve the unexpired term may be re-appointed more than once for as long as his/her continuous tenure shall not exceed six (6) years. Each member of the Board shall take the proper oath prior to the assumption of office.
Section 10. Compensation and Allowances of the Board. - The Chairman and members of the Board shall receive compensation and allowances comparable to that being received by the Chairman and members of existing regulatory boards under the Commission as provided for in the General Appropriations Act.
Section 11. Removal of Board Members. - The President of the Philippines, upon recommendation of the Commission, may suspend or remove any member of the Board for neglect of duty, incompetence, manipulation or rigging of the licensure examination results, disclosure of secret information or the examination questions prior to the conduct of the said examination, or tampering of the grades therein, for unprofessional or unethical conduct, or for any final judgment or conviction of any criminal offense by the Courts, after having given the member concerned an opportunity to be heard and/or to defend himself/herself in a proper administrative investigation.
Section 12. Custodian of Board Records, Secretariat and Support Services. - All records of the Board, including applications for examination, administrative cases involving Professional Electronics Engineers, Electronics Engineers and Electronics Technicians shall be kept by the Commission.
The Commission shall designate the Secretary of the Board and shall provide the secretariat and other support services to implement the provisions of this Act.
ARTICLE III
EXAMINATION, REGISTRATION AND LICENSURE
Section 13. Licensure Examination. - Except as otherwise specifically provided in this Act, all applicants seeking to be registered and licensed as Electronics Engineers and Electronics Technicians, shall undergo the required examinations to be given by the Board in such places and dates as the Commission may designate in accordance with the provisions of Republic Act No. 8981.
Section 14. Qualifications for Examinations. - In order to be allowed to take the examination for Electronics Engineer or Electronics Technician, an applicant must, at the time of the filing of his/her application, establish to the satisfaction of the Board that:


(a) He/She is a citizen of the Philippines or of a foreign country qualified to take the examination as provided for in Section 33 of this Act;
(b) He/She is of good moral character and had not been convicted by a court of law of a criminal offense involving moral turpitude;
(c) For the Electronics Engineering examinations, he/she is a holder of a degree of Bachelor of Science in Electronics and Communications Engineering or Electronics Engineering, or subject to compliance with minimum requirements to be prescribed by the Board, such equivalent and/or related engineering course or program from any school, institute, college, or university recognized by the Government or the State where it is established, after completing a resident collegiate course equivalent to that of a full baccalaureate degree;
(d) For the Electronics Technician examinations:


(1) is a graduate of an Associate, Technician, Trade or Vocational course in electronics or, subject to the evaluation of the Board, such equivalent and/or related formal or non-formal course or program from any school, college, university or training institution recognized by the Government or the State where it is established, after completing a resident course or program of not less than two (2) years, or
(2) has completed at least the minimum third-year equivalent of a Bachelor of Science program in Electronics and Communications Engineering or Electronics Engineering program according to CHED guidelines, or, subject to the evaluation of the Board such equivalent and/or related engineering course or program from any school, institute, college or university recognized by the Government or State where it is established;

Section 15. Scope of Examination for Electronics Engineers and Electronics Technicians. - The examination for Electronics Engineers shall consist of written tests which shall cover subjects prescribed by the Board but including at least the following: Mathematics, Applied Sciences, Engineering Economics, Laws and Ethics, Electronics, Communications, Computers, and Information and Communications Technology.
The examinations for Electronics Technician shall consist of written and/or practical tests covering subjects to be prescribed by the Board and shall cover subjects specific to the practice of Electronics Technicians.
As urgent and important need arises so as to conform to technological and modern changes, the Board may re-cluster, rearrange, modify, add to or exclude any subject and prescribe the number of final examination/s per year after approval by the Commission. The PRC Board resolution thereon shall be officially published in the Official Gazette or major daily newspapers of general circulation and also circularized and disseminated to all colleges.
Section 16. Ratings. - To pass the licensure examination, a candidate for Electronics Engineer or Electronics Technician must obtain a passing rating of seventy percent (70%) in each subject given during the examination: Provided, however, That a candidate who obtains a passing rating in the majority of the subjects but obtains a rating in the other subject/s below seventy percent (70%) but not lower than sixty percent (60%), shall be allowed to take one removal examination on the subject/s where he/she failed to obtain the passing rating: Provided, finally, That should the examinee fail to obtain a passing rating in the removal examination, he/she shall be considered as having failed the entire licensure examination.
Section 17. Release of the Results of Examination. - The Board and the Commission shall correct and rate the licensure examination papers and shall release the examination results within fifteen (15) days after the said examination.
Section 18. Qualifications and Schedule of Registration for Professional Electronics Engineer. - For application for registration as a Professional Electronics Engineer, the following shall be required:


(a) Valid Certificate of Registration and Professional Identification Card as Electronics Engineer;
(b) Valid/current membership identification card from the Accredited Professional Organization;
(c) Certified experience record of active self-practice and/or employment either in government service or in the private sector, in the format to be prescribed by the Board, indicating the inclusive dates, companies worked for, description of specific responsibilities, relevant accomplishments and name, position of immediate supervisors for a period of at least seven (7) years (inclusive and/or aggregate), at least two (2) years of which are in responsible charge of significant engineering work, from the date applicant took his/her oath as an Electronics and Communications Engineer or Electronics Engineer;
(d) Three (3) certifications signed by three (3) Professional Electronics Engineers attesting that the experience record submitted by the applicant is factual.

Applications for registration as Professional Electronics Engineer may be submitted anytime to the Commission. The Board shall then schedule an en banc oral interview of the applicant for the purpose of verifying, authenticating and assessing the submittals and establishing the competency of the applicant according to rules, regulations and competency standards to be formulated by the Board: Provided, That those who have been registered and licensed as Electronics and Communications Engineers under Republic Act No. 5734 for at least seven (7) years upon the effectivity of this Act need only to submit items (a), (b), and (c) above: Provided, further, That those who have been registered and licensed as Electronics and Communications Engineers under Republic Act No. 5734 for less than seven (7) years after the effectivity of this Act shall submit their certified experience records and certifications from three (3) Professional Electronics Engineers as in items (c) and (d) above, and submit to an en banc oral interview of the Board for competency assessment, upon passing of which he can be registered as a Professional Electronics Engineer.
Section 19. Issuance of the Certificate of Registration and Professional Identification Card. - A Certificate of Registration shall be issued to examinees who pass the Electronics Engineer and Electronics Technician licensure examination, to Electronics Engineers who are registered as Professional Electronics Engineers and to Electronics Technicians who are registered without examination, subject to payment of fees prescribed by the Commission. The Certificate of Registration shall bear the signature of the Chairperson and Members of the Board, stamped with the official seal of the Commission and the Board, indicating that the person named therein is entitled to practice the profession with all the privileges appurtenant thereto, subject to compliance with all applicable requirements. The said certificate shall remain in full force and effect until withdrawn, suspended or revoked in accordance with this Act.
A Professional Identification Card bearing the registration number, date of registration, duly signed by the Chairperson of the Commission, shall likewise be issued to every registrant who has paid the prescribed fee. This identification card will serve as evidence that the holder thereof is duly registered with the Commission.
Section 20. Registration without Examination for Electronics Technicians. -Within five (5) years after the effectivity of this Act, the Board shall issue Certificates of Registration and Professional Identification Cards without examination to applicants for registration as Electronics Technicians who shall present evidence or other proof satisfactory to the Board that:


(a) He/She is a graduate of at least a two-year Associate, Technician, Trade or Vocational course in Electronics as certified by the TESDA, or that he/she has completed at least the minimum third-year equivalent of a Bachelor's Degree of Science in Electronics and Communications Engineering or Electronics Engineering program according to CHED guidelines, or, subject to the evaluation of the Board, an equivalent and/or related formal or non-formal course or program from any school, institute, college, university or training institution recognized by the Government or the State where it is established, and
(b) He/She has rendered at least seven (7) years (inclusive or aggregate) of active self-practice and/or employment either in the Government or private sector, indicating therein his/her specific duties and responsibilities, relevant accomplishments, the complete names and addresses of clients and companies or persons worked for, as well as the names and positions of immediate superiors.

The above submittals shall be accompanied by a certification from at least three (3) registered Professional Electronics Engineers vouching for the integrity, technical capability and good moral character of the applicant.
Section 21. Non-issuance of a Certificate of Registration and/or Professional Identification Card for Certain Grounds. - The Board and/or the Commission shall not register and shall not issue a Certificate of Registration and Professional Identification Card to any person convicted by a court of competent jurisdiction of any crime involving moral turpitude, to any person of immoral or dishonorable conduct and to any person of unsound mind, furnishing the party concerned a written statement containing the reasons for such action, which statement shall be incorporated in the records of the Board.
Section 22. Professional Oath. - All successful examinees and all those who have qualified for registration without examination shall be required to take a professional oath before any member of the Board or any person authorized by the Commission before he/she can be registered and issued a Certificate of Registration and Professional Identification Card, and as a prerequisite to practicing as a Professional Electronics Engineer, Electronics Engineer or Electronics Technician.
Section 23. Revocation and Suspension of Certificate of Registration, Professional Identification Card and Cancellation of Special Permits. - The Board shall, upon proper notice and hearing, revoke or suspend the validity of a Certificate of Registration and accordingly the Professional Identification Card, or cancel a Special Permit granted under Section 26 herein, for any of the causes mentioned in the preceding sections, or for unprofessional or unethical conduct, malpractice, incompetence or any violation of this Act and its implementing rules and regulations, the Code of Ethics and the Code of Technical Standards of Practice, or where fraud, deceit, or false statement was found to have been employed in obtaining said Certificate of Registration, Professional Identification Card or Special Permit.
Section 24. Reinstatement, Re-issuance or Replacement of Certificate of Registration and Professional Identification Card. - The Board may, two (2) years after the revocation of a Certificate of Registration and Professional Identification Card, upon application and for reasons deemed proper and sufficient, reinstate the validity of a revoked Certificate of Registration and Professional Identification Card, subject to compliance with the applicable requirements of the Commission, and the Board: Provided, That he/she did not commit any illegal practice of the profession or any violation of this Act, its rules, codes and policies during the time that his/her Certificate of Registration and Professional Identification Card was revoked.
A new Certificate of Registration or Professional Identification Card to replace lost, destroyed, or mutilated certificate or registration card may be issued, subject to the rules promulgated by the Board and the Commission, upon payment of the required fees.
Section 25. Roster of Professional Electronics Engineers, Electronics Engineers and Electronics Technicians. - The Board shall prepare and maintain a roster of the names, residence and/or office address of all registered Professional Electronics Engineers, Electronics Engineers and Electronics Technicians, which shall be updated annually in cooperation with the Accredited Professional Organization, indicating therein the status of the Certificate of Registration, Professional Identification Card and membership in the Accredited Professional Organization of the professional, whether valid, inactive due to death or other reasons, delinquent, suspended or revoked. The said roster shall be conspicuously posted within the premises of the Commission and the information therefrom made available to the public upon inquiry or request.
Section 26. Exemptions from Examination and Registration. - No examination and registration shall be required for foreign Professional Electronics Engineers, Electronics Engineers or Electronics Technicians who are temporarily employed by the Philippine Government or by private firms in the Philippines in the following cases:


(a) Where no qualified equivalent Filipino professional is available for the specific item of work to be rendered, as attested to by the Accredited Professional Organization;
(b) Where the conditions of the scope and funding for the work or project are such that it stipulates the temporary employment of a foreign professional;
(c) As defined in the General Agreement on Trade in Services, the ASEAN and APEC Engineer Registry programs and other similar international treaties, agreements and/or covenants to which the Philippine Government is a signatory and has ratified: Provided, however, That:


(1) The said foreign professional is legally qualified to practice his/her profession in his/her own country in which the requirements for licensing and registration are not lower than those specified in this Act;
(2) The work to be performed by said foreign professional shall be limited only to the particular work or project for which he/she was specifically contracted;
(3) Prior to commencing the work, the foreign professional shall secure a Special Permit from the Board, which shall be subject to the approval of the Commission; Provided, That no working visa and/or permit shall be issued by concerned government agencies unless such Special Permit has been granted first;
(4) The same foreign professional shall not engage in private practice on his/her own account;
(5) For every foreign professional contracted for the work or project, at least two (2) corresponding Filipino professionals who are registered under this Act shall be employed as counterparts by the Philippine Government or the private firm utilizing the services of such foreign professional for at least the same duration of time as the foreigner's tenure of work; and
(6) The Special Permit herein granted shall be valid only for a period of not more than six (6) months and renewable every six (6) months thereafter subject to the discretion of the Board and the approval of the Commission: Provided, That said permit shall cease to be valid if the foreigner terminates his/her employment in the work or project for which said permit was originally granted and thereafter engages in an occupation that requires another Special Permit or registration under this Act.

ARTICLE IV
PRACTICE OF PROFESSIONAL ELECTRONICS ENGINEERING, ELECTRONICS ENGINEERING AND ELECTRONICS TECHNICIANS
Section 27. Practice of the Profession. - No person shall offer himself/herself in the Philippines as, or use the title "Professional Electronics Engineer", "Electronics Engineer" or "Electronics Technician", as defined in this Act, or use any word, letter figure, or sign whatsoever, tending to convey the impression that he/she is a Professional Electronics Engineer, Electronics Engineer or Electronics Technician, or advertise that he/she is qualified to perform the work of a Professional Electronics Engineer, Electronics Engineer or Electronics Technician, without holding a valid Certificate of Registration and a valid Professional Identification Card in accordance with this Act, except as provided under Section 26 hereof.
Section 28. Prohibitions and Limitations on the Practice of Electronics Engineering and Electronics Technician Profession. - Unless otherwise prescribed by any supervening law, the practice of electronics engineering and electronics technician shall be a professional service, admission to which must be determined on the basis of the individual's personal qualifications. Hence, no firm, company, partnership, association or corporation may be registered or licensed as such for the practice of electronics engineering and electronics technician. However, persons properly registered and licensed as Professional Electronics Engineers, Electronics Engineers or Electronics Technicians may, among themselves or with any other allied professionals, form a partnership or association or corporation and collectively render services as such: Provided, That individual members of such partnerships or associations or corporations shall be responsible for their own respective acts.
Section 29. Seal of the Professional Electronics Engineers. - All licensed Professional Electronics Engineers shall obtain and use a seal of a design prescribed by the Board bearing the registrant's name, registration number and title. Plans, drawings, permit applications, specifications, reports and other technical documents prepared by and/or executed under the supervision of, and issued by the Professional Electronics Engineer shall be stamped on every sheet/page with said seal, indicating therein his/her current Professional Tax Receipt (PTR) number, date/place of payment and current membership number in the Accredited Professional Organization, when filed with government authorities or when used professionally.
Section 30. Code of Ethics and Code of Technical Standards of Practice. - The Board shall adopt a Code of Ethics and the Code of Technical Standards of Practice for Electronics Engineers and Electronics Technicians, which shall be promulgated by the Accredited Professional Organization.
ARTICLE V
SUNDRY PROVISIONS
Section 31. Continuing Professional Education (CPE) and/or Development Programs. - All registered Professional Electronics Engineers, Electronics Engineers, and Electronics Technicians, shall comply with pertinent rules and regulations already prescribed by and/or as may be prescribed and promulgated by the Commission and/or the Board, the Accredited Professional Organization and other government agencies, pursuant to this Act and other relevant laws, international treaties, agreements and/or covenants to which the Philippines is a signatory and has ratified, with respect to continuing professional education and/or development and/or other similar/related programs.
Section 32. Integrated and Accredited Professional Organization. - There shall be one (1) integrated and Accredited Professional Organization of Professional Electronics Engineers, Electronics Engineers and Electronics Technicians in the country, which shall be registered with the Securities and Exchange Commission as a non-stock, non-profit corporation and recognized by the Board, the Commission and all government agencies as the one and only integrated and accredited national organization for the said professionals. Every Professional Electronics Engineer, Electronics Engineer and Electronics Technician, upon registration with the Commission as such, shall ipso facto become a member of this Accredited Professional Organization. Those who have been previously registered by the Board but are not members of this Accredited Professional Organization at the time of effectivity of this Act, shall be allowed to register as members of this organization within three (3) years after the effectivity of this Act. Membership in this Accredited Professional Organization shall not be a bar to membership in other associations of the electronics engineering and electronics technician professions.
The Accredited Professional Organization shall implement the continuing professional education, accredit other organizations or entities to provide continuing professional education, and/or development program promulgated by the Board and/or the Commission, compliance with which shall be one of the requisites for the maintenance of membership in good standing of the professional in the Accredited Professional Organization. All members of good standing of this Accredited Professional Organization shall be issued an annual membership card indicating the membership number and validity period of the membership, which shall be affixed to all plans, specifications and any document signed by the member in the course of practice of his/her profession. Failure to maintain membership in good standing in the Accredited Professional Organization shall be a cause for listing of the individual as delinquent in the roster of professionals.
Section 33. Foreign Reciprocity. - No foreigner shall be admitted for registration as Professional Electronics Engineer, Electronics Engineer or Electronics Technician with or without examination under this Act unless he/she proves in the manner as provided by the Board that, by specific provisions of law, the country, state or province of which he/she is a citizen, subject or national, or in accordance with international treaties, agreements and/or covenants to which their country, state or province is a signatory, admits Filipino citizens to practice as Professional Electronics Engineer, Electronics Engineer or Electronics Technician after an examination or registration process on terms of strict and absolute equality with the citizens, subjects or nationals of said country, including the unconditional recognition of professional licenses issued by the Board and/or the Commission and prerequisite degrees/diplomas issued by institutions of learning duly recognized by the government of the Philippines.
Section 34. Positions in Government Requiring the Services of Registered and Licensed Professional Electronics Engineers, Electronics Engineers and Electronics Technicians. - Within three (3) years from the effectivity of this Act, all existing and proposed positions in the local and national government, whether career, permanent, temporary or contractual and primarily requiring the services of Professional Electronics Engineers, Electronics Engineers or Electronics Technicians shall accordingly be filled only by registered and licensed Professional Electronics Engineers, Electronics Engineers or Electronics Technicians.
ARTICLE VI
PENAL PROVISION AND ASSISTANCE OF LAW ENFORCEMENT AGENCIES
Section 35. Penal Provision. - The following shall be punished by a fine of not less than One hundred thousand pesos (P100,000.00) nor more than One million pesos (P1,000,000.00), or by imprisonment of not less than six (6) months nor more than six (6) years, or both, in the discretion of the court:


(a) Any person who shall give any false or fraudulent statement to the Board to obtain a Certificate of Registration and/or Professional Identification Card as Professional Electronics Engineer, Electronics Engineer or Electronics Technician;
(b) Any person who shall present or use as his/her own a Certificate of Registration, Professional Identification Card, membership identification card in the Accredited Professional Organization and/or seal issued to another and any person who allows the use of his/her Certificate of Registration, Professional Identification Card, membership card in the Accredited Professional Organization and/or seal;
(c) Any person who shall present or use a revoked or suspended Certificate of Registration as Professional Electronics Engineer, Electronics Engineer or Electronics Technician;
(d) Any person who shall assume, use, advertise or otherwise practice as Professional Electronics Engineer, Electronics Engineer or Electronics Technician, or append to his/her name, any letter/s or words tending to convey the impression that he/she is a registered Professional Electronics Engineer, Electronics Engineer or Electronics Technician, when in fact he/she is not duly registered with the Board as such;
(e) Any Professional Electronics Engineer, or any person on his/her behalf, who shall stamp or seal any document with his/her seal as such after his/her Certificate of Registration, Professional Identification Card and membership card in the Accredited Professional Organization has been revoked or suspended or after he/she has been suspended from practice or removed from the roster of Professional Electronics Engineer, Electronics Engineers or Electronics Technicians;
(f) Any Professional Electronics Engineer who shall sign his/her name, affix his/her seal, or use any other method of signature on plans, technical descriptions or other documents prepared by or under the supervision of another Professional Electronics Engineer, unless the same is prepared in such manner as to clearly indicate the part of such work actually performed by the former;
(g) Any person, except the Professional Electronics Engineer or Electronics Engineer in-charge, who shall sign for any electronics engineering work, or any function of electronics engineering practice, not actually performed by him/her;
(h) Any person holding a Certificate of Registration and Professional Identification Card as Professional Electronics Engineer, Electronics Engineer or Electronics Technician who shall be involved in illegal wire-tapping, cloning, hacking, cracking, piracy and/or other forms of unauthorized and malicious electronic eavesdropping and/or the use of any electronic devices in violation of the privacy of another or in disregard of the privilege of private communications and/or safety to life, physical and/or intellectual property of others, or who shall maintain an unlicensed and/or unregistered communications system or device; and
(i) Any person who shall violate any provision of this Act or any rules, regulations, the Code of Ethics and the Code of Technical Standards of Practice promulgated under this Act.

Section 36. Assistance of Law Enforcement and Other Government Agencies. - Any law enforcement agency shall, upon call or request of the Board and/or the Commission, render assistance in enforcing this Act including the Code of Ethics, Code of Technical Standards of Practice and the implementing rules and regulations and measures promulgated hereunder, by prosecuting violators thereof in accordance with law and the Rules of Court.
Any department, instrumentality, office, bureau, institution or agency of the government including local governments, upon call or request from the Board and/or the Commission, shall render such assistance as it may require, cooperate and coordinate with it in carrying out, enforcing or implementing this Act, the codes, policies, measures, programs or activities of the Board and/or the Commission that it may undertake pursuant to the provisions of this Act.
ARTICLE VII
TRANSITORY PROVISIONS
Section 37. Transitory Provision. - Upon effectivity of this Act, the incumbent Board of Electronics and Communications Engineering shall complete all pending/unfinished works within a six (6)-month period, after which it shall cease to exist. The President of the Philippines shall before then appoint the Chairman and members of the first Board of Electronics Engineering in accordance with Sections 6 and 8 herein, who shall formulate and thereafter promulgate the rules and regulations for the implementation of this Act.
Section 38. Vested Rights: Electronics and Communications Engineers when this Law is Passed. - Electronics and Communications Engineers holding a valid Certificate of Registration and Professional Identification Card at the time of effectivity of this Act shall be automatically registered and recognized as Electronics Engineers and shall be issued a new Certificate of Registration and Professional Identification Card as Electronics Engineers with the same license number as their original Electronics and Communications Engineer Certificate of Registration, subject to the payment of prescribed fees and other requirements of the Board and/or Commission.
ARTICLE VIII
FINAL PROVISION
Section 39. Implementing Rules and Regulations. - Subject to the approval of the Commission, the Board, in coordination with the accredited professional organization, shall adopt and promulgate such rules, regulations, resolutions, the Code of Ethics and the Code of Technical Standards of Practice for Professional Electronics Engineers, Electronics Engineers and Electronics Technicians to carry out the provisions of this Act, which shall be published in the Official Gazette or a newspaper of general circulation and shall be effective fifteen (15) days after publication therein.
Section 40. Appropriations. - The Chairperson of the Professional Regulation Commission shall include in the Commission's program the implementation of this Act, the funding of which shall be included in the annual General Appropriations Act.
Section 41. Separability Clause. - If any provisions of this Act or any portion hereof is declared unconstitutional by any competent court, the other provisions hereof shall not be affected thereby.
Section 42. Repealing Clause. - Republic Act No. 5734 is hereby repealed. All other laws, executive orders, rules and regulations or parts thereof in conflict with the provisions of this Act are hereby repealed or amended accordingly.
Section 43. Effectivity. - This Act shall take effect fifteen (15) days following its full publication in the Official Gazette or any newspaper of general circulation.


Approved,

FRANKLIN DRILON
President of the Senate
JOSE DE VENECIA JR.
Speaker of the House of Representatives
This act which is a consolidation of House Bill No. 5224 and Senate Bill No. 2683 was finally passed by the House of Representatives and the Senate on February 2, 2004.
OSCAR G. YABES
Secretary of Senate
ROBERTO P. NAZARENO
Secretary General
House of Represenatives

Approved: April 17, 2004

GLORIA MACAPAGAL-ARROYO
President of the Philippines



REPUBLIC ACT NO. 8484
 
AN ACT REGULATING THE ISSUANCE AND USE OF ACCESS DEVICES, PROHIBITING FRAUDULENT ACTS COMMITTED RELATIVE THERETO, PROVIDING PENALTIES AND FOR OTHER PURPOSES.
  
 
 

Section 1. Short title. — This Act shall be known as the "Access Devices Regulation Act of 1998."
 
Sec. 2. Declaration of policy. — The State recognizes the recent advances in technology and the widespread use of access devices in commercial transactions. Toward this end, the State shall protect the rights and define the liabilities of parties in such commercial transactions by regulating the issuance and use of access devices.
 
Sec. 3. Definition of terms. — For purposes of this Act, the terms:
 

(a) Access Device — means any card, plate, code, account number, electronic serial number, personal identification number, or other telecommunications service, equipment, or instrumental identifier, or other means of account access that can be used to obtain money, good, services, or any other thing of value or to initiate a transfer of funds (other than a transfer originated solely by paper instrument);  
(b) Counterfeit Access Device — means any access device that is counterfeit, fictitious, altered, or forged, or an identifiable component of an access device or counterfeit access device;

 
(c) Unauthorized Access Device — means any access device that is stolen, lost, expired, revoked, canceled, suspended, or obtained with intent to defraud;

 
(d) Access Device Fraudulently Applied for — means any access device that was applied for or issued on account of the use of falsified document, false information, fictitious identities and addresses, or any form of false pretense or misrepresentation;

 
(e) Consumer — means a natural person;

 
(f) Credit Card — means any card, plate, coupon book, or other credit device existing for the purpose of obtaining money, goods, property, labor or services or any thing of value on credit;

 
(g) Device Making or Altering Equipment — means any equipment, mechanism or impression designed or primarily used for making or altering or reencoding an access device or a counterfeit access device;

 
(h) Finance Charges — represent the amount to be paid by the debtor incident to the extension of credit such as interest or discounts, collection fees, credit investigation fees, and other service charges;

 
(i) Open-end-credit plan — means a consumer credit extended on an account pursuant to a plan under which:
    1) the creditor may permit the person to make purchase or obtain loans, from time to time, directly from the creditor or indirectly by use of credit card, or other service;   2) the person has the privilege of paying the balance; or   3) a finance charge may be computed by the creditor from time to time on an unpaid balance.
(j) Penalty Charges — means such amount, in addition to interest, imposed on the credit card holder for non-payment of an account within a prescribed period;  
(k) Produce — includes design, alter, authenticate, duplicate or assemble; and

 
(l) Trafficking — means transferring, or otherwise disposing of, to another, or obtaining control of, with intent to transfer or dispose of.

 
Sec. 4. Credit Card Application and Solicitation. — Any application to open a credit card account for any person under an open-end credit plan or a solicitation to open such an account, either by mail, telephone or other means, shall disclose in writing or orally, as the case may be, the following information:
 

(a) Annual Percentage Rate
    1) Each annual percentage rate of interest on the amount of credit obtained by the credit card holder under such credit plan. Where an extension of credit is subject to a variable rate, the fact that the rate is variable, and the annual percentage rate in effect at the time of the mailing.   2) Where more than one rate applies, the range of balances to which each rate applies.
(b) Annual and other Fees
    1) Any annual fee, other periodic fee, or membership fee imposed for the issuance or availability of a credit card, including any account maintenance fee or any other charge imposed based on activity or inactivity for the account during the billing cycle.   2) Any minimum finance charge imposed for each period during which any extension of credit which is subject to a finance charge is outstanding.   3) Any transaction charge imposed in connection with use of the card to purchase goods or services.   4) Any fee, penalty or surcharge imposed for the delay in payment of an account.
(c) Balance Calculation Method — the name or a detailed explanation of the balance calculation method used in determining the balance upon which the finance charge is computed.
 
(d) Cash Advance Fee — any fee imposed for an extension of credit in the form of cash.
 
(e) Over-the-Limit-Fee — any fee imposed in connection with an extension of credit in excess of the amount of credit authorized to be extended with respect to such amount: Provided, however, That in case the application or solicitation to open a credit card account for any person under an open-end consumer credit plan be made through catalogs, magazines, or other publications, the following additional information shall be disclosed:
      1) A statement, in a conspicuous and prominent location on the application or solicitation, that:  
        i) the information is accurate as of the date the application or solicitation was printed;   ii) the information contained in the application or solicitation is subject to change after such date;   iii) the applicant should contact the creditor for information on any change in the information contained in the application or solicitation since it was printed;  
      (2) The date the application or solicitation was printed; and   (3) In a conspicuous and prominent location on the application or solicitation, a toll free telephone number or mailing address which the applicant may contact to obtain any change in the information provided in the application or solicitation since it was printed.
Sec. 5. Computations. — In addition to the foregoing, a credit card issuer must, to the extent practicable, provide a detailed explanation and a clear illustration of the manner by which all charges and fees are computed.
 
Sec. 6. Exceptions. — The disclosures required under Sec. 4 of this Act may be omitted in any telephone solicitation or application if the credit card issuer:
    (a) does not impose any fee in connection with paragraph (b)(1), Sec. 4 of this Act;   (b) does not impose any fee in connection with telephone solicitation unless the consumer signifies acceptance by using the card;   (c) discloses clearly the information described in Sec. 4 of this Act in writing within thirty (30) days after the consumer requests the card, but in no event later than the date of delivery of the card; and   (d) discloses clearly that the consumer is not obligated to accept the card or account and the consumer will not be obligated to pay any fees or charges disclosed unless the consumer elects to accept the card or account by using the card.
Sec. 7. Disclosure Prior to Renewal. — Except in telephone solicitations a card issuer that imposes any fee described in Sec. 4 shall transmit to a consumer's credit card account a clear and conspicuous disclosure of:
    (a) the date by which, the month by which, or the billing period at the close of which, the account will expire if not renewed;   (b) the information described in Sec. 4 which shall be transmitted to a consumer at least thirty (30) days prior to the scheduled renewal date of the consumer's credit card account;   (c) the information described in Sec. 4 (a) (1) which shall be transmitted to a consumer's credit card account; and   (d) the method by which the consumer may terminate continued credit availability under the account: Provided, That the disclosures required by this Sec. must be made prior to posting a fee described in Sec. 4 (b) (1) to the account, or with the periodic billing statement first disclosing that the fee has been posted to the account subject to the condition that the consumer is given thirty (30) day period to avoid payment of the fee or to have the fee recredited to the account in any case where the consumer does not wish to continue the availability of the credit.
Sec. 8. Failure to Disclose. — Credit card companies which shall fail to disclose the information required under Sec.s 4, 5 and 7 of this Act, after due notice and hearing, shall be subject to suspension or cancellation of their authority to issue credit cards by the Bangko Sentral ng Pilipinas, Securities and Exchange Commission and such other government agencies.
 
Sec. 9. Prohibited Acts. — The following acts shall constitute access device fraud and are hereby declared to be unlawful:
    (a) producing, using, trafficking in one or more counterfeit access devices;   (b) trafficking in one or more unauthorized access devices or access devices fraudulently applied for;   (c) using, with intent to defraud, an unauthorized access device;   (d) using an access device fraudulently applied for;   (e) possessing one or more counterfeit access devices or access devices fraudulently applied for;   (f) producing, trafficking in, having control or custody of, or possessing device-making or altering equipment without being in the business or employment, which lawfully deals with the manufacture, issuance, or distribution of such equipment;   (g) inducing, enticing, permitting or in any manner allowing another, for consideration or otherwise to produce, use, traffic in counterfeit access devices, unauthorized access devices or access devices fraudulently applied for;   (h) multiple imprinting on more than one transaction record, sales slip or similar document, thereby making it appear that the device holder has entered into a transaction other than those which said device holder had lawfully contracted for, or submitting, without being an affiliated merchant, an order to collect from the issuer of the access device, such extra sales slip through an affiliated merchant who connives therewith, or, under false pretenses of being an affiliated merchant, present for collection such sales slips, and similar documents;   (i) disclosing any information imprinted on the access device, such as, but not limited to, the account number or name or address of the device holder, without the latter's authority or permission;   (j) obtaining money or anything of value through the use of an access device, with intent to defraud or with intent to gain and fleeing thereafter;   (k) having in one's possession, without authority from the owner of the access device or the access device company, an access device, or any material, such as slips, carbon paper, or any other medium, on which the access device is written, printed, embossed, or otherwise indicated;   (l) writing or causing to be written on sales slips, approval numbers from the issuer of the access device of the fact of approval, where in fact no such approval was given, or where, if given, what is written is deliberately different from the approval actually given;   (m) making any alteration, without the access device holder's authority, of any amount or other information written on the sales slip;   (n) effecting transaction, with one or more access devices issued to another person or persons, to receive payment or any other thing of value;   (o) without the authorization of the issuer of the access device, soliciting a person for the purpose of:  
      1) offering an access device; or   2) selling information regarding or an application to obtain an access device; or  
    (p) without the authorization of the credit card system member or its agent, causing or arranging for another person to present to the member or its agent, for payment, one or more evidence or records of transactions made by credit card.
Sec. 10. Penalties. — Any person committing any of the acts constituting access device fraud enumerated in the immediately preceding Sec. shall be punished with:
    (a) a fine of Ten thousand pesos (P10,000.00) or twice the value obtained by the offense, whichever is greater and imprisonment for not less than six (6) years and not more than ten (10) years, in the case of an offense under Sec. 9 (b)-(e), and (g)-(p) which does not occur after a conviction for another offense under Sec. 9;   (b) a fine of Ten thousand pesos (P10,000.00) or twice the value obtained by the offense, and imprisonment for not less than ten (10) years and for not more than twelve (12) years, in the case of an offense under Sec. 9 (a), and (f) of the foregoing Sec., which does not occur after a conviction for another offense under Sec. 9; and   (c) a fine of Ten thousand pesos (P10,000.00) or twice the value obtained by the offense, or imprisonment for not less than twelve (12) years and not more than twenty (20) years, or both, in the case of any offense under Sec. 9, which occurs after a conviction for another offense under said subSec., or an attempt to commit the same.
Sec. 11. Conspiracy to commit access device fraud. — If two (2) or more persons conspire to commit any of the offenses listed in Sec. 9 and one or more of such persons does any act to effect the object of the conspiracy, each of the parties to such conspiracy shall be punished as in the case of the doing of the act, the accomplishment of which is the object of such conspiracy.
 
Sec. 12. Frustrated and attempted access device fraud. — Any person who performs all the acts of execution which would produce any of the unlawful acts enumerated in Sec. 9 of this Act, but which nevertheless does not produce it by reason of causes independent of the will of said person, shall be punished with two-thirds (2/3) of the fine and imprisonment provided for the consummated offenses listed in said Sec.. Any person who commences the commission of any of the unlawful acts enumerated in Sec. 9 of this Act directly by overt acts and does not perform all the acts of execution which would produce the said acts by reason of some cause or accident other than said person's own spontaneous desistance, shall be punished with one-half (1/2) of the fine and imprisonment provided for the consummated offenses listed in the said Sec..
 
Sec. 13. Accessory to access device fraud. — Any person who, with intent to gain for himself or for another, buy, receives, possesses, keeps, acquires, conceals, sells, or disposes of, shall buy and sell, or in any manner deal in any article, item, object or anything of value which he knows or should be known to him, to have been acquired through the use of counterfeit access device or an unauthorized access device or an access device known to him to have been fraudulently applied for, shall be considered as an accessory to an access device fraud and shall be punished with one-half (1/2) of the fine and imprisonment provided for the applicable consummated offenses listed in Sec. 9 of this Act. Said person shall be prosecuted under this Act or under the Anti-Fencing Law of 1979 (Presidential Decree No. 1612) whichever imposes the longer prison term as penalty for the consummated offense.
 
Sec. 14. Presumption and prima facie evidence of intent to defraud. — The mere possession, control or custody of:
    (a) an access device, without permission of the owner or without any lawful authority;   (b) a counterfeit access device;   (c) access device fraudulently applied for;   (d) any device-making or altering equipment by any person whose business or employment does not lawfully deal with the manufacture, issuance, or distribution of access device;   (e) an access device or medium on which an access device is written, not in the ordinary course of the possessor's trade or business; or   (f) a genuine access device, not in the name of the possessor, or not in the ordinary course of the possessor's trade or business, shall be prima facie evidence that such device or equipment is intended to be used to defraud.   A cardholder who abandons or surreptitiously leaves the place of employment, business or residence stated in his application or credit card, without informing the credit card company of the place where he could actually be found, if at the time of such abandonment or surreptitious leaving, the outstanding and unpaid balance is past due for at least ninety (90) days and is more than Ten thousand pesos (P10,000.00), shall be prima facie presumed to have used his credit card with intent to defraud.
Sec. 15. Loss of access devices. — In case of loss of an access device, the holder thereof must notify the issuer of the access device of the details and circumstances of such loss upon knowledge of the loss. Full compliance with such procedure would absolve the access device holder of any financial liability from fraudulent use of the access device from the time the loss or theft is reported to the issuer.
 
Sec. 16. Reporting requirements. — All companies engaged in the business of issuing access devices, including banks, financing companies and other financial institutions issuing access devices, shall furnish annually, on or before the 31st of March of the succeeding year, a report to the Credit Card Association of the Philippines regarding access device frauds committed against the holders of such entities in the preceding calendar year, for consolidation and submission to the National Bureau of Investigation.
 
Notwithstanding this requirement, banks, financing companies and other financial institutions, including their subsidiaries and affiliates, issuing access devices shall continue to be regulated and supervised by the Bangko Sentral ng Pilipinas while other companies issuing access devices shall continue to be regulated and supervised by the Securities and Exchange Commission.
 
Sec. 17. Liability under the Revised Penal Code and other laws. — Prosecution under this Act shall be without prejudice to any liability for violation of any provision of the Revised Penal Code or any other law.
 
Sec. 18. Separability clause. — If any separable provision of this Act be declared unconstitutional, the remaining provisions shall continue to be in force.
 
Sec. 19. Repealing clause. — Any law, presidential decree or issuance, executive order, letter of instruction, administrative order, rule or regulation contrary to, or inconsistent with, the provisions of this Act is hereby repealed, modified or amended accordingly.
 
Sec. 20. Effectivity clause. — This Act shall take effect fifteen (15) days after its publication in at least two (2) newspapers of general circulation.
 
Approved: February 11, 1998
  
Republic Act 8792
In 1999, the Philippines Y2K Law was the first law crafted and deliberated online by the private sector.

Republic Act 8792, was signed into law last June 14, 2000. It is a landmark legislation in the history of the Philippines. Not only has this bill made the country a legitimate player in the global marketplace. The Philippine Internet community has played a major role in pushing for its passage. The law took effect last June 19, 2000.

# Hacking or cracking, refers to unauthorized access including the introduction of computer viruses, is punishable by a fine from 100 thousand to maximum commensurating to the damage. With imprisonment from 6 months to 3 years. (section 33)

# Piracy through the use of telecommunication networks, such as the Internet, that infringes intellectual property rights is punishable. The penalties are the same as hacking. (section 33)

Hacking, cracking, piracy is a crime under RA8792. The iron hand of the law must be fully enforced or else this can propagate further and cause irreparable damage to the Philippine Internet industry as a whole. The increase number of hacking incidents these past few weeks is already alarming. Worst, these people seems to be enjoying it and not even bothered with the consequences.

 

.