Back Philippines

    Status regarding Budapest Convention

Status regarding Budapest Convention

Status : Party Declarations and reservations : Articles concerned: 24, 27, 35 See legal profile

Cybercrime policies/strategies

The Philippines is a party to the Budapest Convention since 2018 and they have given full implementation at the domestic level through the adoption and enforcement of a sound cybercrime legislation.

Nevertheless, the Philippine government has yet to adopt its draft National Cybercrime Strategy, which intends to provide the current landscape of cybercrime investigation, prosecution, and suppression in the Philippines, while embedding a whole-nation approach that will bolster the fight against cybercrime and cyber-related offenses, in line with international best practices.

The draft Strategy includes a vital multi-year cybercrime data/statistics based on official reports, actual operations, information and research, as well as analysis thereof, which were received from concerned agencies, such as the National Bureau of Investigation – Cybercrime Division (NBI-CCD) and the Philippine National Police – Anti-Cybercrime Group (PNP-ACG).

It also proceeds with a concise narrative, summing up the Philippine strategy against cybercrime based on policy framework, situation analysis, and international commitments and comity, which consists of the following key elements:

  • Bolstering legal framework by enacting up-to-date laws, rules, and other government issuances that are dynamic to cope up with the technological challenges;
  • Harmonizing and coordinating efforts among government agencies concerned in fighting cybercrimes and cyber-related offenses;
  • Capacitating all members of the justice sector in the field of cybercrime and electronic evidence;
  • Strengthening international cooperation in order to tackle the problem of cybercrime by and large;
  • Promoting and encouraging public-private partnership in assuring service growth and development of a safe and secure cyber environment where the industry could continue to be competitive; and
  • Increasing the level of the public’s cognizance and to help them develop the required knowledge to prevent being victims of cybercrime, through provision of public awareness seminars and trainings.

It is worthy to note that the draft was disseminated to relevant stakeholders for consultation, inputs and comments. Some of the data and policies contained in the draft were adopted, and complemented, by the draft National Cybersecurity Plan 2022 (NCSP) which was formally launched by the Department of Information and Communications Technology (DICT) in December 2016.

The primary goals of the NCSP are as follows: (1) assuring the continuous operation of the nation’s critical infostructures, public and military networks (2) implementing cyber resiliency measures to enhance the ability to respond to threats before, during and after attacks, (3) effective coordination with law enforcement agencies and (4) a cybersecurity educated society.

The National Cybersecurity Plan 2022 wants to reach the state of having a “Trusted and Resilient Infostructure” by the achievement of the following mission objectives:

  • To systematically and methodically harden the Critical Information Infrastructure (CII) for resiliency;
  • To prepare and secure government Infostructure;
  • To raise awareness in the business sector on cyber risk and use of security measures among businesses to prevent and protect, respond and recover from attacks; 
  • To raise awareness of individuals on cyber risks and build a cybersecurity-educated society.

Specialised institutions

  • Department of Justice – Office of Cybercrime
  • National Bureau of Investigation – Cybercrime Division
  • Philippine National Police – Anti-Cybercrime Group
  • Cybercrime Investigation and Coordination Center (CICC) [1]
  • Cybercrime Courts

[1] Not yet operational as of date.

Jurisprudence/case law

In the case of Disini vs. the Secretary of Justice, G.R. No. 203335, which involves consolidated petitions seeking to declare several provisions of R.A. 10175 or the Cybercrime Prevention Act of 2012 unconstitutional and void, the Supreme Court upheld the constitutionality of the law while striking few provisions as unconstitutional.

Sources and links

Tools on Cybercrime & Electronic Evidence Empowering You!

These profiles do not necessarily reflect official positions of the States covered or of the Council of Europe. 


  Are you aware of the latest legislative or policy developments on cybercrime and electronic evidence?

  Share this information with us helping to keep this platform up to date.

Useful links