The advent of technology blurs the line between crimes committed in the physical world and crimes committed in the electronic world. In the United States of America (U.S.), the Federal Trade Commission (FTC) has a dedicated one-stop resource, the IdentityTheft.gov, for identity theft victims (we are unaware if the Philippine National Privacy Commission has a similar resource). Identity theft, according to the FTC, happens when someone uses your Social Security number or other personal information to open new accounts, make purchases, or get a tax refund. The applicable laws on identity theft in the Philippines are discussed below.
I. IDENTIFY THEFT AS A CYBERCRIME
Under the Cybercrime Prevention Act of 2012 (Republic Act No. 10175), computer-related identity theft is defined as “the intentional acquisition, use, misuse, transfer, possession, alteration or deletion of identifying information belonging to another, whether natural or juridical, without right” [Sec. 4(b)(3)]. Note that the identity theft covers identifying information, which refers to any name or number that may be used alone or in conjunction with any other information to identify any specific individual, including any of the following:
- 1. Name, date of birth, driver’s license number, passport number or tax identification number;
- 2. Unique biometric data, such as fingerprint or other unique physical representation;
- 3. Unique electronic identification number, address or routing code; and
- 4. Telecommunication identifying information or access device.
Note also that the crime of identity theft does not only include the acquisition, possession, use and misuse of identifying information, but also the alteration or deletion of such identifying information. These acts must be done without right, which refers to : (i) conduct undertaken without or in excess of authority; or (ii) conduct not covered by established legal defenses, excuses, court orders, justifications, or relevant principles under the law.
This cybercrime covers fake accounts, or accounts using the name or other identifying information of another person, without the authority of that person. The accused may be punished for identity theft even if the victim does not suffer any damage.
Any person found guilty of any of computer-related identity theft is punished with imprisonment of prision mayor, or a fine of at least P200,000, up to a maximum amount commensurate to the damage incurred, or both.
II. ESTAFA UNDER THE REVISED PENAL CODE
In the Philippines, the crime specifically labelled as “identity theft” relates to cybercrimes. There is no such specific designation in “traditional” crimes, but identity theft is considered in relation to the crime of estafa under the Revised Penal Code (RPC) of the Philippines.
Under Article 315 (2) (a) of the RPC, a person is guilty of estafa by using fictitious name, or falsely pretending to possess power, influence, qualifications, property, credit, agency, business or imaginary transactions, or by means of other similar deceits, executed prior to or simultaneously with the commission of the fraud.
|Not exceeding P200||Arresto mayor in its maximum period.|
|Over P200 but not exceeding P6,000||Arresto mayor in its maximum period to prision correccional in its minimum period.|
|Over 6,000 pesos but not exceeding P12,000||Prision correccional in its minimum and medium periods.|
|Over P12,000 but not exceeding P22,000||Prision correccional, in its maximum period, to prision mayor, in its minimum period. |
One year of imprisonment is added for each additional P10,000 above P22,000; but the total penalty which may be imposed shall not exceed 20 years.