COMELeak, LeniLeaks: Who should investigate and plug these leaks?

The NBI should investigate LeniLeaks, not the DICT



Part 2
THE supposed exchange of messages and conversations within the Yahoo group, Global Filipino Diaspora Council, quickly spread in social media with the postings of the alleged screenshots of Google’s cache of

One of the screenshot images showed a forwarded message from a certain Pete Silva, sent to the email account of one Imelda Nicolas, at Pete Silva is said to be the same Peter Silva, who is part of the Office of the Vice-President.

The assumed forwarded message started with the statement that, “Pro BBM/Duterte groups and influencers have launched simultaneous attacks on VP Leni” which started on January 3, 2017. It likewise contained the plans and responses that the Vice President would do in reaction to the attacks.

Another item included in the forwarded message is their planned attacks against Bongbong Marcos, which include “flip[ing]the memes and show[ing]unflattering pictures with controversies of BBM” and “us[ing]the photos of BBM supporters during the Luneta rally and/or Duterte youth during the Marcos burial rally.”

What is eye-catching is the group’s assertion for the public to coordinate with them in this wise – “We would also like to request you and your communities to coordinate with us whenever a new campaign is launched for them and/or against her.”

Together with other leaked emails allegedly from the same group, this event was later on dubbed as LeniLeaks.

Malacañang reacted to the turn of events and assigned Secretary Rodolfo Salalima, of the Department of Information and Communications Technology (DICT), to investigate the matter.

The first question that we need to answer is whether or not the DICT can investigate the matter. Corollary to this, whether or not the DICT has the capability to investigate it.

My insight tells me that it is not within the mandate of DICT to investigate LeniLeaks. More so because the DICT does not have the capability to do this.

The DICT was established by Republic Act 10844, known as the Department of Information and Communications Technology Act of 2015. The mandate of the DICT, based on the law, particularly Section 5, is to be the “primary policy, planning, coordinating, implementing, and administrative entity of the Executive Branch of the government that will plan, develop, and promote the national ICT development agenda.” The law was approved on May 23, 2016, and became effective 15 days after its publication in two newspapers of general circulation.

Among the fourfold powers and functions of the DICT, as stipulated in Section 6, are policy planning, improving public access, resource-sharing and capacity-building, and consumer protection and industry development. Nowhere is there an investigative function to speak of.

Under Section 15 of the DICT Act, some existing government agencies were transferred and attached to the department. The exact wording of the proviso is, “the following agencies are hereby attached to the Department for policy and program coordination, and shall continue to operate and function in accordance with the charters, laws or orders creating them, insofar as they are not inconsistent with this Act.” It is rather clear that the attachment of an agency to the DICT is simply “for policy and program coordination” and not for anything else.

The closest agency that “might” be capable of investigating LeniLeaks is the Cybercrime Investigation and Coordination Center (CICC). The CICC was one of agencies that was transferred and attached to the DICT, by virtue of Section 15, “for policy and program coordination” purposes.

The CICC, on the other hand, was created by Republic Act10175, commonly known as the Cybercrime Prevention Act of 2012.This law was approved on September 12, 2012. Section 24 of RA 1075 states,
“SEC. 24. Cybercrime Investigation and Coordinating Center. There is hereby created, within thirty (30) days from the effectivity of this Act, an inter-agency body to be known as the Cybercrime Investigation and Coordinating Center (CICC), under the administrative supervision of the Office of the President, for policy coordination among concerned agencies and for the formulation and enforcement of the national cybersecurity plan.”

It has to be underscored that its function is “for policy coordination” and “formulation and enforcement of the national cybersecurity plan.” It does not have investigative powers.

According to this law, the CICC will have the following powers and functions:

“a) To formulate a national cybersecurity plan and extend immediate assistance for the suppression of real-time commission of cybercrime offenses through a computer emergency response team (CERT);

“b) To coordinate the preparation of appropriate and effective measures to prevent and suppress cybercrime activities as provided for in this Act;

“c) To monitor cybercrime cases being bandied by participating law enforcement and prosecution agencies;

“d) To facilitate international cooperation on intelligence, investigations, training and capacity building related to cybercrime prevention, suppression and prosecution;

“e) To coordinate the support and participation of the business sector, local government units and nongovernment organizations in cybercrime prevention programs and other related projects;

“f) To recommend the enactment of appropriate laws, issuances, measures and policies;

“g) To call upon any government agency to render assistance in the accomplishment of the CICC’s mandated tasks and functions; and

“h) To perform all other matters related to cybercrime prevention and suppression, including capacity building and such other functions and duties as may be necessary for the proper implementation of this Act.”

Again, it is rather obvious that the CICC does not have any investigative powers related to cybercrimes. All of its powers are policy making, capability building, and coordinating.

With a thorough study of these mentioned laws, indeed my insight proved me right.

Section 10, Chapter IV, of R.A. No. 10175 designated which agencies are tasked to investigate cybercrimes. To wit –

“SEC. 10. Law Enforcement Authorities. — The National Bureau of Investigation (NBI) and the Philippine National Police (PNP) shall be responsible for the efficient and effective law enforcement of the provisions of this Act. The NBI and the PNP shall organize a cybercrime unit or center manned by special investigators to exclusively handle cases involving violations of this Act.”

Furthermore, these law enforcement authorities are required to submit periodic reports, not to the CICC, not to the DICT, but to the Department of Justice.

So, who should investigate Lenileaks?

The answer is rather obvious. It should be the NBI or the PNP–-but not the DICT.

If the DICT would insist on investigating LeniLeaks, which is beyond its mandate and capabilities, then the result could likewise be as haphazard as that of the investigation of COMELeak by the National Privacy Commission.

In closing, let me share a quote from the Assassin’s Creed, “Beware the easy path. Knowledge grows only through challenge.”


Please follow our commenting guidelines.

Comments are closed.