You are currently viewing How to File a Cybercrime Complaint in the Philippines: A Nutshell Guide

How to File a Cybercrime Complaint in the Philippines: A Nutshell Guide

People, corporations, and government agencies are all quite worried about cybercrime these days. The Philippine government has passed strong rules and processes to fight online frauds, hacking, cyberbullying, and identity theft, among other digital crimes. If you or someone you know has been the victim of a cybercrime, knowing how to make a complaint is very important for getting justice and safeguarding your rights.

This guide will show you how to file a cybercrime complaint in the Philippines. It will cover the legal framework, step-by-step instructions, helpful recommendations, and answers to common problems. This article is meant to provide you the information and confidence you need to fight back against cybercriminals, whether you are a private citizen, a business owner, or a lawyer.

1. Understanding Cybercrime: What Offenses Are Covered?

Before filing a complaint, it is essential to determine whether the incident falls under the definition of “cybercrime” as provided by Philippine law. The primary statute governing cybercrime in the Philippines is the Cybercrime Prevention Act of 2012.1 This law defines and penalizes a wide range of offenses committed through or involving information and communications technology (ICT).

1.1. Categories of Cybercrime

Under Section 4 of the Cybercrime Prevention Act, cybercrimes are classified into three main categories:

a. Offenses Against the Confidentiality, Integrity, and Availability of Computer Data and Systems

  • Illegal Access: Unauthorized access to a computer system or any of its parts.
  • Illegal Interception: Unauthorized interception of non-public transmissions of computer data.
  • Data Interference: Intentional or reckless alteration, damaging, deletion, or deterioration of computer data or electronic documents.
  • System Interference: Hindering or interfering with the functioning of a computer or network.
  • Misuse of Devices: Unauthorized use, production, sale, or possession of devices or programs designed for committing cybercrimes.

b. Computer-Related Offenses

  • Computer-Related Forgery: Input, alteration, or deletion of computer data resulting in inauthentic data.
  • Computer-Related Fraud: Unauthorized input, alteration, or deletion of computer data or programs to cause damage or gain.
  • Computer-Related Identity Theft: Unauthorized acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information.

c. Content-Related Offenses

  • Cybersex: Lascivious exhibition of sexual organs or sexual activity via computer for favor or consideration.
  • Child Pornography: Acts defined under the Anti-Child Pornography Act, committed through a computer system.
  • Unsolicited Commercial Communications: Sending spam or commercial messages without consent, except under certain conditions.
  • Libel: Defamation committed through a computer system.

For a full list and detailed definitions, refer to Cybercrime Prevention Act of 2012.2

2. Legal Framework: What Laws and Rules Apply?

Filing a cybercrime complaint in the Philippines is governed by several key legal instruments:

  • Cybercrime Prevention Act of 2012: Defines cybercrimes, prescribes penalties, and outlines procedures for investigation and prosecution.
  • Rules on Cybercrime Warrants 3: Special rules for the application, issuance, and implementation of cybercrime-related warrants.
  • Revised Rules of Criminal Procedure 4: General rules for criminal complaints, preliminary investigation, and prosecution.
  • Relevant Jurisprudence: Supreme Court decisions interpreting and applying cybercrime laws, such as Eastwest Rural Bank v. PNP Anti-Cybercrime Group (2025)5 and Disini, Jr. v. Secretary of Justice (2014)6.

3. Who Can File a Cybercrime Complaint?

Any person who is a victim of a cybercrime, or who has personal knowledge of the commission of a cybercrime, may file a complaint. This includes:

  • The direct victim (individual or entity)
  • Parents, guardians, or legal representatives (for minors or incapacitated persons)
  • Law enforcement officers (LEOs)
  • Concerned citizens with personal knowledge of the offense

This is consistent with the general rules on criminal procedure and specific provisions in the IRR of anti-cybercrime and anti-trafficking laws.7

4. Where to File a Cybercrime Complaint

4.1. Designated Cybercrime Units

The Philippine National Police (PNP) and the National Bureau of Investigation (NBI) have specialized units for cybercrime:

  • PNP Anti-Cybercrime Group (ACG)
  • NBI Cybercrime Division

You may file a complaint directly at their offices or through their online portals.

4.2. Prosecutor’s Office

Complaints may also be filed with the Office of the City or Provincial Prosecutor where the offense or any of its elements occurred, or where the victim resides. 8

4.3. Online Reporting

Both the PNP and NBI offer online complaint forms for cybercrime incidents. These are especially useful for initial reporting and for complainants who cannot immediately visit an office.

5. Step-by-Step Guide: How to File a Cybercrime Complaint

Step 1: Gather Evidence

The success of a cybercrime complaint largely depends on the quality and sufficiency of evidence. Collect and preserve all relevant materials, such as:

  • Screenshots of offending messages, posts, emails, or websites
  • URLs, IP addresses, and timestamps
  • Copies of chat logs, emails, or transaction records
  • Photographs or videos (if applicable)
  • Device information (e.g., phone, computer, storage media)
  • Any correspondence with the perpetrator

Tip: Do not alter or delete any data. If possible, have a notary public or a trusted third party witness the extraction or printing of digital evidence to strengthen its authenticity.

Step 2: Prepare a Sworn Statement or Affidavit

Draft a detailed affidavit narrating the facts of the incident, how you discovered the offense, and the harm or damage suffered. Attach all supporting evidence as annexes.

Step 3: File the Complaint

a. At the PNP Anti-Cybercrime Group (ACG)

  • Visit the nearest ACG office or their official website.
  • Submit your affidavit and evidence.
  • Fill out the official complaint form.
  • The ACG will conduct a preliminary assessment and may request additional information.

b. At the NBI Cybercrime Division

  • Visit the NBI Cybercrime Division or use their online reporting system.
  • Submit your affidavit and evidence.
  • The NBI will evaluate your complaint and may summon you for further clarification.

c. At the Prosecutor’s Office

  • File your complaint with the Office of the City or Provincial Prosecutor.
  • The prosecutor will conduct a preliminary investigation to determine probable cause.

Step 4: Investigation and Preservation of Evidence

Upon receipt of the complaint, law enforcement authorities may:

  • Request the preservation of computer data from service providers for at least six months.9
  • Apply for a Warrant to Disclose Computer Data (WDCD), Warrant to Intercept Computer Data (WICD), or other cybercrime warrants as needed.10
  • Conduct forensic examination of devices and data.

“The integrity of traffic data and subscriber information relating to communication services provided by a service provider shall be preserved for a minimum period of six (6) months from the date of the transaction. Content data shall be similarly preserved for six (6) months from the date of receipt of the order from law enforcement authorities requiring its preservation.”11

Step 5: Preliminary Investigation

The prosecutor will:

  • Subpoena the respondent (alleged perpetrator) to answer the complaint.
  • Evaluate the evidence submitted by both parties.
  • Determine whether there is probable cause to file criminal charges in court.

Step 6: Filing of Information in Court

If probable cause is found, the prosecutor will file an Information (formal criminal charge) with the appropriate Regional Trial Court (RTC), specifically the designated cybercrime court in the jurisdiction where the offense or any of its elements occurred.12

Step 7: Prosecution and Trial

The case will proceed to trial, where both the prosecution and defense will present evidence and witnesses. The court will render a decision based on the merits of the case.

6. Special Procedures: Cybercrime Warrants

The Supreme Court’s Rules on Cybercrime Warrants13 introduced specialized warrants for cybercrime investigations:

  • Warrant to Disclose Computer Data (WDCD)
  • Warrant to Intercept Computer Data (WICD)
  • Warrant to Search, Seize, and Examine Computer Data (WSSECD)
  • Warrant to Examine Computer Data (WECD)

These warrants are issued by designated cybercrime courts upon application by law enforcement, supported by affidavits and evidence showing reasonable grounds to believe a cybercrime has been committed.

“Generally, a court warrant is required for the collection, seizure, or disclosure of data pursuant to Section 12 of the Cybercrime Prevention Act. This warrant is issued only upon written application and examination under oath, demonstrating reasonable grounds to believe a cybercrime has been committed, is being committed, or is about to be committed; that the evidence sought is essential for conviction, solution, or prevention of such crimes; and that no other means of obtaining the evidence are readily available.”14

7. Jurisdiction and Venue

Criminal actions for cybercrime offenses may be filed:

  • In the province or city where the offense or any of its elements was committed
  • Where any part of the computer system used is situated
  • Where any of the damage caused to a natural or juridical person

Conclusion

The process of filing a cybercrime complaint in the Philippines is straightforward and structured. It is based on the Cybercrime Prevention Act of 2012 and its implementing regulations. Victims or concerned parties should draft a sworn written complaint, collect supporting evidence, and submit it to the appropriate law enforcement agencies, such as the Philippine National Police Anti-Cybercrime Group (PNP ACG) or the National Bureau of Investigation (NBI) cybercrime units. Throughout the proceedings, these agencies are required to ensure confidentiality and due process by investigating, building cases, and coordinating with the Department of Justice for prosecution.

The law sets forth specific procedures for the preservation, disclosure, and examination of computer data, and specialized cybercrime tribunals have jurisdiction over these cases. Complainants can assist in the effective resolution and prosecution of cybercrimes in accordance with Philippine law by adhering to these procedures and collaborating with the designated authorities, particularly under the Cybercrime Prevention Act of 2012 and the Rules on Cybercrime Warrants.

  1. RA No. 10175[]
  2. Id.[]
  3. A.M. No. 17-11-03-SC [2018][]
  4. Rules 110-127, Rules of Court[]
  5. G.R. No. 273720, July 29, 2025[]
  6. G.R. No. 203335, February 18, 2014[]
  7. IRR of RA 9208 (2023[]
  8. Rules on Cybercrime Warrants, Sec. 2.1[]
  9. RA 10175, Sec. 13[]
  10. Rules on Cybercrime Warrants[]
  11. RA 10175, Sec. 13[]
  12. Rules on Cybercrime Warrants, Sec. 2.1[]
  13. A.M. No. 17-11-03-SC[]
  14. Eastwest Rural Bank v. PNP Anti-Cybercrime Group, G.R. No. 273720, July 29, 2025[]
Tags: , , , , , , , , , , , , , ,

Leave a Reply