Hinimok ni House Ways and Means Chair Joey Sarte Salceda ang National Bureau of Investigation (NBI) na sulitin ang paggamit ng Republic Act (RA) 8484 o Access Devices Regulation Act of 1998 upang hulihin at usigin ang mga responsable para sa kamakailang mga mass text message scam, na kilala rin bilang “smishing,” na nakaapekto sa milyun-milyong gumagamit ng mobile phone sa mga nakaraang linggo.
Ayon sa batas, kasama sa mga access device ang “card, plate, code, account number, electronic serial number, personal identification number, or other telecommunications service, equipment, or instrumental identifier, or other means of account access that can be used to obtain money, good, services, or any other thing of value or to initiate a transfer of funds (other than a transfer originated solely by paper instrument).”
“Arguably, online bank accounts and electronic wallets like GCash and Paymaya are access devices, in a reasonable construction of the provision of the law,” giit ni Salceda sa isang pahayag.
“That means, even without the use of the Cybercrime Law or the Data Privacy Law yet, if we cannot prove that indeed some data hacking was involved, those who perpetrate smishing attacks are still liable under Section 9 (i) (j) or (o) of the law.”
Tinukoy rin ng Albay Second District representative ang mga provision na: “(i) disclosing any information imprinted on the access device, such as, but not limited to, the account number or name or address of the device holder, without the latter’s authority or permission; (j) obtaining money or anything of value through the use of an access device, with intent to defraud or with intent to gain and fleeing thereafter; and (o) without the authorization of the issuer of the access device, soliciting a person for the purpose of: 1) offering an access device; or 2) selling information regarding or an application to obtain an access device.”
Pagpapatuloy niya, hindi alintana kung nagkaroon ng data breach o wala, ang mga smishing attacker ay dapat kasuhan ng RA 8484 kung sila ay matagumpay sa pag-access ng mga internet account gamit ang kanilang mga text scam.
Ayon pa kay Salceda, maaaring mapatawan ng multang “ten thousand pesos (P10,000.00) or twice the value obtained by the offense, whichever is greater and imprisonment for not less than six (6) years and not more than ten (10) years,” ang mga smishing attacker.
Binigyang-diin niya na kahit walang nakitang paglabag sa data privacy ang National Privacy Commission o iba pang ahensya, may legal na pundasyon at may matibay na dahilan para magsagawa ng imbestigasyon ang NBI at PNP Cybercrime Division.
Sa pulong ng House Committee on Information and Communication Technology, hiniling din ng kongresista sa mga telecommunications provider na bumuo ng mga hotline na makakatulong sa kanilang mga user at pagsama-samahin ang mga reklamo bago ipasa sa NBI at iba pang awtoridad.
“Much of our current discussions focus on how the data appearing on the text messages with names of receivers was obtained. That might not necessarily be the most important point now. It is the financial harm that these smishing attacks can cause. And RA 8484 focuses on the potential harm done, so we can really get the ball rolling with investigations,” giit niya.
Photo credit: House of Representative website