How to Report Illegal Online Gambling Sites in the Philippines: NTC, DICT, and PNP-ACG Steps

How to Report Illegal Online Gambling Sites in the Philippines: NTC, DICT, and PNP-ACG Steps

This practical legal article explains how to identify and report illegal online gambling platforms operating in or targeting the Philippines, and how to engage the National Telecommunications Commission (NTC), the Department of Information and Communications Technology (DICT), and the Philippine National Police–Anti-Cybercrime Group (PNP-ACG). It also covers the governing laws, evidence-preservation, jurisdictional nuances, and model complaint formats. This is general information, not legal advice.

I. Legal Framework

A. What counts as “illegal online gambling”?

Online gambling is generally illegal unless expressly authorized by law/regulation and licensed by the proper regulator. Operators must hold a valid authority (e.g., from PAGCOR under Presidential Decree No. 1869 as amended by Republic Act No. 9487) and comply with related rules (e.g., anti-money laundering coverage under RA 9160 as amended by RA 10927 for casinos). Activities outside such authority—or that target Philippine residents without authorization—are typically unlawful.

B. Core statutes and issuances commonly invoked

  • PD 1602 (as amended by RA 9287 for numbers games): penalizes illegal gambling and imposes stiffer penalties.
  • EO No. 13 (2017): strengthens the fight against illegal gambling; clarifies that only duly licensed operators may offer games and directs law-enforcement coordination.
  • RA 10175 (Cybercrime Prevention Act of 2012): provides tools for investigating computer-related offenses (e.g., data preservation, disclosure, search and seizure of computer data); used to obtain cybercrime warrants (see A.M. No. 17-11-03-SC).
  • RA 10844: created the DICT and attached relevant agencies (including the CICC, the Cybercrime Investigation and Coordinating Center).
  • RA 7925 and related telecoms regulations: empower the NTC to regulate public telecoms/ISPs; NTC may direct carriers/ISPs to block access to unlawful content upon proper legal basis.
  • Data Privacy Act (RA 10173): governs handling of personal data when reporting and investigating; complainants should avoid oversharing sensitive data.
  • Evidence Rules: The Rules on Cybercrime Warrants (A.M. No. 17-11-03-SC) recognize warrants to Disclose (WDCD), Intercept (WICD), and Search, Seize, and Examine Computer Data (WSSECD).

II. Agency Roles: Who Does What?

  • PNP–Anti-Cybercrime Group (PNP-ACG) Primary law-enforcement unit for cyber-enabled crimes. Receives complaints, secures and preserves digital evidence, applies for cybercrime warrants, conducts arrests/raids, coordinates with ISPs and payment channels, and refers cases for inquest/prosecution.

  • DICT (with CICC attached) Leads national cybersecurity policy and coordination. Through its cyber incident response mechanisms, DICT can coordinate cross-agency action, especially for large-scale platforms targeting Filipinos. CICC facilitates operational and intelligence-sharing among law enforcement, regulators (e.g., PAGCOR), and financial intelligence units (e.g., AMLC).

  • NTC The regulator of telecoms and ISPs. Upon appropriate legal process (e.g., law-enforcement request supported by an order/warrant or regulatory directive), the NTC can require ISPs to block or restrict access to specific unlawful gambling domains/URLs/IPs. NTC also accepts consumer complaints that can trigger verification and coordination with law enforcement.

  • Other key actors you may encounter

    • PAGCOR: verifies licenses; can issue cease-and-desist and revoke authority.
    • NBI–Cybercrime Division: alternative law-enforcement channel for investigations.
    • AMLC: traces and freezes proceeds/instrumentalities of unlawful activities (casino coverage via RA 10927).
    • Prosecutors/DOJ: preliminary investigation and prosecution.

III. The Reporting Playbook (Step-by-Step)

Step 1: Triage and Verify

  1. Check licensing: Confirm the platform’s claim of approval (if any). Operators targeting persons in the Philippines generally need proper authority; “offshore” claims don’t suffice if they target Filipino users.
  2. Red flags: No verifiable license, requires crypto or e-wallet only, uses copycat branding, aggressive social-media funnels, or refuses to disclose operator details.

Step 2: Preserve Evidence (Before It Disappears)

Create a read-only evidence pack you can share with agencies:

  • Screenshots/video captures of the website/app, registration/login, game lobbies, deposit/withdraw pages, odds tables, and any “About/License” pages.
  • Network identifiers: exact URLs, domains, subdomains, IP addresses (if known), WHOIS snapshots if you have them, and app package names (Android) or bundle IDs (iOS).
  • Payment trails: transaction receipts, wallet addresses, bank account names/numbers (mask where appropriate), reference numbers, timestamps, and amounts.
  • Communications: marketing emails/SMS, chats with agents, social-media ads or groups, referral links, and influencer posts.
  • User harm: if you lost money, document dates, amounts, and support chats; if you did not transact, state that clearly.
  • Witnesses: names and contact details (with consent).

Tip: Save raw files (PNG/JPG/MP4/PDF) and a hash (e.g., SHA-256) to demonstrate integrity. Keep a simple chain-of-custody log noting who handled files and when.

Step 3: Report to PNP-ACG (Primary Law-Enforcement Action)

Prepare a Complaint-Affidavit (see model below) and submit with your evidence pack. You may report:

  • In person at ACG offices or regional cybercrime units;
  • Through their e-complaint channels; or
  • Via referral (e.g., from a local police station to ACG).

Ask for a reference/control number. ACG may (a) conduct case build-up, (b) coordinate with PAGCOR for license verification, (c) apply for cybercrime warrants, and (d) request NTC action via DICT coordination.

Step 4: Elevate to DICT (Coordination & Cyber Incident Handling)

Submit an incident report describing the platform’s scope (number of victims, traffic origin, hosting, apps/stores used). DICT/CICC can convene agencies (PNP-ACG, NTC, PAGCOR, AMLC) for joint action, especially for large campaigns or public-interest harms (e.g., minors targeted, massive social-media spamming, phishing overlays).

Step 5: Lodge a Complaint with NTC (Blocking/ISP Measures)

File a complaint or request site blocking by providing specific technical indicators:

  • Full URLs/domains/subdomains and resolving IPs (if known);
  • Evidence that the site is illegal (no license or fake license; admissions/promotions targeting PH users);
  • Any law-enforcement report number (from ACG) or regulator verification (from PAGCOR).

NTC typically needs legal basis (e.g., law-enforcement coordination, regulator confirmation, or an order) before directing ISPs to restrict access. Your detailed submission helps accelerate that process.

Step 6: Optional Parallel Reports

  • PAGCOR: to verify license claims and request enforcement/cease-and-desist.
  • NBI–CCD: as an alternative/parallel case build-up.
  • AMLC: where there are substantial transfers suggesting laundering; ACG may forward to AMLC.

IV. Evidence Standards and Privacy

  • Provide only what is necessary; avoid circulating other people’s IDs or private chats unless relevant and lawfully obtained.
  • For minors or sensitive personal data, redact where feasible and flag sensitively under RA 10173.
  • Maintain originals; share copies. Never alter timestamps or metadata.

V. Jurisdictional & Practical Considerations

  • Cross-border hosts: Even if servers are offshore, Philippine authorities can act where victims/users are in the Philippines or the acts produce substantial effects here (see RA 10175’s extraterritoriality in certain cases).
  • Platform takedown vs. prosecution: Blocking via NTC limits access but does not replace criminal proceedings (handled by PNP-ACG/NBI and prosecutors).
  • Social-media advertising: Include ad links, page IDs, group names, and post URLs. Platforms may remove pages upon proper notice; law enforcement may also seek preservation of data.
  • Payment rails: Banks, e-wallets, and VASPs can be engaged through AMLC/LEO channels for KYC information and freezing, subject to due process.
  • Do not entrap: Avoid making further “test bets.” Never pose as a minor. Let law enforcement handle undercover operations.

VI. What Happens After You Report

  1. Case Evaluation – Law enforcement assesses sufficiency of evidence.
  2. Legal Process – Applications for WDCD/WICD/WSSECD warrants as needed; requests for data preservation (Sec. 13, RA 10175).
  3. Regulatory Coordination – PAGCOR license verification; NTC considers blocking directives; AMLC financial tracing.
  4. Platform/Account Actions – Site blocking, app-store takedowns, social-media page removals, payment account freezes.
  5. Prosecution – Inquest or preliminary investigation; possible charges under PD 1602 (as amended), RA 10175 (when applicable), and related laws.

Keep your acknowledgment receipts, reference numbers, and contact details of handling officers. Follow up professionally.

VII. Model Documents

A. Complaint-Affidavit (Template)

REPUBLIC OF THE PHILIPPINES [City/Province] x– – – – – – – – – – – – – – – – – – – – – – –x

COMPLAINT-AFFIDAVIT

I, [Name], Filipino, of legal age, with address at [Address], after having been duly sworn, state:

  1. I am filing this complaint against [Operator/Website/App name], accessible at [full URL(s)], for operating illegal online gambling in violation of Philippine laws.

  2. On [date/time], I accessed the site/app and observed [describe game types, deposit/withdraw methods, promotions].

  3. The platform [has no PAGCOR license / uses a false license claim / targets users in the Philippines].

  4. I attach the following evidence:

    • Annex “A” – Screenshots/captures (with timestamps) of pages showing games, deposits, and “About/License.”
    • Annex “B” – Transaction proofs [reference numbers, dates, amounts].
    • Annex “C” – Links to ads/posts [URLs, page IDs].
    • Annex “D” – Technical indicators (domains, subdomains, IPs, app package IDs).

  5. I respectfully request investigation, preservation of electronic evidence, and appropriate legal action, including blocking of the site and prosecution of responsible persons.

I attest that the foregoing is true and correct based on personal knowledge and authentic records.

[Signature over Printed Name] [Date]

SUBSCRIBED AND SWORN to before me this [date] in [city], affiant exhibiting [ID type/number], valid until [date].

B. Technical Indicator Sheet (Attach to NTC/DICT Submissions)

  • Primary domain(s):
  • Related subdomains:
  • Observed IP(s) (if known):
  • App identifiers (Android package / iOS bundle):
  • CDN/host (if known):
  • Short-links/redirectors used:
  • Screenshots filenames & hashes:
  • First/last observed dates (PH time):
  • Volume of reports/victims (if known):

VIII. Frequently Asked Questions

1) I only saw ads but never signed up. Can I still report? Yes. Provide ad URLs, screenshots, and page/group identifiers. Your report still helps.

2) Can NTC block the site right away? NTC generally acts upon proper legal basis and inter-agency coordination (e.g., law-enforcement findings, regulator verification, or court/competent authority orders). Detailed submissions speed up decisions.

3) I paid via e-wallet/crypto. Can I recover funds? Recovery is uncertain. Prompt reporting increases chances of freezing assets (via AMLC/LEO action) and tracing beneficiaries.

4) The operator claims an “offshore” license. Does that legalize operations here? No. An offshore license typically does not authorize targeting or servicing players in the Philippines.

5) Should I file with NBI as well? You may. Parallel reports can help, but keep case numbers consistent and inform each office to avoid duplication.

6) Will I have to testify? Possibly. If you are a victim or a key witness, prosecutors may need your testimony and evidence authentication.

IX. Reporter’s Checklist (One-Page)

  • Verified that platform is not duly authorized in PH.
  • Captured screenshots/videos of key pages and payment flows.
  • Listed all URLs/subdomains/IPs/app IDs and ad links.
  • Compiled payment proofs and timestamps.
  • Computed file hashes; kept originals read-only.
  • Prepared Complaint-Affidavit and Technical Indicator Sheet.
  • Filed primary report with PNP-ACG; obtained reference number.
  • Submitted incident report to DICT/CICC (for coordination).
  • Filed complaint with NTC requesting blocking (citing indicators and ACG reference).
  • Optional: Notified PAGCOR, NBI-CCD, and (if applicable) AMLC.

X. Key Takeaways

  • Illegal online gambling cases are cyber-enabled; treat them like cyber incidents with proper evidence preservation.
  • PNP-ACG is your primary law-enforcement destination; DICT/CICC coordinates; NTC can block access through ISPs upon proper basis.
  • Detailed, well-organized submissions materially accelerate enforcement.
  • Do not engage further with operators; avoid entrapment and additional losses.
  • Keep receipts, reference numbers, and stay responsive to follow-up requests from authorities.

If you want, I can turn your facts and files into a ready-to-print complaint pack (affidavit + exhibits + indicator sheet) so you can submit it to the proper offices right away.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login