SY 2012-2013, Second Semester
- How “Data Privacy Act of 2012” affects the life of every individual?
- Is the Senate bill introduced by Senator Santiago, relevant to Magna Carta for Internet User, a better law than the Cybercrime Law RA 10175?
RA 1O173 will give so much impact not just to me personally, but also to those people who are covered by this law. To begin with, personal information is defined as “any information whether recorded in material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information.”
We all know that personal information of a person reflects to the identity of a person, whatever details that are incorporated to that personal information must be properly managed and well handed, otherwise it may be used against and may destroy to the dignity and reputation of a person who owns such details.
It is a right of a person to secure his/her own personal information, and no one has the right to use it against him/ her. Although there are instances wherein personal information of a person may be used against him, provided that such use is in accordance and permitted by the law, otherwise it will constitute to a violation of his human rights, specifically his right to privacy.
Nowadays, some people don’t know the real meaning of right to privacy, because unintentionally and intentionally they tend to invade the privacy of others. They invade the privacy of others through unauthorized collection, gather and use of others information. Everyone is vested of its own Constitutional rights, however in exercising our rights, we should take into considerations some factors and limitations in order not to violate or invade the others rights. Every right that is vested by our Constitutions and laws correspond to responsibilities. For example, I have the right to privacy; I can exercise such right to others who want to invade my privacy. In the same manner, while others exercising their right to privacy, out of due respect, I must also observe their rights, by not intruding or any action that may constitutes a violation to such right.
It is very easy to get the personal information of others, because of the availability in the internet. Some people do not know that putting their respective personal information in the internet may be used against them, and they don’t even know that such information is unsecured. Some websites that provide the personal information of a person are, facebook, twitter, and any other social websites, however, the said websites do not automatically generate the personal information of a person, it relies on the end user of such websites, meaning, the end user may control a certain information that may appear in a definite website. Being an end user of a certain website, we must know as to what extent of information are we going to use and put in a website, only those information that are relevant to our purpose that should appear in the website, otherwise too much information that are not relevant to our purpose may be used by some that may destroy our reputation and personality as a person.
Sometimes we can’t control or secure our personal information because our respective employers have the control and management over it; they may give our personal information to those interested parties even without our authorization. By reason of a good consideration either money or anything that has a value in exchange for the personal information of the employee, the employer tend to offer to an interested party, even the fact that the said employer knows that it will constitute to a violation of privacy of a person who is the subject the of the swap over.
The law must provide a something that will protect our personal information through the rules and regulations and laws that our government must implement for the protection of every individual against to those violators of privacy.
Is it necessary for us to have a specific law that will manage and control the data processing. As we look at the old setting regarding the collection and distribution of information, anyone can access others information whenever they want, without observing the privacy of others in connection with their information. It is like saying, my information is open for everyone whether I give my consent or not, because anyone can access it and distribute it to those who need my personal information. This kind of set up which happened prior to the enforcement of the law (RA 10173) caused so many problems for the government and to individuals; it resulted to number of crimes in connection with the unauthorized gathering and collection of personal information of others.
Now that there is a specific law in regulating the personal data of individuals in information and communications system in the Government and private sectors, the RA 10173 or also known as “ Data Privacy Act of 2012” will strictly control the distribution and collection of personal information. The use of internet by the end users should be in line with the said law; otherwise there is a corresponding penalty in violation of the RA 10173.
The law has its specific coverage wherein the said law may be enforced, under section 4 it provides that “This Act applies to the processing of all types of personal information and to any natural and juridical person involved in personal information processing including those personal information controllers and processors who, although not found or established in the Philippines, use equipment that are located in the Philippines, or those who maintain an office, branch or agency in the Philippines subject to the immediately succeeding paragraph: Provided, That the requirements of Section 5 are complied with.” However, the said law is not absolute, meaning there are exceptions wherein the personal information may be retrieved even without the consent or authorization of the person subjected for the personal information retrieval. According to the law, this will not apply to the following circumstances:
a) Information about any individual who is or was an officer or employee of a government institution that relates to the position or functions of the individual, including:
(1) The fact that the individual is or was an officer or employee of the government institution;
(2) The title, business address and office telephone number of the individual;
(3) The classification, salary range and responsibilities of the position held by the individual; and
(4) The name of the individual on a document prepared by the individual in the course of employment with the government;
(b) Information about an individual who is or was performing service under contract for a government institution that relates to the services performed, including the terms of the contract, and the name of the individual given in the course of the performance of those services;
(c) Information relating to any discretionary benefit of a financial nature such as the granting of a license or permit given by the government to an individual, including the name of the individual and the exact nature of the benefit;
(d) Personal information processed for journalistic, artistic, literary or research purposes;
(e) Information necessary in order to carry out the functions of public authority which includes the processing of personal data for the performance by the independent, central monetary authority and law enforcement and regulatory agencies of their constitutionally and statutorily mandated functions. Nothing in this Act shall be construed as to have amended or repealed Republic Act No. 1405, otherwise known as the Secrecy of Bank Deposits Act; Republic Act No. 6426, otherwise known as the Foreign Currency Deposit Act; and Republic Act No. 9510, otherwise known as the Credit Information System Act (CISA);
(f) Information necessary for banks and other financial institutions under the jurisdiction of the independent, central monetary authority or Bangko Sentral ng Pilipinas to comply with Republic Act No. 9510, and Republic Act No. 9160, as amended, otherwise known as the Anti-Money Laundering Act and other applicable laws; and
(g) Personal information originally collected from residents of foreign jurisdictions in accordance with the laws of those foreign jurisdictions, including any applicable data privacy laws, which is being processed in the Philippines.
According to the law, when this law is violated, there will be corresponding penalties to be imposed against such violators. The law provides that under section 33 “ Any combination or series of acts as defined in section 25 -32 shall make the person subject to imprisonment ranging from 3 -6 years and a fine not less than 1 Million but not more than 5 Million pesos “ . The penalties to be imposed are serious, considering the number of years of imprisonment and the value of fine that is why the people must take it into account.
The law provides for penal provision that will violate this law. The following are the different kinds of penalties as provided in RA 10173:
1.) The unauthorized processing of personal information or personal sensitive information – penalties are imposed on persons who process personal information without the consent of the data subject, or without being authorized under this Act or any existing law.
2.) Accessing Personal Information and Sensitive Personal Information Due to Negligence – penalties are imposed on persons who, due to negligence, provided access to personal information without being authorized under this Act or any existing law.
3.) Improper Disposal of Personal Information and Sensitive Personal Information – penalties are imposed on persons who knowingly or negligently dispose, discard or abandon the personal information of an individual in an area accessible to the public or has otherwise placed the personal information of an individual in its container for trash collection.
4.) Processing of Personal Information and Sensitive Personal Information for Unauthorized Purposes – penalties are imposed on persons processing personal information for purposes not authorized by the data subject, or otherwise authorized under this Act or under existing laws.
5.) Unauthorized Access or Intentional Breach – penalties are imposed on persons who knowingly and unlawfully, or violating data confidentiality and security data systems, breaks in any way into any system where personal and sensitive personal information is stored.
6.) Concealment of Security Breaches Involving Sensitive Personal Information – penalties are imposed on persons who, after having knowledge of a security breach and of the obligation to notify the Commission pursuant to Section 20(f), intentionally or by omission conceals the fact of such security breach.
7.) Malicious disclosure – penalties are imposed on any personal information controller or personal information processor or any of its officials, employees or agents, who, with malice or in bad faith, discloses unwarranted or false information relative to any personal information or personal sensitive information obtained by him or her.
8.) Unauthorized disclosure – penalties are imposed on any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party personal information not covered by the immediately preceding section without the consent of the data subject.
The primary purpose of this law is to give security of the personal information of private individuals and also the public entities. I think this law is good, if it can be enforced properly and there must be strictly enforcement of this kind of law in order to attain its purpose. The law is created to provide a good effect and not deteriorate the life of individuals.
There are certain procedures and requirements to be followed in order to have a processing of others personal information without violating the right to privacy. A person has the right to be protected on his personal information, because it is vital to someone’s identity. Let us say there is no law providing for the protection of every individual in relation to their particular personal information, if the personal information of a person is not protected or secured, the tendency of it, such person with respect to his identity, he will have no preservation on his personal information, because anyone may access it and use it to their respective purposes, as a result the person is deprive to have his identity to be secured.
The enforcement of this law will give benefits not only to individuals but also to other juridical entities as well. Like in the case for Business Process Outsourcing (BPO) sector in the Philippines, the enforcement of RA 10173 will provide protection for the personal digital data of private and public entities, because no one can easily retrieve or get some information on private individuals and also the public personalities. If one person wants to have information of the private or public entities, it must be reasonable and the law allows him to do so, otherwise there’s no way he can retrieve such information without violating the law.
Because of RA 10173, it will give a better business practices in companies and it will also attract local or foreign investors, because they know that their investments will be protected in a manner that the said law will provide a full security. Personal Information of private and public entities is available anywhere in the internet. Even without the authorization of the owner of such information, you may access it through of the use of the internet, as long as such information is readily available.
In observance of this law, I personally in favour of this law, considering the advantages that everyone will get, not as an individual but also to other businesses that manage and have the control on information processing. If all the information is protected and secured by our government, it will lessen crimes that may occur and such crimes shall be properly monitored by the appropriate government agency.
The enactment of law may be bad for some, because those people can no longer access the information of others at anytime they want due to the fact that the law prohibits and provides penalties like imprisonment or fine, or it can be both depending on the gravity of the act in which the said law is violated. Come to think of the total effect of this law, it will definitely improve the life of each individual because of the primary purpose why this kind of law is enacted. It depends on a person on how he/she is going to interpret it, whether he/she takes it as a good law, or on the other way around.
We all know that Computers have the power to make things easier, such as transmission of information, making things possible as the product of our imaginary minds, and other possible things we could ever imagine. The combination of computers with the internet give us the advantages to do things easily, however, for every advantage we get, there is a corresponding disadvantage also. Like for example, the dissemination of certain information easily can be considered an advantage, because we can easily disseminate information to respective recipients, but there is a disadvantage in the given scenario, like, it is true that we can disseminate information easily, but come to think of it, we can also destroy a person’s dignity or reputation by simply publishing false information against the person is concerned, at the same time we can also release false information anytime and anywhere at our own convenience. For every great convenience comes with a greater responsibility.
Observing the Cybercrime Law, known as RA 10175, and Senate Bill No. 3327, known as the Magna Carta for Philippine Internet Freedom (MCPIF), the expression of the Legislature is to protect the rights and freedoms of every Filipino in the world of cyberspace, by providing a corresponding penalty for criminal activities. However, the expression of the Legislature through passing a law, should be in accordance with the Constitutional rights guaranteed by the Constitution, such as right of expression, right to privacy and right to due process. The Constitution mandates these rights in order to protect the mankind, in cases there are abuses of authority on the part of the Congress in passing laws that will regulate and manage the people by the government.
If a certain law passed by the Congress which is not in line with the Constitutional rights guaranteed by the Constitution, such law or expression is not effective and it will constitute as in contrast as to what the law should be. The role of the Congress is very important in the government, because without Congress there will be no government.
The main function of the Congress is to craft laws and they should take into consideration the benefits that it will give to the Filipino People, and to protect their respective rights, however, such right must be regulated in order not to be abusive in exercising their rights. In regulating the rights of the people must be in accordance with the Constitution, so that it will not violate the Constitutional rights of people and the enforcement of the law will not become abusive.
Looking at the provisions in Cybercrime Law or also known as RA 10175 and comparing it in the provisions found in Senate Bill No. 3327 or also known as the Magna Carta for Philippine Internet Freedom (MCPIF), we can see the difference between the two;
According to Senator Miriam, RA 10175 is vague in its provisions in libel, while the proposed Senate Bill Senate Bill No. 3327 or also known as the Magna Carta for Philippine Internet Freedom (MCPIF) by Senator Miriam, it clarifies by treating the libel as a civil liability rather than treating it as a criminal act.
The RA 10175 provides criminalizing the libel by imposing an imprisonment and civil aspect, while in the latter provides a civil liability only without subject for imprisonment against the offender. The purpose of the bill is not to put the offender to double jeopardy, because it is a violation to our Constitution to subject a person to double jeopardy for a single act. Unlike in RA 10175, the libellous act of a person in the internet can be penalized by the said law without being prejudice the penalties provided by the Revised Penal Code and other special matters. To clear on the matter, the RA 10175 may impose penalties against the person who violates the provisions of RA 10175, at the same time can be also penalized by other laws for same act, unlike in the proposed bill, it is not applicable.
Another distinction between R.A 10175 and Santiago’s bill, it secures against illegal searches and seizures, unlike in R.A. 10175, wherein it violates the right to privacy and right against illegal search and seizure allowing warrantless in collecting information. While the Santiago’s bill, it guarantees due process in order to protect the Constitutional right of the person concern, and it provides rules, regulations, and guidelines in collecting a certain data. The Constitution provides a person has the right against illegal searches and seizures unless there is an order from a competent court.
According to Senator Miriam, her bill repeals the Cybercrime law, considering the Cybercrime law, may be considered as unconstitutional, as the Supreme Court has been suspended the implementation of the law through acting on at least 15 petitions questioning the constitutionality of RA 10175. The Supreme Court issued a 120 day Temporary Restraining Order in October.
The proposed Senate bill of Senator Santiago is addressing the certain issues or problems in RA 10175, known as Cybercrime law. It doesn’t mean that RA 10175 is not a good law, it is a good law, and however, there are things that need to be revised in the provisions of the said law in order to achieve a greater purpose of the law. Like in one of the provisions in RA 10175, giving the government the authority to restrict or block a website without due process of law. Such authority violates the Constitutional guarantee of due process, unlike in the proposed senate bill of Senator Miriam; it provides court proceedings in cases where the websites are subject for restriction or censorship.
In one of the provisions in the proposed Senate bill, it provides that “no person shall be deprived of internet access until and unless there is an order issued by a court of competent jurisdiction”. From this provision, we can see how the said bill upholds the Constitutional guaranteed right to due process as found in Section 1 of Article 3 of the 1987 Constitution, wherein it states that “No person shall be deprived of life, liberty, or property without due process of law”.
In contrast to one of the provisions in RA 10175, it says that “when a computer data is prima facie found to be in violation of the law, the DOJ has the power to issue an order to restrict or block access to such computer data”, in this provision it gives the government the apparent authority and the discretion to determine whether or not such computer data violates the law. The DOJ at its own convenience may exercise grave abuse of authority because of the fact that determination of violation lies on the discretionary power of the said agency.
Another flaw in one of the provisions in Cybercrime law, is that it allows double jeopardy through constituting a violation in its provisions at the same time prosecuting offenses in Revised Penal Code and other special laws, though the offense constituted a single act. It would be unfair on the part of the offender to be subjected to several penalties even though he only constituted a single act.
Under section 21 of the 1987 Constitution, it provides that “No person shall be twice put in jeopardy of punishment for the same offense. If an act is punished by a law and an ordinance, conviction or acquittal under either shall constitute a bar to another prosecution for the same act.”
As to the Constitutional guarantee, a person should not be placed under double jeopardy, unfortunately, the RA 10175 did not uphold this kind of right instead it stands against it.
The proposed Senate bill by Senator Miriam protects the Constitutional guarantee of freedom of speech and the right to express respective thoughts on the internet provided it is in compliance with the proposed senate bill by Senator Miriam.
The interesting part of the bill in giving the internet users especially the journalist the freedom to express their opinions or sentiments against the government without being subjected to prosecution or be held liable for their acts.
Knowing the differences between RA 10175 and the proposed bill by Senator Miriam, as per my opinion, the proposed Senate bill of Senator Miriam is better compare with the former, based on how it was crafted by Senator Miriam. However, considering that it is still a bill, it has no effect at all, only when such bill is raised and passed as a law.
We as Filipino people have the right to raise our own voices regarding how we want our rights to be protected and how things will be regulated by our own government. The passing of this senate bill into a law will not only benefit the present but also the future.
Laws that were passed by the Congress serve a big role in our economic growth, because the laws determine what should be regulated and restricted. If the laws were crafted well, it will help the economy grow; as a result it will also help the people.