Paat, Hazel Anne

SY 2012-2013, Second Semester


How the Data Privacy Act Impacts Me Personally

I am studying Law but I did not bother to read this Act until this was required in my subject, Technology and the Law. Indeed, it deserves to be given a closer look and how this Act will impact me as a person, in the legal profession and in the society to which I live in.

1. Personally

I know that personal information submitted to government agencies such as PAG-IBIG, SSS or LTO or NSO are not totally private or personal information exclusive only to the access of staff of said government agencies. It can be made available as public records to anyone who has a legal purpose, right connection and money to buy such information. Before one knows it, it has already been sold to an advertising company, or to a credit card company and one begins to wonder why one suddenly receives phone calls from strangers who pretend they know them personally. To one’s surprise they have an accurate personal information of the person and all he needs to do is to confirm it with them! You start thinking if someone just sold your personal data? Or did you just lost an ID card and somebody found it and your personal information has gone public? Or having to experience that there is a record of a current Loan in SSS or PAG-IBIG when the member has not really availed of such loan. This shows that somebody had an access of the SSS/PAG-IBIG details of the subject and it was used by somebody else. But the member/subject has to pay it and he cannot do anything otherwise his alleged outstanding loan will balloon or his retirement benefit will get affected! If none of these make sense, then you realize, nothing is safe now these days including safeguarding one’s own identity! Before this Act, one is as helpless as anyone else on what to do if these things happen.

Personally, I think the Data Privacy Act is an answer to the growing violation against the basic human right, the right to privacy. Privacy to personal data information is what this Act is aimed to protect. It protects and safeguards personal information of private individuals like me so that personal information are not readily available and accessible to the public or to anyone who may just want to access personal information, misuse or steal an identity. The coming of this policy must have been adopted in the United States or other countries where digital technology is far more advanced and security of personal data is of prime importance. The Philippines, which is a little bit behind is just catching up. Many controversies pertaining data privacy must have been encountered, either recorded or unrecorded, thus the birth of this Act. Indeed, it will protect private invidual’s right to privacy, the right to life and the freedom to live in the way one wants without it looking at one’s shoulder that one is watching his/her life! I hope that the Implementing Rules and Regulations will clarify provisions of the Act that may be vague.

Before one could have process personal or data information, or process sensitive information, the request must pass through several layers of approval which to me indicates that getting access to personal data or information of the subject is indeed difficult. This assures the subject that before one could have access to his personal details, on top of the layers of approval, it further needs the subject’s consent. So before one could access to my personal data information, I need to be informed and my consent will be needed before any information will be released to any requesting party. The Act puts limit to the extent of personal information that one can only gained access thereto.

I believe this Act will protect my right to privacy and will prevent any difficult situation for identity theft or from misuse which will put me in danger. I just hope that Implementing Rules and Regulations will have a clear-cut procedure so that unscrupulous individuals will not use it to their advantage and benefit from it.

The limitation that the Act does not apply to any officer or employee of a government institution is welcoming in line with the transparency of the government employee or official in charge of processing or keeping of personal data information. This will deter the government employee to hide information that will pertain to any conflict of interest or financial interest that he or she may be protecting and might just be using the Act to protect his own interest.

II. As to the Legal Profession

I will still discuss my opinion in line with the legal profession as this is personal to me, being a student of law. Personally, it protects and safeguards my personal data information and it puts integrity to the goverment agencies who collect personal data. However, I think that this Act will provide a shield to the criminal offenders, recidivists, accused or those who were already convicted. Before the information commission may release data information to the Court, one needs the consent of the accused, convict or criminal. Who in his right mind will incriminate himself and permit anyone to collect information that maybe later be used against him? Speaking of the fruit of the poisonous tree, any information obtained that will violate the human rights or without affording due process to the individual cannot be used as an evidence against him in any court, administrative body or tribunal. How will this be addressed in the Act’s Implementing Rules and Regulations? Will this be taken into consideration?

The restriction to the access and processing of personal data information have no exemption like giving authority to validate the identity of a criminal, bank transactions that will prove he has been involved in anti-money laundering activities or has assumed another person’s identity. He will be able to hide and disguise his identity and be scot free. Access to sensitive information such as bank deposits and transactions, civil status, blood type, etc. cannot be secured because one needs his consent in order to be able to access and process such personal information. Any person who has committed a crime and may not want anyone to gain access of his person data information may just properly invoke this Act. At worst, the subject can even file a complaint against the individual who secured sensitive personal information when he should be the one to be charged for the crime he has committed.

One that is also pointed out in this Act is the level of approval that needs to be sought before one could have access to the data information needed and it has also certain limitations to the number of personal information allowed. Consent of the person is required before one have an access to it. Again, this will reinforce the doctrine against self-incrimination.

Will this Act cover the ‘General Waiver’ being signed by applicants who seek employment in companies? An example of a General Waiver will state the following:

By my signature on this application, I:

a. Authorize the verification of the above information and other necessary inquiries that may be necessary to determine my suitability for employment.

b. Affirm that the above information is true.

________________________________
Applicant’s signature

Can the employer in private corporatations invoke this ‘General Waiver’ to check on the employment background and history, personal information of an applicant such as, existing loans in any government agency or bank, criminal records? If this cannot be invoked and the Act prevails, how will the employer protect its business? How do you safeguard the right of the employer to their right of information pertaining to the people that they hire or do you take into consideration the ‘General Waiver’ signed by the applicant? Can the employee invoke and take advantage of the provisions of this Act to cover his illegal activities, his past wrongdoing in the previous employment? Is the ‘General Waiver’ clause unconstitutional? Should it be stricken out from the employer’s hiring application form?

The pyramiding scam, the most recent ‘Aman Futures’, victimized so many people and robbed them off of their livelihood in Mindanao. The persons involved may be charged with syndicated estafa if their guilt is proven. They claimed that they were issued with the Certificate of Registration by Securities and Exchange Commission. If their personal data were accessed prior to the establishment of the organization, will the Securities and Exchange Commission issue the Certificate of Registration?

The Penalty for unauthorized processing of personal information range from one year to three years with a fine of not less than P500,000 but not more than P2,000,000 while the processing of sensitive information is penalized by imprisonment ranging from three years to six years and a fine not less than P500,000 but not more than P4,000,000. Even access due to negligence is also being penalized in this Act. The fine in this Act is a lot higher compared with other offenses in the Revised Penal Code. To me, it does not commensurate to the special law violated. Although penalties in the Revised Penal Code really need to be revisited since those were still made during the Spanish regime or adopted from the Spanish Penal Laws, the penalties of this Act seem too harsh for such violation/s.

What provisions in the Act which shall be in conflict with the provisions of the Revised Penal Code? Were these reconciled? Will the Implementing Rules and Regulations clarify any provisions in conflict with other Laws?

I also think that this Act will curtail the freedom of speech of Journalists. They will not be able to collect or gather personal information or gain access to sensitive information and cannot just publish it as they will be penalized for gaining access to. Again, the unscrupulous individuals can use this Act to protect themselves . What if the Journalist’s reports open the pandora’s box and will uncover more illegal activities involving powerful and influential people or even extend to our territorial waters, can this Act just be invoked so their right is protected?

The society or community must also be informed and educated about this Act so they know their rights. It must be relevant and should cover many areas including employment, etc.

III. Conclusion

To conclude, this Act definitely protects public interest and safeguards a person’s basic right to privacy. One feels safer and secured that nobody will assume or steal your identity or that your data information you have submitted for any legal purpose is not accessed or misused or changed unless you consent or authorize it. With proper implementation, this Act will be used for a more orderly, safer society.


RA 10175 or Magna Carta for Philippine Internet Freedom?

Is the Magna Carta for Philippine Internet Freedom better than the Cybercrime Law?

The controversial Republic Act 10175 or known as Cybercrime Law of 2012 was signed by President Benigno Aquino III on September 12, 2012 [1] and was made effective last October 3, 2012, fifteen (15) days after its publication. Since then, it has been the subject of hot debates and protests questioning about its constitutionality. Media claims that it curtails press freedom. Invitation to sign up the petition against it was posted in the internet. [2] Every internet user who has the opportunity to voice out their opposition against said law made it as a shout in their ‘FB’ or Facebook account or some have spoken out in chanced television interviews. Every reaction is based on a person’s personal interpretation [3] of the law as the implementing Rules and Regulation is yet to be issued.

In response to petitions filed, the Supreme Court issued a temporary restraining order (TRO) to stop the the implementation of Republic Act No. 10175 Act of 2012 for 120 days. The SC, in its regular full court session, also set oral arguments on the cases on January 15, 2013. [4] Senator Miriam Defensor Santiago authored the Senate Bill 3387 or the Magna Carta for Philippine Internet Freedom.

The law and the senate bill shall be dissected and understood in the light of my own understanding and appreciation of the law and the bill.

1. Scope- The scope of Republic Act 10175 is limited to the definition of cybercrime, providing for its prevention, investigation, suppression and imposition of penalties and used the “all catch” phrase, for other purposes. Whereas, the Senate Bill 3327 or Magna Carta for Ineternet Freedom is wider in scope as stated in its long title and to quote, “An Act Establishing a Magna Carta for Philippine Internet Freedom, Cybercrime Prevention and Law enforcement, cyberdefense and national cybersecurity.” From the title of the Magna Carta alone, it respects the right or freedom to use the internet but it puts a limitation to this for those who will misuse, abuse or disuse it. Magna Carta as defined By Merriam-Webster dictionary is a charter of document consituting a fundamental guarantee of rights and privileges. Indeed, the bill authored by Senator Miriam Santiago did not just simply made a definition of what a cybercrime is but it emphasized that is both a right and privilege. As a right, the State recognizes it but as a privilege, such right will need to be regulated. The scope also covered Cyberdefense and National Cybersecurity. In the Cybercrime Law, it defined only cybersecurity in its definition of terms and referred to all the provisions in the Revised Penal Code for other violations related to the national security. The Revised Penal Code was made effective way back in January 1, 1932 [5] and there are no computer or cybercrime to speak of at that time. This, did not fill in the missing detail of the law.

2. Declaration of Policy – Both the Cybercrime Law and Magna Carta in the declaration of policy recognized the vital role of communication and information in nation building. However, the policy in Magna Carta is all-encompassing and reiterates that the laws and implementing rules and regulation is in accordance with the 1987 Philippine Constitution. It affirms the State’s commitment to the Filipino people for the observance of constitutional rights and the implementation of constitutional law, which is supreme to all other laws. It guaranteed that the constitutional rights of the people are given primary importance, which was not stated in the Cybercrime Law. The policy of the Magna Carta is very detailed and comprehensive. It tries to show that it will take a balancing act considering all the interests of the people, from the impact to its users, down to the respect for the basic rights and even to the innovation and development of programs to enhance the Philippine economy by harnessing information and technology. Whereas, Cybercrime Act focused on the detection, facilitation and prevention of cybercrime.

3. Definition of Terms – Obviously, the definition of terms in the Magna Carta is much wider in scope as it enumerated, clarified and standardized computer lingo by using world wide web and technically accepted terminologies. While Cybercrime Law limited itself with only 17 definition of terms, Magna Carta has 60 terms, excluding sub-definitions. A technical terminology per se is already difficult to undertand especially for a layman or non-information technology person and not all computer users are technical savy. With more terms being defined in the Magna Carta, it will set a common understanding of the technical terms and this will minimize misinterpretation and remove vagueness of the provisions of the law.

4. Law versus Bill –In Section 16 of Chapter IV (Duties Related to the Promotion of Internet Freedom) on duties and state agencies and instrumentation, it designates that the Department of Information and Communication as the lead agency, for overseeing the development and implementation of plans, policies and programs on the use of internet and information and technology in the Philippines but in coordination with other agencies which are likewise responsible with other related laws of the land. In the same way in the Cybercrime Law, the lead agency in charge for the implementation of the law is the Office of the Cybercrime which will be under the Department of Justice. I think the Department of Information and Technology is the proper agency to do the job since it will have experts(lawyer, technocrats or Information Tehcnology practioners or Computer Engineers) , the very people who understand science and technology hamornizing with the Constitution and other laws of the land as well as with international law. Changes with the Rules of Court shall also be effected as this produces a new classification of evidence. With a clearer Implementing Rules and Regulations, the Magna Carta will establish which evidence are relevant or irrelevant. Since Technology is dynamic and evolving, it will also be the right agency to prepare the Implementing Rules and Regualtions and draft Special Procedures, update new information, etc.

The Magna Carta also proposed the creation of a special court for cybercrime cases which I agree. The said court will handle all cybercrimes cases just like tax cases for Tax of Appeal, or Family Courts for domestic cases. The procedures may be incorporated under Special Proceedings of the Rules of Court.

In the Magna Carta6, it proposed an amendment in the Intellectual Property Law, In Chapter 3, Section 18 of the Magna Carta for Philippine Internet Freedom, it defined intellectual property rights over internet based creation which was not yet defined in the Intellectual property Code. The proposed amendment in the Intellectual Property Law as quoted below:

(n) CODE, SCRIPTS, COMPUTER PROGRAMS, SOFTWARE APPLICATIONS, AND OTHER SIMILAR WORK, WHETHER EXECUTABLE IN WHOLE OR AS PART OF ANOTHER CODE, SCRIPT, computer programs, SOFTWARE APPLICATION OR OTHER SIMILAR WORK;.

Without this specific provision, it will be broad and vague as to classify the form of intelellectual creation or if the Intellectual Property Law can define it – how does this creation be protected by the said law, the same way that industrial design or utility model is. This form of intellectual creation already abound but the right of the creator remains unprotected. This adds to the enumeration of the different forms of intellectual creations and remove vagueness and misinterpretation of the law. The Cybercrime Law is supposed to protect technology inventions or intellectual creation but such was not made clear in the Cybercrime Law of 2012. The Cybercrime Law provides for the penalties for its violation but limited the different cybercrimes to cybersecurity, violation against integrity of the information, cybersquatting without including the protection of intellectual creation and those to be considered as intellectual creation under this form.

The Magna Carta also proposed to amend Section 172 of the Intelellectual Property Code,

172.2. Works are protected by the sole fact of their creation, irrespective of their mode or form of expression OR PUBLICATION, as well as of their content, quality and purpose.

If any work is protected by this proposed Magna Carta regardless of any form of publication, does it mean that any audio-visual presentation or article written or videos uploaded in the internet will be protected by this Magna Carta? Is the sexual act or any similar act videotaped be considered as an intellectual creation? Will an intellectual creation of a sexual act taken/videotaped by the parties, one of them uploaded it in a social network and was downloaded by another internet user be considered a violation of an intellectual property on the basis of the proposed provision? Of course, this is protected by the Republic Act 9995 or Anti-Photo and Video Voyeurism Act of 2009″, as stated in the prohibited act, (d) To publish or broadcast, or cause to be published or broadcast, whether in print or broadcast media, or show or exhibit the photo or video coverage or recordings of such sexual act or any similar activity through VCD/DVD, internet, cellular phones and other similar means or device. [7] But how do this law be harmonized in the Magna Carta?

Section 11 of the Magna Carta also covered local Internet Service provider which protects the consumers of internet service and the providers alike. Right now, there is no direct agency where complaints can be filed against internet service providers which charges expensive fees but quality of cable connection is not satisfactory. Complaints are passed on to the Customer Service Relations Officer of a subcontracted agency but more often no feedback are given to consumers or if there is, no solution is offered to them. An irate consumer may just decide to shift to another provider but there are only few players in the market which leaves the poor consumer to just get used to the bad service. The agencies that assist customer complaints can be the Department of Trade and Industry for consumer products or the National Telecommunications commissions for calls or SMS related concerns. However, because of the volume of complaints, it is difficult for these agencies to act on all these. The Magna Carta stipulated one important and relevant concern of consumers when it comes to postpaid users of SMS, cable or cellular phone usage that is the correction of errors [8] in the billing statement issued by the service providers. To wit,

Section 20 (E) TIMELY CORRECTION OF ERRORS IN BILLING AND THE IMMEDIATE PROVISION OF REBATES OR REFUNDS BY THE UTILITY WITHOUT NEED FOR DEMAND BY THE USER;

With the Magna Carta, the right of the consumer on rebates and refunds without need of refund is protected.

It clarifies ambiguous provisions of the Anti-Trafficking in Persons Act of 2003 but how will a foreign national based in his country and is involved in human trafficking by advertising, promoting Filipino women or prostitute in the internet? Will this not be beyond the jurisdiction of the Philippines even if Article Two of the Revised Penal Code provides this as an exemption? Is this considered an international law? Is this covered by a treaty?

Under the Revised Penal Code, Libel is defined as public and malicious imputation of a crime, or of a vice or defect, real or imaginary, or any act, omission, condition, status, or circumstance tending to cause the dishonor, discredit, or contempt of a natural or juridical person, or to blacken the memory of one who is dead [9]. The Magna Carta introduced a new genre of libel – that is internet libel. However, it is defined in the same way as libel is defined in the Revised Penal Code.

Internet libe1 [10]. – Internet libel is a public and malicious expression tending to cause the dishonor, discredit, or contempt of a natural or juridical person, or to blacken the memory of one who is dead, made on the Internet or on public networks.

There is really no need to introduce this term as this will be covered under the Revised Penal Code’s definition of Libel.

The Cybercrime Law seemed to have been ‘half-baked’, just for the purpose of having a law to penalize cybercrimes than none at all. The increasing issues on cybercrimes or violation against internet use must be the driving force why the lawmakers have rushed into legislating for one. However, the law has vague and broad areas that invite many misinterpretation. While, the Cybercrime Law appears to be a shortened or an abridged form of a copied law, the Magna Carta is so comprehensive in its provisions that one may get ‘lost in translation’ and you may wonder if you are reading the provisions of Intellectual Property Law or still the Magna Carta of the Internet Freedom Use. Nevertheless, it is a better and comprehensive version of the Cybercrime Law. Therefore, the Cybercrime Law must be repealed by this Magna Carta of Intenet Freedom authored by Senator Miriam Santiago!


Endnotes

[1] Republic Act 10175, Section 31, Page 17.

[2] “I will not be silenced….NO TO RA 10175”, http://www.nujp.org/no-to-ra10175/. 08 January 2013.

[3] Toral, Janette, Digital Filipino, http://digitalfilipino.com/introduction-cybercrime-prevention-act-republic-act-10175/. 09 January 2013

[4] Panaligan, Rey G. “Cybercrime Law Stopped”. Manila Bulletin Publishing corporation, http://www.mb.com.ph/articles/376433/supreme-court-issues-tro-against-ra-10175-or-cybercrime-prevention-act-2012#. 09 January 2013.

[5] Republic Act 3815, Article 1.

[6] Santiago, Miriam Defensor. S. B. 3327, Magna Carta for Philippine Internet Freedom.

[7] Republic Act 9995, “Anti-Photo and Video Voyeurism Act of 2009”, Section 4. d.

[8] Santiago, Miriam Defensor. S. B. 3327, Section 20 (E), Magna Carta for Philippine Internet Freedom.

[9] Revised Penal Code. Title 13, ‘Crime Against Honor’, Chapter 1, Section 1, Article 353.

[10] op. cit. Section 33, A.1.

Advertisements
1 comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: