Rosales, Arvin Francis

SY 2012-2013, Second Semester


Data privacy

Does anyone hate you? Is anyone threatening your life? Well today is your lucky day. When your information is posted in the internet its like showing to the whole world your crotch or your vagina. Such pa part is so private, and so as the information about as that only our friends and relatives may know. Pretty lucky for those who are the attention seekers because everyone may know if they want to stalk him or her. Even the celebreties doest want that to happen.. And pretty worse for the normal ones who wants to live a peaceful life and those who have lots of enemies who are recieving lots of death threats because the killer may know where they live and where they work..

Just like the “amalayer kid” who confronted scandalously the ladyguard at the lrt2 anonas station. Though she has her fault by making a scandal but some asshole video recorded her while doing it and exposed it in the internet… Where everybody can see it. And there is this audition video on mix that she undergone a vtr for the new mix vj that is supposed to be private and kept secret on the records of abscbn, but still again another asshole posted it on the internet which caused her another disgrace.. Another headline that the social media may talk about.. But we dont know if she may be enjoying the attention or the popularity or the celebrety feeling that everyone knows her. For a normal person with integrity, that is one hell of trouble.

It seems that Information Technology and Business Process Outsourcing industry by making it in line with International Standards of Privacy protection will benefit the most maybe because they are the ones that will act as the observer here and for it to prosper is that the government will need a lot of sklls from the information technology field. They said that our era is the technology era where computer specialist will be the in demand ones rather than any other professionals. Yeah, maybe because of this. That our world will not rotate if it were not for the computer experts and programmers. For me they are like the police man and detectives of this law because they are the only ones who can identify and track the culprits which are the computer and internet hackers.

Now Republic Act No. 10173 or the Data Privacy Act of 2012 is signed by the president, what will happen to all the computer users, well almost everybody uses the computer nowadays. It says that the law Applies to the processing of all types of personal information and to any natural or juridical person involved in personal information processing including those personal information controllers and processors who, although not found in the Philippines, use equipment that are located in the Philippines or those who maintain an office, branch or agency in the Philippines

Republic Act No. RA 10173 or Data Privacy Act of 2012 was approved by PNOY last August 15, 2012. It is an act protecting individual personal information in Information and Communication System in the Government and Private Sector, creating for this purpose a National Privacy Commission and for other purposes. The National Privacy Commission will administer and implement the provisions of this Act and to monitor and ensure compliance of the country with International Standard sets for data protection.

Its says there that the personal information controller must implement reasonable and appropriate organizational, physical and technical measures intended for the protection of personal information against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing. So we computer users must be afforded with protection regarding our personal information against any accidental or unlawful destruction, alteration and disclosure and also to any other unlawful processing. The personal information controller shall implement reasonable and appropriate measures to protect personal information against natural dangers such as accidental loss or destruction, and human dangers such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination. So we are also protected from all hackers that may unlawfully access, fraudulently misuse, unlawfully destroy, alter or contaminate our computer data with fatal viruses. Thus it will protect our personal information against natural danger such as accidental loss or destruction. The determination of the appropriate level of security under this section must take into account the nature of the personal information to be protected, the risks represented by the processing, the size of the organization and complexity of its operations, current data privacy best practices and the cost of security implementation. Subject to guidelines as the Commission may issue from time to time, the measures implemented must include:

(1) Safeguards to protect its computer network against accidental, unlawful or unauthorized usage or interference with or hindering of their functioning or availability;

(2) A security policy with respect to the processing of personal information;

(3) A process for identifying and accessing reasonably foreseeable vulnerabilities in its computer networks, and for taking preventive, corrective and mitigating action against security incidents that can lead to a security breach; and

(4) Regular monitoring for security breaches and a process for taking preventive, corrective and mitigating action against security incidents that can lead to a security breach.

Just like the one who invented the ILOVEYOU, also known as Love Letter, is a computer worm that successfully attacked tens of millions of computers in 2000 when it was sent as an attachment to a user with the text “ILOVEYOU” in the subject line. The worm arrived e-mail on and after May 4, 2000 with the simple subject of “ILOVEYOU” and an attachment “LOVE-LETTER-FOR-YOU.”. The final extension was hidden by default, leading unsuspecting users to think it was a normal text file. Upon opening the attachment, the worm sent a copy of itself to everyone in the Windows Address Book and with the user’s sender address. It also made a number of malicious changes to the user’s system. Now he works in the pentagon for his incredible skills in programming that may be used by the united states of america. But isnt he suppose to be in prison because of what he did? He invented a virus that contaminated millions of internet users. Or if not, yes because he has outstanding skills that can be used by the government, why not the philippine government and instead the united states? It just reflects the fact that filipinos are just supplier of their outstanding skilled citizens. And it also relfects that there is no opportunity here in our country thats why many filipinos choose to work for other countries and not their own because here in the philippines a lot of filipinos say that “kahit gano ka katiyaga wala kang mapapala” which is true except for those who already have an stablished life. Also the personal information controller must further ensure that third parties processing personal information on its behalf shall implement the security measures required by this provision. So even thirdpersons are responsible and may be held liable if they fail to implement in behalf of the personal information controller the implementation of the security measures required by the law. The employees, agents or representatives of a personal information controller who are involved in the processing of personal information shall operate and hold personal information under strict confidentiality if the personal information are not intended for public disclosure. This obligation shall continue even after leaving the public service, transfer to another position or upon termination of employment or contractual relations. So the employees, agents or representatives of the personal information has a fiduciary relationship with the person owning the information. They must not disclose the information they know by way of their responsibility with their job as a personal information controller. Just like a relationship between lawyers and their clients and confession between priest and a catholic. And the sweet part is even after their term of service they must still remain in concealing the information disclosed to them by the user by the rest of their lives. The personal information controller shall promptly notify the Commission and affected data subjects when sensitive personal information or other information that may, under the circumstances, be used to enable identity fraud are reasonably believed to have been acquired by an unauthorized person, and the personal information controller or the Commission believes (bat such unauthorized acquisition is likely to give rise to a real risk of serious harm to any affected data subject. The notification shall at least describe the nature of the breach, the sensitive personal information possibly involved, and the measures taken by the entity to address the breach. Notification may be delayed only to the extent necessary to determine the scope of the breach, to prevent further disclosures, or to restore reasonable integrity to the information and communications system. The information technology experts must take responsibility for the preservation of the communication system. In evaluating if notification is unwarranted, the Commission may take into account compliance by the personal information controller with this section and existence of good faith in the acquisition of personal information. and the Commission may exempt a personal information controller from notification where, in its reasonable judgment, such notification would not be in the public interest or in the interests of the affected data subject. it also says that the Commission may authorize postponement of notification where it may hinder the progress of a criminal investigation related to a serious breach. I dont like the part where the law gives the commission the power to postpone notification where it may hinder the progress of criminal investigation. Yeah the inaction of postponement will be a hindrance to the delivering of the service but it is still violence against to the right of an individual. However, it is correct that the right of the collective is greater than the right of an individual


Magna Carta for Internet

Towards the end of the 20th century, the world exponentially changed because of the advancement in technology. From telegram, telephones, radio, cell phones to the invention of the Internet, communication has been easier like never before and different types of information can be accessed anytime wherever you are. Business transactions became easier as well as personal communications and it has opened a wide range of possibilities that made it possible to create somewhat a duplicate world of electronic space.

Undeniably, the Internet is a very useful tool for communication and information gathering and dissemination, a useful tool for business, education and a lot more. But as useful as it can be, it has evidently posted several threats not only to the private lives of individuals but as well as to public institutions and even to some states of nations by nature of cyber hacking, bullying, stealing identities and or of private information, piracy and many more.

With these realities that we now face in the usage of Internet, there have been many efforts to regulate Internet use throughout the world. But as we all know the Internet is a complex intertwine of different networks from all over the world. It has no core author and it’s so complex that regulating interactions might be seriously difficult.

But despite this circumstance, there have been a lot of efforts to put restrictions in this chaotic space. In the Philippines, we have the Electronic Commerce Act RA 8792, Data Privacy Act RA 10173, Public Telecommunications Policy Act RA 7925 and the recently passed and suspended Cyber crime Prevention Act RA 10175 of 2012 which have gained attention towards its passing. Right now its implementation has been suspended because of human rights issues and its provisions about cyber libel.

On the effort to lobby better legislations for Internet regulation, another bill is introduced to the congress.“The Magna Carta for the Philippine Internet Freedom”by Senator Miriam Defensor Santiago. Is this a better law for the Internet? Would the Filipinos graciously adapt this law or would it again post unconstitutionalities and or violations against human rights? Let’s examine this bill and find out if it is necessary to pass an Internet law right now in the Philippines or should we let the status quo as it is.

Generally, the bill is about the rights of “Netizens”, cyber defense, cyber security and the Rules and Regulations that would govern the use of the Internet.Somehow, Filipinos have expressed their belief that it is possible to regulate the Internet provided that their freedom of expression and privacy will not be compromised.

Chapter 2, Section 3, paragraph 21 defines cyber intelligence as “the collection of plans, policies, programs, measures, mechanisms and weapons designed to defend the Philippines from cyber attack”. Does cyber intelligence in its process include the power of the authorities to look through private datum of individuals?

Chapter 3 lays down the Internet rights and Freedom of the Netizens. It is interesting to see that the bill still supports an open network despite the efforts of regulating it. It will just mean that there are still no boundaries as to what and up to what is the jurisdiction of the Philippines in the cyber space. But unless, the government will hire the best of the best Internet programmers, it will be hard for the government to monitor all Filipino websites and contents. Remember that Filipino programmers have been known worldwide in 2000 when the ‘I LOVE YOU’ worm infected millions of Windows computer all over the world. With their skills in computer language, it’s either the government hire them or they will be the government’s number one headache.

Another question that should be answered is who are the people that are governed by this law? If the Philippines remain to be an open source it would it be possible for the government to trace whether a user is indeed a Filipino citizen? Yes, it is possible for them to trace unique IP address but how can you make sure that you are targeting the right people from the right Internet content deemed to be violating the law?

In chapter 5 the bill designated the Department of Information and Communications Technology as the led agency for oversight. To create a separate department for this should be given a tough thinking. On the other hand, involving six agencies to be involved in implementation is good however; it must be made sure that there is cooperation and collaboration within the said agencies. The senator was referring to the Cybercrime Prevention Act of 2012 or Republic Act 10175, which various sectors criticized for allegedly violating freedom of expression and giving the government too much power over Internet users. For me, the main purpose of the internet is communication which started through just plain emails and eventually evolved to these social networking sites such as facebook and blogsites. True that it has a critical effect to all internet users which binds them as one in some situations but the thing is they must not be restricted in doing such act because it is their right and doing such act is not a criminal act because it is up to the reader weather to believe in such statements. The user that posted such is just expressing his thought or feelings which is the main purpose of the website. If cybercrime law took effect, the internet here in the Philippines will be corrupted just as the martial law during the time of late president Marcos did, its just that now will take effect on the internet. If such case would happen the internet will be a mere dead space and yeah everyones mouth will be covered with black tape and anyone who removes it will be penalized. A very tragic situation. Santiago’s bill is the latest among efforts of lawmakers to correct the law. Other senators and congressmen have filed bills amending provisions in the Act. Santiago said her bill will address the loopholes in the law and achieve its objectives. “While it is important to crackdown on criminal activities on the Internet, protecting constitutional rights like free expression, privacy, and due process should hold a higher place in crafting laws,” she said. The following are the improvements Santiago cited. First is the real-time collection of traffic data. Santiago said her bill addresses criticism of the provision allowing state agents to collect real-time traffic data, which she said violates the right to privacy. “In contrast, the Magna Carta ensures due process by providing strict guidelines for any collection of any data, including the securing of warrants, obligating notification, and limiting seizure to data and excluding physical property.”

The Magna Carta will be more effective and taken lightly because it will give notice to the user that he is liable and the government will want to go into his privacy. Unlike the cybercrime that allows the government to be god like that can do everything without respecting the rights of the users that may be liable. In this case the government will ask first the permission of the user before doing such act. Second is on the so-called “takedown clause”. Santiago said her bill does not have the so-called “takedown clause,” which allows government to block or restrict access to a website or network even without a court order. “My bill specifically provides for court proceedings in cases where websites or networks are to be taken down, and prohibits censorship of content without a court order.” Santiago said the “takedown clause” is dangerous. The Justice Department though has said the phrase is a misnomer, because blocking or restricting of the data will not be done arbitrarily. And the third is on double jeopardy. The senator said the Magna Carta prohibits double jeopardy, unlike the Cybercrime Prevention Act. She said under the Act, people can be prosecuted for violations against it and for those under the Revised Penal Code and special laws even though the offenses are from a single act. Just like what the criminal law applies, the Magna Carta also applies such as the right against double jeopardy which is the right of the accused. Santiago said the Magna Carta was the result of crowdsourcing. She said a group of concerned citizens including software designers, IT specialists, academics, bloggers, lawyers and engineers approached her office with a draft of the bill. She said the draft was based on discussions on social media. If passed into law, SB No 3327 will be the first law to be created through crowdsourcing she said. In this statement, I truly agree that the Magna Carta will be a lot effective than the Cyber Crime Law because it has the opinion of all the experts regarding the jurisdiction of the law which they drafted carefully and fully opinionated from different views that’s why the bill is more lenient than the former. Sen Teofisto Guingona III, the lone senator who voted against the Cybercrime Prevention Act, has also pushed for crowd sourcing as he crafts amendments to the law. Another worth noticing provision is the inclusion of installation and separation policies with regards to service providers because it is an often issue to subscribers.

When it comes to cyber crimes, I am quite confident with the provision laid in the bill but again it all comes down to its implementation and the identification of jurisdiction in the Philippine cyber space.

One issue that really led to the unsuccessful cyber crime law is its provisions on libel. While Cyber crime Law made cyber libel punishable, the Magna Carta for the Philippine Internet Freedom has specifically identified libel with the exception of expression of protest against the government, NGOs and when it is intended for private messaging. Quite better than the former provisions of Cyber crime Law.

The Internet is a unique accidental technology I suppose. There is no central unit that controls it or is there anyway to fully regulate it except if you control Internet access providers in a country, if you can. But as for now, I don’t think that regulating the Internet is a good idea for the Philippine government. I doubt that they will be successful with it. Just the thought that up to now they still cant regulate text messaging and call services from service providers what more with a much complex space like the Internet.

But we are not saying not to regulate it we just believe that it is too early and the laws governing the Internet is so vague as to jurisdictions and identifications of content. The Internet will still be evolving and laws too should. Right now, it is true that it is still insufficient, but the The Magna Carta for the Philippine Internet Freedom is a good start. Santiago said the Magna Carta for Philippine Internet Freedom will define and penalize cybercrimes while protecting rights and freedoms. Based form what senator Miriam Santiago’s statement, the Magna Carta for Philippine Internet Freedom will be more effective and reasonable towards the “Netizens” because it is more lenient than the Cyber Crime Law. Thus I think the latter law is open to changes because Senator Miriam Santiago named it with version 2.0. just like with computer programs, it can be upgraded. And I admire her style by matching the name with the jurisdiction of the law. It’s rare for some law makers to do such act.

The Magna Carta does not suffer from overbreadth and vagueness in its provisions on libel, unlike the law it tries to replace. In fact, it treats libel as a civil liability rather than a criminal act, which is a step forward in the move to decriminalize libel. I think this is a good proposal to the “Netizens” because being titled as a criminal is a big deal. While posting something on Facebook, Twitter, Instagram or other social networking sites that may be a bit offending or libelous may put a person in jail and called as a criminal is a bit I think exaggerated to happen. In that case, population of criminals will sky rise just for the reason of expressing their thoughts through the net.

Advertisements
1 comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: