The Accuracy of the Government's Explanation Regarding R.A. no. 10372

Are the explanations (FAQs) made by Malacanang on the amendments to the Intellectual Property Code of the Philippines, accurate?

I. Introduction

One of the major hindrances to development that have beset several major industries within the Philippines, including but not limited to music, movie, and computer industries, is the problem of copyright piracy. For example, the International Intellectual Property Alliance, on its 2010 Special 301 Report on Copyright Protection and Enforcement, reported that the Philippine music and record industry suffered a loss of US$ 112.1 Million in 2009 due to copyright piracy whereas the business software industry suffered a staggering loss of US$126.4 Million, also due to copyright piracy[i]. The same report also noted that a high percent rate of Business Software End – User Piracy, hinders the growth of the Information Technology Sector of the Philippines. Corollary, the same report cited a study which stressed that a decrease in the level of Business Software End – User Piracy will result in job creations which said to be likely within thousands thereby not only improving software industry but ultimately, improving the Philippine Economy as well[ii].

With piracy being rampant within the country, the IIPA in the same report recommended that the Philippines be elevated from their Watch List to the Priority Watch List[iii]. However, due to significant legislations that were recently enacted such as the Anti – Camcording Act of 2010, the 2012 Special 301 Report made by the United States Trade Representative (USTR) maintained the country’s position as one of those under their Watch List thereby preventing its elevation to the Priority Watch List[iv].

However, another significant legislation that must be noted is R.A. no. 10372 which provides for numerous and major amendments on some parts of the Intellectual Property Code of the Philippines (R.A. no. 8293). R.A. no. 10372 is significant because it basically provides for major amendments to the country’s Copyright Law, making it more compatible with today’s technologies, thus enabling it to combat the consequent problems, such as the different forms of copyright piracy. As stated above, Copyright piracy and infringement or the lack of copyright protection has been hindering the growth of some of the country’s major industries. Thus, in order to strengthen the copyright law, the following amendments were made, to wit:

1.              The creation of another bureau, which is the Bureau of Copyrights and other Related Rights which exercises functions, inter alia, original jurisdiction to resolve disputes relating to the terms of a license involving the author’s right to public performance or other communication of his work, accept, review and decide on applications for the accreditation of collective management organizations or similar entities and to conduct studies and researches in the field of copyright and related rights[v];

2.              New provision expanding and empowering the Director General and Deputies Director General the power to undertake enforcement functions supported by concerned agencies (PNP, NBI, Opitical Media Board, etc.) and more controversially, to conduct visits during reasonable hours to establishments and businesses engaging in activities violating intellectual property rights and provisions of the IPC based on report, information or complaint received by the office and such other functions in furtherance of protecting IP rights and objectives of the Code.

3.              Provisions defining ‘Technological Measure’ and ‘Rights Management Information’[vi] and the consequent penalties for their infringement[vii];

4.              Amendment providing for the option to deposit with the National Library (or Supreme Court if the work is within the field of law) two (2) complete copies or reproductions of the work[viii]. With this, an owner of a copyright or other related rights may further produce more evidence that the copyright pertains to him thereby reinforcing protection from infringers;

5.              Deletion of Sections 190.1 and 190.2 of the Intellectual Property Code which originally provides, among others, the conditions vis – a – vis the importation of a copy of a work for personal use. The deleted Section 190.1 (a) provides, among others, that if the copies of the work are not available in the Philippines, such importation for personal use may be made without the prior permission or authorization of the copyright owner provided that not more than one (1) copy at one (1) time must be imported if strictly for personal use, and if such copies shall be used for religious, charitable, or educational society or institution duly registered or is for the encouragement of the fine arts, or for any state school, college university or free public library, the importation may be made without prior permission or authorization from the copyright owner provided that the copies imported do not exceed three (3) copies. Further, the deleted Sec. 190.1(b) provides when copies that form parts of libraries and personal baggage’s belonging to persons or families coming from foreign countries and are not intended for sale, the deleted section required that it must not exceed three copies[ix]

6.              Amendment defining a person who commits an infringement[x]. Worthy of note is the new Section 216 (b) of R.A. no 10372, which provides that those benefiting from infringing activities of another shall also be guilty of infringement provided that the person benefiting has been given notice of the infringing activity and that the latter has the right and ability to control the activities of the other person. Under this newly created Section, establishment owners who allow tenants to sell pirated CDs, DVDs, etc. may now become liable for infringement.

With the enactment of R.A. no. 10372, one can observe the government’s efforts to strengthen the country’s Copyright Law in order to combat the continuing problem of piracy within the country. With the enactment of the law, even landlords or mall owners may become liable for infringement; thus, expanding the coverage of people who may become liable for copyright infringement. However, the law obviously has flaws and they are not minor flaws. The law is constitutionally infirm. Worthy of note is the amendment expanding and empowering the Director General and its Deputies to conduct visits during reasonable hours to establishments and businesses engaging in activities violating intellectual property rights and provisions of the IPC based on report, information or complaint received by the office. With such amendment, a question arises whether the Director General has the power to conduct ‘visits’ even without a search warrant. Gleaning from the letters of the law, it can be inferred that they can conduct such visits without a search warrant and thereby blatantly violating the right against unreasonable searches and seizures, which is one of the constitutionally enshrined and guaranteed rights.

Another amendment to take note is the deletion of Sections 190.1 and 190.2 of the Intellectual Property Code. This is the amendment where Overseas Filipino Workers take concern because under the deleted sections, persons coming from abroad can import copies of works without prior permission or authorization from the copyright owners. With such omission, however, the question that would arise is whether the importation of copies of works for personal use may still be made without being liable for copyright infringement.

In connection with the flaws and questions arising from the amendments made by R.A. no. 10372, the government issued the “FAQs on the amendments to the Intellectual Property Code of the Philippines”[xi], which answers the different questions arising from the law including the questions brought about by the above controversial amendments. Although the government may be lauded for explaining some points for concern regarding the law, the question remains: “Are the explanations (FAQs) made by Malacanang on the amendments to the Intellectual Property Code of the Philippines, accurate?

II. Accuracy of the” FAQs”

Under the “FAQs on the amendments to the Intellectual Property Code of the Philippines”, the government’s explanations or answers can be summarized as follows[xii]:

1.     Persons can still import books, CDs and DVDs coming from abroad as long as such were legally purchased. As long as that such imported works were legally purchased, a person coming from abroad can import as many copies as one wants subject of course to Customs Regulations; this is so because R.A. no 10372 deleted Sec. 190.1;thus, removing the original limitation of three (3) copies.

2.     The reproduction of a copyright material for personal purposes does not, per se, constitute infringement. Infringement in this context, is said to refer to the economic rights of the copyright owner. Thus, it is said that if you transfer music from a lawfully acquired CD into a computer, then download it to a portable device for personal use, then you didn’t commit infringement. The case would be different however, when the work is reproduced in multiple copies for the purpose of selling them. In such a case, infringement occurs.

3.     The possession of, for example, a music file procured through an infringement activity will not constitute copyright infringement provided that it can be proven that the person benefitting from the music file has knowledge of the infringement, and the power and ability to control the person committing the infringement.

4.     Jailbreaking or rooting of a phone or device is not per se illegal. What is illegal is making use of such jailbroken or rooted phone in order to engage in infringing activities.

5.     Mall owners can now be made liable for the infringing activities of their tenants provided however, that the mall owner has benefited from such infringing activities and has been given notice of the infringing activity and that the latter has the right and ability to control the activities of the other person.

6.     It is legal and therefore constitutional for the Intellectual Property Office (IPO) to visit businesses in order to conduct searches based on complaints, reports or information. However, if the IPO will conduct a search and seizure, they will first need to obtain the necessary search warrant. A search warrant will not, however, be necessary if the IPO shall be accompanied by either the Bureau of Customs or Optical Media Board, which are said to have the power to conduct searches and seizures in their own right even without a warrant.

In view of the foregoing explanations or answers, I submit that the above – mentioned “FAQs” specifically explanations numbers one (1), two (2) and six (6), are not accurate based on the following arguments:

First, the importation of copies of works for personal purposes under Sec. 190 of the Intellectual Property Code, as amended, is not only limited to Books, CDs and DVDs. A person coming from abroad can still import other copyrighted products. Further, with the new law omitting Sections 190.1 and 190.2, it still can be argued that the government’s explanation has no legal ground to stand on. The original Sec. 190.1 of the IPC granted persons coming from abroad the right to import copyrighted materials, subject to certain conditions, which can be asserted. As the law stands now, no right could be asserted because of the complete omission of Sec. 190.1 of the IPS. It must also be emphasized that R.A. no. 10372 maintained the original Sec. 190.3. Thus, the Commissioner of Customs with the approval of the Secretary of Finance, can still enact rules and regulations for preventing the importation of infringing materials. With this, the rules may provide for limitations against the importation of copies of infringing materials.

Second, the definition of ‘reproduction’ was also amended. The term now includes temporary and partial reproduction. Thus, if a person will partially reproduce a copyrighted law book with commentaries to be used temporarily because most of his classmates do the same, then such person and including the classmates may still be held liable for infringement because under the amended law, one of the ways of committing infringement is when such is committed with knowledge of infringing activity, induces, causes or materially contributes to the infringing conduct of another. In view of the foregoing, the government’s explanation under explanation number two (2) is misleading because the explanation given does not really constitute reproduction but a transfer of a lawfully purchased copyrighted material from one personal device to another.

Third, the government explains that the amendment expanding and empowering the Director General and its Deputies to conduct visits during reasonable hours to establishments and businesses engaging in activities violating intellectual property rights and provisions of the IPC based on report, information or complaint received by the office, is legal and in itself constitutional. I submit that such explanation is not accurate and is outright misleading. The Constitution guarantees the right against unreasonable searches and seizures and protects it through safeguards such as prior procurement of warrants. Although the Constitution protects such a right, it does not prohibit searches and seizures. Searches and seizures can be lawfully made when such is reasonably done; it is reasonable when the search and seizure was made with a warrant or if without a warrant, such is one of the recognized warrantless search. However, under the amended law, a mere report of an infringement activity filed with the Intellectual Property Office (IPO) will be sufficient to enable the latter to visit businesses in order to conduct searches. Thus, if a person reports to the IPO that an Office uses pirated software’s, then the IPO already can make the ‘visit’.

Although the government’s explanation under the ‘FAQs’ tried to separate a “visit” from “search and seizure”, it still did not provide for a demarcation line between them. Thus, it can still be argued that a “visit” is similar, if not, substantially the same as with “search and seizure”. This is supported by the fact that the IPO can conduct warrantless search and seizures if accompanied by the Bureau of Customs or the Optical Media Board. With the foregoing, the IPO can conduct an initial ‘visit’ then if they find violations to the IPC, then they can call the Bureau of Customs or the Optical Media Board in order to raid the establishment and thereby effecting a warrantless search and seizure.

III. Conclusion

Although the problem of copyright infringement and piracy within the country can still be described as severe, the government, in enacting laws that would combat such problem, must do so in a manner that will not infringe the Constitution or any fundamental constitutional right. Based on the 2010 IIPA Special 301 Report on Copyright Protection and Enforcement, the IIPA recommended that the Philippines should ensure search warrants are obtainable on a reasonable and timely basis consistent with international law and that they are not easily quashed[xiii]. Thus, even international standards on intellectual property, recognizes the significance of search warrants. The legislative branch of government should be careful in enacting laws that would trample the rights of others even if such persons were willfully engaged in selling pirated CDs and DVDs. This is so because a wrong can never cure another wrong. For this matter, the explanations made the government through the “FAQ’s on the Amendments to the Intellectual Property Code of the Philippines” should be the one that must be amended due to some inaccuracy that would lead the public to the wrong conclusion about R.A. no. 10372.

In view of the foregoing, I submit that some explanations made by the government through the “FAQ’s on the Amendments to the Intellectual Property Code of the Philippines” are inaccurate.

 

---

[i] 2010 Special 301 Report on Copyright Protection and Enforcement. International Intellectual Property Alliance (IIPA). Accessed May 18, 2013 at http://www.iipa.com/rbc/2010/2010SPEC301PHILIPPINES.pdf.

[ii]id.

[iii] Id.

[iv] 2012 Special 301 Report. United States Trade Representative. Accessed May 18, 2013 at http://www.ustr.gov/sites/default/files/2012%20Special%20301%20Report_0.pdf. P. 49

[v] Sec. 1 in relation with Sec. 2 of R.A. no. 10372

[vi] Sec.6, R.A. no. 10372

[vii] See Sections 22-23, RA. No 10372

[viii] Sec. 16, RA 10372

[ix] See deleted Sections 190.1 and 190.2 of R.A. no 8293

[x] Sec. 22, R.A. no. 10372

[xi] FAQs on the Amendments to the Intellectual Property Code of the Philippines. Accessed May 18, 2013 at http://www.gov.ph/2013/03/08/faqs-on-the-amendments-to-the-intellectual-property-code-of-the-philippines/

[xii] id.

[xiii] 2010 Special 301 Report on Copyright Protection and Enforcement. International Intellectual Property Alliance (IIPA). Accessed May 18, 2013 at http://www.iipa.com/rbc/2010/2010SPEC301PHILIPPINES.pdf.

Data Privacy Act of 2012 and the Institution of a National ID System

Will R.A. no. 10173, otherwise known as the Data Privacy Act of 2012 provide sufficient mechanism to the introduction of a National Identification System in the Philippines without the Constitutional issues that arose in the case of Ople v. Torres (293 SCRA 141, (1998))?

I. Introduction

Poverty has always been the tremendous and almost uncontrollable problem the country has ever and will continue to face. According to the National Statistical Coordination Board (NSCB), poverty incidence among the Philippine population was estimated at 27.9% during the first semester of 2012, which was .9% and .7% lower than the poverty incidence rates of the first semesters of the years 2006 and 2009[i]; thus, poverty incidence, even after six (6) years, still remain virtually unchanged notwithstanding economic growth[ii]. How come? One cause may be attributed to an inefficient public service wherein the provisions of basic social services for the people are hampered by the problem of red tape within the Philippine government bureaucracy. One solution can curb such problem within the government and that is the institution of a National ID System.

The promise of a National ID System is that it will improve government services by cutting the red tape and thus, streamlining legitimate transactions between the government and its people. Further, the basic feature of the system would beneficially aid in preventing the commission of fraud and misrepresentations in obtaining basic social services that are provided by the government. Indeed, a National ID System promises numerous benefits and convenience for both the government and the people. And that is why the Philippine Government had made attempts to implement such a system. One attempt was when former Philippine President Fidel V. Ramos issued Administrative Order no. 308 (A.O. no. 308) on December 12, 1996, which sought for the “Adoption of a National Computerized Identification Reference System”. A.O. no. 308 sought to provide a facility for the benefit of Filipino citizens and foreign residents in order for them “to conveniently transact business with basic service and social security providers and other government instrumentalities”, and also “to properly and efficiently identify persons seeking basic services on social security and reduce, if not totally eradicate, fraudulent transactions and misrepresentations”. However, A.O. no. 308 was deemed as unconstitutional by the Supreme Court in the case of Ople v. Torres (293 SCRA 141).

In the said case, the majority ruled that A.O. no. 308 involves a subject that is not appropriate to be covered by a mere administrative order because the latter, which relates to specific aspects in the administrative operation of government, must be in harmony with the law and should be for the sole purpose of implementing the law and carrying out the legislative policy[iii]. But more importantly, the majority opined that A.O. no. 308 violated the fundamental right to privacy as enshrined by the Constitution. The majority held that even assuming arguendo that the Adoption of a National Computerized Identification Reference System can be contained in an administrative order, the same constitutes a violation against the fundamental right to privacy because A.O. no. 308 was not narrowly drawn and did not contain any provision that will provide safeguards against indiscriminate disclosure of information regarding the data subjects and from other potential abuses[iv]. On the other hand, the dissenters of the same case argued that the determination of the constitutionality of A.O. no. 308 was premature because no injury was committed to anyone; thus, there was no case or controversy that was appropriate or ripe for determination[v]. Unlike the majority, the dissenters did not have high regard to the right to privacy. It must be emphasized however, that the case was resolved in 1998 wherein technologies like the Internet was still new and social networking was still in its infancy. If the case was decided today, I believe that the dissenters would have ruled differently because the significance and benefits of the right to privacy had grew immensely due to the rapid technological advances. The significance of the right to privacy was acknowledged by the Philippine Congress when it enacted into law, R.A. no. 10173, otherwise known as the Data Privacy Act of 2012. Under R.A. no. 10173, personal information in information and communication systems are afforded with protection and other safeguards from unlawful disclosures and other abuses, which are threats to privacy.

Indeed, a National ID System is very promising but there are potential dangers especially to the fundamental right of privacy that must be considered before it is instituted. That is why I believe that the Supreme Court correctly ruled when it deemed A.O. no. 308 as unconstitutional in Ople v. Torres (293 SCRA 141).  However, with the enactment of R.A. no. 10173, the majority opinion in the Ople case regarding the potential dangers to the right to privacy may have lost its ground. Thus the question:

Will R.A. no. 10173, otherwise known as the Data Privacy Act of 2012 provide sufficient mechanism to the introduction of a National Identification System in the Philippines without the Constitutional issues that arose in the case of Ople v. Torres (293 SCRA 141, (1998))?

II. Body

In order to answer the above question, there is a need to know the salient features of R.A. no. 10173, otherwise known as the Data Privacy Act of 2012.

Salient Features of R.A. no. 10173

In declaring its policy, the law not only acknowledged the significance of protecting the fundamental right of privacy but also recognized the vital role of information and communications technology in nation building and its inherent obligation to ensure that personal information in information and communications systems in government and in the private sector must be secured and protected[vi]. Thus, in order to keep its avowed policy, the law created the National Privacy Commission, the functions of which are, inter alia, ensure compliance of personal information controllers and ultimately ensure that the Data Privacy Act is implemented[vii]. But it must be emphasized that the Commission was also empowered to receive complaints, investigate and adjudicate matters relating to personal information and to review, approve, reject or require modification of privacy codes in order to meet the standard that will ensure data protection[viii]. Thus, the law created a quasi – judicial body that possesses the required expertise in the field of information technology and data privacy. With such creation, persons aggrieved may now seek for remedies within the Commission instead of going to judicial courts, which do not possess the level of expertise that the Commission does. Also, the creation would obviously produce convenience and speed up the process in adjudicating a matter affecting personal information.

Another salient feature of the law is that it provides for numerous safeguards that will secure and protect personal information. Several of those safeguards are found in Chapter III of the law, which provides for General Data Privacy Principles, Criteria for Lawful Processing of Personal Information and the Sensitive Personal Information and Privileged Information. [ix]  Under the General Data Privacy Principles, the processing of personal information shall be allowed subject of course, to the provisions of the Data Privacy Act and other laws and the same be made for legitimate purpose and proportionality. The General Data Privacy Principles enunciate that personal information must be collected for specified and legitimate purposes only, processed in a fair and lawful manner, and in a way such that it is compatible with the declared and specified purpose and that the processing must be made for as long as necessary for the fulfillment of the purposes for which the data was obtained or as necessary for the establishment, exercise or defense of legal claims or for legitimate purposes or as provided by law[x]. It is important to note that in reading the General Principles, such principles emphasize that the processing of personal information must be lawful and for a legitimate purpose. So one may ask, when is the processing considered lawful? Under the law, the processing shall be considered lawful and permitted only if: 1. The processing is not prohibited by law and; 2. When at least one of the conditions exist[xi]:

a.     Data subject has given his or her consent;

b.     The processing is necessary and is related to the fulfillment of a contract with the data subject;

c.     The processing is necessary for compliance with a legal obligation to which the personal information is subject;

d.     The processing is necessary to protect vitally important interests of the data subject, including life and health;

e.     The processing is necessary because of a national emergency, public order and safety or in order to fulfill functions of public authority which necessarily includes the processing of personal data for the fulfillment of its mandate;

f.      The processing is necessary because of legitimate interests pursued by a personal information controller of by a third party to whom the data was disclosed subject to fundamental rights enshrined under the Constitution.

In view of the above principles, criteria and conditions, it is worthy to note that the Data Privacy Act of 2012 is sufficiently detailed and narrowly drawn such that the potential dangers or threats to privacy are sufficiently allayed. But notwithstanding the foregoing, the law still provides for several other safeguards. One of them concerns Sensitive Personal Information and Privileged Information[xii].  Under the law, the processing of Sensitive Personal Information and Privileged Information are, as a general rule, prohibited unless the case warranting the processing falls under the exceptions expressly enumerated under Sec. 13, of the Data Privacy Act. Thus, if the case does not fall under the exceptions, the processing is prohibited.

Moving forward, the Data Privacy Act also expressly enumerated the statutory rights of the data subject, thereby strengthening and providing more safeguards for the protection of their personal information and right to privacy. Under the law, the data subject has the right to be informed and be furnished information regarding the processing of his personal information and to reasonably access, upon demand matters pertaining to the processing of his personal information including, inter alia, the names and addresses of the recipients, the manner by which the data were processed and the reasons for the disclosure of the personal information to recipients[xiii].

Another salient but peculiar feature of the Data Privacy Act is the weight of responsibility given to a personal information controller. As discussed above, the National Privacy Commission was created with the function of ensuring that personal information controllers comply with the provisions the Data Privacy Act. The Data Privacy Act not only provides the duties of a personal information controller as gleaned from Sec. 20 of the same law, but the same also expressly provides, among others, that each personal information controller is responsible for personal information under its custody, including information that have been transferred to a third party for processing, whether domestically or internationally[xiv]. Such a responsibility is amplified by the penalties prescribed under Chapter VIII of the law.

  Another salient but also peculiar feature of the law is found under Chapter VII, which provides for the Security of Sensitive Information in Government. Under Sec. 23, an agency personnel or employee can access sensitive personal information if allowed by the head of an agency, who under Sec. 22, is the one responsible for complying with the security requirements provided by the information and communications industry and the Commission. Observing Chapter VII, it can be gleaned from the provisions contained therein that the term “processing” is absent but instead use the term “access”; thus, it can be inferred that the government employees is limited only to an access to such sensitive personal information unless the case involved falls within the exceptions provided under Sec. 13 of the same law.

The last but one of the most important salient features of the law is the penalties. The prohibited acts and corresponding penalties would logically toughen the safeguards already mentioned above. Furthermore, the law provides for an additional penalty of disqualification occupy public office when the prohibited act is committed by a public officer. Under the Chapter VIII of the Data Privacy Act, the following acts are penalized[xv]:

1.     Unauthorized Processing of Personal Information– punishable by imprisonment from one (1) year to three (3) years and a fine ranging from P500,000.00 to not more than P1,000,000.00[xvi];

2.     Unauthorized Processing of Sensitive Personal Information – punishable by imprisonment from three (3) to six (6) years and a fine ranging from P500,000.00 to P4,000,000.00[xvii];

3.     Accessing Personal Information Due to Negligence – punishable by imprisonment from one (1) year to (3) years and a fine ranging from P 500,000.00 to P1,000,000.00[xviii];

4.     Accessing Sensitive Personal Information Due to Negligence – punishable by imprisonment from three (3) to six (6) years and a fine ranging from P500,000.00 to not more than P4,000,000.00[xix];

5.     Improper Disposal of Personal Information – punishable by imprisonment from six (6) months to two (2) years and a fine ranging from P100,000.00 to not more than P500,000.00[xx];

6.     Improper Disposal of Sensitive Personal Information – punishable by imprisonment from one (1) to three (3) years and a fine not less than P100,000.00 to not more than P1,000,000.00[xxi];

7.     Processing of Personal Information for Unauthorized Purposes – Punishable by imprisonment from one (1) year and six(6) months to five (5) years and a fine ranging from P500,000.00 to P1,000,000.00[xxii];

8.     Processing of Sensitive Personal Information for Unauthorized Purposes – punishable by imprisonment from two (2) years to seven (7) years and a fine ranging from P500,000.00 to not more than P2,000,000.00[xxiii];

9.     Unauthorized Access or Intentional Breach – punishable by imprisonment from one (1) to three (3) years and a fine ranging from P500,00.00 to not more than P2,000,000.00[xxiv];

10.  Concealment of Security Breaches Involving Personal Information – punishable by imprisonment from one (1) year and six (6) months to five (5) years and a fine ranging from P500,000.00 to not more than P1,000,000.00[xxv];

11.  Malicious Disclosure – punishable by imprisonment from one (1) year and six (6) months to five (5) years and a fine ranging from P500,000.00 to P1,000,000.00[xxvi];

12.  Unauthorized Disclosure – punishable by imprisonment from one (1) year to three (3) years and a fine ranging from P500,000.00 to P1,000,000.00 if the disclosure involved is personal information; if sensitive personal information, punishable by imprisonment from three (3) to five (5) years and a fine ranging from P500,000.00 to not more than P2,000,000.00[xxvii].

Are the Salient Features of R.A. no. 10173 Sufficient?

Now that the salient features of the law have been discussed, we can now determine whether the Data Privacy Act of 2012 possess sufficient mechanisms for the introduction of a National ID System without the Constitutional issues that arose in the Ople case. So is it sufficient? IT DEPENDS. In the Ople Case, A.O. no. 308 was nullified based on two grounds: 1. A.O. no. 308 involves a subject not appropriate to be covered by a mere administrative order and; 2. A.O. no. 308 violated the right to privacy.

With regard to the first ground, if the National ID System will be promulgated by way of another administrative order, then such shall fail. This is because an administrative order must be based upon a law; there is nothing in the contents of the Data Privacy Act of 2012 that it speaks of a National ID System.

On the other hand, if the National ID System is promulgated by way of a statute then any argument as to any usurpation of legislative power shall definitely be rendered to be without basis. Further, if the National ID System is promulgated by way of a statute or legislative act, then the Data Privacy Act of 2012 can apply suppletorily. In such a case, the numerous safeguards under such law will undoubtedly subdue the potential dangers and fears that a National ID System creates. With this, the potential dangers and threats to the fundamental right to privacy as opined by the majority in the Ople case would be substantially subdued. And even assuming arguendo that the statute or law containing the National ID System is not narrowly drawn and that it contain no or less safeguards that will ensure protection to data privacy, the Data Privacy Act of 2012 will cure such a defect because the latter will apply suppletorily and as observed, is narrowly drawn, detailed and provides for numerous safeguards that will ensure protection and security to data privacy and ultimately, to the right to privacy. Simply put, the Data Privacy Act possesses sufficient mechanisms to ensure that the fundamental right to privacy will be protected and secured when a National ID System should in case becomes a law and subsequently implemented.

It also must be emphasized that R.A. no. 10173 was based upon the EU Parliament Data Privacy Directive[xxviii] and the APEC Privacy Framework.[xxix] With this, the international standards for data privacy protection set by the EU Parliament Privacy Directive and the APEC Framework, was also instituted in R.A. no. 10173, bolstering the claim that the latter possess sufficient safeguards for the protection of data privacy. Thus, such international standards can apply when the National ID System is promulgated and implemented.

III. Conclusion

As discussed above, a National ID System is very promising. The only major setback from making such system to be enacted into law by our legislature is the potential dangers and threats it has against the fundamental right to privacy, which is enshrined and guaranteed by our Constitution. However, because of the enactment of R.A. no. 10173, otherwise known, as the Data Privacy Act of 2012, such potential dangers and threats shall be substantially allayed provided however, that the Data Privacy Act will apply to the law containing the National ID System. If it would thus apply, then the safeguards provided under the law will certainly help ensure that the personal information and sensitive personal information under the National ID Law will be secured and protected from unlawful processing, disclosure, access and other abuses.  In view of all the foregoing, I submit that R.A. no. 10173, otherwise known as the Data Privacy Act of 2012, provides for sufficient mechanisms and safeguards that will ensure that the fundamental right to privacy will be protected and secured when a National ID System should in case becomes a law and subsequently implemented.

It is worthy to note of H.B. no. 6895 or “An Act Establishing the Filipino Identification System”[xxx]. The House Bill basically provides for the institution of a National ID System. If such bill will be enacted into law, it will help improve government services by cutting the red tape and thus, streamlining legitimate transactions between the government and the people.

---

[i] Poverty Incidence Unchanged, as of first semester 2012 – NSCB. National Statistics and Coordination Board, April 13, 2013. http://www.nscb.gov.ph/poverty/defaultnew.asp. Accessed May 4, 2013.

[ii] Olchondra, Riza and Burgonio, TJ. Stellar Economic Growth at 6.6%. Inquirer Business, Feb. 1, 2013. http://business.inquirer.net/105219/neda-ph-economy-grew-by-6-6-in-2012. Accessed May 4, 2013.

[iii] Ople v. Torres (293 SCRA 141).

[iv] Id. Majority Opinion penned by Justice Puno

[v] Id. See dissenting opinions of Justice Kapunan and Justice Mendoza

[vi] Sec. 2, R.A. no. 10173

[vii] Sec. 7, id.

[viii] Sec. 7 (b)(j), id.

[ix] Chapter III, Processing of Personal Information, (Sec. 11-15) R.A. no. 10173; See definition of Processing under Sec. 3(j).

[x] Sec. 11, R.A. no. 10173.

[xi] Sec. 12 (a-f), R.A. no. id.

[xii] See Sec. 3(k) and Sec. 3(l) for definitions, id.

[xiii] See Sec. 16, id.

[xiv] Sec. 21. Principle of Accountability, id.

[xv] Under Sec. 33 of R.A. no. 10173, any combination or series of acts as defined in Sections 25-32 shall make the offender liable for imprisonment ranging from three(3) years to six (6) years and a fine not less than P1,000,000.00 but not more than P5,000,000.00

[xvi] Sec. 25, R.A. no 10173.

[xvii] Id.

[xviii] Sec. 26, id.

[xix] Id.

[xx] Sec. 27, id.

[xxi] Id.

[xxii] Sec. 28,id.

[xxiii] Id.

[xxiv] Sec. 29, id.

[xxv] Sec. 30,id.

[xxvi] Sec. 31, id.

[xxvii] Sec. 32,id.

[xxviii] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML. Accessed May 4, 2013.  


[xxix] APEC Privacy Framework. http://www.apec.org/Groups/Committee-on-Trade-and-Investment/~/media/Files/Groups/ECSG/05_ecsg_privacyframewk.ashx. Accessed May 4, 2013.

[xxx] Copy downloadable at http://www.congress.gov.ph/