Continuing to March in Rhythm Without Moving Forward.

I personally oppose. The epicenter of academic fracas or otherwise should neither be concentrated on the reproductive health bill, for men are cavemen whose libidos are interminably resilient; nor the new interior and local government Czar whose personality, happy and gay, contradicts the supposed temperament of the title. Academic efforts should not be centered on the new Supreme Court Chief Justice – we, at any rate, have close to three decades to scrutinize her. Let bygones be bygones – forgive the lawmakers who had nothing to throw in, so to say, and focus on matters which bid more import.

Matters which bid more import? I say an individual’s deep-seated right to privacy. These days, rampant are identity theft, leakage and dissemination of personal information, uncalled publicity of personal lives, government intrusion of private lives, and the list goes on and on.

           

Despite adversities, or undertakings unfolding before your very eyes, whether favorable or otherwise but mostly disheartening, a quiet time alone is what matters most without worrying that your privacy is being intruded. Whatever you do alone so long as it does not harm anyone or encroach on anyone else’s rights, is no one’s business. PRIVACY is what we yearn for at the end of the day. It is the cornerstone of self-identity. One of the very best things in life is a good night sleep – peaceful and unbroken.

Privacy is not a grant. It is an absolute requirement, though just like any other constitutional right, it is subject to limitations by the very same constitution. It is even an understated declaration to tell someone to mind his own business. As they say, even rock stars and the bright stars of pornography are entitled to privacy.

However, disappointing as it may be but as we would have thought, there is really no particular law pertaining to privacy in the Philippines. Provisions on the protection of privacy are scattered in different existing Philippine laws, viz: 

• Section 2 of the 1987 Constitution reads in part: “the right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures of whatever nature and for any purpose shall be inviolable xxx”. 

• Section 3 of the same provides: “the privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise, as prescribed by law”. 

• The E-Commerce Act (R.A. 8792), section 31 provides “access to an electronic file, or an electronic signature of an electronic data message or electronic document shall only be authorized and enforced in favor of the individual or entity having a legal right to the possession or the use of plaintext, electronic signature or file or solely for the authorized purposes. The electronic key for identity or integrity shall not be made available to any person or party without the consent of the individual or entity in lawful possession of that electronic key”. 

• The E-Commerce Act, Section 32 provides: “xxx any person who obtained access to any electronic key, electronic data message or electronic document, book, register, correspondence, information, or other material pursuant to any powers conferred under this Act, shall not convey to or share the same with any other person”. 

• The Rape Victim Assistance and Protection Act of 1998 (R.A. 8505), section 5 provides: “at any stage of the investigation, prosecution and trial of a complaint for rape, the police officer, the prosecutor, the court and its officers, as well as the parties to the complaint shall recognize the right to privacy of the offended party and the accused. Towards this end, the police officer, prosecutor, or the court to whom the complaint has been referred may, whenever necessary to ensure fair and impartial proceedings, and after considering all circumstances for the best interest of the parties, order a closed-door investigation, prosecution or trial and that the name and personal circumstances of the offended party and/or the accused, or any other information tending to establish their identities, and such circumstances or information on the complaint shall not be disclosed to the public”. 

• The Family Courts Act of 1997 (R.A. 8369), section 12, provides: “all hearings and conciliation of the child and family cases shall be treated in a manner consistent with the promotion of the child's and the family's dignity and worth, and shall respect their privacy at all stages of the proceedings. Records of the cases shall be dealt with utmost confidentiality and the identity of parties shall not be divulged unless necessary and with authority of the judge”. 
• R.A. 1405, as amended, is the act prohibiting disclosure of or inquiry into, deposits with any banking institution and providing penalty therefor.

Anyway, let’s not beat around the bush. The introductory part may well be considered mere jabber. The purpose is just to fill up this page. We all know the constitutional right to privacy. It is written in the very constitution. We need not search any further. 

In contrast, the enumeration of laws pertaining to privacy was culled from Commission on Information and Communications Technology’s (CICT) Mr. Philip A. Varilla’s report entitled “PRIVACY FRAMEWORK IN THE PHILIPPINES” (from Google.com). But the same is just as broad and general as the introduction.

The primordial aim of this write-up is to discuss the passage of the DATA PRIVACY ACT OF 2011 during the information and communications technology (ICT) era.

INFORMATION AND COMMUNICATIONS TECHNOLOGY

We have the overpowering emergence of ICT. As often heard, and as it has been substantiated, nay, implanted, the society we subsist in is one explicitly dependent on technology. It’s hard to catch up, but it’s harder to keep up. To live in a society practically reliant on technology, which we ourselves established, is already an ordeal in itself; how much more when hardly anyone has unqualified expertise on technology.

Through this handiwork, getting your hands on the personal information/background of another is readily obtainable. The obligatory compulsion to catch up with technology as an inevitable element of the latter-day civilization vis-à-vis the safeguarding and buttressing of the constitutionally enshrined right to privacy should be harmonized together like the fine tune of Mick Jagger’s Memo from Turner. While we attempt to catch and keep up with technological advancements, we should, more than ever, take into consideration the fundamental right to privacy.

But by the same token, the fundamental right to privacy is all together broad. Specifically, information that may be disclosed is the kind of information that may be obtained through Business Process Outsourcing (BPO).

BUSINESS PROCESS OUTSOURCING

In everyday parlance, it is what we term “call centers”. Basically, BPO is the process of hiring another company to handle business activities for you. It is distinct from information technology (IT) outsourcing, which focuses on hiring a third-party company or service provider to do IT-related activities, such as application management and application development, data center operations, or testing and quality assurance (www.sourcingmag.com).

In a nutshell, BPO is an emerging industry in the Philippines which has generated $11 billion in revenues through BPO contracts in 2011. Hence, there is no denying that BPO has economically lifted the Philippines.

DATA PRIVACY ACT OF 2011

Recognizing the significance of data protection to complement the profitable and growing BPO industry, our brilliant lawmakers, at least a number of them, took time off from the show business, extra-curricular activities and whatnot, to pass the DATA PRIVACY ACT OF 2011 (DPA for brevity). We are more than grateful and indebted to these lawmakers who, save for being reputed lazy and corrupt, among other things, refused to be called ignorant insofar as the field of ICT is concerned in relation to BPO.

Forget about what Mr. John Perry Barlow stated that relying on the government to protect your privacy is like asking a peeping tom to install your window blinds. Then again, we have no choice. Besides, the DPA has its own share of “better” viewpoints, to wit:

·    The DPA only proves that the state recognizes the vital role of ICT in nation building and the nation’s inherent obligation to ensure that personal information in information and communication systems not only in the government but also the private sector are secure and protected.

·   Since it involves the private sector, it will contribute to the promotion and development of electronic commerce. It will protect consumers and cultivate trust and confidence in the same by guaranteeing the protection of personal information insofar as ICT is concerned.

·   The very sensitive personal information shall be safeguarded by using the most appropriate and adequate standards. The DPA only gives the minimum standards/requirements for the protection of personal information in electronic form. Therefore, with the ability to think ahead and as the need arises, unless of course indolence gets the better of them, our lawmakers will amend the DPA accordingly.

·   It is a good law, which will center on the protection of privacy; prevention and mitigation of identity theft, security breaches, and fraudulent access; and,  augmentation of more resolute criminal penalties for violations of the same.

Best of all, the DPA caters to a specific industry, that is, the BPO. The economic allocation brought about by the latter is substantial, which warrants this kind of legislation. Furthermore, since it brings the Philippines at par with international standards, it will surely entice more foreign investors. Isang masigabong palakpakan para sa mga mambabatas!

However…

The law will create a National Privacy Commission (NPC) with authority to monitor and ensure compliance of the country with international standards set for data protection, among other things, and is given an initial budget of P20M.

The question now is what will happen to the CICT?

Pursuant to Executive Order No. 269, series of 2004, which created the aforesaid commission composed of the National Computer Center, Telecommunications Office, Philippine Postal Corporation, and National Telecommunications Commission gives the same the duty to preserve the rights of individuals to privacy and confidentiality of their personal information.

There may exist an overlapping of responsibilities. Albeit being a transitory measure, the CICT was not merely consultative. It is equipped with strong and clearly defined powers and appropriate manpower/resources.

One office may not be able to properly identify its functions from the other offices’. It is imperative that all this should be harmonized to make our approach to ICT development more coherent and even cost-effective.

It would have been better to have created first the DEPARTMENT OF INFORMATION AND COMMUNICATIONS TECHNOLOGY; subsequently, and only then may bureaus, attached agencies, etc., of the department may be created to ensure efficiency and streamlining and implementing various ICT-related plans and policies – more specifically, the creation of a commission thereat which shall focus on data privacy insofar as the BPO industry is concerned.

In sum, with international standards as guideposts, DPA relatively addresses a new era of BPO and ITC industries. It is still raw (undefined general measures), but we do hope its IRR shall fill in the gaps. There a lot of matters to accomplish, we are continuing to march in rhythm without really moving forward, JUST YET, but soon we will, even just at a snail’s space.