Under Article II of our 1987 Constitution, it is expressly declared under Section 24 thereof that, “(T)he State recognizes the vital role of communication and information in nation-building.” Pursuant to such declaration of state policy various laws have been enacted and implemented to ensure that despite the advent and proliferation of technology Filipinos would still be able to enjoy their right to privacy of communication and correspondence. Among the laws that aim to protect our right to privacy of communication and correspondence are Republic Act No. 4200, also known as the Anti- Wire Tapping Law, and Republic Act No. 9372, also known as the Human Security Act of 2007.
Last September 2011, Senate Bill No. 2965, otherwise known as the Data Protection Bill, was passed. The proponents of the said bill aim to create a National Privacy Commission, which shall be an independent body, to administer, implement and ensure compliance with international standards regarding data protection. As a consequence, personal data pertaining to an individual will be collected and processed by a personal information controller. However, under the bill it was not laid out in plain terms on what kind of data shall be collected or up to what extent of personal information shall be collected. Hence, it would seem that the National Privacy Commission will have a wide discretion on that matter subject to limitations provided by the Constitution and other special laws.
Despite the limitations mandated by the Constitution and other special laws, personally, I am not totally convinced that Senate Bill No. 2965 would be able to provide protection to each and every Filipino or to a majority of Filipinos at the least in terms of privacy of communication and correspondence. If not a surplus-sage, this would just be a vehicle for evil-minded persons in carrying out their evil plans.
Let us take for example the impeachment case against which ousted Chief Justice Renato Corona from his post as the highest magistrate of the Supreme Court. One of the allegations contained in the articles of impeachment filed against him was his non-disclosure of correct information on his statement of assets, liabilities and net worth. To prove such non-disclosure or misdeclaration or under declaration, the prosecution panel pushed for the opening of his foreign deposit account to which the defense panel opposed invoking Republic Act No. 6426, otherwise known as the Foreign Currency Deposit Act. Under Section 8 of the Foreign Currency Deposit Act, a foreign currency deposit is declared as and considered of an absolutely confidential nature and may only be examined, inquired or looked into upon the written permission of the depositor. One of the noticeable differences this law has with Republic Act No. 1405 or the Bank Secrecy Law is that in the former law, the foreign currency deposits are exempt from any other order or process of any court while in the latter law, the exceptions to treatment of deposits with absolute confidentiality are the following: “upon written permission of the depositor, or in cases of impeachment, or upon order of a competent court in cases of bribery or dereliction of duty of public officials, or in cases where the money deposited or invested is the subject matter of the litigation.” If I am the crook, then, I would convert the wealth I have illegally amassed into foreign currency deposits in order to place it beyond the reach of the court. Same thing with Senate Bill No. 2965. If it will be enacted into law, it will be used in circumventing other laws. For instance, under Section 10 of the said bill, the processing of personal information shall be permitted only in two instances: if it is not prohibited by law and at least one of the conditions set forth therein exists- e.g. (e) The processing is necessary to respond to national emergency, to comply with the requirements of public order and safety, or to fulfill functions of public authority which necessarily includes the processing of personal data for the fulfillment of its mandate. The above-mentioned condition is a very broad one. Again, the discretion lies with the National Privacy Commission. Leaving the determination of whether or not a condition exists to the hands of the Commission without a black and white delineation will only give rise to added opportunities for corruption. It may even lead to the deprivation of property without due process. Moreover, such processing of personal information may lead to identity theft that can result to a contract purportedly entered into by one who is a victim of identity theft. True enough, the bill also laid out penalties for those who will violate it. But then again, the penalties to be meted out are not strong deterrents to its violation. Intentional processing of personal information and unintentional or processing due to negligence has almost the same penalties. So to speak, the bill, if enacted into law, will not have enough teeth to bite its violators.
A lot of Filipinos are still computer-illiterate. Does Congress in passing this bill intend to apply it only to those who are well-off? How about if instead of allocating PhP 20, 000, 000.00 in the creation of the National Privacy Commission and allotting Php 10, 000,000.00 annually to it, the Government will focus on literacy campaign first? How about if the Government will upgrade its information system first in order for us to be not left behind by our neighboring countries? How can the Government implement something like this when not all its manpower can use computers?
On the bright side, this may also expedite the updating of information in various government agencies like the Social Security System and the Land Transportation Office. If the information of these agencies is up-to-date, surely the processing and receipt of benefits would not take decades nor would a vehicle already sold by the first owner a decade ago still be registered in his name.
As a sovereign, I do not submit to the position that we need to have a lot of laws. A handful of laws are so much better than having thousands of laws that are only superfluous. I may sound pessimistic but I do cannot let out any sign of relief nor can I appreciate any convenience in this bill. In fact, in my humble opinion, the sum of benefits this bill has to offer the public, is meager than what it is going to cost.
I have read many commentaries on the Data Privacy Act of 2011, most of them focusing on its benefits. This is a new take on the law, especially on the part that the NPC has a wide discretion in carrying out their mandate. I hope they address issues such as that in the IRR.
ReplyDelete