“They who can give up liberty to obtain a little temporary safety deserve neither liberty nor safety.”
- Benjamin Franklin
Nowadays, technology is starting to rule the world. As the new emerging technological devices, these have influenced our interaction with other individuals. Through this technology, it changes the lives of so many people by making our lives much easier and faster. Also, not only it is beneficial to the society, but to the business companies as well. Apparently, this technology has a negative and positive effect on us.
Over the last five years, technology has been rapidly changing and expanding in every field imaginable. Smart phones are now capable of acting as standalone computer devices that can take pictures, search the Internet, send emails and text messages and yes, they even make phone calls. While it might seem that the technology of today has reached its limits, it is still actually spreading its proverbial wings. Only twenty or so years ago, personal computers were becoming small enough and affordable enough for families to buy them for home use. Since then, the world of technology has shown no signs of slowing down and practically every device available today is somehow tied to computer technology.[i]
Privacy is classified into two: General and Specific. In general, the right to be free from secret surveillance and to determine whether, when, how, and to whom, one's personal or organizational information is to be revealed. In specific, privacy may be divided into four categories (1) Physical: restriction on others to experience a person or situation through one or more of the human senses; (2) Informational: restriction on searching for or revealing facts that are unknown or unknowable to others; (3) Decisional: restriction on interfering in decisions that are exclusive to an entity; (4) Dispositional: restriction on attempts to know an individual's state of mind.[ii]
When the government gathers or analyzes personal information, many people say they're not worried. "I've got nothing to hide," they declare. "Only if you're doing something wrong should you worry, and then you don't deserve to keep it private." The nothing-to-hide argument pervades discussions about privacy. The data-security expert Bruce Schneier calls it the "most common retort against privacy advocates." The legal scholar Geoffrey Stone refers to it as an "all-too-common refrain." In its most compelling form, it is an argument that the privacy interest is generally minimal, thus making the contest with security concerns a foreordained victory for security.[iii]
Right to Privacy under the 1987 Constitution
The Republic of the Philippines, through several statutes and the 1987 Constitution constitutes the Right of Privacy. To wit:
Section 1. No person shall be deprived of life, liberty, or property without due process of law, nor shall any person be denied equal protection of the laws;
Section. 2. The right of the people to be secure in their persons, houses papers, and effects against unreasonable searches and seizures of whatever nature and for any purpose shall be inviolable, and no search warrant or warrant of arrest shall issue except upon probable cause to be determined personally by the judge after examination under oath or affirmation of the complainant and the witnesses he may produce, and particularly describing the place to be searched and the persons or things to be seized.
Section 3. (1) The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise, as prescribed by law.
(2) Any evidence obtained in violation of this or the preceding section shall be inadmissible for any purpose in any proceeding.[iv]
Data Privacy Act (RA 10173)
Thus, it protects a person’s right to privacy. Nevertheless, it only pertains with the protection of personal information in general. Considering the things that our happening in our country, the government created a new law that recognize the very first data privacy law, the Republic Act No. 10173, also known as An Act Protecting Individual Personal Information in Information and Communications Systems in the Government and the Private Sector, creating for this purpose a National Privacy Commission, And For Other Purposes.[v] It is envisioned to safeguard the veracity and wellbeing of personal data in public and private sectors. President Benigno Aquino, Jr. signed this on August 15, 2012 and was published on August 24, 2012. It took effect fifteen (15) days after its publication, on September 8, 2012.
The enactment of the law seeks to bring the Philippines’ data protection policies and measures on par with the international standards of data privacy protection. Government and business leaders also believe that the implementation of the law will help maintain the competitiveness of the Philippines to boos investments in its information technology-business process outsourcing sector and support a healthy information and communications technology (ICT) industry.[vi] Data Privacy Act was created in line with the rapid economic growth of Information Technology and Business Process Outsourcing or also known as the IP – BPO Industry since it has a huge impact in the Philippine government as one of the leading business. Furthermore, it would also be advantageous to them as they are providing the security of personal information of their international clients.
Personal Information refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.[vii] The Data Privacy Act classifies certain personal information as sensitive personal information. Sensitive personal information refers to personal information:
(1) About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
(2) About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;
(3) Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or cm-rent health records, licenses or its denials, suspension or revocation, and tax returns; and
(4) Specifically established by an executive order or an act of Congress to be kept classified.
The Data Privacy Act also refers to privileged information, which covers any and all forms of data, which, under the Philippine Rules of Court and other pertinent laws, constitute privileged communication.
Generally, processing of information is allowed where there is consent:
▪ Personal information – The data subject has given his or her consent.
▪ Sensitive personal information – The data subject has given his or her consent specific to the purpose prior to the processing.
Privileged information – All parties to the exchange have given their consent prior to processing.[viii]
However, the personal information of an individual must remain confidential because clients would entrust all the necessary requirements provided to their companies as a mandate. What if for instance, one of the employees was negligent in giving the personal information to another? What would happen to the person who was being defrauded? Therefore, it can be accessed easily and can be used to threaten the other. The penalties imposed to those who will violate this law are as follows:
SEC. 26. Accessing Personal Information and Sensitive Personal Information Due to Negligence. – (a) Accessing personal information due to negligence shall be penalized by imprisonment ranging from one (1) year to three (3) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00) shall be imposed on persons who, due to negligence, provided access to personal information without being authorized under this Act or any existing law.
(b) Accessing sensitive personal information due to negligence shall be penalized by imprisonment ranging from three (3) years to six (6) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Four million pesos (Php4,000,000.00) shall be imposed on persons who, due to negligence, provided access to personal information without being authorized under this Act or any existing law.
SEC. 32. Unauthorized Disclosure. – (a) Any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party personal information not covered by the immediately preceding section without the consent of the data subject, shall he subject to imprisonment ranging from one (1) year to three (3) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than One million pesos (Php1,000,000.00).
(b) Any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party sensitive personal information not covered by the immediately preceding section without the consent of the data subject, shall be subject to imprisonment ranging from three (3) years to five (5) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00).Nonetheless, these
These penalties are in huge amount. However, the amount is not significant if it would imperil the life of an individual in which the personal information has been divulged due to the negligence of one of the employees of the company.
The Canadian privacy expert David Flaherty expresses a similar idea when he argues: "There is no sentient human being in the Western world who has little or no regard for his or her personal privacy; those who would attempt such claims cannot withstand even a few minutes' questioning about intimate aspects of their lives without capitulating to the intrusiveness of certain subject matters."
But such responses attack the nothing-to-hide argument only in its most extreme form, which isn't particularly strong. In a less extreme form, the nothing-to-hide argument refers not to all personal information but only to the type of data the government is likely to collect. Retorts to the nothing-to-hide argument about exposing people's naked bodies or their deepest secrets are relevant only if the government is likely to gather this kind of information. In many instances, hardly anyone will see the information, and it won't be disclosed to the public. Thus, some might argue, the privacy interest is minimal, and the security interest in preventing terrorism is much more important. In this less extreme form, the nothing-to-hide argument is a formidable one. However, it stems from certain faulty assumptions about privacy and its value.
To evaluate the nothing-to-hide argument, we should begin by looking at how its adherents understand privacy. Nearly every law or policy involving privacy depends upon a particular understanding of what privacy is. The way problems are conceived has a tremendous impact on the legal and policy solutions used to solve them. As the philosopher John Dewey observed, "A problem well put is half-solved."[ix]
Privacy is rarely lost in one fell swoop. It is usually eroded over time; little bits dissolving almost imperceptibly until we finally begin to notice how much is gone.
"My life's an open book," people might say. "I've got nothing to hide." But now the government has large dossiers of everyone's activities, interests, reading habits, finances, and health. What if the government leaks the information to the public? What if the government mistakenly determines that based on your pattern of activities, you're likely to engage in a criminal act? What if it denies you the right to fly? What if the government thinks your financial transactions look odd—even if you've done nothing wrong—and freezes your accounts? What if the government doesn't protect your information with adequate security, and an identity thief obtains it and uses it to defraud you? Even if you have nothing to hide, the government can cause you a lot of harm.
"But the government doesn't want to hurt me," some might argue. In many cases, that's true, but the government can also harm people inadvertently, due to errors or carelessness.[x]
With the fast-paced advances in information technology, RA 10173 will hopefully serve as a deterrent to data breaches arising from malicious actions. Moreover, it must serve as a constant reminder to personal information handlers that, where personal information is concerned, there should be no room for any kind of error – intentional or otherwise. Every mistake should be treated as one that may pose a serious harm to affected individuals.[xi]
The newly enacted law should still be improved because of the salient provisions, which duly affect the some of the pertinent laws under the 1987 Constitution. Thus, the confidentiality of each and every one of us must be scrutinized. It maybe favorable to some of us such as the Information Technology and Business Process Outsourcing or also known as the IP – BPO Industry to augment the investment in our country, nevertheless it maybe detrimental to others particularly to those who are not aware on how does technology work.
[iii] Solove, Daniel J. May 15, 2011. Citing Websites. The Chronicles Review: Why Privacy Matters Even if You Have 'Nothing to Hide'. http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
[iv] Section 3, Article III of the 1987 Constitution of the Philippines
[vi] Rosell, Laxmi and Tomarong-Cañabano, Sheilah Marie. Analysis: The Philippines. Data Privacy Act Of 2012
[vii] Section 3 (g), Republic Act 10173
[viii] Miguel, Marianne M., Recent Development in Law and Jurisprudence. http://www.iflr1000.com/LegislationGuide/967/Recent-developments-in-law-and-jurisprudence.html
[ix] Solove, Daniel J. May 15, 2011. Citing Websites. The Chronicles Review: Why Privacy Matters Even if You Have 'Nothing to Hide'. http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
[xi] Dimarucut, Carlo Kristle G., The protection of personal information