Article III of the Constitution
of the Philippines contains the Bill
of Rights. Section 1 of the Bill of Rights states that the "Congress shall
give highest priority to the enactment of measures that protect and enhance the
right of all the people to human dignity." Section 2 states that "the right of the people to be secure in
their persons, houses, papers, and effects against unreasonable searches and
seizures of whatever nature and for any purpose shall be inviolable, and no search
warrant or warrant of arrest shall issue except upon probable cause to be
determined personally by the judge after examination under oath or affirmation
of the complainant and the witnesses he may produce, and particularly
describing the place to be searched and the persons or things to be
seized." Section 3(1) states that the "privacy of communication and
correspondence shall be inviolable except upon lawful order of the court, or
when public safety or order requires otherwise, as prescribed by law." It further states that "any evidence obtained in violation of
this or the preceding section shall be inadmissible for any purpose in any
proceeding." Section 7 states that "the right of the people to
information on matters of public concern shall be recognized. Access to
official records, and to documents and papers pertaining to official acts,
transactions, or decisions, as well as to government research data used as
basis for policy development, shall be afforded the citizen, subject to such
limitations as may be provided by law."
Although there is currently no
general data protection law, the Information Technology and E-Commerce Council
(ITECC) has proposed in 2003 a data privacy law. This law is expected to adhere to EU standards of data privacy,
despite the difficulty of negotiating the differences between the policies of
the EU and the US, one of Philippines' largest trading partners. The proposed privacy law may also address some of the privacy
concerns inherent in a national ID system.
Despite the lack of a current
data protection law, there is a recognized right of privacy in civil law. The Civil Code of the Philippines states that "[e]very person
shall respect the dignity, personality, privacy, and peace of mind of his
neighbors and other persons," and punishes acts that violate privacy by
private citizens, public officers, or employees of private companies.
Article 26 of the Civil Code states that "every person shall
respect the dignity, personality, privacy and peace of mind of his neighbors
and other persons. The following and similar acts, though they may not
constitute a criminal offense, shall produce a cause of action for damages,
prevention and other relief: (1) Prying into the privacy of another's
residence; (2) Meddling with or disturbing the private life or family relations
of another; (3) Intriguing to cause another to be alienated from his friends;
(4) Vexing or humiliating another on account of his religious beliefs, lowly
station in life, place of birth, physical defect, or other personal
condition." Article 32(11) of the Civil Code states that "any public
officer or employee, or any private individual, who directly or indirectly
obstructs, defeats, violates or in any manner impedes or impairs the privacy of
communication and correspondence shall be liable to the latter for
damages."
The Philippines has only one law
on data transfer, Presidential Decree (P.D.) No. 1718 entitled Providing for
Incentives in The Pursuit of Economic Development Programs by Restricting The
Use of Documents and Information Vital to The National Interest in Certain
Proceedings and Processes. While the law was passed in 1980, it lacks force
because rules and regulations have not been issued to allow enforcement.
Broadly, P.D. 1718 prohibits the export of all documents and information from
the Philippines to other countries that may adversely affect the interests of
Philippine corporations, individuals, or government agencies. P.D. 1718
contains exceptions for exportation of information that are a matter of form,
in connection with business transactions or negotiations that require them, in
compliance with international agreements, or made pursuant to authority granted
by the designated representative of the President.
Bank records are protected by the
Bank Secrecy Act and the Secrecy of Bank Deposits Act. The Act provides that deposits with banks or banking institutions
are confidential and may not be examined, inquired, or looked into absent
"exceptional circumstances." Those circumstances include: the written
permission of the depositor, cases of impeachment, court orders in cases of
bribery or dereliction of duty of public officials, cases where the money
deposited or invested is the subject matter of litigation, and cases covered by
the Anti-Graft and Corrupt Practices Act. The Anti-Money Laundering Act of 2001 allows exceptions to the Bank
Secrecy Act and the Secrecy of Bank Deposits Act. Section 9(c) of the Act requires banks, insurance companies,
financial institutions, and "other entities administering or otherwise
dealing in currency, commodities, or financial derivatives" to report to the Anti-Money Laundering Council of the Bangko Sentral ng Pilipinas all
transactions (including series or combinations of transactions) in excess of PP
four million (~USD 75,000). The institution does not have to report the transaction if it
involves a "properly identified client and the amount is commensurate with
the business or financial capacity of the client; or those with an underlying
legal or trade obligation, purpose, origin, or economic justification." The Act does provide neither explicit definitions of a
"properly identified client," nor a method for determining values
commensurate with a particular financial capacity. Those who are compelled to
report covered transactions to the AMLC are also prohibited from communicating
that they have made such a report to anyone. Those who do communicate or publish the existence of a report or
any information connected with one are criminally liable.
The Supreme Court ruled in July
1998 that Administrative Order No. 308, the Adoption of a National Computerized
Identification Reference System, introduced by former President Ramos in 1996,
was unconstitutional. The Court found the order would "put our people's
right to privacy in clear and present danger… No one will refuse to get this
identity card for no one can avoid dealing with government. It is thus clear as
daylight that without the ID, a citizen will have difficulty exercising his
rights and enjoying his privileges." While stating that all laws invasive
of privacy would be subject to "strict scrutiny," the Court also was
careful to note that, "the right to privacy does not bar all incursions to
privacy." Then-president Joseph Estrada reiterated his support for the use of
a national identification system in August 1998, stating that only criminals
are against a national ID. Justice Secretary Serafin Cuevas authorized the National Statistics
Office (NSO) to proceed to use the population reference number (PRN) for the
Civil Registry System-Information Technology Project (CRS-ITP) on August 14,
claiming that it is not covered by the decision.
However, President, Gloria
Arroyo, who was newly re-elected in May 2004, has stepped up efforts to revive
the National ID Scheme. Presidential spokesman, Ignacio Bunye, was quoted by
the Manila Times of December 1, 2003 as asserting the necessity of the ID
system for "peace and order," to facilitate transactions, and to
reduce the number of IDs currently required. Bunye has sought to allay privacy concerns by explaining that,
"the data that we would give once we apply for this ID are the information
that we usually provide when applying for an ATM card or an SSS (Social
Security System) ID." Proponents of the ID Scheme argue that it will reduce crime and be
constitutional because it would be backed not by an Executive Order like the
former ID Scheme the Supreme Court had ruled invalid, but rather by a
Congressionally passed law. There, however, continues to be opposition to the bill.
In May 2000, the ILOVEYOU e-mail
virus was traced to a hacker in the Philippines, focusing international
attention on the country's cyberlaw regime. Lacking specific laws on hacking and cybercrime, prosecutors were
only able to gain a warrant under the Access Devices Regulation Act of 1998, a law intended to punish credit card fraud that outlaws the use of
unauthorized access devices to obtain goods or services broadly.
On the heels of the virus
attack, in May, The Electronic Commerce Act of 2000 was signed into law. Section 33 of the Act mandates a minimum fine of PHP 100,000 (~USD
1,900) and a prison term of six months to three years for unlawful and
unauthorized access to computer systems. Section 31 provides that only
individuals with legal right of possession shall be granted access to
electronic files or electronic keys. Section 32 imposes an obligation of
confidentiality on persons receiving electronic data, keys, messages, or other
information not to convey it to any other person.
In June of 2001 the Philippine
National Bureau of Investigation brought their first formal hacking and piracy
charges under the Electronic Commerce Act. The charges involved two former
employees of a business school who allegedly broke into the school's computer
system and stole an undisclosed amount of proprietary digital material.
While restrictions on search and
seizure within private homes are generally respected, searches without warrants
do occur. More recently, Communist organizations have complained of a
"pattern of surveillance" of their activities. Members of the Bayan Muna
political party have reported that offices and a clinic catering to their
members were ransacked. The United Church of Christ of the Philippines has also reported the
ransacking of their human rights, peace, and interfaith offices in what many
consider to be acts of political intimidation.
The Act to Prohibit and Penalize
Wire Tapping and Other Related Violations of the Privacy of Communication and
for Other Purposes contains a notwithstanding clause that supersedes all inconsistent
statutes. Section 1 states that all parties to a communication must give
permission for a recorded wiretap or intercept and makes it illegal to
knowingly possess any recording made in prohibition of this law, unless it is
evidence for a trial, civil or criminal. Section 2 assesses liability for any person who contributes to the
actions described in § 1. Section 3 provides certain exceptions to the conditions found in §§
1-2 but adopts stringent criteria for wiretap warrants, including the identity
of the wiretap target; who may execute the warrant; reasonable grounds that a
crime has been, is or will be committed; and, a reasonable belief that the
evidence obtained via the wiretap will aid in a conviction or prevention of a
crime. Further, predicate offences – or offences for which a court may
authorize a wiretap – are limited to several particularly onerous severity. Section 4 states that any communication obtained in violation of this
Act shall not be admissible as evidence in any court.
Despite the legal prohibitions
on wiretapping, illegal wiretaps appear to be a continuing problem. In August
1997, the Philippine Congress investigated the admissions of telephone company
officials who said that they had conducted illegal wiretaps. The Philippine
National Police also conducted an internal investigation of electioneering and
illegal wiretaps in May 1998. Reports of illegal wiretaps continued into April of 1999, when the
National Bureau of Investigation and the Ombudsman investigated reports that
police had tapped up to 3,000 telephone lines including those of top government
officials, politicians, religious leaders, businessmen and journalists. 2001 saw the investigation of former members of the defunct
Presidential Anti-Organized Crime Task Force, again for illegal wiretaps.
Section 5 of the Rape Victim
Assistance and Protection Act of 1998, stipulates that "any stage of the
investigation, prosecution and trial of a complaint for rape, the police
officer, the prosecutor, the court and its officers, as well as the parties to
the complaint shall recognize the right to privacy of the offended party and
the accused." It further states that a police officer, prosecutor or court
may order a closed-door investigation, prosecution or trial and that the name
and personal circumstances of the offended party and/or the accused, or any
other information tending to establish their identities, and such circumstances
or information on the complaint shall not be disclosed to the public. Section 3 provides for the establishment of a rape crisis center in
every province and city "for the purpose of: ensuring the privacy and
safety of rape victims."
However, recently, there have
been several instances in which the Filipino popular media has identified
victims of sexual assaults. For instance, in relation to the conviction of a
Congressman, the Manila Times reports that the 11-yr old victim was identified
even though the victim was supposedly under witness protection. It was also reported that a victim of a highly publicized
incestuous rape case, was identified in the media, and that in 2003 the identity of an adult rape victim was disclosed
on government-backed television.
Section 8 of the Proposed Rule
on Juveniles in Conflict (the Rule) with the Law stipulates that "the
right of the juvenile to privacy shall be protected at all times. All measures
necessary to promote this right shall be taken, including the exclusion of the
media." Section 9 of the Rule, dealing with the fingerprinting and
photographing of a juvenile, states "while under investigation, no
juvenile in conflict with law shall be fingerprinted or photographed in a
humiliating and degrading manner," and stipulates procedural guidelines
such as separate storage of fingerprint files from adult files; restricted
access by prior authority of the Family Court; and automatic destruction if no
charges are laid or when the juvenile reaches the age of majority (21). Section 26(k) of the Rule confers
a duty on the Family Court to respect the privacy of minors during all stages
of the proceedings.
The Local Government Code of the
Philippines provides that all barangay "proceedings for settlement shall be public and informal
provided that the . . . chairman . . . may upon request of a party, exclude the
public from the proceedings in the interest of privacy, decency, or public
morals."
The drive to fight corruption
has also resulted in several measures that have privacy implications. Media
reports indicate that in 2003 there was a government-sponsored raid of
nightclubs under the pretext of a "morality checks" to root out
corrupt officials, and there has been a political party sponsored
"Report-a-Mistress" program also aimed at corrupt officials. Under the Report-a-Mistress Program, sponsored by the party-list
group, Citizen's Battle Against Corruption (CIBAC), members of the public are
encouraged to call in and report government officials who have mistresses, as
this is seen as an indication of corruption.
Section 14 of Alien Social
Integration Act of 1995 provides that "information submitted by an alien applicant
pursuant to this Act, shall be used only for the purpose of determining the
veracity of the factual statements by the applicant or for enforcing the
penalties prescribed by this Act."
The use of biometric
technologies has been rising in the Philippines. Since March of 1996, dozens of
companies and government agencies have adopted fingerscan technologies in
applications ranging from time management and payroll systems to security
access control. Many companies use the technology primarily to reduce
fraudulent time card punching. Banks use the technology to reduce fraudulent transactions and to
promote security. Additionally, GTE and IriScan, Inc. introduced iris-scan
technology in 1998 to ensure the security of online transactions. Other uses of
biometric technology in the Philippines include the dispensation of health care
and social services; privacy systems for database and records protection;
travel security systems with passport, ticket, and baggage verification;
business, residence, and vehicle security with access and operator
authentication; processing and circulation control in the corrections or prison
environment; and portable systems for on-scene recognition of individuals for
use in law enforcement. National ID proposals also typically include fingerprints as part
of the information available on the ID card.
In July of 2001 the Philippines'
Civil Service Commission released a resolution requiring all government
officials and employees to refrain from sending indecent messages. The
resolution took effect on August 5, 2001 and bans public officials from sending
sexist jokes, pornographic pictures and lewd letters or mails through
electronic means including mobile phones, fax machines and e-mails. Individuals
who feel sexually harassed may report cases directly to the Civil Service
Commission. The resolution is a follow-up to a proposal by the Commission on
Elections and the National Telecommunications Commission to monitor, track and
prosecute senders of "politically motivated text messages."
The Code of Conduct and Ethical
Standards for Public Officials and Employees mandates the disclosure of public transactions and guarantees
access to official information, records or documents. Agencies must act on a
request within 15 working days from receipt of the request. Complaints against
public officials and employees who fail to act on request can be filed with the
Civil Service Commission or the Office of the Ombudsman.
Terrorism has continued to be a
menace in the Philippines in 2003 and 2004. There were bomb attacks by Islamist
terrorists in March and April 2003. Part of the government's anti-terrorism measures has been the 2003
installation of an Airport Identification Computer System at the Ninoy Aquino
International Airport. The system called PISCES (Personal Identification Security
Comparison System) is designed to screen for potential terrorists attempting to
travel to the United States while they are still in their country of origin's
airport. PISCES collates and processes facial images, fingerprints, and
biographical information and is purportedly linked to US Government Databases,
allowing for exchange of passenger information.
