The Constitution of The Philippines provides for extensive privacy protections. Article III of the Constitution grants rights of protection against searches of homes, privacy of communications and a right of access to government information. There are continued concerns about the breach of this constitutional right.1
The Supreme Court in January 2008 issued regulations on “Habeas Data” that give individuals the right to demand access and protection of personal information held by any party (A.M. No. 08-1-16-SC). It is available to "any person whose right to privacy in life, liberty or security is violated or threatened by an unlawful act or omission of a public official or employee, or of a private individual or entity engaged in the gathering, collecting or storing of data or information regarding the person, family, home and correspondence of the aggrieved party." There have been a number of recent cases where it has been used including relating to illegal wiretapping.
There is currently no data protection law in The Philippines. A number of draft bills have been introduced recently which provide for a variety of levels of protection for public and privately held data.
There is a very strong interest in establishing some regime for data protection to allow for the growth of the outsourcing sector. Though this is perceived as an opportunity for the Philippines,2 the solutions that are promoted tend to be weak regulatory solutions.3. The challenge is that industry to date has been quite poor at considering privacy and security. For instance, only 31% of companies have taken elementary steps to review their information assets, according to Ernst and Young.4 Others have estimated that the IT industry loses $10M yearly on data breaches.5 Some within Congress are considering a stronger data protection bill that emulates the European approach to regulation, though it is still in its early stages.
Increasing concerns about consumer protections and privacy have given rise to emerging guidance on privacy and security. The Department of Trade and Industry issued "Prescribing Guidelines for the Protection of Personal Data in Information and Communications System in the Private Sector" in 2006, which intended to protect Internet user privacy. They require that information and communications providers follow fair information practices. Enforcement is through an accreditation process which does not appear to be very strong. The Department of Trade and Industry (DTI) is currently developing new guidelines. There is also a Marcos-era decree "Providing For Incentives In The Pursuit Of Economic Development Programs By Restricting The Use Of Documents And Information Vital To The National Interest In Certain Proceedings And Processes" which on its face provides for protections of the transfer of personal data outside of the Philippines but it does not appear to be enforced.
The private sector and the media are also active in this domain. There are regular reports on risks to consumers.6 There is also guidance from industry and the media on identity theft, e.g. Citibank and Inquirer.net teamed up together for their guidance on 'Beware of Identity Theft'.7
There are a variety of provisions in the Civil Code and other laws that offer protection for individuals including a general tort of privacy invasion, names of rape victims, and bank records, among other things.
The privacy of communications is protected by a 1965 act (Act 4200) one of the first in the world, adopted before laws in the US, Canada and UK. However, in practice, there are regular public revelations of wiretapping including of the President. The Human Security Act (Act 9372) adopted in 2007 gives broad powers for surveillance and has been criticised by the UN Special Representative who reviews terrorism laws and practices as relating to human rights. The National Telecommunications Commission Memorandum Circular 04-06-2007 requires the collection of communications data for 2-4 months, and there are continuing discussions about requiring 'lawful intercept' capabilities to be built into all telecommunications providers.
Debates over proposals for National ID cards have been contentious for many years. There is currently no general National ID card scheme in the Philippines. The Supreme Court upheld in 2006 a 2005 executive order creating an ID system for public bodies. In 1998, it struck down a broader order as violating individuals privacy.
Several competing Cybercrime Prevention bills are currently being developed by different government departments. They are intended to implement the CoE cybercrime convention. They will also facilitate access to subscribers’ data and interception of communications.
Medical privacy is rising on the policy agenda, particularly after a case where trainee doctors uploaded video of a patient to YouTube. The Filipino Church came out against HIV testing for returning workers.8 The Supreme Court recently approved randomised drug testing of students and employees,9 though tests on politicians and suspected criminals was deemed unconstitutional.10
Other issues that have arisen include:
- right to privacy of minors11
- The government developed rules and guidance regarding the treatment of children by the media12
- media privacy13
- privacy as a political right and voters privacy14
- journalists protections and journalists privacy15, and
- calls for development of libel law.16
- 1. e.g. 'Unreasonable searches and seizures', Isagani A. Cruz, Philippine Daily Inquirer, October 19, 2008.
- 2. e.g. 'Data privacy bills pushed to boost foreign investments', Manila Bulletin Online, June 25, 2008 and 'IT groups step up campaign for bills on data privacy', Melvin G. Calimag, April 18, 2008.
- 3. 'Senate must pass IP, data privacy laws', Lawrence Casiraya, Inquirer.net, October 7, 2008.
- 4. Data security irrelevant to Philippine companies — Ernst&Young survey, Dennis D. Estopace, Business Mirror, October 28, 2008.
- 5. 'IT Industry loses 10m yearly on data breaches', Sun.Star Davao, November 1, 2008.
- 6. e.g. 'How to shop online — safely', Apples Aberin Sadhwani, Philippine Daily Inquirer, September 11, 2008.
- 7. Inquirer.net, November 25, 2008.
- 8. 'Filipino Church opposes HIV testing for workers returning home', Santosh Digal, AsiaNews.it, September 25, 2008.
- 9. 'Drug tests for poll bets unconstitutional', Joel R. San Juan, Business Mirror, November 4, 2008.
- 10. 'SC: Mandatory drug tests for candidates unconstitutional', Mariteon Pacheco, ABS-CBN News, November 5, 2008.
- 11. 'DOJ reminds media on minors' right to privacy', GMA News, July 24, 2008, and
- 12. 'New rules bar media interview with minors without supervision', Mark Meruenas, GMA News, November 6, 2008. Guidance: 'Guide out on kids' coverage by media', Nikko Dizon, Philippine Daily Inquirer, November 10, 2008.
- 13. e.g. 'Dennis cites right to privacy', Marinel Cruz, Philippine Daily Inquirer, August 3, 2008.
- 14. e.g. 'Faster polls but 'same old story'', Kristine L. Alavae and Jeannette Andrade, Philippine Daily Enquirer, August 15, 2008 and 'Asian poll monitors note "no secrecy at all" in balloting; underage voters still around', Carolyn O. Arguillas, Minda News, August 11, 2008..
- 15. e.g. 'Military's biodata requirement an intrusion on privacy and press freedom', Davao Today, November 19, 2008.
- 16. e.g. 'Solon wants RP libel law amended', GMA News, April 9, 2008 and 'Pangilinan: 80 year law on libel needs amendment', Malaya News, September 19, 2008.