Data Privacy

Photo taken from http://privacy.gov.ph

NPC Privacy Materials Online

The National Privacy Commission (NPC) has released new materials to supplement the Data Privacy Act (DPA). The new materials, located in the “Our Services” section of privacy.gov.ph, is divided into three (3) modules, specifically “ I Want to Know More”, “I Want to Comply”, and “I Want to Complain”. First, the “I Want to Know More” module, which is further subdivided into five (5), contains general information about the rights of a data subject, the text of the DPA and its Implementing Rules and Regulations (IRR), the text of the memorandum circulars and advisories issued by the NPC , and […]

Photo: PC Magazine

DICT Releases Circular on Cloud Policy, Adopts “Cloud First” Approach

In a circular dated 18 January 2017, the Department of Information and Communications Technology (‘DICT’) prescribed the policy on the government’s policy use of cloud computing technology. The policy is meant to reduce costs, increase employee productivity, and develop excellent citizen online services. The circular covers all departments, bureaus, offices, and agencies of the national government and GOCCs and LGU. Under the circular, ‘cloud computing’ is defined as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources. It recognises that cloud computing has brought new and more efficient means of managing government […]

Supreme Court Designates Cybercrime Courts

Supreme Court Designates Cybercrime Courts

  In its resolution dated 15 November 2016 in A.M. No. 03-03-03-SC, the Supreme Court en banc designated Special Commercial Courts as ‘Cybercrime Courts’. These courts now have the power to try and decide cases covered by the Cybercrime Prevention Act within their respective territorial jurisdictions. Accordingly, Cybercrime cases shall now be filed with the Office of the Clerk of Court in the official station of the proper cybercrime court. The resolution further gave Cybercrime Courts in Quezon City, Manila, Makati, and Pasig the authority to act on application for search warrants involving violations of the Cybercrime Prevention Act. Such […]

Analysis: NPC Recommends Prosecution of COMELEC Chairman Bautista for Data Privacy Breach (Part I of II)

Analysis: NPC Recommends Prosecution of COMELEC Chairman Bautista for Data Privacy Breach (Part I of II)

  Last January 5, 2017, the National Privacy Commission (NPC) recommended the filing of criminal charges against COMELEC Chairman Andres Bautista in the aftermath of the “Comeleak” incident. As of time of writing, the NPC has not yet released the full text of its decision. However, portions of the Commission’s reasoning can be read in an article on its official website. According to the NPC, the COMELEC Chairman’s culpability lies in his failure to take adequate measures to secure the COMELEC’s voter registration databases, which contains what the law defines as personal and sensitive personal information. Quoting the decision, the online article […]

The DICT as Indirect Regulator

The DICT as Indirect Regulator

A Look into the Department’s Potential for Impact on Telecommunications, Government Procurement and Coordination Among Agencies On May 20, 2016, Republic Act No. 1084, otherwise known as the “Department of lnformation and Communications Technology Act of 2015”, was signed into law. The Act’s Implementing Rules and Regulations have since been released as of October 15, 2016. Composed of administrative agencies formerly under the Department of Transportation and Communications (DOTC) and the Department of Science and Technology (DOST), and which will remain autonomous, the DICT has several roles to play, among which are to ensure an increase in cyber security and monitor […]

Cybercrime search warrants and the role of ISPs

Cybercrime search warrants and the role of ISPs

Just like in any other crime, a search warrant is necessary to aid in the prosecution of cybercrime [i]. Aiming to protect the fundamental right against unreasonable searches and seizures, the policy of procuring search warrants for cybercrimes is definitely sensible on paper. However, the unique nature of data and computer systems makes it troublesome. Can service providers be the solution? The unique nature of search warrants in cyberspace The procurement of a search warrant is a crucial part of the criminal prosecution process. By means of the warrant, law enforcement officers can secure material pieces of evidence [ii]. Without such prior […]

Penalizing Cybersex

Penalizing Cybersex

  In the Philippines, the operation of cybersex dens is increasingly becoming a huge concern. From the early 2000s, various sex dens have been raided, resulting in the arrests of perpetrators and rescues of victims [1], some of them being minors as young as two years old [2]. Filling the gaps in previous laws, the Cybercrime Prevention Act can be provide authorities a powerful way address these offenses. Operation of cybersex dens in the Philippines In cybersex dens, clients pay to have cybersex workers perform sexually explicit acts over the internet. Operators usually maintain a website, where potential clients can […]

Privacy Rights of The Deceased

Privacy Rights of The Deceased

  Early last year, social media giant, Facebook, finally created a policy for its deceased users. A legacy contact, or a person designated by the user, can manage his account after his death. He can pin a post on the latter’s timeline, accept friend requests, update his profile picture, or download an archive of photos. What he couldn’t do however, is to read private messages. “We respect the privacy of those contacts. It didn’t make sense to include those messages,” Facebook product manager Vanessa Callison-Burch explained. In a way, Facebook is being instrumental in the move towards digital estate management, […]

Personal Data NOT Protected by Law

Personal Data NOT Protected by Law

Protection of personal data has become an important issue lately as people have become more conscious of their privacy and more wary of personal information that may be made available online. The Data Privacy Act (DPA) and its Implementing Rules and Regulations (IRR), though aspiring to protect these personal data do not totally suppress the free flow of information, because their provisions do not protect all personal information from disclosure. Below are some personal information that can be freely exchanged by third parties without the consent of the data subject: those that are strictly related to the functions or position […]

Internet Service Providers: Can they be held liable for cybercrimes?

Internet Service Providers: Can they be held liable for cybercrimes?

One of the current challenges in cybercrime prevention legislation includes the determination of liability of Internet Service Providers (ISPs) in offenses including cyber trafficking, copyright infringement, and the like. Undeniably, ISPs play a significant role as intermediaries in providing means for relaying information to internet users through their systems. While the Cybercrime Prevention Act of 2012 outlines the responsibilities of ISPs with respect to the conduct of cybercrimes, certain provisions of the Act also exempt them from liabilities. As ISPs are not mere passive actors in the industry, our government should be more progressive in rethinking these exemptions granted to […]

Read more about the Data Privacy practice at Disini & Disini Law Office