Riza T. Villalobos
Tech and the Law
"Is the act of a person, A, disclosing the mobile number of B, to a third person, without B's consent, considered a violation of RA 10173?"
At the very instance of the question, my position would be on the negative side for it is absurd to consider a simple act done by billions of people around the sphere as against the law. Countlessly, I have at will given contact numbers to other individuals with or without the permission of others. I mentioned here specifically, the word “with” for sometimes, I ask permission to the owner before disclosing to another person. Why is that so? Because I felt the instinct that the information I am about to give was given to me in confidence.
To elaborate and understand fully the topic, a short story would suffice your mind. Say, being new in a community, you went to the exclusive café of the condominium, ordered café latte and sat there for 30mins. When you’re about to go out and had you’re last sip on your latte you suddenly bump with a person very familiar to you, a very close friend back in high school. You had a little chat and found out that your friend, is a good friend of your sexy neighbor.
What does a normal bachelor would do? Probably ask your neighbor’s name and materially possible to ask her number. In this scenario, would you say the bachelor’s close friend had violated the Data Privacy Act RA 10173?
Right now an apparent tweak on your lips which could be a smile or a sign of curiosity is attendant and probably would have same argument as I do.
However, let’s add spice on the situation. What if the close friend refuses to give the sexy neighbor’s number? For some reasons that the neighbor is an agent of the Government and any information is crucial to the Philippine national security?
Then your face changes a bit and line of reasoning would drastically change. First reaction would be Data Privacy Act RA 10173 is applicable in this next situation.
Therefore questions and elaboration on when the new law is applicable is vital considering we have yet to experience its applicability.
Discussions on how the law would affect the free flow of information considering the very fast technological advances will emerge. This actually is part of declaration of policy of the law where “it is the policy of the State to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth” (Sec 2).
To date, the human capacity to get hold unto all the information available and transmitted everyday is comparable to David trying to overcome Goliath. It is very impossible for the people as a whole to control the current of the flowing information.
Thus, every now and then various countries all over the world have started to pass laws, rules and regulations on how to ensure that rights on privacy of their citizens are protected from these uncontrollable and inevitable developments as well as the ensure that the power of the State is not compromised at any instance.
But what does the Data Privacy Act regulates? Does it have a huge impact on our lives as a whole and as an individual? Would it diminish any rights of the citizens existing and currently enjoyed? And the very core of this discussion, would the act of giving another person’s contact number to other person a violation of this Act?
The core discussion would be whether or not the act of giving the number of other person to another person is in violation against the Data Privacy Act.
In the scenario given, in order to determine whether or not the act is in violation of the Data Privacy Act, it is important to first define what is being protected by the Act. Based on the Act itself, under Sec 2, the State would want to protect primarily the human right of privacy. This is in consonance to the bill of rights stated in the Constitution, where the under Sec 3 of Article III, the privacy of communication and correspondence shall be inviolable except in specified instances.
Therefore, it may be inferred that the State recognizes the right of privacy of its citizens in communication as part of the supreme law of the land.
However, when can we say that the human right of privacy was encroached upon? The ambiguity is apparent on the scope of the Act where is expressly stated that the Act applies to the processing of all types of personal information.
Does the word processing of all types of information includes casual dissemination of information such as the contact numbers of person who in your phonebooks?
This is a matter of question whether the act of giving another person’s number is part of the term processing of all types of information. It is in its sense that the act is a process, however, does it constitute to be a process being regulated by the Act.
My position would be on the negative side. What the Act regulates is the processing of any information given to person in confidence and intended for the purpose which the Act was formulated.
And that any information given in confidence is deemed provided not for the consumption of the whole society but deemed to have been provided for the consumption on a specific purpose which when disseminated would affect certain rights of the person. Whereas, this is not apparent on the situation given.
The situation given may find equivalence as to as to the manner of giving the address of another person when ask by stranger, as a sort of direction. This is by culture being done by everyone. Culture and usage dictates that Filipinos tend to provide information freely to their fellow beings especially when such will not in there common sense affect another person’s safety and interest.
What the Act prohibits is the unauthorized processing of personal information and improper disposal of personal information and sensitive information held by the Commission. Maintaining the confidentiality of the information gathered is one of the utmost role of the Commission.
The Act was enacted, in order to ensure compliance of the country with international standards set for data protection. And together with this enactment a Commission is expected who will be responsible on the data handling. Therefore, this does not cover casual disposal of individuals of information concerning their friends, acquaintances, family and colleagues or even to strangers whom they know of little knowledge.
The Act does not prohibit and intend to put a strong grip and limit the freedom of communication between its citizens. Making every citizen wary everytime they utter an information regarding another person.
In a casual gathering it is impossible to make everyone responsible when they suddenly dispose information regarding another person in this case the person’s number. This is equivalent to punishing millions of Filipinos in the country.
It is not the Act’s objective to restraint it citizens in their communication but rather to protect their privacy on communication, information and sensitive personal information. The capricious and malicious use of their personal information.
Further, do not disregard the fact that citizens are not being curbed from changing their contact numbers. They may change their contact numbers anytime they want. No law provides that it is their responsibility to maintain one contact number in there time being.
Everyday, each individual has the million time chance to switch from one number to another as long as they want and as long as they can afford. New contact numbers may even be afforded to them by Telecommunication Companies for free as promotion of their businesses. It is not something that you can say permanent on the part of the person. It is very hard to associate one number to a certain individual as his own as part of his personality.
One thing which cannot be associated to a person permanently will find difficulties to seek protection and regulation from the vast and uncontrollable emergence of new technologies. There would come a time that future may not even use contact numbers to reach a person and a great possibility that contact numbers would become obsolete.
An argument on who owns the contact number after it has been transferred to another person. Under the civil code when there is ownership the owner has the right to enjoy and dispose of a thing, without other limitations than those established by law.
And also under the civil code, usufruct gives a right to enjoy the property of another with the obligation of preserving its form and substance, unless the title constituting it or the law otherwise provides.
My position would be that the recipient of the contact number becomes the owner of such. The giver faces the risk of having his or her number disseminated to the rest of the world. This argument is confined only on the premise of the situation provided for discussion.
Once the contact number is given to another person, that person faces the risk of having his number being disposed by that another person to some other individuals. The owner of the contact number has instantaneously caught off guard to raise the issue of his privacy.
Contact numbers nowadays are used in variety of communications and channel to various transactions. Contact numbers may even be used as a medium to transfer payment of debts, payment of bills, and payment of daily necessities and even as medium on entertainment such games and contest or even on security purposes.
Given that, would it be a necessity that a congruent law must be passed in order to make the contact number of a person as part of his being and comparable as his own name? This is I think the best way in order to protect someone from being a victim of unauthorized use and disposal of one’s contact number. But this is impossible, as I have discussed in the preceding paragraphs, individual have million chances of changing their contact numbers everyday without restrictions.
Yet in the enumeration above, some of the use of a person’s contact number connotes or ought to be protected, such as when such contact number is used for security purposes. Security purpose may vary on public and personal interest.
Does the Act regulate the act of giving the number from the moment it was disposed by the original owner to that person providing to another person or does it starts to regulate and protect the owner and come in to play when the person who received the contact number disposes it to another?
It is important to discuss this, because from the inception, meaning when the owner of the contact number gave his or her number to another person, the purpose of which should be determined. It can be for some legitimate and specific purpose only.
When the contact number was given to another person for some specific purpose or objective only then, the Act protects the owner of the contact person from any dissemination of his contact number by the recipient to another person in contrast of the purpose clearly agreed upon. It now depends on the agreement between the two parties.
Just like in the case of a contract of debt, the debtor would normally give his number to the creditor for the purpose of collection in the future. However, the creditor may not dispose and use such number other than what was agreed upon. This will fall under the unauthorized use of information.
Another case would be on opening bank account, normally the depositor will provide his contact number to the bank for the purpose of any bank transaction that may occur between them and not for any other purpose. Any disposal of such information by the bank would be against the right of the privacy on information by the person opening the account.
There are various scenarios that may be cited where protection against improper use and improper disposal of data or information, some entails protection basically because it was out of scope and not within what was agreed upon and not in consonance to what was agreed upon.
If right to privacy is not protected today, it will become a danger to ones being and would create chaos. However, the Act should be construed as not to restraint every person from its free will to communicate to its fellow being, as to worry every time they have the chance to talk to somebody they are or might be violating a law. This is not the purpose of the Act.
The Act focuses on the protection against disposal of information not in consonance to the purpose when it was gathered and without the consent of the owner.
Here, the Act refers the individual whose personal information is processed as the Data subject. And the consent of the Data Subject is needed before and information concerning him or her is disclosed for some other purposes when it was originally gathered. There since is it very clear that his or consent is needed the information can only be used for some legitimate purpose.
The law defines Consent of the data subject as to any freely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing of personal information about and/or relating to him or her. Consent shall be evidenced by written, electronic or recorded means. Therefore it is impossible for every person to give his or her consent in a written, electronic or recorded means when he or she communicates casually on his daily acquaintances.
According to Bill Gates: I'm a great believer that any tool that enhances communication has profound effects in terms of how people can learn from each other, and how they can achieve the kind of freedoms that they're interested in.
Riza T. Villalobos