Is the act of giving number of other to a third person without the former consent violates RA 10173?

Is the act of giving number of other to a third person without the former consent violates RA 10173?

The essence of privacy is the “right to be let alone. It is a fundamental rights guaranteed by the constitution accorded recognition independently of its identification with all other rights. Indeed, if we extend our judicial gaze we will find that the right of privacy is recognized and enshrined in several provisions of our Constitution. It is expressly recognized in section 3 (1) of the Bill of Rights.

Likewise the recognition of right to privacy by the constitution extend to other cases as it can be seen in sec. (1), (2), (6), (8),  and 17 of bill of rights.

Other laws such as the New Civil Code recognize and protect the right to privacy as it can be observe in the wording of Article 26 paragraph (1-4) and Article 22 paragraph (11) pertaining to right of communication and correspondence.

The Revised Penal Code likewise  makes a crime the violation of secrets by an officer, the revelation of trade and industrial secrets,  and trespass to dwelling. Invasion of privacy is an offense in special laws like the Anti-Wiretapping Law, the Secrecy of Bank Deposits Act and the Intellectual Property Code.The Rules of Court on privileged communication likewise recognize the privacy of certain information. Some other laws like Commonwealth Act. No. 591 penalizes the disclosure by any person of data furnished by the individual to the NSO with imprisonment and fine. Republic Act. No. 1161 prohibits public disclosure of SSS employment records and reports.

These law are further made strong when the congress enacted RA 10173 also known as “AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR, which has an ulitmate purpose of protecting the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth and ensure that personal information in information and communications systems in the government and in the private sector are secured and protected.

So with these let us now answer the main issue of whether or not giving others people number to a third person without the former consent is a violation of RA 10173? It should be answered with qualification.

To start let us first know those act which are being penalized by RA 10173. Under Chapter VIII sections 25-32 the following acts are being penalize:

25. Unauthorized Processing of Personal Information and Sensitive Personal Information

A person Processing of Personal Information and Sensitive Personal Information without the consent of the data subject, or without being authorized under this Act or any existing law.

26. Accessing Personal Information and Sensitive Personal Information Due to Negligence

When the  persons who, due to negligence, provided access to personal information without being   authorized under this Act or any existing law.

27. Improper Disposal of Personal Information and Sensitive Personal Information.

An act of a person who knowingly or negligently dispose, discard or abandon the personal or sensitive information of an individual in an area accessible to the public or has otherwise placed the personal information of an individual in its container for trash collection.

28. Processing of Personal Information and Sensitive Personal Information for Unauthorized Purposes.

it is an act of a  person processing personal information for purposes not authorized by the data subject, or otherwise authorized under this Act or under existing laws.

29. Unauthorized Access or Intentional Breach.

An act of persons who knowingly and unlawfully, or violating data confidentiality and security data systems, breaks in any way into any system where personal and sensitive personal information is stored.

30. Concealment of Security Breaches Involving Sensitive Personal Information.

It is an act of a person who, after having knowledge of a security breach and of the obligation to notify the Commission pursuant to Section 20(f), intentionally or by omission conceals the fact of such security breach.

31. Malicious Disclosure

Any personal information controller or personal information processor or any of its officials, employees or agents, who, with malice or in bad faith, discloses unwarranted or false information relative to any personal information or personal sensitive information obtained by him or her

32. Unauthorized Disclosure.

a. Any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party personal information not covered by the immediately preceding section without the consent of the data subject

b. Any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party sensitive personal information not covered by the immediately preceding section without the consent of the data subject,

Note that under section 3, the following terms are defined as:

(b) Consent of the data subject refers to any freely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing of personal information about and/or relating to him or her. Consent shall be evidenced by written, electronic or recorded means. It may also be given on behalf of the data subject by an agent specifically authorized by the data subject to do so.

Data subject refers to an individual whose personal information is processed.

(g) Personal information refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.

(h) Personal information controller refers to a person or organization who controls the collection, holding, processing or use of personal information, including a person or organization who instructs another person or organization to collect, hold, process, use, transfer or disclose personal information on his or her behalf. The term excludes:

(1) A person or organization who performs such functions as instructed by another person or organization; and

(2) An individual who collects, holds, processes or uses personal information in connection with the individual’s personal, family or household affairs.

(i) Personal information processor refers to any natural or juridical person qualified to act as such under this Act to whom a personal information controller may outsource the processing of personal data pertaining to a data subject.

(j) Processing refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

(k) Privileged information refers to any and all forms of data which under the Rides of Court and other pertinent laws constitute privileged communication.

(l) Sensitive personal information refers to personal information:

(1) About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;

(2) About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;

(3) Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or cm-rent health records, licenses or its denials, suspension or revocation, and tax returns; and

(4) Specifically established by an executive order or an act of Congress to be kept classified.

With the given above information from the RA 10173, lets as scrutinize each acts which constitutes a violation.

First is section 25, 28 and 32 is committed when A person Processing of Personal Information and Sensitive Personal Information without the consent or authority of the data subject, or without being authorized under this Act or any existing law. It is clear that consent and authority in this case was not obtain, however we should also consider if the person who collects, holds, processes or uses personal information in connection with the individual’s personal, family or household affairs, for this is an exception under Sec. 3 (H)(2). If the person by giving others number in connection of above purpose then such person does no committed any violation of this provision, otherwise he is guilty.

Second is section 26, 27, 29 and 30,has no application in the case.

Section 31 if the person gave the number of another to a third person even though it is in connection with the individual’s personal, family or household affairs such person is still guilty if, in giving that number he maliciously intend to prejudice the person who owns the number.

To summarize the act of giving number to other violates RA 10123 if the giving of number to a third person is not in connection with the individual’s personal (note: that this is a question of facts that need to be prove) or it was maliciously given to the same with intend to prejudice the owner of the number.

The requisites required by this law to held the person liable in giving individual’s number to a third person without the former consent is one which is difficult to prove. So my suggestion is that before giving your number, ask them not to give your number with others by way of oral contract so that in case they will give your number, they will be liable for breach of contract, this breach is much easier to prove than violation of RA10173.

If however, the owner of the number suffered from injury whether moral, physical or any other injuries he can sue the person who gave his number and the person who get his number under the article 19-24, 26 and 28 of the New Civil Code.

End Notes:

Constitution

Section 1. No person shall be deprived of life, liberty, or property without due process of law, nor shall any person be denied the equal protection of the laws.

Section 2. The right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures of whatever nature and for any purpose shall be inviolable, and no search warrant or warrant of arrest shall issue except upon probable cause to be determined personally by the judge after examination under oath or affirmation of the complainant and the witnesses he may produce, and particularly describing the place to be searched and the persons or things to be seized.

Section 3.

The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise, as prescribed by law.

Any evidence obtained in violation of this or the preceding section shall be inadmissible for any purpose in any proceeding.

Section 6. The liberty of abode and of changing the same within the limits prescribed by law shall not be impaired except upon lawful order of the court. Neither shall the right to travel be impaired except in the interest of national security, public safety, or public health, as may be provided by law.

Section 8. The right of the people, including those employed in the public and private sectors, to form unions, associations, or societies for purposes not contrary to law shall not be abridged.

Section 17. No person shall be compelled to be a witness against himself

New Civil Code

Article 19. Every person must, in the exercise of his rights and in the performance of his duties, act with justice, give everyone his due, and observe honesty and good faith.

Article 20. Every person who, contrary to law, wilfully or negligently causes damage to another, shall indemnify the latter for the same.

Article 21. Any person who wilfully causes loss or injury to another in manner that is contrary to morals, good customs or public policy shall compensate the latter for the damage.

Article 22. Every person who through an act of performance by another, or any other means, acquires or comes into possession of something at the expense of the latter without just or legal ground, shall return the same to him.

Article 23. Even when an act or event causing damage to another’s property was not due to the fault or negligence of the defendant, the latter shall be liable for indemnity if through the act or event he was benefited.

Article 24. In all contractual, property or other relations, when one of the parties is at a disadvantage on account of his moral dependence, ignorance, indigence, mental weakness, tender age or other handicap, the courts must be vigilant for his protection.

Article 26. Every person shall respect the dignity, personality, privacy and peace of mind of his neighbors and other persons. The following and similar acts, though they may not constitute a criminal offense, shall produce a cause of action for damages, prevention and other relief:

(1) Prying into the privacy of another’s residence;

(2) Meddling with or disturbing the private life or family relations of another;

(3) Intriguing to cause another to be alienated from his friends;

(4) Vexing or humiliating another on account of his religious beliefs, lowly station in life, place of birth, physical defect, or other personal condition.

Article 27. Any person suffering material or moral loss because a public servant or employee refuses or neglects, without just cause, to perform his official duty may file an action for damages and other relief against the latter, without prejudice to any disciplinary administrative action that may be taken.

Jurisprudence

Ople v. Torres, GR 127685, 23 July 1998

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s