The Senate of the Philippines unanimously approved the Data Privacy Act of 2011,
also known as “An Act Protecting Individual Personal Information in Information
and Communications Systems in the Government and the Private Sector, Creating
for This Purpose a National Data Protection Commission, and for Other Purposes”
(S.B. 2965).It seeks to establish fair practices and regulate the collection
and use of personal details stored in the computer systems of the private
sector and the government. The act
applies to the processing of all types of personal information and to any
natural and juridical person involved in personal information processing
including those personal information controllers and processors who, although
not found or established in the Philippines, use equipment that are located in
the Philippines, or those who maintain an office, branch or agency in the
Philippines. As provided in the Section
9 of the bill, processing of personal information shall be allowed, subject to
compliance of certain requirements, and other laws allowing disclosure of
information to the public and adherence to the principles of transparency,
legitimate purpose and proportionality, the personal information must be:
- Collected for legitimate purpose
- relevant for the purposes for
which it is to be used the processing of personal information
- processed lawfully
Section 9 in connection with Section
10, the processing of the personal information shall be permitted only if not
otherwise prohibited by law, and when at least one of the conditions exist:
- Data subject has given express or implied
consent
- related to the fulfillment of a contract or for
compliance with legal obligation
- The processing is necessary to protect vitally
important interests of the data subject, including life and health;
- in order to respond to national emergency
- or for legitimate interests
However, in my opinion, this Bill
could create numerous consequences. There
is a probability and possibility of unlawful prying into the personal
information of the data subject if the public officer concerned or the
Processor has a private transaction with the data subject, therefore, consent to be given by the data
subject may be set aside. There may be a
contract entered into which may be fictitious, in which case, may defraud the
creditors of the data subject. Other
persons may pry into the privacy of the data subject, and the latter may be
ignorant or is at disadvantage on account of his moral dependence. Other public officials or officers, and
government employees working in government agencies or offices and handling the
payroll may create a GHOST EMPLOYEE, therefore, corruption will become more
possible and easy to do because of the availability of personal
information. Personal information
available to the public might become a danger to the life of the data subject.
