TOPIC: Will RA 10173 provide sufficient
mechanism to the introduction of a National ID System in the Philippines
without the constitutional issues that has arisen in Ople vs Torres?
By: Darius
Francis M. Paduada
Privacy is an
everyday word which everybody knows. But if you ask someone what it is, no one
knows. Everybody loves their privacy. Some are a little over serious about it.
A very private emotional individual is an introvert. While a person very
private about his properties has signs “No trespassing Private Property” placed
on all corners. I can talk about privacy and its being a right guaranteed by
the Constitution all day and yet there are still a lot of private things left
unsaid. To make matters easier, what is privacy?
The Constitution
Privacy is a constitutional right
guaranteed by the fundamental Article III The Bill of Rights. Clearly, it is an
important and essential human right.
Section 3. 1. The privacy of communication and correspondence
shall be inviolable except upon lawful order of the court, or when public
safety or order requires otherwise, as prescribed by law.
I presented Sections 2 and 3 (1)
together because I think their difference will lay the ground for any further
discussions to be presented. Section 2 states a more traditional definition of
our privacy act. Privacy is the right to be secured in the convenience of our
homes and persons. In the case of Ople vs Torres, the main issue is the
validity of AO 308. On the hand, Republic Act 10173 is known as the Data
Privacy Act. The question is, what right to privacy is AO 308 and RA 10173
regulating or some may say “infringing”.
At first glance the obvious answer
is Sec. 3(1). Personal communications, data, and an ID system are means of
communication. A simple entry on a personal note when transacting with
government agencies is not only a matter of communication and filing up of
entries. It entails openness about your person and trusting the authorities of
the responsibility of protecting and respecting that symbol of your
person.
If you agree with the above-stated
statement then, you are incorrect. Data privacy and a National Identification
System squarely encounter Sec. 2 and our right to be secured in our persons. Information
and data we enter or the processor gather are not mere words. These are very
personal matters relating to our own person. And everyone is entitled to the
freedom of whether to disclose it or not. It would like to emphasized that Sec.
2 will be the provision contemplated all throughout this paper.
OPLE Vs. TORRES
The Supreme Court’s ruling on this
case is not about the illegality of a proposed national ID system but more on
the separation of powers between the executive and legislative branches of the government.
Generally there are two (2) grounds
on which Ople assails Administrative Order No. 308, 1. It is a usurpation of
the power of Congress to legislate and 2. It impermissibly intrudes on the
right to privacy of citizens. Since the Supreme Court explained the invalidity
of the said Order based on the first ground, I will try to explain it as
provided by the privacy concept.
If
we summarize AO 308, the “whereas clause” will surely give us a heads-up.
PURPOSE: there is a need to provide Filipino citizens and foreign
residents with the facility to conveniently transact business with basic
service and social security providers and other government instrumentalities;
MEANS: this will require a computerized system to properly and
efficiently identify persons seeking basic services on social security and
reduce, if not totally eradicate fraudulent transactions and
misrepresentations;
IDEAL: a concerted and collaborative effort among the various
basic services and social security providing agencies and other government instrumentalities
is required to achieve such a system
The Reasonable Connection Test in Constitutional law will
state that the purpose of AO 308, assuming that it is a valid law, is
reasonable. Transacting with the government is stressful. This is today’s
reality. Aside from the different cards needed for each single agency, the
transaction is vulnerable to red tape. So, the convenience that the supposed ID
System affords is very reasonable. However, we can tell that with regard to the
means to be used. This correctly pointed by the Supreme Court “that assuming,
that A.O. No. 308 need not be the subject of a law, still it cannot pass
constitutional muster as an administrative legislation because facially it
violates the right to privacy”.
The reason is because of Section 4. This provides for a Population Reference
Number (PRN) as a "common reference number to establish a linkage among
concerned agencies" through the use of "Biometrics Technology"
and "computer application designs."
Although the use of biometrics is acceptable today as
observed in COMELEC registrations, it cannot be a requirement for availing
government services nor biometrics be synonymous with a national ID. Obviously
the aforesaid Administrative Order is not for the Nationalized Identification
System. It is not a laminated universal card. It is an adoption of a National
Computerized Identification Reference System. It is a national collection of
computerized data. We have a huge problem here.
AO. No. 308 was issued by President Fidel
V. Ramos On December 12, 1996. So it is basically more than 16 years have
passed. During the making of this article I come across a proposed bill that
will somehow learn from the mistakes of AO 308.
There is proposed law requiring
all Filipinos to secure individual identification cards. It has been approved
on second reading by the House of Representatives already. House Bill 6895 or "Filipino
Identification System Act" the will require all Filipinos here and abroad
to secure non-transferable IDs from at the Local Civil Registrars Office of the
town or city they live.
The ID, will bear the photo, name,
birth date, date of issue, signature of the owner, individual serial number
issued by the National Statistics Office (NSO), and biometric data of the
cardholder. At least the “new” system explains the details and is not limited
to computer data collection.
RA 10173
PURPOSE: protect the fundamental human right of privacy, of
communication while ensuring free flow of information to promote innovation and
growth. The State recognizes the vital role of information and communications
technology in nation-building and its inherent obligation to ensure that
personal information in information and communications systems in the
government and in the private sector are secured and protected.
SCOPE: applies to the processing of all types of personal
information and to any natural and juridical person involved in personal
information processing including those personal information controllers and
processors
Argument: Is the new act leading to National ID
system which was declared unconstitutional in the case of Ople vs Torres?
The Data Privacy
Act of 2012 was approved August 15, 2012 and to fully understand the Act, let’s
discuss first some of the principles and definition imbedded in the Act itself.
The Act referred
as “data” the individual whose personal information is being processed in an
Information and Communication System. The System is for generating, sending,
receiving, storing or otherwise processing electronic data messages or
electronic documents and includes the computer system or other similar device
by or which data is recorded, transmitted or stored and any procedure related
to the recording, transmission or storage of electronic data, electronic
message, or electronic document.
The Act also
have extraterritorial application where it mentioned applicability of the law
to an act done or practice engaged in and outside of the Philippines by an
entity if:
(a) The act, practice or
processing relates to personal information about a Philippine citizen or a
resident;
(b) The entity has a link with
the Philippines, and the entity is processing personal information in the
Philippines or even if the processing is outside the Philippines as long as it
is about Philippine citizens or residents.
The notable
principles declared in the Act are:
·
Processing
of information shall be allowed but subject to the compliance with requirements
of the Act as well as other laws allowing disclosure of information to the
public.
·
Personal
information shall be collected for specified and legitimate purposes determined
and declared before, or as soon as reasonably practicable after collection, and
later processed in a way compatible with such declared, specified and
legitimate purposes only;
·
Processed
fairly and lawfully;
·
Accurate,
relevant and, where necessary for purposes for which it is to be used the
processing of personal information, kept up to date; inaccurate or incomplete
data must be rectified, supplemented, destroyed or their further processing
restricted;
·
Adequate
and not excessive in relation to the purposes for which they are collected and
processed
The
Act however, allows of sensitive information and privileged information in some
instances, such as when the individual or data gave his consent, the processing
was provided for by existing laws and regulations, processing is necessary to
protect the life and health of the data subject or another person, processing
is necessary to achieve the lawful and noncommercial objectives of public
organizations and their associations and processing is necessary for purposes
of medical treatment.
Thus,
from the Act itself this will allow the Government or the commission to have
ready access on personal information of the citizens of the Philippines even
without the consent of the individual as long as it falls under the other
exemptions.
Although
the Data is entitled of certain rights such as being informed whether personal
information pertaining to him, the process of informing the Data is I think
would be troublesome as the duration of sending the information would be a
question.
A
question of confidentiality and privacy of the individual would also arise for
the Commission would have ready access to such information and made available
to the Government as well as data security as against the advancing technology.
Given,
the present situation in our Country, the misapplication of such data is not
impossible.
Individual
safety and sanctuary may be affected by and trespassed as the confidential
personal data of the individual may be accessed by the Commission and could be
used against him. Thereby affecting his right from self incrimination.
Conclusion
No.
The RA
10173 does not provide sufficient mechanism to the introduction of a National
ID System in the Philippines without the constitutional issues that has arisen
in Ople vs Torres. It may somehow lay a ground for a data compilation but it
does not give a framework for a identification system. I think that RA 10173 is
more application on the personal information a computer user will input on the
internet. The name, email and account in general must be protected in the
internet just like its disclosure on an application to the SSS or GSIS.
When thinking
about Facebook, a dilemma will occur when the user dies. Who owns the account
and all the information, pictures, and messages? Mark Zuckerburg or the user? Well
in a sense RA 10173 is helpful because it is very clear that even data subject
has transmissibility rights. The lawful heirs or assignee would have that
right.
RA 10173 is more
than a National ID System. And honestly I cannot really find any mechanism that
it introduces an ID system.