Data Privacy Act of 2012… An Antidote to Identity Theft in the Philippines

The Philippines which is the sixth largest social network media user in the world such as Facebook,  is also one of the many countries without a law to protect its social network users from online identity theft.  Identity theft is defined when someone uses your personal information without your permission, to commit fraud or other crimes. No law has been enacted that penalizes people guilty of identity theft.  They not only occur in social networking sites, but in banking sites as well.  To date, ten Filipinos fall victims per day to identity theft, especially in Metro Manila.

Victims of identity theft

Kryz Uy, a twenty-one year old model, entrepreneur, and blogger was one of the many victims of identity theft. An unidentified user set-up a fake account using her name to sell clothes, purportedly from her.  A maximum of P8,000 was stolen from one of Uy’s followers. Those who were scammed thought that she was the source of all this,  so tried to find a way to clear her name by reporting the matter on Facebook, and even went as far as reporting the incident to proper authorities but to no avail

Gilbert Climaco, a program director and news anchor of the Radio Mindanao Network, was a another victim of identity theft.  In 2010, an unidentified person used a fake Facebook account under his name to extort money. Climaco, back then did not  have any account in any social networking site.  This fake account has messed up his life.”

A bank depositor, who refuses to reveal his identity, lost P87,000 when an unknown cyber-thief succeeded in transferring money from his account to an untraceable account. He was so frustrated because the bank where he kept his money could not do anything about the matter.

In April 2012, a call center agent faced multiple charges after being caught receiving money sent by an Australian man whom she duped through its social networking site Facebook.  The suspect, Louella Tan, created a fake Facebook account using pictures and other personal information  of Fil-Norwegian commercial model Janka Cederstam in her newly created Facebook account  using the name  “Jen Matheson.”   She used this account to sweet talk the Australian in becoming his girlfriend and eventually extorting money from him, claiming that there was no one to support her since whe was allegedly orphaned.  This prompted Cederstam to file a complaint with the National Bureau of Investigation (NBI) against the identity thief and a sting operation was set up.  Tan was arrested and was caught collecting themoney sent by the Australian.  She was charged with estafa, violation of the E-Commerce Law, and illegal use of alias, since there was no law against identity theft during that time. 

Legislation on Anti-identity theft

Congress finally approved legislation to counter on-line identity theft through the enactment of Republic Act (RA) No.  10173 or the Data Privacy Act of 2012 which was approved by President Benigno C. Aquino III last August 15, 2012.  The title of this act is : “AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR, CREATING FOR THIS PURPOSE A NATIONAL PRIVACY COMMISSION, AND FOR OTHER PURPOSES.” 

The main features of the law are the following:

a.     It mandates government/private entities to protect/ preserve the integrity, security and confidentiality of personal data collected in their operations, in compliance with international data security standards.

b.    The law creates the National Privacy Commission which will monitor and ensure compliance with international standards for data protection.

c.      It penalizes unauthorized processing of personal information with one year to three years’ imprisonment, and a fine of not less than P500,000 and not more than P2 million; imposes a higher penalty of three to six years’ imprisonment, and fine not less than P500,000 and more than P4 million on the unauthorized processing of personal sensitive information.

d.    Accessing personal information and sensitive personal information due to negligence are punishable by one to three years’ imprisonment and fine ranging from P500,000 to P2 million, and three to six years’ imprisonment and a fine ranging from P500,000 to P4 million, respectively.

e.      It also imposes separate penalties for improper disposal of personal information and sensitive personal information, and processing of personal information and sensitive personal information, as well as unauthorized access or intentional breach, concealment of security breaches, malicious and unauthorized disclosure of false information, among others.

In essence, the law, through the National Privacy Commission, is mandated to enforce policies that balance the right of the person to privacy with the need to speed up the utilization of the Internet.  By establishing a policy framework Internet freedom is protected while making ensuring the safety of cyberspace.

The law was based on Senate Bill No. 2965, which was sponsored by Senator Edgardo Angara.  It   was mainly based  from Directive 95/46/EC of the European Parliament and Council and is at par with the Asia Pacific Economic Cooperation (APEC) Information Privacy Framework standards.


Related Links:

A.    Articles (URL Website);

B.    Laws/Bills (URL Website):

1.     Bills

        Senate Bill No. 2965

2.    Republic Acts (Official Gazette)

       Republic Act No. 10173



Leave a comment

Filed under Data Privacy, Identity Theft

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s