Have you been to the National Privacy Commission’s website lately? If you haven’t, you’d be pleasantly surprised to know that the NPC has revamped its website. It is now so much easier to get practical and usable information on how to comply with the Date Privacy Act (DPA).

NPC officials have been going around the country, conducting road shows for government, local government, and private corporations, encouraging everyone to comply with the DPA. This is important and gruelling work but it’s not like the NPC has a choice in the matter. After all, once September 9, 2017 comes, it’s all systems go for compliance with the DPA. The NPC will not be able to reach every corner of the country before the deadline comes, so the website will be a big help in guiding people on what to do.

The NPC has created such a useful guide that you may be tempted to ask: do we really need to engage a lawyer to help us get ready for compliance? My answer is a definite yes.

While the requirements may now be a bit easier to understand, everyone will still have to anticipate the ramifications of the law and its impact on their operations. The way each company does business is different and so a template Privacy Policy will not work for everyone. Also, while a company may have succeeded in designating an officer with sufficient knowledge of the DPA as the Data Protection Officer, a lawyer would still serve as an invaluable guide for the DPO and Management. Remember that even template contracts with service providers and other third parties within whom the company may be sharing data will have to be reviewed. This is not only to comply with the DPA but, more importantly, to ensure that the company’s ass is sufficiently covered in case it becomes the subject of a security incident or a data breach.

I will also stress the importance of looking at the background of your lawyer. Not all lawyers will be familiar with the DPA and data privacy principles in general. After all, you don’t want to be following the lead of the pied piper.

#NPC #DPA #compliance

(Below is the text of a short presentation I made during the session on Strategic Litigation organized by the ABA-ROLI and MLDI at the Internet Governance Forum 2016 in Guadalajara, Mexico.)

Here’s the youtube link to the session.

I will be talking about two specific cases of strategic litigation in the Philippines. One on freedom of expression in general, and one specifically on freedom of expression online.

The case on offending religious feelings

The case stemmed from a protest done by Carlos Celdran, an activist, during the Congressional debates for the Reproductive Health bill. Since the Catholic Church was the foremost oppositor of the bill, Celdran decided to take his protest to the Catholic Church. He wore a black suit, and with a placard saying “Damaso” paraded inside the Manila Cathedral. The Catholic Church filed a case against him using a little-known crime called “offending religious feelings.”

Celdran’s defense centered on the argument that the penal provision is unconstitutional since it violates freedom of expression.

Celdran was convicted by the lower court and he appealed his case to the Court of Appeals. The Court of Appeals upheld his conviction. He appealed to the Supreme Court.

Celdran is a popular figure in the Philippines and he drew a lot of support from civil society. This, despite the fact that the Philippines is a predominantly Catholic country. People saw the penal law as outdated. In fact, even the Solicitor General has supported Celdran and urged the Supreme Court to strike down the criminal law provision for its overbreadth, vagueness, and unconstitutional regulation of free speech.

In 2013, following Celdran’s conviction, a bill seeking the repeal of penal provision was filed. However, the bill failed to pass.

Meanwhile, Celdran’s case is still pending in the Supreme Court.

Cybercrime Prevention Act

I think the challenge to the constitutionality of the Cybercrime Prevention Act is the biggest success of strategic litigation in recent years.

The Cybercrime Prevention Act, or Republic Act 10175, was passed into law in 2012. This took the people by surprise since the passage was done under the radar. During this time, the attention of the public was centered around the debates of the reproductive health law pending in Congress.

The Cybercrime Prevention Act was widely criticized for its provisions that were seen to curtail freedom of expression. Among these are the content-related offenses such as cybersex, spam, and online libel. The law also empowered the Department of Justice to take down content even without a court order.

Public opposition to the law gained traction due to the widespread fear of social media users of the online libel provision. The public feared that even acts like “liking” and sharing Facebook posts and “retweeting” tweets would make them liable as the original authors of “libelous posts.”

Fifteen petitions were filed with the Supreme Court, including three by lawmakers.

In its decision, the Supreme Court ruled the following to be unconstitutional: penalizing unsolicited commercial communication as a cybercrime offense, collection or recording of traffic data in real-time, the takedown power of the DOJ without a court order, the provision stating that a person can be prosecuted for violations of the Cybercrime Law and the Revised Penal Code for the same criminal act in cases of libel and child pornography.

It was a mixed victory as the Supreme Court upheld some of the more controversial provisions: The Supreme Court held that the online libel was valid but clarified that it is only the original poster, excluding those who merely liked, shared, or retweeted, who would be liable. The Supreme Court also upheld the constitutionality of the penalty of “one degree higher” for offenses where ICT is used, among others.

Alternative strategies

Following the Supreme Court decision upholding, on the whole, the constitutionality of the Cybercrime Prevention Act, the consensus was that the fight has shifted to the halls of Congress.

The Magna Carta for Philippine Internet Freedom was filed. Significantly, it provides an Internet Bill of Rights for Filipinos. The bill has not been refilled in the current Congress but bits and pieces of it are currently pending. However, there has been no specific bill filed in the new Congress that seeks to legislate an Internet Bill of Rights. I hope that this aspect of the Magna Carta is filed soon.

Several bills have also been filed not only seeking to repeal the online libel provision but to decriminalize libel, both online and offline. There has been no significant movement of these bills, however.

Current Philippines context

While the Freedom House reports continue to cite a decline, freedom of expression in the Philippines remains to be generally recognized by the State. To date, there has not been an extensive and consistent State-sponsored or State-initiated curtailment of the freedom of expression. A cause for concern: President Duterte has stated that some corrupt journalists who were killed “had it coming.” This was seen by many as an implicit endorsement of the killing of journalists.

In the past year, and significantly more so during the election period, we’ve seen a rise in the instances of online harassment and threats. These usually arise from political posts on social media. What we have been seeing though is that the harassment is usually directed at journalists and women. Comments do not only consist of abusive posts but actual direct threats of rape and violence.

In May, a female Facebook user decided to file a case against people who sent her abusive private messages on Facebook. Her case is still pending with the National Bureau of Investigation. It appears that the investigators are faced with challenges in actually locating the posters so that cases can be filed against them.

Journalists seen to be critical of the administration have also received a lot of threats. A few weeks ago, pictures of local Reuters correspondents were shared by the administration’s supporters, with the caption: “Irresponsible journalists must be punished.”

These cases of harassment appear to be concerted and coordinated efforts of the administration’s supporters, leading people to fear that they are actually funded by the administration’s allies. Based on these cases, we’re seeing that there is a shift from using the judicial system to using social media to curtail freedom of expression. This is a challenge that would require a different type strategic litigation for advocates in the legal profession.

#IGF #cybercrimepreventionact #magnacartaforphilippineinternetfreedom #freedomofexpression #onlineharrassment #Facebook #strategiclitigation

Let’s take a look at the NTC’s approval of Globe and Smart’s co-use of the 700MHz frequencies of BellTel. As you may already know, Smart and Globe’s access to these frequencies resulted from their purchase of the telecoms business of SMC.

In approving the use, the NTC set the following conditions:

  1. Immediately commence and implement this co-use agreement;

  2. Increase capacity, i.e. broadband and internet access speed, within one (1) year and submit a progress report on the matter on a quarterly basis;

  3. Submit within sixty (60) days a roll-out plan to cover at least ninety (90%) of the cities and municipalities in three (3) years to address the growing demand for broadband infrastructure and internet access;

  4. Pay the Spectrum User’s Fee and other required fees and charges;

  5. Secure from the Commission separate permits and licenses for radio stations owned and operated by each company; and

  6. Allow the Commission access to the base stations or cell sites for monitoring purposes.

Here are my comments:

  • The NTC requires Smart and Globe to increase capacity within a year. What are the starting numbers? How much capacity increase would be acceptable to the NTC such that the approval of the co-use would be justified? Will the NTC exclusively rely on the reports of Smart and Globe on the increase in capacity or will it make an independent determination? What happens if Smart and Globe fail to increase capacity?

  • There is nothing specific on the parameters for improving internet speed. News reports quote Deputy Commissioner Cabarios as saying that NTC expects to see an improvement from average speed of 1mbps to 5mbps. We must note that this is stated nowhere in the letter. Will his interviews be enough to hold Smart and Globe to the standard of 5mbps average speed? I think not. Additionally, how will the NTC know that the average internet speed it set has been achieved by Smart and Globe? The appropriate measuring methodology and tool for mobile broadband is still a hotly-contested issue.

  • Will the NTC have a say on the contents of the roll-out plan to be submitted by Smart and Globe? Is NTC setting minimum parameters of what such a roll-out plan should contain? Shouldn’t there be a requirement for Smart and Globe’s roll-out plan to conform to (or at least reflect) the government’s digital strategy (Is there a new one? ICTO website only has the one covering 2011-2016)?

  • The letter ends with NTC’s statement that it “reserves the power to terminate the joint use in case of violation of any of the above conditions or when it deems necessary to serve public interest.“ While it may insist on the power to recall the approval given, I find it difficult to see how this recall can be implemented in view of the vague and loophole-ridden conditions that NTC has set. It’s like the NTC castrated itself from the get-go.

#Smart #Globe #competition #NTC #telecoms

Post Categories