Friday, March 8, 2013

“What should be the Philippines direction on Philippine copyright reform?”



When asked by the above question, I can’t help but muse if our copyright law really needs changing.  Is it really something that an ordinary person would care? Sure, many people will care for some of their rights- --the right to vote, the right to own a property, or even the right to claim Sabah.  But I don’t think a layman would be eager in clicking a yahoo headline which read “Philippine copyright law up for reform!” I even took a quick social weather survey and ask people in my household and neighborhood if they know or care about copyright law reforms.  Surely, I didn’t get excited glees of yes, I do.  The replies I received were; “I’m sorry, what’s that?”, “Really, we have copyright laws!”, and “That’s like when you Xeroxed stuff, right?” The last answer may be a little encouraging, but all in all, I can generally conclude that not many people know or even care about our copyright laws. Interesting enough is that the people I interviewed have college degrees and a couple of them even have post graduate degrees. This just goes to show that copyright law even with learned individuals, is not everybody’s cup of tea.

And for some people, copyright law is just a means to stop certain liberties such as downloading music and movie files, photocopying documents and sharing files online.  They think that this law will make it more costly and more tasking for them to listen to their MP3s, to watch their AVI’s and to read their PDF’s.  Some feel that if they can the download the materials freely in torrents and direct download platforms then the author/artist must have already waived their copyrights.  And for some transferring and sharing materials are more economical than buying them in records stores and bookstores. These hold true to some Pinoy’s mantra “Why pay if you can get it for free?”  

And even if some people know perfectly well the provisions of the law, not many of them will be afraid to violate them. Give the lax implementation and seemingly obvious and rampant violations of these provisions; many will be encouraged to disregard the law.  It’s just way too easy to buy pirated dvd’s, fake artworks and unlicensed computer software. Even with students of prestigious institutions of higher learning, some rampant violations can be observed such as the reproduction of multiple copies of an entire published work via the method called “book-alike”. This method although against Section 187 of RA8293 has become an acceptable practice even of students of the law. To sum it all up, copyright law to some is boring, a hindrance, and unsupervised.

But as a law student, I feel that I should know better. I should know the purpose of the copyright law. And that is to help protect the right of the artist/author on the work that he diligently toiled.  His artistry should be protected as well as so as not to deprive him of the economic benefits as well as the proper recognition of his work.  In this way, the craft and even the industry will be protected. It will also serve as an inspiration to the younger generations to pursue and develop such kind of artistic/literary craft.  Another important reason why copyright needs to be protected is that it will give great minds chance to showcase their talents and not be afraid of copycats infringing them.  Copyright law also protects the author from having his worked misused and/or abused by others.  The author has the moral right on how his work can be displayed or used and this also guarantees that his reputation is protected. Even long after the author has gone, his copyrights are still protected.
For us to be on the same page and rowing the same boat, allow me first to cite the following definitions lifted from RA 8293 under Part IV or the Law on Copyright:
Author - is the natural person who has created the work;

Collective work - is a work which has been created by two (2) or more natural persons at the initiative and under the direction of another with the understanding that it will be disclosed by the latter under his own name and that contributing natural persons will not be identified;

Communication to the public - the making of a work available to the public by wire or wireless means in such a way that members of the public may access these works from a place and time individually chosen by them;
           
Computer - is an electronic or similar device having information-processing capabilities;

Computer program - is a set of instructions expressed in words, codes, schemes or in any other form, which is capable when incorporated in a medium that the computer can read, of causing the computer to perform or achieve a particular task or result;

Public lending - is the transfer of possession of the original or a copy of a work or sound recording for a limited period, for non-prof it purposes, by an institution the services of which are available to the public, such as public library or archive;

Public performance - in the case of a work other than an audiovisual work, is the recitation, playing, dancing, acting or otherwise performing the work, either directly or by means of any device or process; in the case of an audiovisual work, the showing of its images in sequence and the making of the sounds accompanying it audible; and, in the case of a sound recording, making the recorded sounds audible at a place or at places where persons outside the normal circle of a family and that family's closest social acquaintances are or can be present, irrespective of whether they are or can be present at the same place and at the same time, or at different places and/or at different times, and where the performance can be perceived without the need for communication within the meaning of Subsection 171.3;

Published works - means works, which, with the consent of the authors, are made available to the public by wire or wireless means in such a way that members of the public may access these works from a place and time individually chosen by them: Provided, That availability of such copies has been such, as to satisfy the reasonable requirements of the public, having regard to the nature of the work;

Rental - is the transfer of the possession of the original or a copy of a work or a sound recording for a limited period of time, for prof it-making purposes;

Reproduction - is the making of one (1) or more copies of a work or a sound recording in any manner or form (Sec. 41 (E), P.D. No. 49 a);

Work of applied art- is an artistic creation with utilitarian functions or incorporated in a useful article, whether made by hand or produced on an industrial scale;

Work of the Government of the Philippines - is a work created by an officer or employee of the Philippine Government or any of its subdivisions and instrumentalities, including government-owned or controlled corporations as a part of his regularly prescribed official duties.

According to the law, literary and artistic works and some derivative works are original intellectual creations in the literary and artistic domain protected from their moment of creation.  Copyrights or economic rights shall consist the exclusive right to carry out, authorize or prevent the following acts: reproduction of the work, adaptations and abridgements, rental of the original copy, public display/performance, and other communications to the public. There are also acts that shall not constitute infringement of copyright.  Some of which are:
a)      Works made acceptable to the public if done privately and free of charge;
b)      Quotations from a published work if they are compatible with fair use;
c)      Reproduction of current political, social, economic et al, if delivered in public;
d)      Communication to the public or reproduction as part of reports of current events or for teaching purposes;
e)      The use is under the direction or control of the Government, National Library or by educational, scientific, or professional institutions where such use is in the public interest;
f)       For the purpose of judicial proceedings or the giving of professional advice of a legal practitioner.

The Copyright Law (RA 8293) was passed last June 6, 1997 and understandably the technology at that time was simpler as compared with what we have now. Nowadays, file sharing, music and video downloading are easier than ever.  Some of the internet advances such as Facebook, Youtube, Cloud Servers came out way after the law was passed. And as such, certain provisions of the laws may no longer be applicable.  I have cited below certain sections in the law that I believe needs revising to meet the challenges of today’s technology as well as to be abreast with the development not yet apparent whence the law was drafted.

Section 187 states that only a single copy will be made for the reproduction of a published work and exclusive for research and private study.  Given the advances in technology where a single file can be electronically stored in several virtual drives such as google drive and dropbox.  This current section has no specific provisions to confirm if indeed it is acceptable to store one file in several locations.  Also, some virtual folder can be shared with other users electronically.  Will this constitute an infringement of the rights of the author based on Section 187?

Section 188 states that any library or archive whose activities are not for profit may, without the authorization of the author of copyright owner, make a single copy of the work by reprographic reproduction.  This section again does not specify if the allowable copy of the work can be stored electronically in multiple virtual folders.  Also, it does not have a provision for e-library that have been the trend of many public and private institutions.  It is as well not clear if a certain library chooses to employ more than one type of archiving software or technology. Two or more archives may be chosen so as to mitigate and prepare for virus attacks.  Again, will this be considered a breach of this specific section?

Section 189 of the law states that , the reproduction in one (1) back-up copy or adaptation of a computer program shall be permitted, without the authorization of the author of , or other owner of copyright in, a computer program, by the lawful owner of that computer program: Provided, That the copy or adaptation is necessary for:
(a) The use of the computer program in conjunction with a computer f or the purpose, and to the extent, for which the computer program has been obtained; and
(b) Archival purposes, and, f or the replacement of the lawfully owned copy of the computer program in the event that the lawfully obtained copy of the computer program is lost, destroyed or rendered unusable.
Again, this section has no provisions to deal with the advances in technology such as the virtual folders, cloud computing, file sharing and archiving software. 

As such, I am of the same opinion that reforms to the copyright laws should be made as soon as possible.  Thus, the direction on the reforms for the copyright law should consider the following:

a)      Philippines is home to many wonderful and creative writers/artists and inventors/innovators

-          The artistic prowess of the Filipinos is renowned worldwide.  Top of mind names are Lea Salonga, Apl.De.Ap, Charice Pempengco, and Jessica Sanchez. We also have very talented painters and architects in the names of Juan Nakpil, Fernando Amorsolo, Juan Luna and Juan Arellano.  The list goes on and on and this only goes to show that on top of our very rich natural resources is a very talented pool of world class artists. Thus reforms to the copyright law should center on the protection of these talents. Also, the reforms should consider the protection of the next generation of artists.

b)      Philippines has a very strong foundation in IT and is home to many exceptional programmers and techies
-          With the many advances in IT, the Filipinos were very quick to adapt.  Many of world’s biggest IT companies are in the Philippines.  A greater bulk of our service sector is in the IT industry. We as well have very famous and infamous IT programmers like that guy that created the love bug virus.  Indeed, our IT personnel are as equally important as our artists and also deserve the utmost protection when it comes to copyright laws.

c)      Advances in technology are in a very rapid pace

-          As I have indicated above, certain advances in technology have posed some questions in certain provisions of the law.  I hope that the new laws will be able address them and if possible prepare for future developments in technology.

d)      Reforms should be more flexible with the needs of Filipinos

-          The new copyright laws should also be friendlier to the common Filipino.  It should be able to address our insatiable need for information, our increasing propensity for new media, and our innate acumen to save on things. Let’s face it, not everyone can afford a new published Bob Ong book.  I’m not saying that we give the publishing houses a run for their money. What I’m saying is that literature and other art works should be made more accessible to the common ‘tao’ without sacrificing the moral and economic rights of the artist.

Lastly, I hope our lawmakers are able to contemplate on the needs of the artist/programmers as well as the needs of the common tao when revising our copyright law.  I hope it will be dynamic and will last for a longer period of time.  I also hope that it will pinpoint the perceived weaknesses of the current law.  Lastly, I hope that the reforms in the copyright laws will be a win-win for the stakeholders.


Friday, January 11, 2013


Senate Bill No. 3327: Will this Bill Really Give
Internet Freedom for the Filipinos?


           
Miriam Defensor-Santiago's Magna Carta for Philippine Internet Freedom, according to her, will ensure that the Filipinos will be able to meet the challenges posed by the ICT and cyberspace, and able to wield it and benefit from it in charting a better future. How does this bill match up with the current enacted law on Data Privacy Act of 2012? Can this bill eliminate the uncertainties of the latter enacted law? Does the bill clearly draw the line of those punishable acts from those genuinely innocent and yet brilliant works of those computer addicts with their pure genius acts in using their toys? Will this bill really protect the Filipinos from those crooked minds of those people whom all they want is to lure the innocent with their vital information and do illegal acts using the internet at the expense of the latter?


            The bill is trying to put some amendments to current applicable laws such as the Data Privacy Act, E-Commerce Act, Intellectual Property Code of the Philippines to name a few, and intends to repeal entirely the newly enacted Anti-Cybercrime Law. Although terms, punishable acts and penalties are similar from each other, what is significant in this bill is that the author tried to carefully clearly emphasize the details of each section so as to enhance its discussions on what are really illegal and what are lawful. However some of them are still blurry, maybe only to me who is studying law, or maybe more so to a layman? It would also seem at the first reading that 2 or more parts of the bill is discussing the same issues where in fact the bill is trying to pertain to different acts. It's either that it needs a few editing or the reader just has to focus on what he's reading (like me perhaps, hehehe...).


            The creation of the Department of Information and Communication Technology and how the bill intensified its duties and responsibilities with regard to the implementation of plans, policies, programs and measures that this bill is trying to convey would be very beneficial, especially now that most, if not yet all but eventually I suppose it will be, tasks that a person needs to do (i.e. working at home, paying bills, buying articles, reading books, playing, etc.) can be done over the internet. This agency will be the one to oversee what is happening over the world wide web, especially with regard to assuring that the rights of the Filipinos are not violated using the internet. The Department of Information and Communication in collaboration with the Department of Education and Commission on Higher Education will create and develop curriculums for students to allow the new generations acquire knowledge on how to properly utilize the internet in all its aspects through formal education. This will be beneficial as well, instead of them getting the information directly from the net because they as well as their parents are not certain that the information the kids are getting from the computer are trustworthy.


I particularly like the part on the Periodic Review Clause, which makes the bill up to date with all the new technologies available in the market and from which the crooks can and will use to do illegal acts that can make the law, without this periodic review, obsolete, and allow these crooks free from any liabilities at the expense of the innocents. 


I have noticed that some of the provisions under Cybercrimes to be a little stringent, ambiguous and inconsistent with the other statements used in the bill, such as the following:

·         Chapter VII. Cybercrimes and other Prohibited Acts, Section 26. Violation of Data Privacy: Unauthorized access. - It shall be unlawful for any person to intentionally access data, networks, storage media where data is stored, equipment through which networks are run or maintained, the physical plant where the data or network equipment is housed, without authority granted by the Internet service provider, telecommunications entity, or other such person providing Internet or data services having possession or control of the data or network, or to intentionally access intellectual property published on the Internet or on other networks without the consent of the person having ownership, possession, or control of the intellectual property, or without legal grounds, even if access is performed without malice. (Senate bill No.3327/Fifteenth Congress of the Philippines)

o        My take: what is access all about, as defined here in the bill? Access is the ability and means to communicate with or otherwise interact with a device, computer, system or network, to use resources to handle information, to gain knowledge of the information the device, computer, system, or network contains, or to control device or system components and functions. Access does not, based on the bills definition, speak of a way a particular way to communicate or interact with a device. In my understanding, it's just the pure and simple way of surfing the internet or getting information, whether it is for educational purpose or for leisure. If these information are indeed not for the p se 4 F}D4hrHe owner of such should be careful in keeping these from the public's eyes. Meaning, the owner should prove first that he made all the necessary technical approaches to hide this. Because if the data can readily be accessed in the internet without any password or any security system to conceal them, intentional access of it should not be illegal, for whatever purpose by any individual, in good faith, accessed it for. It should only be illegal if the access is done through hacking.

·         Chapter VII. Cybercrimes and Other Prohibited Acts, Section 24 on Network Sabotage: Direct network sabotage - It shall be unlawful for any person to cause the stoppage or degradation of Internet or network operations of another person, through electronic means, through physical destruction of devices, equipment, physical plant, or telecommunications cables including cable TV transmission lines and other transmission media, or through other means, except if the stoppage or degradation has been done in the normal course of work or business by a person authorized to stop, modify, or otherwise control network operations of the other person. (Senate bill No.3327/Fifteenth Congress of the Philippines)

o        My Take: I don't think that this act should be criminalized, per se, especially if the person who caused the stoppage never intended to do the same. I can't think of any way of how an unintentional stoppage can be done (I'm not the techy type), but supposing this was done by an unsuspecting person who is just surfing the net, trying different things, clicking here and there, and then boom!!! It happenned! There was stoppage, degradation of Internet or network operations of another person, through electronic means, and so on and so forth... There was no intention on the part of the person to cause direct network stoppage. But just because of his curiosity on the internet, direct network sabotage happened. Although of course this person can still be civilly liable.

o        My Take: Although this subsection, I think, can still be revised, like inserting the word "intentionally" (It shall be unlawful for any person to "intentionally" cause the stoppage or degradation of Internet...). Because the word intentionally would also mean that the person who caused the direct network stoppage has his reasons why he did such a thing, and it is usually in bad faith. I think its just proper to insert a qualification to know which act is punishable and which is not. Otherwise, this section referring to the direct network sabotage may cause hindrance to people, especially those not well versed on the internet, making them even more afraid of touching a key as they may think they will cause direct network sabotage, punished with imprisonment of prision correccional or a fine of not more than P500,000.00 or both.  This may also be a reason for an increase on the number or persons still illiterate on the Internet.

·         Chapter VII. Cybercrimes and Other Prohibited Acts, Section 25 on Failure to Provide Reasonable Security for Data and Networks: Failure to provide security - It shall be unlawful for any Internet service provider, telecommunications entity, or other such person providing Internet or data services to intentionally or unintentionally fail to provide appropriate levels of security for data, networks, storage media where data is stored, equipment through which networks are run or maintained, or the physical plant where the data or network equipment is housed. (Senate bill No.3327/Fifteenth Congress of the Philippines)

o        My Take: I am unable to comprehend what is really punishable in this because the data which the subsection intends to apply appropriate levels of security, did not state the kind of data and whom such data belongs to. Is it the data of the end-user? If that is the case, should an end-user's aim is to protect some information, is it not that it is in the end-user's hands to protect such data? But if the data that this subsection is referring to is the data of their end-user which the latter offered under the agreement that such information will not be offered to other persons natural or juridical, I suppose it is punishable. 


All in all, I can say that the bill has high potentials which could, once enacted, and would last for a long time. I say so because of this particular part of this bill that really got my attention. It is the Periodic Review Clause. This review will indeed pave way to new additions for the improvement of the law (should this bill be enacted). This would really make this law (again should this bill be enacted) keep pace with the technological advancements and other changes. As we all know, new technology now will only last for a few months or even weeks. As the technology quickly changes, crooked thoughts of the criminal minds also rapidly change by planning again just to make sure they will accomplish whatever perverse acts they want to perform at the expense of other innocent victims.


 Although it is very strict, I suppose it is just the right time that the use of internet is given some limitations. Anyway, freedom does not mean that you are free to do all things without taking into considerations of the effects it can do make to those surrounding you. Freedom has its limitations. And these limitations with regard to internet usage are drawn here in this bill.


Another significant portion of this bill is that it tried to create new kinds of punishable acts based on current acts, statutes and/or other special law, such as some crimes in the Revised Penal Code, Child Prostitution, Child Trafficking to name a few. The bill created punishable acts, by just adding an additional element from current laws. This element is that the act is done by using devices, equipments or physical plants connected to the Internet or telecommunications network. In other words, with the non stop development of the technology of today, crimes may now be done through the use of the internet.


Yes is the answer as to the question on whether this bill will indeed give internet freedom for the Filipinos. Yes this bill is better than the Data Privacy Act of 2012 or even the Cybercrime Prevention Act of 2012. Not that I am saying that the current laws are ineffective. The bill just needs a little adjustment for it to be perfect. But this bill is definitely the improved version.




Friday, December 7, 2012

RA 10173: Saving Private Data?

Information Age


RA 10173 or the Data Privacy Act of 2012 (DPA) did not draw much attention as compared to the sensational Cybercrime Prevention Act of 2012 (RA 10175). If the two laws were likened to two women, we will have the Maria Clara – Maria Ozawa dichotomy. The former, conservative in nature, maintained its composure and was unscathed from criticisms and issues. The latter on the other hand, became sensational and drew flak from different sectors of both the real and the cyber world. (Please understand that this comment neither intended to belittle women as the weaker sex nor stereotyped them in rigid and superficial categories. The metaphor used was only to show how seemingly similar laws appear, even if they are at the opposite ends of the spectrum when we consider the public reaction.)


Clearly, the use and transfer of information have greatly evolved whence the time of Maria Clara. The information age has provided us with very powerful platforms to extract, process, and transfer information. One could muse that during Rizal’s time, the pen was mightier than the sword. However in the information age, the more powerful weapon is the click of the mouse. (Tablet users may argue that it’s the tap of a finger). With one click, we can download an entire collection of Rizal’s works, or, upload a comprehensive warfare tactics that may have been useful for the Katipuneros. However, these technological advances have also made us more vulnerable to threats and attacks. In our time and age, personal information used fraudulently and/or erroneously can cause detrimental effects to us. Last 2008, in the United States alone there were as many as 10 million cases of identity theft and many of which were purported with the misuse of private data. [1] Thus, the law was supposedly conceived to protect us from these ills.


The Law


Purpose


The declaration of policy noted that the human right to privacy should be safeguarded and that personal information in Information and Communications Technology (ICT) systems in both the government and private sectors are protected and secured. [2] This declaration will tell us that the law recognizes the importance of our right to be let alone more so in these ever changing time and age. The Law will also ensure that we are protected from the threats of the misuse and abuse of personal and sensitive information.


Another purpose of the law is to increase the confidence of international investors particularly in the BPO industry by adhering to international standards of privacy protection. [3] Given the billions of dollars revenue generated from the BPO industry, compliance to international standards will surely ensure the competitiveness and attractiveness of the Philippines This could very well translate to more job opportunities for Filipinos.


Scope


Personal information is defined as “any information whether recorded in material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information or if put together with other information will certainly identify the person”. This will include facts and figures about a person’s race, ethnic origin, marital status, age, color, religion, political affiliations, health, and sexual life.[4]


The Law will cover “all types of personal information and to any natural and juridical person involved in personal information processing including those personal information controllers and processors who, although not found or established in the Philippines, use equipment that are located in the Philippines” with specific exclusions on the following:

-          Personal information originally collected from residents of foreign jurisdictions
-          Information on government personnel related to position and function.
-          Information covered in AMLA, SBA, CISA, FCDU and other pertinent banking laws.[5]


Notable Provisions


The law mandates collectors, holders and processors of personal and sensitive information to ensure strict compliance the conduct of their activities.  The information must also be stored only as long as it is needed or “for the establishment, exercise or defense of legal claims, or for legitimate business purposes, or as provided by law.” Lack of consent from the data subject will not stop the processing should it be related to the fulfilment of a contract he has previously entered, to comply with legal obligation, in cases of life and health, and to serve the greater interests of the public.  In some cases where the information are found to be incomplete, outdated, false, and/or unlawfully obtained, the data subject can demand for its withdrawal, blocking or removal. Penalties from violations will be imprisonment of up to 7 years and the fines ranges from Php 500,000 to Php 2,000,000.00 [6]


National Privacy Commission (NPC)


The NPC is tasked with administering and implementing the provisions of the Law, recommending to the DOJ the prosecution and imposition of penalties, and helping facilitate cross-border enforcement of data privacy protection. It will be composed of three members; a Privacy Commissioner and two deputies. Also, the NPC will be attached to the Department of Information and Communications Technology (DICT). Should the creation of the DICT is not completed the time the law takes full force and effect, the Commission will attach itself to the Office of the President. The Commission will receive an initial appropriation of Php 20,000,000 and Php 10,000,000 per year for 5 years upon implementation. [7]


 My Take


The Good


The law will indeed spurt growth in the BPO industry. According to Business Processing Association of the Philippines (BPAP) President Benedict Hernandez, “Because the IT-BPO industry and best practice is evolving rapidly, enhancements to existing legislation will ensure that the Philippines remains competitive and in fact leads breakthrough initiatives in best practices for the industry.”[8] And, according to Alejandro Melchor III, deputy executive director for ICT industry development, “the new law will help the Philippines become a global leader for shared services, one of the fastest growing segments of the IT-BPO industry” [9]. Working in a call centre for two years made me realized that indeed the BPO industry employs a great number of Filipinos.  The BPO industry has also employed many of my family members and friends and given this fact, I am very much in favor of a law that will help the BPO industry sustain and maybe increase its current hiring state.


The law will also help protect a person’s data from abuse and misuse.  Without consent, companies and government institutions cannot transfer or process someone’s personal data.  I am personally aware that some companies use and transfer personal information of their clients for marketing and cross-selling metrics purposes.  This means that some companies allegedly use and share personal information like income, sex and preferences to sell products to clients via personal email and/or mobile numbers.  With the law in place, we will be better protected from this type of practice and we may receive fewer spam emails and text messages.


I am also in favor of a law that will replicate the care and transparency the banking institutions practice with the personal and sensitive information of their customers to other sectors, both in the government and private industries.  Married to a banker engaged in information risks, I am particularly aware of the different safeguards and due diligence banks do just to ensure that customer information are protected.  There are different levels of checking and counter checking done in the banks and some even create a standalone department just to ensure compliance.  This goes to show that when the law gains full throttle a similar practice will be expected in the other industries.


Another advantage of the law that I have seen is that it puts premium on the protection of our constitutional right to privacy.  Extraction, processing and the transfer of our personal data should be done with utmost care.  There is a reason why they coined the saying “we all have skeletons in our closets”. And it is that we value our personal information and we deserve for it to be handled well.  I believed that several scandals (Hayden Kho, Amalayer) may have been avoided if the general public knows that there will be repercussions if they disregard the value of privacy.


The Bad


Some journalists raised their concerns that the law might be restrictive to the principles of the media – freedom of expression, accountability and transparency. They said that the personal lives of government officials have bearing in their accountability to the citizenry.  Thus, there may be hindrances to journalists in proving the wrongdoings of certain politicians and officials in government. [10] I don’t think I agree with this type of thinking. There is a specific provision in the law which gives leeway to journalistic, artistic, literary or research purposes. Also, there are other ways to expose a corrupt official.  We have existing mechanisms in the local government level as well in the Office of the Ombudsman and Sandiganbayan to address this type of concern.  Also, I don’t think this can be an issue of freedom of expression.  I believe that for every ounce of freedom the journalists claim they have, is a corresponding ounce of responsibility and accountability in their actions. 


I am not particularly sold on the 1000 bulk limit in accessing and moving records.  There may be times when the 1000 bulk limit will not be applicable.  Databases may contain records of up to a million entries and if you have restriction on the limit then it would be hard for the processors to do their jobs.  Also, why would you need to set a bulk limit if in the following paragraph of the law it is indicated that the data will be protected using the most secure encryption available.  Following the armoured car analogy where the car used has thick armor and the guards inside have big guns, it wouldn’t make sense if the amount stored will be set at a very small limit.


There are some particular blogs which I have come across which mentioned that the penalties of the law are irrationally stiff.  They reason that a poor processor may end up paying a large sum or worse do time even if they did not mean to do the wrong deed.  I particularly do not agree with this. I believe that the intention of the law is to create awareness as well as create a system of due diligence when handling private data.  It is the responsibility of the companies/industries to train their staff to be particularly familiar with the provisions of the law.  Due diligence has been part of the banking industry ever since so I don’t think the other industries will have a hard time catching up. [11]


The Questions


As with other laws, the question may not be how beautifully they are crafted, but how effectively they are implemented.  As we are yet to see the IRR, I cannot help but speculate the following:

a)      What would be the different levels of penalties?  Will it be according to the sensitivity of the information, the bulk of information? Where do we draw the line between what’s sensitive and highly sensitive?
b)      How will the commission handle possible conflicts with other laws specifically those related to banking?
c)      What are the criteria for journalistic, artistic, literary or research purposes?  
d)   Will the government compensate or give particular incentives and perks to those following the law?
e)       Will the law entail additional costs to the government and the private sector?


The Verdict


Given the insights I have provided above, I am in favor of this law.  I see that it will be beneficial to the greater good as long as the implementation is handled carefully.  I also believe that the advantages of the law definitely outweigh its perceived disadvantages.  With that said, I shall wait for the formulation of the Implementing Rules and Regulations and revise/redraft my stance if necessary. 


ENDNOTES