June 23, 2008 · Posted in: Governance, Science and Technology, The Internet
Safeguarding every Filipino’s ‘right to be left alone’
(UPDATED) THE Philippines has one of the poorest privacy safeguards in the world, according to the UK-based human rights group Privacy International (PI) in a forum organized last week by the Foundation for Media Alternatives (FMA).
On a scale of one to five, with one as “consistently upholding human rights standards” and five denoting “endemic surveillance,” the Philippines scored 1.8 in Privacy International’s 2007 National Privacy Ranking.
Forty seven countries in PI’s survey on global privacy were evaluated across 14 criteria. The Philippines ranked lowest in privacy enforcement, identity cards and biometrics, data-sharing, communication interception, and government access to data.
According to Privacy International, financial data protections have been undermined, ID plans are being revived, and illegal wiretapping has continued in recent years in the Philippines. (see table)
|
PRIVACY RATING OF THE PHILIPPINES, 2007
|
|
|
CRITERIA
|
SCORE
|
|
Constitutional protection
|
3
|
|
Statutory protection
|
2
|
|
Privacy enforcement
|
1
|
|
Identity cards and biometrics
|
1
|
|
Data-sharing
|
–
|
|
Visual surveillance
|
–
|
|
Communication interception
|
1
|
|
Workplace monitoring
|
2
|
|
Government access to data
|
1
|
|
Communications data retention
|
–
|
|
Surveillance of medical, financial and movement
|
2
|
|
Border and trans-border issues
|
–
|
|
Leadership
|
2
|
|
Democratic safeguards
|
3
|
|
TOTAL
|
1.8
|
Malaysia, Russia, China, along with the United States, United Kingdom, Thailand, Taiwan, and Singapore, scored the lowest. Greece, Romania and Canada, meanwhile, ranked as having adequate safeguards against abuse.
The latest rankings indicated an overall worsening of privacy protection across the world, reflecting an increase in surveillance and a declining performance on privacy safeguards. The results also showed an increasing trend among governments to archive data on the geographic, communications and financial records of all their citizens and residents, which led to the conclusion that all citizens, regardless of legal status, are under suspicion.
‘Room for improvement’
Despite the country’s poor ranking, PI director Simon Davies says there is still room for improvement, referring to the pending bills on privacy.
Click here for a larger view
The bills once passed, said Davies, will add teeth to constitutional provisions and provide a more comprehensive protection to citizens’ right to privacy.
“More than any country in the region, the Philippines acutely understands the relationship of power between the state and the citizens,” he said. “I have a view of the Philippines as a passionate and a sensitive country that understands the very core of privacy.”
Alan Alegre, FMA executive director, noted that while the right to privacy is recognized in the Bill of Rights, violations persist. “Thus, it is important to raise awareness of privacy issues,” he said.
Introduced by Camarines Norte Representative Liwayway Vinzons-Chato, the privacy bill — also known as the “Data Protection Act” — seeks to regulate how an individual’s personal information is used and to protect it from misuse in both private and governmental information and communication systems.
The bill will also provide a set of rules prohibiting the misuse of personal data without preventing it from being used for legitimate or beneficial purposes.
A National Data Protection Commission will also be created to ensure that data protection principles are followed strictly.
The privacy bill shall penalize the use of personal data without the consent or authority of the subject, malicious reporting of any personal data, and the breach of confidentiality when information has been published or reported by media.
Vinzons-Chato emphasized that personal information must be “obtained fairly and used only for the original purpose specified.” It must be accurate, up-to-date and not transferred without consent.
Privacy International supports the pending bill, pointing out that the Philippines can lead the world if it is handled carefully and sensitively.
“The Philippines could actually jump in with new initiatives in privacy protection that actually suit the 21st century,” said Davies.
‘Information’ technology
Privacy International senior fellow Dr. Gus Hosein explained that issues in privacy have also been fueled largely by the emergence of a profitable surveillance industry dominated by global information technology companies.
Davies thus remarked, “Think very carefully before engaging in new technologies because either they won’t work, or dangerously, they will work in ways never expected.”
In the Philippines, the advent of new technologies has made it very easy to collect, analyze and disseminate information, but this has also become a cause for concern when information is misused and abused.
The Supreme Court Department of Justice has already successfully prosecuted two convictions cases of cybercrime — a case of web hacking and credit card identity theft.
The enactment of the cybercrime bill seeks to prevent further damages when technology becomes a tool for crime.
The bill, also known as the “Cybercrime Prevention Act of 2005,” aims to safeguard the integrity of computer and computer systems, and the availability of information stored therein from all forms of misuse by making such conducts punishable by law.
Under the proposed legislation, cybercrime will range from illegal access, computer sabotage, computer forgery to computer-facilitated crimes such as cybersex, producing child pornography, and violations of the Intellectual Property Code.
Any person found guilty will be punished with a fine, imprisonment, or both.
6 Responses to Safeguarding every Filipino’s ‘right to be left alone’
al alegre
June 25th, 2008 at 8:07 pm
Hi Karol–si Al ito…
Salamat sa coverage…much appreciated…
Kaya lang may inaccuracy–the PI people do not support the Cybercrime Bill, and though have no major problems with the Chato Data Privacy Bill, we are still trying to see how it can be improved…
May minor correction din about the conviction–it was not the Supreme Court that convicted the 2 cyber crime cases, but I think it was the DOJ–Si Geronimo Sy ang prosecutor…
You may want to edit…
In any case, tulungan tayo to bring this issue to the public consciousness…Mabuhay!
Al
jcc
June 26th, 2008 at 6:32 am
Cybercrime is a totally new field of criminal law brought about by the cutting edge advance in information technology. It presents as a challenge for law-enforcement agencies and as a new frontier for lawyer’s advocacy.
Here are some data on cybercrimes in the US:
Virginia:
On February 9, 2007, in the Eastern District of Virginia, a defendant was sentenced to 94 months in federal prison for aggravated identity theft, access device fraud, and conspiracy to commit bank fraud. The defendant, who went by the Internet nickname “John Dillinger,” was involved in extensive illegal online “carding” activities. He received e-mails or instant messages containing hundreds of stolen credit card numbers – usually obtained through phishing schemes or network intrusions – from “vendors” located in Russia and Romania. In his role as a “cashier” of these stolen credit card numbers, the defendant would electronically encode these numbers onto plastic bank cards, make ATM withdrawals, and return a portion to the vendors. Computers seized from the defendant revealed more than 4,300 compromised account numbers and full identity information (i.e., name, address, date of birth, social security number, mother’s maiden name, etc.) for over 1,600 individual victims.10
California:
On January 16, 2007, in the Central District of California, a defendant was convicted of violating the CAN-SPAM Act of 2003, as well as other counts including aggravated identity theft and wire fraud. The defendant operated a sophisticated “phishing” scheme in which he sent thousands of e-mails to America Online users that appeared to be from AOL’s billing department. His e-mails urged AOL customers to “update” their AOL billing information or lose service and referred customers to one of several web pages, where they could input their personal and credit information. The defendant actually controlled those webpages. Using information he collected from the AOL customers, he then made unauthorized charges on the AOL customers’ credit or debit cards. On June 14, 2007, the defendant was sentenced to six years in prison and ordered to pay over $1 million in restitution to his victims.
Washington:
On August 25, 2007, in the Western District of Washington, a man was sentenced to 37 months in prison for creating a botnet – a network of compromised computers that he could control – and using it to commit over $100,000 in fraud. In addition to this harm, however, the malicious code used to create the botnet caused damage to many computers across the Internet. These disruptions affected a Seattle hospital’s computer systems in serious ways: doors to the operating rooms did not open, pagers did not work, and computers in the intensive care unit shut down. Luckily, no one was hurt because the hospital was able to switch to back up systems. The defendant accepted responsibility for over $250,000 worth of damage.
In addition, a number of U.S. investigations have resulted in successful prosecutions in foreign countries. For example, based on close cooperation between the Department, the FBI legal attaché, and Romanian authorities, Prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism arrested 9 Romanian citizens on fraud and identity theft charges on November 13, 2007. These Romanians were part of a criminal organization that specialized in “phishing” information from computer users, imprinting credit and debit card information onto counterfeit cards, and obtaining cash from ATM machines and Western Union locations. Romanian police officers executed 21 simultaneous search warrants and seized computers, card reading and writing devices, blank cards, and other equipment. Initial loss estimates total more that $130,000.
These prosecutions both at home and abroad properly punish offenders for the harms they cause. Successful prosecutions such as these will also generate a significant deterrent effect, an important part of addressing the overall cybercrime problem.
Alecks P. Pabico
June 26th, 2008 at 9:20 am
Hi Al,
The post has been updated to reflect the corrections you pointed out. Thanks for the heads up.
jcc
June 26th, 2008 at 8:02 pm
Alecks, Al;
Only the courts have the jurisdiction to convict a tortfeasor/criminal.
The DOJ only recommends prosecution, it does not convict.
jcc
June 26th, 2008 at 8:24 pm
Alecks, Al;
I was trying the Supreme Court website and look in its register any reference to cybercrimes so we can inform the public if there is any conviction of cybercriminals in the country, but before I can see a full-page display, it takes forever. Indication that even in its adjunct “service” of informing the public of what it does, the SC attempt to deliver the service, just like the delivery of justice in the country as a whole, takes to eternity.
Part bias or part reality? Pick your guess.
Alecks P. Pabico
June 27th, 2008 at 11:56 am
Forgot to change that when we corrected the reference to the Supreme Court. Thanks.