The appropriate response? #AMALAYER

Ignore, grumble, or articulate/profound something about it. Those are choices available to me when a topic trends on my Facebook and Twitter feeds. Let me take the last option for this one.

The #Amalayer hashtag trended yesterday in the Philippines. [1] Outside of the usual reactions, there is a facet in it that I am disturbed about.

The #Amalayer controversy involved a berating incident on the part of a female commuter (apparently a consistent MYX VJ auditionee) [2] against a female security guard of a mass transportation facility in Metro Manila. The female commuter’s outburst was captured and propagated on the Internet by a male commuter (apparently a Pilipinas Got Talent Season 3 auditionee).[3] This is not the first time incidents of this kind occured in the metropolis, as the last prominent and graver one occurred at least six (6) months ago. [4]

The video went viral, [5] and there were varied reactions to the incident [6], even to the point of degrading her educational attainment. [7] No similar reactions are observed on the propriety of the video capture. Further, some individuals created accounts disparaging the female commuter in Facebook [8] and Twitter [9]. A newspaper has assumed that a Twitter account was that of the female commuter [10], although simple diligence would trigger further inquiries as to the authenticity of the account considering its recent creation. Ownership of such account has been explicitly disputed by the female commuter. [11]

In light of this incident, I ask:

First: Was there a complaint mechanism available, and which people are aware of, at LRT-2? The inquiry is relevant to determine appropriate remedies if there are possible grievances against the facility’s personnel.

Second: Was the outburst acceptable and/or justifiable? Was the manner of capturing and propagating the video of this incident acceptable and/or justifiable? Was the response of certain netizens acceptable and/or justifiable? Those are questions relevant to normative aspects.

Lastly: Besides those provisions under the chapter on Human Relations under the Philippine Civil Code (Republic Act 386), were disclosures of “personal information” [12] and/or “sensitive personal information” [13] of the female commuter (or the “data subject” therein) [14], either by individuals or “personal information controllers,” [15] violative of the Data Privacy Act (Republic Act 10173)? [16]


Endnotes

Note: RA 10173 is not currently subject of a 120-day TRO, unlike RA 10175. [17]

[1] Patria, Kim Arveen. “#Amalayer trends on Twitter: What was it all about?” Yahoo! News Philippines http://ph.news.yahoo.com/-amalayer-trends-on-twitter–what-was-it-all-about-.html Accessed 15 November 2012

[2] “Controversial LRT Girl Paula Salvosa Is A MYX VJ Search Auditionee. MYX Philippines. ABS-CBN Corporation.” http://www.myxph.com/features/4306/controversial-lrt-girl-paula-salvosa-is-a-myx-vj-search-auditionee/ Accessed 15 November 2012.

[3] “Billy Crawford Look-Alike Auditions on ‘Pilipinas Got Talent’” Starmometer. http://www.starmometer.com/2011/08/27/billy-crawford-look-alike-auditions-on-pilipinas-got-talent/ Accessed 15 November 2012.

[4] Esplanada, Jerry. “2 Cebu Pacific arrival agents accuse Claudine Baretto of ‘verbal abuse’” http://entertainment.inquirer.net/39493/2-cebu-pacific-arrival-agents-said-claudine-barretto-%E2%80%98%E2%80%99verbally-assaulted%E2%80%99-them ; and Morelos, Miko. “Black-eyed Tulfo sues Raymart, Claudine” http://entertainment.inquirer.net/39437/ramon-tulfo-files-raps-vs-santiago-barretto-over-airport-brawl Both accessed 15 November 2012.

[5] Bonconan, Karen. “Video of ‘amalayer’ lady goes viral” Philippine Inquirer. http://technology.inquirer.net/20314/train-passenger-goes-ballistic-video-of-incident-goes-viral Accessed 15 November 2012.

[6] Supra. MYX Philippines.

[7] “Paula Jamie Salvosa got kicked out from La Consolacion College Manila?” Basicz NewsFeed. http://www.bazics.net/2012/11/paula-jamie-salvosa-got-kicked-out-from-la-consolacion-college-manila-school.html Accessed 15 November 2012.

[8] http://www.facebook.com/paula.jamiesalvosa.9 Accessed 15 November 2012.

[9] http://twitter.com/paulaharlow Accessed 15 November 2012.

[10] “Amalayer lady: ‘Go spread the video. Make me famous’” http://technology.inquirer.net/20334/amalayer-lady-go-spread-the-video-make-me-famous Accessed 15 November 2012.

[11] Domasian, Audrey and Dalupang, Joshua Mark. “Girl in viral #Amalayer video speaks up” http://www.gmanetwork.com/news/story/282308/scitech/socialmedia/girl-in-viral-amalayer-video-speaks-up Accessed 15 November 2012.

[12] Section 3[c] and [j], Republic Act (RA) 10173, provide:

SEC. 3. Definition of Terms. – Whenever used in this Act, the following terms shall have the respective meanings hereafter set forth:

(c) Data subject refers to an individual whose personal information is processed.

xxx

(j) Processing refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.

Republic Act 10173 Official Gazette Online. http://www.gov.ph/2012/08/15/republic-act-no-10173/

[13] Section 3[g], RA 10173 provides:

SEC. 3. Definition of Terms. – Whenever used in this Act, the following terms shall have the respective meanings hereafter set forth:

(g) Personal information refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.

[14] Section 3[l], RA 10173 provides:

SEC. 3. Definition of Terms. – Whenever used in this Act, the following terms shall have the respective meanings hereafter set forth:

(l) Sensitive personal information refers to personal information:

(1) About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
(2) About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;
(3) Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or cm-rent health records, licenses or its denials, suspension or revocation, and tax returns; and
(4) Specifically established by an executive order or an act of Congress to be kept classified.

[15] Section 3[i], RA 10173 provides:

SEC. 3. Definition of Terms. – Whenever used in this Act, the following terms shall have the respective meanings hereafter set forth:

(i) Personal information processor refers to any natural or juridical person qualified to act as such under this Act to whom a personal information controller may outsource the processing of personal data pertaining to a data subject.

[16] Sections 25 to 37, RA 10173 provide:

CHAPTER VIII
PENALTIES

SEC. 25. Unauthorized Processing of Personal Information and Sensitive Personal Information. – (a) The unauthorized processing of personal information shall be penalized by imprisonment ranging from one (1) year to three (3) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00) shall be imposed on persons who process personal information without the consent of the data subject, or without being authorized under this Act or any existing law.

(b) The unauthorized processing of personal sensitive information shall be penalized by imprisonment ranging from three (3) years to six (6) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Four million pesos (Php4,000,000.00) shall be imposed on persons who process personal information without the consent of the data subject, or without being authorized under this Act or any existing law.

SEC. 26. Accessing Personal Information and Sensitive Personal Information Due to Negligence. – (a) Accessing personal information due to negligence shall be penalized by imprisonment ranging from one (1) year to three (3) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00) shall be imposed on persons who, due to negligence, provided access to personal information without being authorized under this Act or any existing law.

(b) Accessing sensitive personal information due to negligence shall be penalized by imprisonment ranging from three (3) years to six (6) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Four million pesos (Php4,000,000.00) shall be imposed on persons who, due to negligence, provided access to personal information without being authorized under this Act or any existing law.

SEC. 27. Improper Disposal of Personal Information and Sensitive Personal Information. – (a) The improper disposal of personal information shall be penalized by imprisonment ranging from six (6) months to two (2) years and a fine of not less than One hundred thousand pesos (Php100,000.00) but not more than Five hundred thousand pesos (Php500,000.00) shall be imposed on persons who knowingly or negligently dispose, discard or abandon the personal information of an individual in an area accessible to the public or has otherwise placed the personal information of an individual in its container for trash collection.

(b) The improper disposal of sensitive personal information shall be penalized by imprisonment ranging from one (1) year to three (3) years and a fine of not less than One hundred thousand pesos (Php100,000.00) but not more than One million pesos (Php1,000,000.00) shall be imposed on persons who knowingly or negligently dispose, discard or abandon the personal information of an individual in an area accessible to the public or has otherwise placed the personal information of an individual in its container for trash collection.

SEC. 28. Processing of Personal Information and Sensitive Personal Information for Unauthorized Purposes. – The processing of personal information for unauthorized purposes shall be penalized by imprisonment ranging from one (1) year and six (6) months to five (5) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than One million pesos (Php1,000,000.00) shall be imposed on persons processing personal information for purposes not authorized by the data subject, or otherwise authorized under this Act or under existing laws.

The processing of sensitive personal information for unauthorized purposes shall be penalized by imprisonment ranging from two (2) years to seven (7) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00) shall be imposed on persons processing sensitive personal information for purposes not authorized by the data subject, or otherwise authorized under this Act or under existing laws.

SEC. 29. Unauthorized Access or Intentional Breach. – The penalty of imprisonment ranging from one (1) year to three (3) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00) shall be imposed on persons who knowingly and unlawfully, or violating data confidentiality and security data systems, breaks in any way into any system where personal and sensitive personal information is stored.

SEC. 30. Concealment of Security Breaches Involving Sensitive Personal Information. – The penalty of imprisonment of one (1) year and six (6) months to five (5) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than One million pesos (Php1,000,000.00) shall be imposed on persons who, after having knowledge of a security breach and of the obligation to notify the Commission pursuant to Section 20(f), intentionally or by omission conceals the fact of such security breach.

SEC. 31. Malicious Disclosure. – Any personal information controller or personal information processor or any of its officials, employees or agents, who, with malice or in bad faith, discloses unwarranted or false information relative to any personal information or personal sensitive information obtained by him or her, shall be subject to imprisonment ranging from one (1) year and six (6) months to five (5) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than One million pesos (Php1,000,000.00).

SEC. 32. Unauthorized Disclosure. – (a) Any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party personal information not covered by the immediately preceding section without the consent of the data subject, shall he subject to imprisonment ranging from one (1) year to three (3) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than One million pesos (Php1,000,000.00).

(b) Any personal information controller or personal information processor or any of its officials, employees or agents, who discloses to a third party sensitive personal information not covered by the immediately preceding section without the consent of the data subject, shall be subject to imprisonment ranging from three (3) years to five (5) years and a fine of not less than Five hundred thousand pesos (Php500,000.00) but not more than Two million pesos (Php2,000,000.00).

SEC. 33. Combination or Series of Acts. – Any combination or series of acts as defined in Sections 25 to 32 shall make the person subject to imprisonment ranging from three (3) years to six (6) years and a fine of not less than One million pesos (Php1,000,000.00) but not more than Five million pesos (Php5,000,000.00).

SEC. 34. Extent of Liability. – If the offender is a corporation, partnership or any juridical person, the penalty shall be imposed upon the responsible officers, as the case may be, who participated in, or by their gross negligence, allowed the commission of the crime. If the offender is a juridical person, the court may suspend or revoke any of its rights under this Act. If the offender is an alien, he or she shall, in addition to the penalties herein prescribed, be deported without further proceedings after serving the penalties prescribed. If the offender is a public official or employee and lie or she is found guilty of acts penalized under Sections 27 and 28 of this Act, he or she shall, in addition to the penalties prescribed herein, suffer perpetual or temporary absolute disqualification from office, as the case may be.

SEC. 35. Large-Scale. – The maximum penalty in the scale of penalties respectively provided for the preceding offenses shall be imposed when the personal information of at least one hundred (100) persons is harmed, affected or involved as the result of the above mentioned actions.

SEC. 36. Offense Committed by Public Officer. – When the offender or the person responsible for the offense is a public officer as defined in the Administrative Code of the Philippines in the exercise of his or her duties, an accessory penalty consisting in the disqualification to occupy public office for a term double the term of criminal penalty imposed shall he applied.

SEC. 37. Restitution. – Restitution for any aggrieved party shall be governed by the provisions of the New Civil Code.

[17] Panaligan, Rey. “Cybercrime Law Stopped” Manila Bulletin http://www.mb.com.ph/articles/376433/supreme-court-issues-tro-against-ra-10175-or-cybercrime-prevention-act-2012 Accessed 15 November 2012.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s