Monday, May 20, 2013

FAQs I.P.L


“Are the statements of Malacanang, in its FAQ regarding RA 10372, accurate?”

The Congress has enacted Republic Act 10372 amending certain provisions of Republic Act 8293, otherwise known as the “Intellectual Property Code of the Philippines.” Due to the said amendments, certain issues and/or questions had been raised regarding the same. Below are the Frequently Asked Questions and was shortly answered by the government. However, the question is, whether the explanations provided for by the government are accurate, in relation with the old and new provisions of the Intellectual Property Code.


1. Am I still allowed to import books, DVDs, and CDs from abroad?

Section 190 of RA 8293 pertains to permitted circumstances of importation of a copy of a work by an individual for his personal purposes even without the authorization of the author or the owner of the copyright.[1] In the old provision of law, it has provided for 3 to 4 limitations as to when to allow the said importation, specifically Section 190.1 of the Act, to wit:
a.       When copies of work are not available in the Philippines AND:
·         Only one copy is allowed and shall be for personal use only;
·         When such importation is authorized by the government and solely for the use of the Philippine Government; or
·         Not more than 3 copies which is not for sale but for religious, charitable, or educational use.

b.      When such copies form part of libraries and personal baggage belonging to persons or families arriving from foreign countries and are not intended for sale.[2]
However, in RA 10372, the above provision was deleted. Due to the abrogation of the said provision, such limitation extends only to infringed articles or materials, where such are prohibited from being imported in the Philippines. Infringed articles or materials are those works taken in violation of the rights of an author, or owner of the copyright, which is protected by the law on copyright.
The government answered in the affirmative:
“Yes. In fact, the amendments to the Intellectual Property Code have removed the original limitation of three copies when bringing legitimately acquired copies of copyrighted material into the country. Only the importation of pirated or infringed material is illegal. As long as they were legally purchased, you can bring as many copies you want, subject to Customs regulations.”[3]
In the application of the amended law, the government has answered the question. An individual is allowed to import books, DVDs, and CDs from abroad provided that such materials are not infringed. However, such answer is not accurate, for it does not exhaustively and clearly explain what infringed materials are. Nor is there a precise definition under the law of what an infringed material is. In general term, so long as there is a violation of the author’s right, there is infringement therefore, such material cannot be imported. The construction needs to be applied in order to define infringed materials.

2. Is the reproduction of copyrighted material for personal purposes punishable by this law?

“No. Infringement in this context refers to the economic rights of the copyright owner. So, if you transfer music from a lawfully acquired CD into a computer, then download it to a portable device for personal use, then you didn’t commit infringement. But if, for example, you make multiple copies of the CD to sell, then infringement occurs.”
Here, the government did not answer the question. The question does not seek the economic rights of the owner. The question is about the prohibition, limitation as to reproduction of copyrighted material, and whether such act is considered punishable by law. The government should have answered what the prohibited acts are, and if such act does not fall under those prohibited by law, then clearly, there is no violation.
The government answered infringement in the context of economic rights of the copyright owner. This answer is non-responsive. Those listed under Section 177 of RA8293, are the exclusive rights of the said owner which he may exercise in his own discretion, such as authorizing or preventing reproduction of his work. If the owner of the work prevented such reproduction, and the said prohibition was ignored, disregarded, or violated by an individual, then the former may avail of the remedies afforded for him by law. There is infringement when the owner of a work complains against the holder of the material. There should be an act on the part of the owner because it is in his discretion whether to exercise his rights or not.
Notwithstanding the economic rights of the copyright owner, RA8293 provided for limitations on copyright, specifically Section 184. Although the law has afforded rights to the copyright owner in Section 177, the same shall still be subject to certain exemptions. Reproduction under Section 177 does not specify any purpose or use to which it shall be subjected to.

3. Is the possession of, for example, a music file procured through an infringing activity a violation of this law?

“Only if it can be proven that the person benefitting from the music file has knowledge of the infringement, and the power and ability to control the person committing the infringement.”
Again, the government is not accurate in answering the question. The government should have defined first or enumerated what the infringing activities are, or what infringement is.
“Infringement is the unauthorized importation, duplication, exhibition or distribution of any works covered under copyright protection.”[4]
These are the questions that may be a guide in determining whether such possession is a violation of the law in relation with Section 217 of RA8293
a.       Is the article/material taken from an infringing activity?
b.      Does the holder of the material have knowledge that the material was taken from an infringing activity?
c.       Is the purpose of the possession of the infringed copy of the work for the purpose of selling, letting for hire, or trade, or for any other purpose that will prejudice the rights of the copyright owner?

If all of the above questions are answered in the affirmative, then there may be a violation of the law on copyrights even if the possession if only temporary, in accordance with the amended RA8293, else, no violation thereof. Mere possession does not constitute violation, there should be present elements that would qualify such possession to be a violation of the said law.

4. Is jailbreaking or rooting[*] my phone or device illegal?

“No. Jailbreaking or rooting by themselves are not illegal. However, downloading pirated material, or committing infringement with a “jailbroken” phone increases the penalty and damages imposed on the person found guilty of infringement.”
The government’s answer is somewhat responsive, however, it would have been better if they have elaborated the explanation and should have not answered what is not being asked. Jailbreaking, basically, is freeing a gadget from limitations or restrictions imposed by the creator or carrier of the gadget. Once a gadget has been jailbroken, it may now be modified by the user based on his/her own preference and may be able to download files and applications not only on the fixed market provided for by the carrier, but also from other markets. Jailbreaking per se is not illegal. There are no prohibitions under that law nor declaration that such act is illegal in itself.

5. Are mall owners liable for infringement activities of their tenants?

“Mall owners are not automatically penalized for the infringing acts of their tenants. When a mall owner or lessor finds out about an infringement activity, he or she must give notice to the tenant, then he or she will be afforded time to act upon this knowledge. As stated above, the law requires that one must have both proven knowledge of the infringement, and the ability to control the activities of the infringing person, to be held liable. The mall owner must also have benefitted from the infringement.”
The answer of the government is not accurate. The question pertains to possibility of liability of the mall owner in relation with the infringing activities of their tenants. It was not asked whether mall owners are automatically penalized.
Liability is different from penalty. Liability is an obligation, responsibility, or debt.[5] Penalty, on the other hand, is a punishment established by law or authority for a crime or offense.[6] The question speaks of the responsibility of the owner in relation with certain acts committed by his/her tenants.
“Infringement. – A person infringes a right protected under this Act when one:
(a) Directly commits an infringement;
(b) Benefits from the infringing activity of another person who commits an infringement if the person benefiting has been given notice of the infringing activity and has the right and ability to control the activities of the other person; or

(c)  With knowledge of infringing activity, induces, causes or materially contributes to the infringing conduct of another.” [7]

Therefore, mall owners may be liable for infringement activities of their tenants if the mall owners commit either of the acts provided for under Section 216 of RA10372, the above provision.

6. Is it legal for the Intellectual Property Office (IPO) to visit businesses to conduct searches based on reports, information, and complaints?

“The IPO may visit establishments based on reports and complaints; this in itself is constitutional. However, if the IPO intends to perform a search and seizure, it must comply with constitutional requirements, such as having a search warrant. A warrant wouldn’t be required, however, if the IPO is accompanied by the Bureau of Customs or the Optical Media Board—two agencies that can perform a search and seizure on their own right without a warrant (per Republic Act No. 1937 and 9239, respectively).
The procedure and safeguards for this are to be spelled out in the Implementing Rules and Regulations”.
The government answered in the affirmative. The Director General and Deputies Director General may conduct visits during reasonable hours to establishments and businesses engaging in activities violating intellectual property rights and provisions of this Act based on report, information or complaint received by the office.[8] However, the answer of the government is not accurate. The IPO is expressly allowed by law to conduct visits. Such law does not provide for limitations as to the visit that may be done by the said authority, nor does the law provide for rights of the establishments, or businesses to be visited. There is a probability that certain rights of the said establishments may be prejudiced pursuance to the enactment of the functions provided for with the IPO. There should be limitations so as to afford protection also to those entities that may be abused or taken advantage of by the agencies due to its capriciousness.
Although there is somewhat accord with respect to the constitutional right against searches and seizures, there is conflict as to the validity of a warrantless search as stated in the above answer of the government. There is a constitutional right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures of whatever nature and for any purpose shall be inviolable, and no search warrant or warrant of arrest shall issue except upon probable cause to be determined personally by the judge after examination under oath or affirmation of the complainant and the witnesses he may produce, and particularly describing the place to be searched and the persons or things to be seized. There are first and foremost constitutional rights that are opt to be protected and cannot be violated nor ignored by authorities because of the power given to them by mere statutes.



DISCLAIMER: I am not a lawyer. This blog is created solely for the purpose of compliance with TechNdDLaw under Atty. Berne Guerrero



[1] RA8293 sec 190.1
[2] RA8293 sec 190.1 (b)
[7] Section 216 RA10372
[8] Section 2 of RA10372

Sunday, May 5, 2013

national ID system


TOPIC: Will RA10173 provide sufficient mechanism to the introduction of a national ID system in the Philippines without the constitutional issues that have arisen in the case of Ople v Torres?

BACKGROUND

 National Computerized Identification Reference System

President Fidel V. Ramos issued Administrative Order 308 entitled “Adoption of a National Computerized Identification Reference System”. Under this administrative order, a citizen is given a Population Reference Number (PRN) which serves as a common reference number to establish a linkage among concerned agencies[1] with the use of Biometrics Technology that provides a precise confirmation of an individual’s identity through fingerprint, hand geometry, palm vein authentication, retina scan, iris scan, face recognition, signature or voice analysis[2]. A citizen is also mandated to have an identification card and present his PRN in order to transact business with the government agencies and avail of the latter’s basic services and securities.

The said Administrative Order is predicated to create a scheme that would facilitate a convenient business transaction with basic service and social security providers and other government instrumentalities; and in order to reduce, if not totally eradicate, fraudulent transactions and misrepresentations by persons seeking basic services[3].

This Administrative Order was declared by the Supreme Court null and void for being unconstitutional.

Republic Act 10173

Republic Act 10173 or the “Data Privacy Act of 2012” was enacted by the congress to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth.[4]
 
This Act basically contains the following:
1.      Definition and Enumeration of the functions of the National Privacy Commission, an independent body, which administers and implement the provisions of the said act, and ensures the compliance of the country with international standards;[5]
2.      The principles of transparency, legitimate purpose and proportionality which would serve as a guide in the process of personal information;[6]
3.      The rights of the data subject[7], the individual whose personal information is processed;[8]
4.      The security of personal information[9] and sensitive personal information;[10]
5.      Accountability for transfer of personal information;[11] and
6.      Penalties.[12]



ISSUES OF THE NATIONAL COMPUTERIZED IDENTIFICATION REFERENCE SYSTEM UNDER THE CASE OF OPLE V TORRES GR. 127685


1.      The use of Biometrics Technology

Administrative Order 308 does not state what specific biological characteristics and what particular biometrics technology shall be used to identify people who will seek its coverage.

There are different measurements of biometrics. An individual may automatically be verified or identified through the use of technology based on behavioral or physiological characteristics:[13]
 
a.       Behavioral characteristics are those which are influenced by the individual’s personality and includes voice print, signature and keystroke; and
b.      Physiological Characteristics are the physical characteristics of an individual such as fingerprint, retinal scan, hand geometry or facial feature.

There should be a measurement specified in the said Administrative Order that would result to a unified system with the use of biometrics technology; none specification of which would result to an unstandardized method of collecting personal information of an individual that would do no good in gathering information. Imagine one government agency which uses fingerprint in order to collect data or identify an individual, then another government agency that uses retina scan to identify the same person and verify that the person is who they say they are. On the second scenario, all the different government agencies will uniformly use fingerprint in collecting and verifying data or identity of an individual, which then would be more efficient?

On the first scenario, the data bank of the national identification system must have all the biometrics of an individual such as the voice, fingerprint, retinal scan, facial feature and the like, while on the second scenario, fingerprint would suffice.

2.      Presentation of National ID and Record of Transactions


Under the said administrative order, a citizen cannot transact business with the government agencies delivering basic services to the people without the contemplated identification card and everytime the former transacts with the latter, the former must present his PRN.

The Supreme Court, in the case of Ople v Torres[14], assumes that “whenever an individual transacts with the government agency, such transactions will necessarily be recorded. The individual’s file may include his transactions for loan, availments, income tax returns, statement of assets and liabilities, etc. The more frequent the use of PRN, the better chance of building a huge formidable information base through the electronic linkage of the files”

In this case, the government would be able to monitor all the movements and transactions of an individual. Government agencies may take advantage of the said gathered information and use the same for its own gainful purpose. Furthermore, if such data be accessed by an individual, he/she may prejudice the data subject as to the latter’s right to privacy through abuse of such data. Human by nature has an insatiable thirst for power, and in the modern age of information technology, knowledge, as embodied by the information attached to a PRN of a data subject, is power, a temptation which is too great for some of our government agencies or authorities to resist.

3.      Purpose of the encoded data


Administrative Order 308 failed to state whether the encoding of data is limited to biological information alone for identification purposes. 

The Solicitor General claims that the adoption of the Identification Reference System will contribute to the generation of population data for development planning. This is an admission that the PRN will not be used solely for identification but the generation of other data. Clearly, the indefiniteness of the administrative order can give the government the roving authority to store and retrieve information for a purpose other than the identification of the individual though its PRN.[15]

Lack of specific purpose as to the use of the data would allow the government agencies to use the same without any limitations. This kind of system will impair the relationship of the private and public sectors, would prevent growth of the country, and result to its destruction. Public trust may even be lost. Data taken may be misused or be distributed by those persons who have access thereto which may result to an unmanageable leakage or divulgement of personal information.

Pieces of these personal information are given by individuals in confidence to the government thus must be confined within the limits and must be secured as provided for by law, which, in the case at bar, the administrative order failed to provide. Therefore, absence of such, presupposes imminent danger as to the privacy of a data subject which may even jeopardize one’s security or safety.

4.      Security of privacy / Lack of proper safeguard

There are no clear and categorical terms on how the gathered data shall be handled nor does the said administrative order provide who shall control and access the data. These factors are essential to safeguard the privacy and guarantee the integrity of the information.
Due to the rapid technological advancements and its continuous development, there is a probability that some individuals or groups may enter the said system and thus jeopardize the whole system of national identity reference especially if the said persons would have access to the data bank.

What are the consequences for lack of proper safeguard?

  • ·        Data are easily updated and stored in the data bank and when an individual gains access thereto, he/she may easily copy the same and gain knowledge of certain individuals; The said person may track down all the movements of a certain individual, obtain knowledge to the latter’s assets and liabilities or financial capabilities, or other personal information included in the data bank;
  • ·         Data may easily be altered, destroyed, or restored by people who have access thereof;
  • ·         Data may be distributed to third persons, in which case, the authority has no means to prevent leakage; Unauthorized disclosure of data;
  • ·         Data may be misused;
  • ·         Confidential information may be accessed and take advantage of;
  • ·         The biometrics and PRN may be mishandled and abused by people who have or may have access thereto;
Administrative Order 308 does not provide any accountability with regard to the government agencies involved and those who have access thereto, nor does it provide for any penalty for violation of the rules in the said order so as to protect the data subjects and pieces of information gathered from the latter.  Lack of such security enables intrusion with the privacy of individuals involved which clearly violate one’s constitutional right.


MAIN QUESTION

Few years after the declaration of the unconstitutionality of the Administrative Order 308, RA10173 was enacted by the congress. Now we come to the main question: “Will RA10173 provide sufficient mechanism to the introduction of a national ID system in the Philippines without the constitutional issues that have arisen in the case of Ople v Torres?”

ANSWER

YES. The issues under 3 and 4 have been properly addressed by Privacy Act of 2012

As to the purpose of the encoded data
There are general principles provided as a guide under the Privacy Act in the processing of personal information such as transparency, legitimate purpose and proportionality. In this case, limitations are set in order to prevent misuse and abuse of the data obtained by the government agencies. Said entities are bound only by specified and legitimate purpose for which they have obtained the data and shall be retained only for as long as it is necessary to obtain such purpose.

Security of privacy / Lack of proper safeguard
The Privacy Act had created a National Privacy commission to administer and implement the provisions of the said Act. Through the commission, the personal information controllers and other government agencies shall be strictly monitored and mandated to comply with the provisions of the Act which would prevent leakage of the data. 

With regard to confidentiality, the commission shall ensure at all times the confidentiality or any personal information that comes to its knowledge and possession[16] which would afford protection as to an individual’s privacy and against its unauthorized distribution.

Furthermore, the data subject is provided with specific rights that would secure him/her against unscrupulous individuals who opt to gain information that would prejudice the former’s right to privacy and other constitutional and statutory rights.

The Privacy Act also specified how the personal information should be handled and distributed which would guarantee the integrity of the information through transparency and at the same time provide greater protection with regard to the personal data of an individual.

Lastly, to discourage devious, whimsical, and capricious individuals or government agencies to take advantage of their position in having access and obtaining personal information of the data subject, the Privacy Act has provided penalties for violators of such Act.

However, with regard to the first issue, I think it would be best that in creation of the National Computerized Identification System, the measurement of the biometrics technology must be specified in order to standardize the method of collecting personal information of an individual

As to the second issue, I believe there is nothing wrong with having a national ID and recording of the transactions of an individual provided that the provisions laid down under the Privacy act of 2012 be strictly complied with and the data shall not be used beyond the purpose for which the same was taken. 

Introduction of the National ID System in the Philippines would be beneficial to the public in a sense that it would facilitate convenient and smoother transactions between a private individual/groups and government agencies. It will speed up the current bureaucratic process in a sense that no need to fall in a long line and bring different government ID’s so as to validate one’s identity. At the same time, reduce fraudulent transactions and misrepresentations by persons seeking basic services. Through the National ID System, criminals would also be easier to trace such as when a warrant of arrest in criminal cases have been issued, those who evade taxes, etc… 




There is a vast development in technology that we cannot hamper nor totally prevent. Indubitably, such technological advances possess a threat that may not only destroy the life of an individual, but also its environment and society. If one does not know how to adapt to change and would hide behind the shadows of the past and continue to live within the means of ignorance, one is prevented from surviving the present and the future. Oddly, technology offers enormous opportunities only if one would take advantage of the complex advancements of such technologies, and the knowledge and information that may be taken from such in order to grow and contribute for the betterment of the society.











[1] Sec 4 Administrative Order 308 (1996)
[3] Ople v Torres G.R. No. 127685 July 23, 1998
[4] REPULICT ACT NO. 10173
[5] Chapter 2 RA10173
[6] Chapter 3 RA10173
[7] Chapter 4 RA10173
[8] Par (c) Sec3 RA 10173
[9] Chapter 5 RA10173
[10] Chapter 7 RA10173
[11] Chapter 6 RA10173
[12] Chapter 8 RA10173
[13] Ople v Torres
[14] GR no. 127685 July 23, 1998
[15] Ople v Torres G.R. No. 127685 July 23, 1998
[16] Sec 8 RA10173