Scribd
Upload
32 views24 pages

Lesson 7 - Data Privacy Act of 2012

The Data Privacy Act of 2012 (Republic Act No. 10173) aims to protect personal information in both government and private sectors, applying to all entities managing such data, including those outside the Philippines. It outlines the rights of data subjects, including the right to access, object, and rectify personal information, and establishes penalties for unauthorized processing and breaches of data privacy. The Act emphasizes the importance of safeguarding personal information in the digital age.

Uploaded by

Jenny Madueño
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
32 views24 pages

Lesson 7 - Data Privacy Act of 2012

The Data Privacy Act of 2012 (Republic Act No. 10173) aims to protect personal information in both government and private sectors, applying to all entities managing such data, including those outside the Philippines. It outlines the rights of data subjects, including the right to access, object, and rectify personal information, and establishes penalties for unauthorized processing and breaches of data privacy. The Act emphasizes the importance of safeguarding personal information in the digital age.

Uploaded by

Jenny Madueño
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

DATA

PRIVACY ACT
OF 2012
Republic Act 10173
NCF - COLLEGE OF COMPUTER STUDIES
Republic Act No. 10173 or
Data Privacy Act of 2012
Date Enacted: AUG 15 2012
Signed by: BENIGNO S. AQUINO III

aims to protect the personal information of an


individual collected and processed whether in
the government or private sector.
Scope of the Act:
• This law applies to the handling of all kinds
of personal information and to anyone,
whether an individual or a company, involved
in managing personal information.

• It even applies to entities outside the


Philippines if they use equipment located in
the Philippines or have an office, branch, or
agency there, as long as they comply with the
requirements.

Chapter I Section 4
Why it is important?

“The act is necessary and important


precaution in a world which is moving
into digital age.”
3 personas involved

Data Subject

Personal Information Controller

Personal Information Processor


Data Subject

An individual whose personal information


is being processed.
Personal Information Controller

A person or organization that controls the


collection, processing, or use of personal
information.
Personal Information Processor

A person or entity authorized to process


personal data on behalf of a controller.
What needs to Protect?
What needs to Protect?
• Basic Personal Information: Full name, date of birth, gender, nationality.
• Contact Information: Address, phone number, email address.
• Financial Information: ATM card, credit card, and bank account details.
• Government IDs: Social Security Number, Passport No, Driver's License No.
• Health Information: Medical records, prescription details, health insurance
information.
• Employment Information: Job title, employment history, salary details.
• Educational Records: School transcripts, academic performance records,
educational certificates.
• Online Account Information: Usernames, passwords, security questions.
What needs to Protect?
9. Biometric Data: Fingerprints, facial recognition data.
10. Location Data: GPS coordinates, location history.
11. Sensitive Personal Information: Religious beliefs, political affiliations,
sexual orientation.
12. Online Activity Data: Browsing history, online purchases, social media
activity.
13. Images and Videos: Photographs, videos, CCTV footage.
14. Behavioral Data: User behavior on websites or applications.
15. IP Addresses: Internet Protocol (IP) address used for online activities.
16. Device Information: MAC address, device ID, operating system details.
Who will Administer?
Exemptions
(a) Information about government officers or employees, like their position, contact
details, and work-related information.
(b) Information about individuals working under contract for a government
institution.
(c) Information about financial benefits granted by the government, including the
name and details of the beneficiary.
(d) Personal information processed for journalism, art, literature, or research
purposes.
(e) Information needed for the functions of public authorities, like monetary
authorities and law enforcement, with exceptions to specific banking and financial
laws.
(f) Information necessary for banks and financial institutions to comply with specific
laws related to anti-money laundering.
(g) Personal information collected from residents of other countries, processed in
the Philippines, and complying with the laws of those foreign jurisdictions, including
their data privacy laws.
Rights of the Data Subject
 Right to be informed
 Right to access
 Right to object
 Right to erasure or blocking
 Right to damages
 Right to file a complaint
 Right to rectify
 Right to data portability

Chapter IV Section 16
Right to be informed
The right to know how your personal information
is being collected, processed, and used.

Right to access
The right to request and obtain a copy of the
personal information held about you.

Chapter IV Section 16
Right to object
The right to object to the processing of your
personal information for certain purposes.

Right to erasure or blocking


The right to request the removal or blocking of
personal information under certain conditions.

Chapter IV Section 16
Right to damages
The right to claim compensation for damages
caused by a violation of data privacy rights.

Right to file a complaint


The right to lodge a complaint with the National
Privacy Commission for any violation of data
privacy rights

Chapter IV Section 16
Right to rectify
The right to correct inaccuracies in your personal
information.

Right to data portability


The right to receive personal information in a
commonly used format for easy transfer to
another service provider.

Chapter IV Section 16
Penalties
Section 25: Unauthorized Processing of Personal Information and Sensitive Personal Information
Unauthorized processing of personal information or sensitive personal information without consent
is punishable by imprisonment ranging from one (1) year to three (3) years and a fine of not less
than PHP 500,000.00 but not more than PHP 2,000,000.00.

Section 26: Accessing Personal Information and Sensitive Personal Information Due to Negligence
Providing access to personal information due to negligence, without proper authorization, is subject
to penalties. The penalty is imprisonment ranging from one (1) year to three (3) years and a fine of
not less than PHP 500,000.00 but not more than PHP 2,000,000.00.

Chapter VIII
Penalties
Section 27: Improper Disposal of Personal Information and Sensitive Personal Information
Explanation: Knowingly or negligently disposing of personal information in an accessible area
without safeguarding privacy is an offense. The penalty is imprisonment ranging from six (6)
months to two (2) years and a fine of not less than PHP 100,000.00 but not more than PHP
500,000.00.

Section 28: Processing of Personal Information and Sensitive Personal Information for
Unauthorized Purposes
Explanation: Processing personal information for purposes not authorized by the data subject is
against the law. The penalty is imprisonment ranging from one (1) year and six (6) months to five
(5) years and a fine of not less than PHP 500,000.00 but not more than PHP 1,000,000.00.

Chapter VIII
Penalties
Section 29: Unauthorized Access or Intentional Breach
Explanation: Knowingly and unlawfully breaking into systems storing personal information is a
criminal offense. The penalty is imprisonment ranging from one (1) year to three (3) years and a
fine of not less than PHP 500,000.00 but not more than PHP 2,000,000.00.

Section 30: Concealment of Security Breaches Involving Sensitive Personal Information


Explanation: Concealing knowledge of a security breach, especially involving sensitive
information, is punishable. The penalty is imprisonment of one (1) year and six (6) months to five
(5) years and a fine of not less than PHP 500,000.00 but not more than PHP 1,000,000.00.

Chapter VIII
Penalties
Section 31: Malicious Disclosure
Explanation: Disclosing false information about personal information with malice or bad faith is
an offense. The penalty is imprisonment ranging from one (1) year and six (6) months to five (5)
years and a fine of not less than PHP 500,000.00 but not more than PHP 1,000,000.00.

Section 32: Unauthorized Disclosure


Explanation: Disclosing personal or sensitive information to a third party without the data
subject's consent is against the law. The penalty is imprisonment ranging from one (1) year to
three (3) years and a fine of not less than PHP 500,000.00 but not more than PHP 1,000,000.00.

Chapter VIII
Penalties
Section 33: Combination or Series of Acts
Explanation: Committing a series of offenses defined in Sections 25 to 32 leads to
increased penalties. The penalty is imprisonment ranging from three (3) years to six (6)
years and a fine of not less than PHP 1,000,000.00 but not more than PHP 5,000,000.00.

Chapter VIII
“Ignorance of the law
excuses no one”
Mahalin ang sarili,
Pangalagaan ang iyong
Right to Privacy

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy