top of page
Right to Privacy copy.png

RIGHT TO PRIVACY

Constitutional Basis for the Right to Privacy

The right to privacy in the Philippines, while not explicitly stated in the Constitution, is inferred from various provisions:

   1. Article III, Section 2: This section protects individuals against unreasonable searches and seizures, establishing a fundamental expectation of privacy.
   2. Article III, Section 4: This section guarantees freedom of speech and personal expression, implicitly protecting individual beliefs and private lives.

   3. Article III, Section 3: "The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise as provided by law."

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
Leading Cases on the Right to Privacy

 

1. Ople v. Torres (1998)

 

Factual Background:

In this case, the late Blas Ople challenged the legality of Administrative Order No. 308, issued by then-President Fidel V. Ramos, which aimed to establish a national ID system. Ople contended that this ID system would violate the people’s constitutional right to privacy as it would involve extensive data collection on individuals, such as their personal circumstances and biometric data, without adequate safeguards.

 

Ratio Decidendi:

The Supreme Court struck down Administrative Order No. 308, stating that the right to privacy is an essential part of liberty under the Constitution. The Court emphasized that any government action involving the collection of personal information must be subject to strict scrutiny to prevent abuses of power. The ruling highlighted the need for a legal framework, such as the Data Privacy Act, to ensure that privacy is not violated.

 

The Ople v. Torres case became a significant precedent in recognizing privacy as a constitutionally protected right, which later laid the groundwork for the passage of the Data Privacy Act in 2012.

 

2. Chavez v. Gonzales, G.R. No. 168338, February 15, 2008

 

Factual Background:

In this case, the petitioner, journalist Jay J. Chavez, sought to compel the Department of Justice to release information about the government’s surveillance of his activities, which he claimed violated his right to privacy.

 

Ratio Decidendi:

The Supreme Court ruled that while the government has an interest in national security, this interest does not allow arbitrary intrusions into the private lives of individuals. The Court emphasized that privacy is a constitutionally protected right and that government surveillance must have a clear legal basis.

 

3. Biraogo v. Philippine Truth Commission of 2010, G.R. No. 192935, December 7, 2010

 

Factual Background:

This case arose from concerns over the establishment of the Philippine Truth Commission, which was intended to investigate human rights violations. The petitioners challenged its constitutionality, arguing it violated their right to privacy.

 

Ratio Decidendi:

The Supreme Court held that while the Truth Commission’s purpose was legitimate, it must respect individual rights, including the right to privacy. The ruling underscored the need for government bodies to operate transparently while safeguarding personal information.

​

4. Disini v. Secretary of Justice, G.R. No. 203335, February 18, 2014

Factual Background:

The petitioners challenged the constitutionality of certain provisions of the Cybercrime Prevention Act of 2012 (Republic Act No. 10175) on various grounds, including violations of the right to privacy.

 

The case arose after the enactment of the Cybercrime Prevention Act, which sought to address crimes committed online, including libel, identity theft, and cybersex. Several petitioners, including journalists and human rights advocates, questioned the law’s provisions, arguing that they infringed on constitutional rights such as free speech, due process, and privacy. Specifically, they argued that the law’s provisions allowing the real-time collection of traffic data and the power given to law enforcement to take down content were overly broad and violated the right to privacy.

 

Ratio Decidendi:

 

The Supreme Court ruled partially in favor of the petitioners, declaring some provisions of the Cybercrime Law unconstitutional due to their impact on privacy and other rights:

 

1. Real-Time Collection of Traffic Data (Section 12):

• Unconstitutional: The Court struck down Section 12, which allowed law enforcement agencies to collect real-time traffic data without judicial oversight. The Court found this provision unconstitutional because it violated the right to privacy. The Court held that traffic data, although non-content data (i.e., it does not reveal the substance of the communication), still falls within the scope of privacy rights since it can reveal patterns of behavior and communication. Allowing government access to such data without a court order posed a significant intrusion into personal privacy.

2. Take-Down Clause (Section 19):

• The Court also declared Section 19 unconstitutional. This provision gave the DOJ authority to restrict or block access to online content without judicial determination, which could lead to arbitrary intrusions on privacy and free speech.

 

Conclusion

 

The Supreme Court emphasized that the right to privacy is a constitutionally protected right, and any encroachment by the government must be backed by clear legal standards, particularly with judicial oversight. The provisions of the Cybercrime Law that allowed real-time collection of traffic data without a court order and the power to restrict access to content without judicial intervention were held to be violative of the right to privacy.

​

5. Genuino v. De Lima (G.R. No. 197930, April 17, 2018) 

Factual Background:

 

The case stemmed from an investigation conducted by the Department of Justice (DOJ) and the Anti-Money Laundering Council (AMLC) into the financial activities of Efraim Genuino, former chairman of the Philippine Amusement and Gaming Corporation (PAGCOR), and his alleged involvement in money laundering activities. As part of the investigation, the DOJ requested the AMLC to look into Genuino’s bank accounts and transactions.

 

Genuino challenged the DOJ and AMLC’s actions, asserting that they had violated his constitutional right to privacy by accessing his bank accounts without first securing a court order. He argued that his right to privacy had been breached because his financial records were disclosed and used as part of the investigation.

​

Ratio decidendi:

The Supreme Court upheld the actions of the DOJ and AMLC in accessing Genuino’s bank accounts as part of a criminal investigation. The Court ruled that the right to privacy, particularly concerning bank accounts, may be overridden when the public interest demands it, especially in the context of preventing and investigating crimes like money laundering. The decision reaffirmed that while privacy is a fundamental right, it is not absolute and may be subject to limitations when there are compelling legal justifications.

​

6. People of the Philippines v. Gabiosa ,G.R. No. 248395, January 29, 2020: This case involved the validity of a search warrant and the privacy of the home. The Supreme Court reiterated the sanctity of the home and the right to privacy, emphasizing that any intrusion must be justified and lawful. 

​

7. Cadajas v. People, G.R. No. 247348. November 16, 2021

Factual Background: Joselito Cadajas, a high school teacher, was convicted of sexual harassment under Republic Act No. 7877. Cadajas sent inappropriate and suggestive text messages to his student, AAA, which made her uncomfortable. AAA reported these advances, and Cadajas was charged and found guilty by the lower courts. He appealed, questioning the sufficiency of the evidence, particularly regarding the admissibility of the text messages.

​

Ratio Decidendi:

In his defense, Cadajas argued that the text messages used as evidence violated his right to privacy of communication under Article III, Section 3 of the Philippine Constitution. However, the Supreme Court ruled that the right to privacy is not absolute and may be waived in certain circumstances.

The Court emphasized that:

  1. Voluntary Disclosure: AAA had voluntarily shown the text messages to her parents and school officials, who then submitted them to the authorities. There was no illegal interception or violation of Cadajas’ privacy by third parties or the state.

  2. Public Interest and Protection of Victims: The Court held that the right to privacy could be outweighed by the need to protect individuals, especially vulnerable students, from acts of sexual harassment. In this case, the public interest in addressing sexual misconduct in educational settings justified the admission of the text messages as evidence.

Thus, the Court affirmed the conviction, concluding that Cadajas’ privacy rights were not unlawfully breached, and the evidence presented was lawfully obtained and admissible.

​

8. Philippine Stock Exchange, Inc., et al. v. Secretary of Finance, et al., G.R. No. 213860, July 05, 2022

​This case challenged regulations requiring the submission of personal information of clients by broker and dealers. The Supreme Court found these regulations unconstitutional, violating the right to privacy and due process, and emphasized that any law infringing on privacy must undergo strict scrutiny 

​

9. Integrated Bar of the Philippines v. Purisima, et al., G.R. No. 211772, April 18, 2023

Addressed the constitutionality of Revenue Regulations No. 4-2014, which required self-employed professionals to submit affidavits of their service fees and register appointment books with the Bureau of Internal Revenue (BIR). 

​

The Integrated Bar of the Philippines and other professional associations challenged the regulation, arguing it violated privacy rights and ethical standards. The Court found that requiring the submission of affidavits detailing service fees and the mandatory registration of appointment books was unconstitutional, as it exceeded the Department of Finance's authority and intruded on privacy rights.

Consequently, these provisions were declared void, and the Department of Finance and BIR were permanently enjoined from implementing them. The decision emphasized the protection of privacy and the limits of administrative regulation.

​

10.Office of the Court Administrator v. Reyes (A.M. No. RTJ-20-2579, 2023)

This administrative case involved a judge accused of corruption. The court discussed the right to privacy in the context of government monitoring of personal communications, affirming that while privacy is a fundamental right, government-issued devices can be monitored under certain conditions. The Supreme Court reiterated that jurisprudence dictates that a government-issued computer, even if privately controlled, is subject to absolute regulation and monitoring by the government employer.

​

The Data Privacy Act of 2012 (Republic Act No. 10173) is the primary law governing the protection of personal data in the Philippines. It establishes standards for the collection, handling, and processing of personal data by both public and private entities. This law reflects the growing importance of data protection in a digital age where personal information is easily shared and potentially exposed to misuse. Its purpose is to protect the privacy of individuals while promoting transparency and accountability in data management.

​

Key Provisions of the Data Privacy Act

 

1. General Data Privacy Principles:

The law mandates that personal data should be collected for legitimate purposes, processed fairly, and kept secure. It also ensures that data subjects are informed about how their information is being used.

2. Rights of Data Subjects:

Individuals have the right to be informed about how their data is being collected, the right to access their data, and the right to correct any inaccuracies. They also have the right to object to the processing of their data and to withdraw consent.

3. Obligations of Personal Information Controllers and Processors:

Those handling personal data must ensure compliance with the law and take appropriate security measures to protect the data from unauthorized access or misuse.

4. National Privacy Commission (NPC):

The NPC is tasked with enforcing the Data Privacy Act, issuing guidelines, investigating data breaches, and penalizing violators.

​

Cases:

​

Samahan ng mga Progresibong Kabataan (SPARK) v. Quezon City (2020)

 

Factual Background:

This case involved the implementation of the “Safe Spaces Act” in Quezon City, which included provisions requiring the collection of personal data through various mechanisms, such as CCTV monitoring. The petitioners argued that the data collection, while aimed at promoting public safety, posed significant risks to privacy.

 

Ratio Decidendi:

The Supreme Court ruled that while public safety is a legitimate government interest, it must be balanced with individuals’ right to privacy. The ruling emphasized the importance of compliance with the Data Privacy Act, particularly ensuring that data collection is proportional to the purpose and that safeguards are in place to prevent misuse or unwarranted intrusion into private lives.

 

National Privacy Commission v. ABS-CBN (2020)

 

Factual Background:

This case involved a complaint filed against ABS-CBN for allegedly failing to protect the personal data of its employees and customers after a data breach occurred. The complainants claimed that sensitive personal information was leaked and used without consent, violating their rights under the Data Privacy Act.

 

Ratio Decidendi:

The National Privacy Commission investigated the incident and ruled that ABS-CBN had violated the Data Privacy Act by failing to implement sufficient security measures to protect personal data. The decision underscored the accountability of data controllers in ensuring that personal information is safeguarded against unauthorized access. This case reinforced the need for organizations to take proactive steps in securing personal data, as mandated by the law.

 

NPC Advisory on COVID-19 Contact Tracing (2020)

 

Factual Background:

Amid the COVID-19 pandemic, various government agencies and private establishments were required to collect personal data for contact tracing purposes. Concerns arose regarding the protection of the personal data being collected, particularly health-related information, which is classified as sensitive under the Data Privacy Act.

 

Advisory:

The NPC issued an advisory clarifying that while contact tracing is crucial for public health, it must be done in compliance with the Data Privacy Act. The collection of personal data must be limited to what is necessary, and data must be stored securely and only for as long as needed. This case highlighted the importance of striking a balance between public health and the protection of personal data during a crisis.

bottom of page