December 8, 2024 | 12:00am
Just recently, the Supreme Court made public a 2023 ruling which pointed out that the use of online chat logs and videos as evidence does not violate the right to privacy.
In a decision promulgated Oct. 9, 2023 but made public only last week, the SC upheld the conviction of a man for qualified trafficking and rejected accused’s argument that his recorded chat logs and videos were inadmissible as evidence.
The High Tribunal held that Republic Act 10173 or the Data Privacy Act (DPA) of 2012 allows the processing of sensitive personal information when it is related to determining criminal liability of a data subject and when necessary for the protection of lawful rights and interests in court proceedings.
According to a news report, the case stemmed from an investigation by the Anti-Human Trafficking Task Force of Region 7 in 2013 following a tip from the US Immigration and Customs Enforcement (US ICE). A decoy account was used by a police officer to communicate with Eul Vincent Rodriguez on various platforms and to record their exchanges.
During the trial, Rodriguez argued that his right to due process was violated when the chat logs and videos of his conversation with the police were presented as these were not related to the incident alleged in the information filed against him, and that these pieces of evidence were an intrusion of his constitutional right to privacy of communication and in violation of RA 4200 or the Anti Wiretapping Act.
In upholding the rulings of the Regional Trial Court and the Court of Appeals, the SC explained that the videos and chat logs were not offered to prove the existence of qualified trafficking but to demonstrate Rodriguez’s modus operandi in contacting foreigners via Skype or Facebook and offering minors for sexual exploitation.
In the earlier case of People vs Cadajas, the SC rejected the accused’s argument that the photographs and conversations in the FB messages between him and the minor victim cannot be used against him. Here, the SC held that the DPA allows the processing of data and sensitive personal information when it relates to the determination of criminal liability of a data subject and when necessary for the protection of lawful rights and interests of persons in court proceedings, as in this case where the communications and photos sought to be excluded were submitted in evidence to establish the victim’s legal claims.
In the same case, it was held that where private individuals are involved, for which their relationship is governed by the Civil Code, the admissibility of an evidence cannot be determined by the provisions of the Bill of Rights.
But what if a private individual uses screenshots of messages and photos posted on messaging apps of another without the latter’s permission, not in relation to a court proceeding but to make such messages and photos known to the public to the prejudice of the data subject? Does the Data Privacy Act apply or was there any other law violated?
In an advisory opinion in 2020, the National Privacy Commission (NPC) explained that the processing, i.e. taking screenshots of private conversations between two individuals without the consent of both parties and then sending them out to a third person, will online come under the scope of the DPA if personal data is involved – if the conversation/screenshot itself allows for the identification of the parties. If it is simply the content of the conversation, with names and other identifiers redacted or cropped out of the screenshot, it might not be within the scope of the DPA.
The NPC said that disclosure of a private conversation involving personal data without consent of the parties involved, or without some other lawful basis for processing of personal data under the DPA, may be construed as unauthorized processing, depending on other attendant circumstances as when processing was done by the person in connection with his or her personal, family, or household affairs in which case the person is not considered as a personal information controller and hence, to a certain extent, such processing is generally excluded from the scope of the DPA.
And last January, the same government agency reminded the public of the need for responsible sharing of photos and videos containing personal data, since unlawful processing of such data is a violation of the DPA with corresponding administrative fines and criminal penalties.
Then there is the Civil Code which provides for civil liability for damages to a person’s dignity, reputation or privacy.
There is another law, RA 10175 or the Cybercrime Prevention Act which deals with offenses committed online, including the unauthorized sharing of private content.
The law provides for the acts that would constitute the offense of cybercrime, including content-related offenses such as libel committed through a computer system or any other similar means. All crimes defined and penalized by the Revised Penal Code, including libel, if committed by, through and with the use of information and communications technologies, will be imposed a penalty one degree higher than that provided for by the RPC.
In one case, the SC held that even if the name of the person is not indicated in the post, the owner of the post is still liable so long as other persons who read the libelous post can identify the person/s alluded to.
For comments, e-mail at [email protected].
Be the first to comment