Privacy of Communications and Correspondence

Privacy of Communications and Correspondence | THE BILL OF RIGHTS

Political Law and Public International Law > Bill of Rights > E. Privacy of Communications and Correspondence

The right to privacy of communication and correspondence is enshrined in Article III, Section 3 of the 1987 Constitution of the Philippines, which provides the following:

  1. Section 3(1): “The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise, as prescribed by law.”

  2. Section 3(2): “Any evidence obtained in violation of this or the preceding section shall be inadmissible for any purpose in any proceeding.”

This constitutional provision safeguards the right of every individual to the privacy of their communication and correspondence from unlawful intrusion by the state, government agencies, or private individuals. It ensures that communication in any form, whether oral, written, or electronic, cannot be intercepted, recorded, or intruded upon without valid justification.

Key Concepts and Principles

  1. Nature of the Right

    • The right to privacy of communication and correspondence is not absolute; however, it is protected against any form of intrusion except under strictly regulated circumstances.
    • The phrase "shall be inviolable" emphasizes the strong protection afforded to individuals, making any form of violation presumptively unlawful unless justified under specific and exceptional conditions provided by law.

  2. Scope of the Right

    • This right covers all forms of communication and correspondence, including but not limited to:
      • Oral communication (phone conversations, face-to-face discussions)
      • Written communication (letters, messages)
      • Electronic communication (emails, text messages, internet-based communication like social media or messaging apps)
      • Any other medium used to communicate or exchange information

  3. Exceptions to the Right The right to privacy of communication is not absolute and can be subject to exceptions under the following circumstances:

    • Lawful order of the court: A competent court may issue an order authorizing the interception or intrusion of communication in accordance with the law and upon the showing of probable cause or a legitimate legal basis.
    • When public safety or order requires otherwise: The right may be curtailed in cases where public safety or order necessitates government intrusion, but such exceptions must be grounded on law and cannot be arbitrary.

  4. Admissibility of Evidence

    • Any evidence obtained in violation of the right to privacy of communication and correspondence is deemed inadmissible in any proceeding. This is in accordance with the exclusionary rule provided in Section 3(2) of the Constitution. Evidence gathered through unlawful wiretapping, unauthorized eavesdropping, or illegal surveillance cannot be used in both civil and criminal proceedings.

Limitations and Regulatory Framework

  1. Republic Act No. 4200 (Anti-Wiretapping Law)

    • One of the key legislative measures regulating the right to privacy of communication is the Anti-Wiretapping Law (R.A. 4200), which prohibits unauthorized wiretapping, interception, or recording of private communication. The law makes it illegal to:
      • Secretly record conversations through any electronic device
      • Possess, sell, distribute, or use any recording or communication obtained in violation of the law
    • Penalties: Violation of the Anti-Wiretapping Law carries serious penalties, including imprisonment of six months to six years.
    • Exceptions: The law provides exceptions for law enforcement officers who have obtained a valid court order based on probable cause that the subject of the communication is engaged in criminal activity.

  2. Republic Act No. 10173 (Data Privacy Act of 2012)

    • The Data Privacy Act of 2012 further strengthens the protection of personal information in communication, particularly in the digital space. It protects against unauthorized processing, access, or misuse of personal data, especially in online platforms and communications.
    • Under the act, personal communication and correspondence are included in the definition of personal information that must be safeguarded by entities, including private organizations, which collect and process data.

  3. Jurisprudence on the Right to Privacy of Communication

    • People v. Marti (G.R. No. 81561, January 18, 1991): The Supreme Court ruled that the constitutional protection applies only to government intrusion, and not to private individuals unless there is collusion with state authorities.
    • Zaldivar v. Sandiganbayan (G.R. No. 79690, October 7, 1988): This case reiterated the exclusionary rule, holding that evidence obtained in violation of the right to privacy of communication is inadmissible.
    • Ramirez v. CA (G.R. No. 93833, September 28, 1995): The Court ruled that telephone conversations recorded without the consent of the parties involved, and without a lawful court order, violate R.A. 4200 and are inadmissible in court.

Balancing Privacy and State Interests

The right to privacy of communication and correspondence is balanced against the needs of public safety, security, and law enforcement. However, this balance is carefully regulated to prevent abuse by the state. Courts play a pivotal role in determining when the right can be lawfully intruded upon, with the primary consideration being the necessity and proportionality of the intrusion in relation to public interest.

International Standards and Principles

The right to privacy of communication is also recognized in various international instruments, reflecting the Philippines' commitment to uphold human rights standards globally:

  1. Universal Declaration of Human Rights (UDHR)

    • Article 12 of the UDHR states that "No one shall be subjected to arbitrary interference with his privacy, family, home, or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."

  2. International Covenant on Civil and Political Rights (ICCPR)

    • Article 17 of the ICCPR provides a similar guarantee, emphasizing protection against unlawful interference with one's privacy, family, home, or correspondence.

  3. General Data Protection Regulation (GDPR)

    • Although primarily applicable within the European Union, the GDPR has implications for international privacy standards, influencing data protection laws globally, including the Philippines' Data Privacy Act. It mandates strict requirements for the protection of personal information in communications, particularly in cross-border data transfers.

Enforcement Mechanisms

  • The National Privacy Commission (NPC) oversees the implementation of privacy laws, particularly in relation to the Data Privacy Act, and ensures that entities handling personal data in communications comply with the law.
  • Individuals whose rights are violated can file complaints with the NPC, or pursue civil, criminal, or administrative remedies depending on the nature of the violation.

Conclusion

The right to privacy of communication and correspondence under Philippine law is a fundamental human right with strong constitutional and legislative protections. While not absolute, it is inviolable except under conditions expressly provided by law, such as court orders or public safety concerns. The exclusionary rule further ensures that evidence obtained through unlawful means is inadmissible in any court proceeding, protecting individuals from arbitrary or unlawful intrusions into their private communications.

Exclusionary Rule | Privacy of Communications and Correspondence | THE BILL OF RIGHTS

The Bill of Rights: Privacy of Communications and Correspondence (Article III, Section 3)

Exclusionary Rule

1. Constitutional Basis
The right to privacy of communication and correspondence is enshrined under Article III, Section 3 of the 1987 Philippine Constitution, which provides that:

  • Section 3(1): "The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise as prescribed by law."
  • Section 3(2): "Any evidence obtained in violation of this or the preceding section shall be inadmissible for any purpose in any proceeding."

The provision grants individuals the constitutional right to the privacy of their communications, with limitations set only by lawful court orders or exigent public safety and order concerns as determined by law. The second paragraph introduces the Exclusionary Rule, which disallows any evidence gathered through the violation of the first paragraph from being used in any legal proceeding.

2. Nature and Scope of the Right to Privacy of Communications

The privacy of communications encompasses various forms of correspondence, whether traditional or electronic. This includes:

  • Letters, documents, and physical communications (e.g., postal correspondence).
  • Telephone conversations and wiretapping (R.A. 4200 or the Anti-Wiretapping Law).
  • Digital communications, such as emails, text messages, and online data.
  • Any other modern forms of communication.

3. The Exclusionary Rule: "Fruit of the Poisonous Tree"

The Exclusionary Rule is a constitutional doctrine that dictates the inadmissibility of evidence obtained in violation of the right to privacy. This principle is often referred to as the "fruit of the poisonous tree" doctrine, wherein evidence obtained illegally (the "poisonous tree") contaminates all derivative evidence (the "fruit"), rendering them inadmissible.

  • Key Principle: Any evidence obtained through illegal means, i.e., a violation of the privacy of communications and correspondence, is inadmissible in court.
  • Scope of the Rule: Not only is the primary evidence obtained in violation of the right excluded, but all other derivative evidence that may arise as a result of the illegal act is also inadmissible. For example, a confession made after an illegal wiretap, or further evidence gathered as a result of an illegally intercepted communication, cannot be used in court.

Exceptions:

  • Good Faith Exception: The Supreme Court of the Philippines has yet to establish a clear good faith exception to the exclusionary rule in privacy violations. Under this hypothetical exception (as applied in some jurisdictions), if law enforcement officers reasonably believed that they were acting under legal authority, the evidence obtained may still be admissible.

  • Inevitable Discovery Rule: The Philippine judiciary has not definitively ruled on whether the doctrine of inevitable discovery (which allows evidence to be admitted if it would have been discovered through lawful means eventually) applies in privacy violation cases.

4. Relation to Other Exclusionary Provisions (Bill of Rights)

The Exclusionary Rule found in Section 3(2) is closely related to other exclusionary provisions in the Bill of Rights, particularly Section 2 of Article III, which guarantees protection from unreasonable searches and seizures. Under Section 2, evidence obtained from unreasonable searches and seizures without a valid warrant is inadmissible under the exclusionary rule. Both sections provide complementary protections, ensuring that any violation of a person's constitutional rights results in the exclusion of illegally obtained evidence.

5. Jurisprudence on the Exclusionary Rule in Privacy of Communications

Several key cases illustrate the application of the exclusionary rule in protecting the privacy of communication and correspondence:

a. People v. Estrada, G.R. No. 124461 (2001)

This case highlighted the application of the exclusionary rule where the Supreme Court ruled that evidence obtained through illegal wiretapping without a valid court order, in violation of the Anti-Wiretapping Law (R.A. 4200), was inadmissible. It emphasized that any communication intercepted without proper legal authority breaches the constitutional right to privacy, thus activating the exclusionary rule.

b. Zaldivar v. Sandiganbayan, G.R. Nos. 79690-707 (1994)

The case involved the interception of a telephone conversation. The Supreme Court held that wiretapping without a court order is illegal and violates both the Anti-Wiretapping Law and the Constitution. The Court declared that any evidence obtained in this manner was inadmissible in court as it violated the privacy of communication.

c. People v. Marti, G.R. No. 81561 (1991)

In this case, the Supreme Court ruled that the right to privacy of communication can only be invoked against the State or agents of the State. Private individuals violating another person's privacy of communication would not trigger the exclusionary rule unless it can be shown that they acted in collusion with law enforcement or governmental authorities.

6. The Anti-Wiretapping Law (R.A. 4200)

The Anti-Wiretapping Law (R.A. 4200) supplements the constitutional right to the privacy of communications. The law specifically prohibits:

  • The unauthorized interception or recording of private conversations via wire, radio, or any other device.
  • The admissibility of evidence obtained in violation of this law.

The law is stringent in ensuring that any interception of communication is sanctioned only through a lawful court order. Evidence obtained without complying with the requisites of the Anti-Wiretapping Law is automatically rendered inadmissible under both the law and the constitutional Exclusionary Rule.

Exceptions under the Anti-Wiretapping Law:

  1. A court order allows interception when necessary for public safety or order.
  2. Instances where the person involved in the communication consents to the interception.

Relevant Jurisprudence:

  • Ramirez v. CA, G.R. No. 93833 (1995) - The Court ruled that even if a private individual or a non-state actor wiretaps a communication without consent, the privacy rights under R.A. 4200 and the Constitution are violated. Hence, such evidence is inadmissible.

7. Applicability to Electronic and Digital Communication

Modern jurisprudence and legal interpretations have extended the privacy protection under Section 3, Article III to cover electronic communications, such as emails, text messages, and online correspondence. These modern forms of communication are subject to the same constitutional protections, and any illegal interception or access to such communication without a court order renders any obtained evidence inadmissible.

The Cybercrime Prevention Act of 2012 (R.A. 10175) also imposes penalties on those who illegally access or intercept data. The exclusionary rule applies in instances where evidence is obtained in violation of the Cybercrime Law’s provisions on illegal interception or unauthorized access.

8. Procedural Aspects

In criminal proceedings, the defense may move to suppress evidence obtained in violation of the right to privacy of communication through a motion to suppress. This motion seeks to invoke the exclusionary rule and render the evidence inadmissible. Courts are required to assess whether the evidence in question was gathered in compliance with legal procedures, and if not, to apply the exclusionary rule.

Summary

The Exclusionary Rule is a robust constitutional protection under the Bill of Rights that safeguards individuals' right to privacy in communication and correspondence. Evidence obtained in violation of this right is deemed inadmissible in any judicial or quasi-judicial proceeding. The rule is a critical part of ensuring the protection of civil liberties, especially in the context of modern communication methods, and is supported by related laws like the Anti-Wiretapping Law and the Cybercrime Prevention Act. Through jurisprudence, the Supreme Court has consistently upheld the inviolability of this right, emphasizing that any breach thereof nullifies the legality of the evidence obtained.

R.A. No. 10173 or the Data Privacy Act | Privacy of Communications and Correspondence | THE BILL OF RIGHTS

R.A. No. 10173 or the Data Privacy Act of 2012

The Data Privacy Act of 2012 (Republic Act No. 10173) is the primary law in the Philippines that governs the collection, processing, and storage of personal data in both the public and private sectors. It is a comprehensive law designed to protect the privacy of individuals and ensure the free flow of information to promote innovation and growth. The law applies to all forms of personal data, whether in physical or digital form, and establishes various rights for data subjects and obligations for data controllers and processors. Here's a detailed breakdown of the key aspects related to the Act:

I. Objectives of the Data Privacy Act

  1. Protect the Fundamental Human Right to Privacy: The Data Privacy Act upholds the right to privacy of communication and correspondence as enshrined in Section 3(1), Article III of the Philippine Constitution, which protects the privacy of communication from unlawful intrusion.

  2. Regulate the Collection, Use, and Processing of Personal Data: It seeks to regulate how personal data is collected, used, stored, disclosed, and disposed of, ensuring that individuals’ personal data is not misused or unlawfully disclosed.

  3. Ensure Data Security: The law emphasizes the importance of maintaining security in handling personal information, particularly against unauthorized access, modification, or destruction.

II. Scope of the Data Privacy Act

  1. Territorial Scope: The Data Privacy Act applies to both government and private sector entities located within the Philippines that process personal data. It also applies to entities outside the Philippines if they use equipment located in the country or process the personal data of Philippine citizens and residents.

  2. Entities Covered:

    • Personal Information Controllers (PIC): These are entities that control the processing of personal data, such as corporations, organizations, or individuals.
    • Personal Information Processors (PIP): These are entities or individuals that process data on behalf of PICs.

  3. Exclusions: The Act does not apply to the following:

    • Personal, family, or household activities.
    • Journalistic, artistic, literary, or research purposes.
    • Information about government officials in relation to their official functions.
    • Data processed for the national security, public order, and safety of the country.
    • Law enforcement, if duly authorized under existing laws.

III. Key Definitions Under the Data Privacy Act

  1. Personal Data: Information, whether recorded or not, from which the identity of an individual can be reasonably and directly ascertained or, when put together with other information, would make an individual identifiable.

  2. Sensitive Personal Information: Information related to an individual's race, ethnic origin, marital status, age, health, education, genetic or sexual life, government-issued identifiers (such as social security number), and financial data.

  3. Privileged Information: Any and all forms of data that are considered privileged under existing laws (e.g., attorney-client communications).

IV. Data Privacy Principles

The Act imposes a set of principles that data controllers and processors must adhere to when handling personal data:

  1. Transparency: Personal data processing must be fully transparent to the data subject. The data subject must be aware of how, why, and what personal data is being processed.

  2. Legitimate Purpose: The data collected must be for a legitimate purpose that is clearly communicated to the data subject, and the data must be processed in a manner compatible with that purpose.

  3. Proportionality: Only personal data that is necessary for the declared purpose should be collected, and it should not be retained longer than necessary.

V. Rights of Data Subjects

The Data Privacy Act grants individuals specific rights concerning their personal data:

  1. Right to Be Informed: Individuals have the right to be informed whether their personal data is being processed, including the purpose of such processing, the data being collected, and other related information.

  2. Right to Access: Data subjects have the right to access the personal data being held about them and be informed about how this data has been processed.

  3. Right to Rectification: If the data subject finds inaccuracies in their personal data, they have the right to have it corrected without undue delay.

  4. Right to Erasure or Blocking: Data subjects can demand the deletion or blocking of their personal data if it is unlawfully processed or if it is no longer necessary for the purpose for which it was collected.

  5. Right to Object: Individuals can object to the processing of their personal data, especially for purposes such as direct marketing or profiling.

  6. Right to Data Portability: Data subjects have the right to receive a copy of their data in a structured, commonly used, and machine-readable format.

  7. Right to File a Complaint: The data subject can lodge a complaint with the National Privacy Commission (NPC) in case of a violation of their privacy rights.

  8. Right to Damages: Individuals are entitled to claim compensation for any damage caused by the unlawful processing of their personal data.

VI. Obligations of Personal Information Controllers (PIC) and Personal Information Processors (PIP)

  1. Compliance with Data Privacy Principles: PICs and PIPs must strictly comply with the principles of transparency, legitimate purpose, and proportionality when processing personal data.

  2. Implementation of Security Measures: Entities must implement reasonable and appropriate organizational, physical, and technical measures to secure personal data against breaches, unauthorized access, and other risks.

  3. Notification of Data Breach: In case of a breach of personal data, the PIC must inform the NPC and the affected data subjects within 72 hours of discovering the breach.

  4. Appointment of a Data Protection Officer (DPO): Every entity processing personal data is required to appoint a Data Protection Officer who ensures compliance with the law and manages data protection issues.

  5. Data Processing Agreement: Where a PIC contracts with a PIP for data processing, a contract ensuring compliance with data privacy standards must be executed between the parties.

VII. Security Measures and Breach Notification

The Data Privacy Act outlines stringent security measures to safeguard personal data. These include:

  1. Organizational Security: Establishing clear policies and procedures for data management and protection, and ensuring that employees handling personal data are adequately trained.

  2. Physical Security: Implementing access controls to prevent unauthorized physical access to personal data storage facilities, whether on-premises or remote.

  3. Technical Security: Employing measures such as encryption, secure storage, and access control to protect personal data in electronic form.

  4. Data Breach Notification: If a breach occurs, the PIC must notify the NPC and affected individuals if the breach is likely to affect their rights and freedoms. This notification should include the nature of the breach, the personal data involved, and actions taken to mitigate the breach.

VIII. Enforcement and Penalties

The law grants the NPC powers to investigate and enforce compliance with the Act. Violators of the Data Privacy Act face civil, criminal, and administrative liabilities:

  1. Criminal Penalties: The Act provides for imprisonment of up to six (6) years and fines of up to five million pesos (₱5,000,000) for violations such as unauthorized processing, accessing, or disclosing personal data, and concealment of breaches.

  2. Administrative Penalties: The NPC can impose administrative fines and sanctions, such as revoking or suspending licenses, depending on the gravity of the violation.

  3. Civil Liability: Data subjects who suffer damages due to non-compliance with the Act may seek compensation.

IX. Role of the National Privacy Commission (NPC)

The National Privacy Commission is the primary enforcement body under the Data Privacy Act. Its roles include:

  1. Monitoring Compliance: Ensuring that entities comply with the Data Privacy Act and its implementing rules and regulations.

  2. Adjudicating Complaints: Handling complaints filed by data subjects and imposing penalties for violations.

  3. Issuing Guidelines: Issuing rules, guidelines, and advisory opinions to clarify the application of the Data Privacy Act.

X. Relationship with the Constitution and the Bill of Rights

The Data Privacy Act of 2012 operationalizes the constitutional guarantee under Article III, Section 3 of the 1987 Constitution, which provides for the privacy of communication and correspondence. The Act complements this constitutional right by regulating the collection, processing, and management of personal data in modern information systems, providing a legal framework that balances the individual's right to privacy with the demands of technological and economic advancement.

Conclusion

R.A. No. 10173, the Data Privacy Act of 2012, is a comprehensive legislative measure aimed at protecting individuals' personal data from misuse while ensuring that the free flow of information is not unduly restricted. The law’s extensive provisions on data subject rights, data controller and processor obligations, security measures, and breach notification reflect the country’s commitment to protecting privacy in the digital age. Compliance with this law is vital for both public and private entities that handle personal information, and the enforcement powers granted to the National Privacy Commission ensure that individuals’ rights are adequately protected.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login