Is the act of a person A, disclosing the mobile number of B, to a third person, without B’s consent considered a violation of R.A 10173?

July 5, 2013

Is the act of a person A, disclosing the mobile number of B, to a third person, without B’s consent considered a violation of R.A 10173?



            The presence of the well-defined rights of an individual sanctified in our Constitution gives us a full measure of protection which is of paramount necessity one must possess as a human being. Succintly, it is through these rights that one enjoys and exercises his freedom afforded to him by law. Absence of such rights would definitely preclude justice and lead to a chaotic society.


            The right to privacy, being one of the protected rights enshrined in our Constitution[i] and in the Civil Code[ii], has observed to have always been marred because as the world becomes modernized or technologically advanced and expanded-where the people inevitably need to adopt whether they like it or not, the more this right becomes fragile. One can easily get hold of someone else’s information in just a click away. The increasing number of personal identity crime such as stealing another’s information in perpetuating a crime is very alarming. The security and safety of one’s personal information is becoming a portentous issue and this in turn poses a great challenge on our lawmakers to set fine tune rules in order to cope up with this fast changing world and in order to preserve this right.


            Republic Act 10173 or also known as the Data Privacy Act of 2012[iii] was enacted with the purpose and intent of protecting the fundamental human right of privacy as stated in the Declaration of Policy of aforesaid statute. The law is set to give assurance to the public that personal information disclosed to instrumentalities such as the government is well secured and guarded. Such information provided by them on every transaction will be kept and be respected with confidentiality by not disclosing or disposing it to the public-which might cause irreparable injury to the owner of such information, other than the exceptions provided for by the law.


            It is significant however to point out that this law have meted parameters as to its scope and limitation as provided in Section 4. It states that the Data Privacy Act only applies to those types of information processed by the government and private sectors since they are those that usually ask for personal information of an individual whenever they’re transacting business with.


            Understandably, the limitation as to the extent of application of the law is clearly provided. It must be noted that the scope of the law is material in determining its applicability lest will likely send a confusing message to the proper agency who will implement the said law.

            We are presented with a scenario in relation to this law to wit, whether or not  the Act of a person A, disclosing the mobile number of B to a third person without consent is violative of R.A 10173.


            The answer can be gleaned from determining the scope of its applications mentioned above and to reiterate, under Section 4 of the law. Undeniably, the act of A in this particular scenario does not fall within the purview of Section 4 since in order for one to become liable, the law clearly provides that one (either natural or juridical person) should be involved in personal information processing including those personal information controllers and processors who although not found or established in the Philippines….Evidently, the law specifically set forth this guideline so as to properly and smoothly implement the law.


            It is an elementary canon in statutory construction that when the words and phrases of the law are clear, then it must be determined from what the law exactly says and should not extend to those matters not included or provided therein. In this instance, the law is clear as it only covers those types of processed information thereby excluding those that are not enumerated therein. And when we speak of processing, as defined in Section 3j of the law, refers to any operation or any set performed upon personal information but not limited to the collection, recording, organization, storage among others of data.


            By its definition alone, one can assume that it is essentially an act performed in a broader sense, that is, storing and collecting bulk information.


            Going back to the question at bar, the mere disclosing of a mobile of a mobile number of A to another person is in its clearest, not violative of R.A 10173. The intention of the law is to protect the information of a person against any government or private sectors who have always been the primary entities involved whenever one transacts business with them, as the initial requirement would normally be filling out certain documents which requires for one to provide personal information. In this regard, they in turn have an access to a person’s personal data file. That’s where the purpose of the law comes in: to safeguard such personal data since these entities who have all the means of disclosing and disposing it and might use it for unlawful purpose. The act of A is not within the ambit of the law hence, will not be treated as a violation of the Data Privacy Act.


            The ultimate goal of the law here is not to punish an ordinary case of giving it to another person without consent which is of but a usual occurrence in our everyday life but rather to hold accountable those sectors provided by the law who might use their resources in order to intrude into one’s life and gain unlawful means which would cause damage to an individual.


            A good analogy here would be a scenario where a person asking for another person’s address and knowing such, immediately provided the information. If the intention of the law is to punish everyone who divulges information of another without consent, then wouldn’t the law be absurd and futile? Would the purpose for which it was enacted properly served? This, arguably will amount to a questionable law as the boundaries are not properly laid. Moreover, it will create pernicious effect with respect to the carrying out of the said law if this would cover the mentioned scenario.


            Verily, the law expressly and strictly positions itself towards penalizing specific entities who would commit such act punishment will be put into effect accordingly.


            Furthermore, the case of Ople versus Torres, G.R 127685[iv] would gain more anchor to support the answer herein argued.


            To recapitulate, it only shows that the act done did not constitute an unlawful invasion of privacy as to affect the life or security of the person. The wordings of the law cannot be any clearer and in view of this, it is unmistakably true that the act done did not fall within the coverage of the Data Privacy Act. This, to emphasize, was promulgated to ensure that all processed data will be shielded from any unlawful acts that might be committed by these sectors who possess such information of an individual. Accordingly, the law’s basic precept is to safeguard this right so as to prevent any act that might trample upon the basic rights of a person.













[i]  1987 Philippine Constitution Section 2, 3(1) of the Bill of Rights:

   “Section 2. The right of the people to be secure in their persons, houses, papers and effects against   unreasonable searches and seizures of whatever nature and for any purpose shall be inviolable, and no search warrant or warrant of arrest shall issue except upon probable cause to be determined personally by the judge after examination under oath or affirmation of the complaint and the witnesses he may produce, and particularly describing the place to be searched and the persons or things to be seized.

   “Section 3.(1) The privacy of communication and correspondence shall be inviolable except upon lawful order of the Court, or when public safety or order requires otherwise as prescribed by law.”

[ii]  Civil Code of the Philippines, citing Article 26;

   Article 26. Every person shall respect the dignity, personality, privacy and peace of mind of his neighbors and other persons. The following and similar acts, though they may not constitute a criminal offense, shall produce a cause of action for damages, prevention and other relief;

  1. Prying into privacy of another’s residence;
  2. Meddling with or disturbing the private life or family relations  of another;
  3. Intriguing to cause another to be alienated from his friends;
  4. Vexing or humiliating another on account of his personal beliefs, lowly station in life, place of birth, physical defect or other personal condition.

[iii]  Official Gazette of the Philippines.July 2011.Citing Website. RA 10173. Retrieved from


[iv]  The doctrine in this case provides that “the right to privacy does not bar all intrusions to individual privacy. It merely requires that the law be narrowly focused and a compelling interest justifies such intrusion. Intrusion into the right must be accompanied by proper safeguards and well defined standards to prevent unconstitutional invasions.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: