INFORMATION

PRIVACY
REPUBLIC ACTs (RA)
RA. 10173 RA. 8792 RA. 8293
INTRODUCTION
The Data Privacy Act of 2012 (RA 10173), the Electronic
Commerce Act of 2000 (RA 8792), and the Intellectual Property Code
of the Philippines (RA 8293) are key laws that protect our rights in
today’s digital world. RA 10173 focuses on keeping your personal
information safe. It ensures businesses handle your data responsibly,
giving you control over what they collect and how they use it. Finally,
RA 8293 protects the creations of artists, inventors, and innovators.
Whether it's a song, an invention, or a brand, this law ensures
creators have exclusive rights to their work, encouraging more
creativity and innovation.
Data Privacy Act
of 2012
Republic Act
10173
Republic Act 10173
The Republic Act 10173, officially known as the Data Privacy Act of 2012
(DPA), is Philippine’s data privacy law, aiming to “to protect the fundamental
human right of privacy, of communication while ensuring free flow of
information to promote innovation and growth” while also ensuring “that
personal information in information and communications systems in the
government and in the private sector are secured and protected.” The law
became enforceable as of September 8, 2012 and the regulating authority, the
NPC, was established 4 years later, in 2016. As of September 9, 2016 the NPC
published ‘Implementing Rules and Regulations of Republic Act No. 10173,
known as the Data Privacy Act of 2012,’ or the IRR, to help with the
understanding of the requirements imposed on covered entities.
Author & Person
Signed The Law
President Benigno Aquino III signed Republic
Act (RA) 10173, also known as the Data Privacy
Act of 2012, into law on August 15, 2012. The
law aims to protect the privacy of individuals'
personal information and communication, while
also ensuring the free flow of information.
The Implementing Rules and Regulations of
the Data Privacy Act were signed on August 24,
2016, and took effect on September 9, 2016.
 Scope of RA 10173
1. Coverage RA 10173
Applies to the processing of personal information by any
individual, organization, or agency, whether in the public or private
sector, within the Philippines. It also applies to those outside the
Philippines if they process personal data of Philippine citizens or
residents.
Entities Covered:
• Government agencies.
• Private companies and organizations.
• Any person involved in the processing of personal information.
Entities Exempted:
• Personal data processed for *personal, household, or journalistic purposes*.
• Information necessary for national security, public order, or safety.
• Data used for research and statistical purposes, provided it is anonymized.
• Information required for legal obligations or court proceedings.
2. Personal Information and Sensitive Data
• Personal Information: Any information that identifies or could identify an
individual (e.g., name, address, email, phone number).
• Sensitive Personal Information: Includes data on race, health, education,
sexual life, political opinions, religious affiliations, and government-issued
identifiers like Social Security numbers.
3. Rights of Data Subjects
RA 10173 grants individuals specific rights to protect their personal information:
• Right to be informed: Be notified when personal data is collected or processed.
• Right to access: Review the personal data held by an organization.
• Right to rectification: Correct inaccurate or incomplete personal information.
• Right to erasure/blocking: Remove data that is outdated, false, or unlawfully
processed.
• Right to data portability: Obtain and transfer personal data to another entity.
• Right to damages: Seek compensation for misuse or unauthorized processing of
personal data.
4. Duties of Data Controllers and Processors
Entities processing personal data must:
• Ensure data is processed fairly, lawfully, and transparently.
• Collect data only for legitimate purposes and keep it accurate and
up-to-date.
• Implement appropriate security measures to protect data from
unauthorized access, alteration, or destruction.
5. Establishment of the National Privacy Commission (NPC)
• Mandate: The NPC oversees the implementation of RA 10173,
ensures compliance, and investigates data breaches and violations.

• Functions: Issue regulations, monitor data processing, resolve

complaints, and impose penalties for non-compliance.
6. Data Breaches and Penalties
Data Breaches: Organizations must notify affected individuals and
the NPC within 72 hours of discovering a breach.
Penalties: Violations can result in fines ranging from PHP 500,000 to
PHP 5,000,000 and imprisonment of up to six years, depending on
the offense.
7. Extraterritorial Application
The Act applies to entities outside the Philippines if they process the
personal data of Philippine citizens or residents.
Violations of RA 10173
Imprisonment: A sentence of one to seven years in prison
Fines: A fine ranging from PHP 500,000 to PHP 5,000,000
The National Privacy Commission (NPC) is the enforcing authority for
the Data Privacy Act. The NPC's duties include: Ensuring compliance,
Handling complaints, and Recommending penalties to the
Department of Justice.

The penalties for specific violations include:

Unauthorized processing of personal information
A fine of PHP 500,000 to PHP 4,000,000 and a prison sentence of
three to six years.
Accessing personal information due to negligence
A fine of PHP 500,000 to PHP 2,000,000 and a prison sentence of one to
three years
Accessing sensitive personal information due to negligence
A fine of PHP 500,000 to PHP 4,000,000 and a prison sentence of three to six
years
The Data Privacy Act regulates the collection, storage, use, and other
aspects of personal data. It protects individuals' privacy while also
promoting the free flow of information.
If an action is taken against a decision or resolution of the NPC, a cash or
surety bond must be posted. The bond must be equal to the total amount of
the fine imposed. If the bond is not posted, the fine will be immediately
executed.
 Intellectual
Property
Republic Act 8293
 Republic Act 8293
Republic Act 8293, also known as the Intellectual Property
Code of the Philippines, established the Intellectual Property
Office (IPOPHL) and established the intellectual property
rights for the Philippines. The act took effect on January 1,
1998. Be it enacted by the Senate and House of
Representatives of the Philippines in Congress assembled:
This Act shall be known as the "Intellectual Property Code of
the Philippines."
Author & Person Signed The
Law
The law, otherwise known as the
IP Code of the Philippines, was
signed by President Fidel V. Ramos
on June 6, 1997, and took effect on
January 1, 1998. Authored by the
late Senator Raul S. Roco, the law
took effect on January 1, 1998.
Scope of RA 8293
1. Coverage:
RA 8293 governs the protection and enforcement of intellectual
property rights, including:
• Copyright and Related Rights: Covers literary, artistic, and
derivative works, as well as performances, sound recordings, and
broadcasts.
• Patents: Protects inventions that are new, involve an inventive step,
and are industrially applicable.
• Trademarks and Service Marks: Protects brand identifiers like
names, symbols, logos, and other marks used in commerce.
• Industrial Designs: Covers the aesthetic aspects of an article.
• Utility Models: Protects innovations that may not meet the criteria
for a patent but are new and industrially applicable.
• Integrated Circuits: Protects the layout designs of integrated
circuits.
• Geographical Indications: Covers names or signs used on products
to indicate their geographical origin and qualities associated with it.
2. Purpose:
• To promote the dissemination of knowledge and innovation by
granting creators and inventors exclusive rights.
• To ensure fair use of intellectual property while balancing public
access and rights.
3. Enforcement:
• Establishes mechanisms for protecting intellectual property,
including administrative and judicial remedies.
• Provides penalties for infringement of intellectual property rights.
4. Administration:
Created the Intellectual Property Office of the Philippines
(IPOPHL) to oversee implementation, registration, and
dispute resolution related to intellectual property.
5. Limitations and Exceptions:
The law includes provisions for fair use, compulsory
licensing, and public interest considerations, ensuring the
balance between private rights and public welfare.
Violations of RA 10173
Violating Republic Act (RA) 8293, also known as the Intellectual Property Code of
the Philippines, can result in imprisonment and fines:
Patent infringement: Imprisonment of 1–9 years and a fine of P50,000–
P1,500,000, depending on the number of offenses
Selling fake goods: Imprisonment of 2–5 years and a fine of P50,000–P200,000
First offense: Imprisonment of 1–3 years and a fine of P50,000–P150,000
Second offense: Imprisonment of 3 years and 1 day–6 years and a fine of
P150,000–P500,000
Third and subsequent offenses: Imprisonment of 6 years and 1 day–9 years and a
fine of P500,000–P1,500,000
Some examples of intellectual property violations include:
• Using a company's trademarked logo without permission.
• Including music in a video without the artist's consent.
• Manufacturing knockoff products of patented designs.
• Copying written works using a photocopier without
authorization.
Republic Act No. 8792
Electronic Commerce
Act of 2000
Republic Act No. 8792
The Electronic Commerce Act of 2000, also known as Republic Act
8792, was adopted on June 14, 2000. The act's purpose is to make it
easier to conduct domestic and international transactions through
electronic means. It does this by recognizing the authenticity and
reliability of electronic documents.
The act applies to all electronic documents and data messages used
in commercial and non-commercial activities. This includes transactions,
agreements, contracts, exchanges, and storage of information.
 The act defines an electronic signature as any distinctive
mark, sound, or characteristic in electronic form that
represents a person's identity. It also prescribes penalties for
hacking computer programs and piracy of protected
materials using telecommunication networks. The maximum
penalty for other violations of the act is six years in prison or
one million pesos.
Author & Person Signed
The Law
On 14 June 2000, President Joseph
E. Estrada signed into law R.A. 8792
"An Act Providing For The
Recognition And Use of Electronic
Commercial And Non-Commercial
Transactions, Penalties For Unlawful
Use Thereof, And Other Purposes,
also known as the "Electronic
Commerce Act."Oct 24, 2000
Scope of Republic Act No.
8792
1. Recognition of Electronic Data and Messages
• Ensures that electronic data, messages, and documents
have the same legal validity and enforceability as paper-
based documents.
• Provides that electronic signatures are legally binding
and recognized in commercial and contractual
transactions.
2. Application in Business and Government
• Promotes the use of electronic documents and signatures in both
private business dealings and government transactions.
• Mandates government agencies to accept electronic documents
and payments to enhance efficiency.
3. E-Commerce and Trade
• Supports and facilitates electronic transactions and e-commerce
practices, enabling businesses to operate online.
• Covers activities such as online contracts, digital payments, and
the exchange of goods, services, and information electronically.
4. Intellectual Property Protection
• Protects intellectual property rights in the context of electronic
commerce.
• Penalizes infringement of copyright, trademark, and other
intellectual property rights in the digital domain.
5. Cybercrime Prevention
• Addresses unlawful acts such as hacking, identity theft, and
unauthorized access to electronic systems or data.
• Provides penalties for cybercrimes and other offenses related to
electronic data and systems.
6. Consumer Protection
• Protects consumers engaged in e-commerce by ensuring
transparency, reliability, and security in electronic transactions.
• Mandates the disclosure of terms, conditions, and other relevant
information in online dealings.
7. Scope of Coverage
• Applies to all commercial transactions conducted electronically,
including business-to-business (B2B) and business-to-consumer
(B2C) transactions.
• Does not apply to laws governing family relations, wills, and
negotiable instruments unless otherwise specified.
8. Penalties and Enforcement
• Imposes penalties for violations such as fraud,
unauthorized access, and misuse of electronic
information.
• Authorizes relevant agencies to investigate, enforce, and
implement provisions of the law.
Violation of RA 8792
Violations of the Electronic Commerce Act of 2000 (Republic Act
No. 8792) can include:
Online fraud: A minimum fine of PHP 100,000 and a mandatory
imprisonment of 6–3 year.
Other violations: A maximum fine of PHP 1,000,000 or a maximum
imprisonment of 6 year.
Piracy: A minimum fine of PHP 100,000 and a mandatory
imprisonment of 6–3 year.
Hacking: Unauthorized access to a computer to corrupt, alter, steal,
or destroy electronic data.
The Electronic Commerce Act of 2000 also:
• Recognizes the use of electronic documents and digital
signatures
• Sets out legal rules for the admissibility of electronic documents
or messages into evidence
• Recognizes the need for consumer protection in the electronic
environment
• Includes RPWEB, an electronic online network that promotes the
use of electronic documents and data messages
• Includes GII, a platform that facilitates the electronic
transmission of government services
Conclusion
In conclusion, RA 10173 (Data Privacy Act of 2012), RA 8792 (E-
Commerce Act of 2000), and RA 8293 (Intellectual Property Code of
the Philippines) play key roles in shaping the digital world in the
Philippines. RA 10173 focuses on protecting people's personal
information, making sure it's safe from misuse. RA 8792 supports
online business by creating clear rules for electronic transactions,
helping e-commerce grow. RA 8293, on the other hand, protects
creators' rights to their inventions, designs, and artistic works, ensuring
they are not copied without permission. Together, these laws aim to
create a safer, fairer, and more trustworthy digital environment for
everyone.