The Data Privacy Act of 2012 or Republic Act No. 10173, with its Implementing Rules and Regulations, was promulgated in response to the freer exchange of personal data in the global stage and the setting of international standards for data protection. Prior to the Act, without so much as regulatory oversight for data collectors or protective measures for the data subject, the wealth of personal data available is subject to abuse and misuse — from the unmitigated use of contact details for purposes beyond those initially contemplated, to identity theft or security breaches of corporate data — to the detriment of the data subject’s constitutionally guaranteed right to privacy. As this is a relatively new law in the Philippines and while initial enforcement measures have been implemented by the National Privacy Commission, it remains to be seen how robustly this new area of law will develop in the country.
Please see full Chapter below for more information.