It’s 5 in the morning. Do you know where your children are?
In some net cafes in Manila, Quezon City, and Laguna, children as young as eight years old are glued to the computer way past their bedtime up to the wee hours of the morning, playing online war games while muttering expletives, updating their Facebook accounts, viewing some risqué stuff on YouTube, etc. In one instance, in a net cafe in Ermita, a group of three boys were caught giggling, while engaged in an online conversation with a burly Caucasian male that asked them to drop their pants.
It is a fact that most families in the Philippines do not have their own computers or have no access to the internet in their own homes. Unfortunately, some parents think that by giving their children some net allowance would allow their kids to stay out of trouble while they are out of their houses, and can be a palliative to good parenting. But as the capacity of children to learn how to navigate the virtual worlds grows, the likelihood that the unwanted virtual dangers spilling into their actual lives become even more probable.
The number one risk that children take when they venture into cyberspace is their revelation of their true identities and their addresses, as well as other personal information about themselves and their families that could compromise their safety. Numerous cases have risen over the years when online predators of children have stalked their actual prey and showed up in the children’s houses to do them bodily harm. Stories of children abduction, rape and murder facilitated through chatroom conversations and online meet-ups have been reported in the US, UK, Singapore, and a host of other countries.
Perhaps, the most perfidious form of children exploitation, because it is done invisibly, is the online harvesting of personal information of children done without the children’s and their parents’ prior consent. For example, Playdom Inc. which owned and operated virtual worlds that included those which are geared to children, or considered “children friendly” like Pony Stars, My Diva Doll, 2 Moons and 9 Dragons got in trouble with the US Federal Trade Commission (FTC) which claimed that it violated the Children’s Online Privacy Protection Act (COPPA). Playdom Inc., which is a subsidiary of Disney Enterprises, Inc., according to the FTC, misrepresented its privacy policy which prohibited children under 13 years of age to post personal information online, by allowing children under 13 to do so. Moreover, the FTC charged that Playdom Inc. harvested information concerning the children’s ages and email addresses, and allowed them to post their full names, email addresses, physical addresses and other personal information in their personal profile pages and in the fora of these online communities without providing proper prior notice to, and without availing of the prior verifiable consent of these children’s parents. 2006 and 2010, some 403,000 children registered on Playdom Inc.’s general audience sites, and 821,000 users registered in the Pony Stars children’s site. The case never went to court because it settled with the FTC. Another case that was settled with FTC was that of EchoMetrix which sold the “Sentry” software that allowed parents to monitor the virtual comings and goings of their children. The software installed on a target computer allowed parents to view their children’s online activities. The downside was that Echometrix disclosed the information it has collected concerning the children’s online activities to third party marketers, by way of its online market research software program, Pulse. Subscribers to the Pulse had access to the Sentry information. Part of the settlement agreement was that Echometrix destroy all the Sentry information it collected and which was transferred to the Pulse database.
In the Philippines, Dr. Atty. Noel G. Ramiscal, has noted in several of his lectures concerning digital privacy of Philippine data subjects, the current implementable laws do not contain adequate protection for the digital data collected by data processors pertaining to children.
The Online Child Pornography Law does not specifically safeguard the online information of children harvested by data processors or data aggregators. It is unfortunate that the Data Privacy Act which was passed in 2012, remains in legal limbo. This law obligates any entity that processes or aggregates data about any Philippine subject to comply with many requirements, including giving proper, prior notice to, and acquiring the consent of the data subject relative to the processing of any data pertaining to the subject, which presumably includes children. Dr. Atty. Ramiscal states “presumably” because the metes and bounds of this law has not been determined by any Implementing Rules and Regulations (IRR). The National Privacy Commission which was supposed to have been created by this law has not been functional and operates merely as a unit under the President’s office.
The same can be said of the Cybercrime Prevention Act of 2012. While some of its provisions were upheld as constitutional, and some were struck down as invalid by the Supreme Court, the fact remains that its IRR has yet to be released by the Department of Justice (which gave a premature declaration that it will release the IRR by April 2014). It is unfortunate because the Data Privacy Law’s legal obligations imposed on data processors and data aggregators and its coverage, which should include children’s data, can be combined with the long jurisdictional arm of the Cybercrime Prevention Act to go after data processors and data aggregators in different jurisdictions whose acts are the cause of, or contributed to the detriment, damage or even death of Philippine children.
Note: As of the time this Article was updated (March 5, 2015), the Implementing Rules and Regulations for the Data Privacy Law and the Cybercrime Prevention Act have not been released. The UP Office of the Administrative Register has not received any official copy of the IRRs, the deposit of which is legally mandated for the laws to become effective in the Philippines.
Philippine Law Bytes: TheCyberLawyer Issues by Dr. Attorney Noel Guivani Ramiscal 