Data Privacy Act of 2012

Data Privacy Act of 2012

Republic Act No. 10173

Benigno Aquino III

Signed into law by President

August 15, 2012

When was the R.A No. 10173 signed?

National Privacy Commission

Commission

Consent

Freely given, specific, and informed agreement

Data Subject

Individual whose personal information is processed

Personal Information

Any information that identifies an individual

Sensitive Personal Information

Includes race, health, legal proceedings, and government-issued identifiers

Unauthorized Processing

Processing personal information without the consent of the data subject or without being authorized under the Act or any existing law

Negligence in Accessing Personal Information

Providing access to personal information due to negligence, without being authorized under the Act or any existing law

Improper Disposal

Knowingly or negligently disposing, discarding, or abandoning personal information in an area accessible to the public or placing it in a container for trash collectionProcessing for Unauthorized Purposes

Processing for Unauthorized Purposes

Processing personal information for purposes not authorized by the data subject or otherwise authorized under the Act or existing laws

Unauthorized Access or Intentional Breach

Knowingly and unlawfully breaking into any system where personal or sensitive personal information is stored, violating data confidentiality and security

Concealment of Security Breaches

Intentionally or by omission concealing the fact of a security breach involving sensitive personal information, after having knowledge of the breach and the obligation to notify the Commission

Malicious Disclosure

With malice or in bad faith, disclosing unwarranted or false information relative to any personal or sensitive personal information obtained

Unauthorized Disclosure

Disclosing personal or sensitive personal information to a third party without the consent of the data subject, unless covered by privileged communication