HERBOSA, ANGELO

Section 3, Article III – Privacy; Exclusionary Rule

Disini v. Secretary of Justice, G.R. No. 203335

Facts:
The main point of contention in this case was RA 10175, also known as the Cybercrime Prevention Act of
2012. Said law sought to regulate the use of the Internet, however, a number of its provisions were subject to numerous
petitions. These petitions prayed for said provisions to be declared unconstitutional. With regard to the right to privacy
enunciated in Section 3, Article III of the Constitution, the following were subjected to scrutiny by the Court:
 Sec. 4(b) 3 (Identity Theft) – intentional acquisition, use, misuse, transfer, possession, alteration, or deletion
of identifying information belonging to another, whether natural or juridical, without right (petitioners’
stance: violates constitutional right to privacy, among others)
 Sec. 4(c) 1 (Cybersex) – will engagement, maintenance, control, or operation, directly or indirectly, of any
lascivious exhibition of sexual organs or sexual activity, with the aid of a computer system, for favor or
consideration (petitioners’ stance: violates freedom of expression with regard to the privacy of
communication between husband and wife)
 Sec. 12 (Real-Time Collection of Traffic Data) – law enforcement authorities with due cause shall be
authorized to collect or record by technical or electronic means traffic data in real-time associated with
specified communications transmitted by means of a computer system (curtails civil liberties or provides
opportunities for official abuse)

Issue: W/N the said provisions violate the constitutional guaranty of the right to privacy

Held: NO and YES

The first two provisions were found to be valid and constitutional by the Court. However, the Court found
the third unconstitutional for being in violation of one’s right to privacy. This is because the gathering of a user’s
traffic data can easily reveal such person’s patterns when using the Internet. Such is particularly true especially when
it involves the storage and review of collected data, which is a clear invasion of privacy. It is notable that the collection
of traffic data is similar to the concept of ‘cookies,’ which is used by online advertising companies like Google in their
proliferation of ads, but such is only limited to commercial uses, and requires the user’s consent beforehand.