Privacy Law and Policy Reporter
David Banisar and Simon Davies, with contributors
The Global Internet Liberty Campaign released in October 1998 a major report, ‘Privacy And Human Rights — An International Survey of Privacy Laws and Practice’, available at <http://www.gilc.org/privacy/survey/>. The GILC survey contains both a topical ‘Overview: The State of the World’s Privacy’ and an analysis of the privacy and surveillance laws and practices of 49 nations. This ambitious survey was funded by the Open Society Institute. Its primary authors are David Banisar and Simon Davies of Privacy International, with additional research by Wayne Madsen, Ronnie Breckheimer, Michael Kassner and Shauna van Dongen, and contributions from experts around the world. It is intended to be updated annually.
With GILC’s permission, PLPR is publishing extracts from the survey dealing with privacy in countries outside the familiar territory of Europe, North America and Australasia. In (1998) 5 PLPR 86-89 we covered Hong Kong, India, Japan, South Korea and Malaysia. In this issue we cover the Philippines, Singapore, Taiwan and Thailand. The third part will cover central and south American countries and South Africa (Editor).
Article III of the 1987 Constitution protects the right of privacy. Section 2 states:
The right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures of whatever nature and for any purpose shall be inviolable, and no search warrant or warrant of arrest shall issue except upon probable cause to be determined personally by the judge after examination under oath or affirmation of the complainant and the witnesses he may produce, and particularly describing the place to be searched and the persons or things to be seized.
Section 3 states:
(1) The privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise as prescribed by law.
(2) Any evidence obtained in violation of this or the preceding section shall be inadmissible for any purpose in any proceeding.
Section 7 states:
The right of the people to information on matters of public concern shall be recognized. Access to official records, and to documents and papers pertaining to official acts, transactions, or decisions, as well as to government research data used as basis for policy development, shall be afforded the citizen, subject to such limitations as may be provided by law.
There is no general data protection law but there is a recognized right of privacy in civil law. Bank records are protected by the Bank Secrecy Act.
The Anti-Wiretapping Law requires a court order to obtain a telephone tap. In May 1998, Director General Santiago Alino, chief of the Philippine National Police, ordered an investigation of the alleged electioneering and illegal wiretapping activities by members of the National Police’s Special Project Alpha (SPA). Matillano said that his office received information that the former SPA men had been using the office as their ‘monitoring center’ against Vice President Estrada’s political opponents. Five recorders used to monitor wiretaps were found at the offices. The House and the Senate held investigations in August 1997 after officials of the telephone company admitted that their employees were being paid to conduct illegal wiretaps.
The Supreme Court ruled in July 1998 that Administrative Order No 308 introduced by former President Ramos in 1996, the ‘Adoption of a National Computerized Identification Reference System’, was unconstitutional. The Court said that the order:
will put our people’s right to privacy in clear and present danger ... No one will refuse to get this ID for no one can avoid dealing with government. It is thus clear as daylight that without the ID, a citizen will have difficulty exercising his rights and enjoying his privileges.
Government lawyers asked the court to reconsider its decision in August and President Joseph Estrada reiterated his support for the use of a national identification system in August 1998, stating that only criminals are against a national ID. Justice Secretary Serafin Cuevas authorised the National Statistics Office (NSO) to proceed to use the population reference number (PRN) for the Civil Registry System-Information Technology Project (CRS-ITP) on August 14, claiming that it is not covered by the decision.
The Singapore Constitution is based on the British system and does not contain any explicit right to privacy.
There is no general data protection or privacy law in Singapore. In September 1998, the National Internet Advisory Board proposed an industry-based self-regulatory ‘E-Commerce Code for the Protection of Personal Information and Communications of Consumers of Internet Commerce’. The code would oblige providers to ensure the confidentiality of business records and personal information of users, including details of usage or transactions, would prohibit the disclosure of personal information, and would require providers not to intercept communications unless required by law. The code would also limit collection and prohibit disclosure of personal information without informing the consumer and giving them an option to stop the transfer, ensure accuracy of records and provide a right to correct or delete data. The code would be enforced by an industry-run Compliance Authority. Providers that were in compliance could use a ‘privacy code compliance symbol’. The regulatory authority for the electronic medium in Singapore is the Singapore Broadcasting Authority (SBA). SBA is a statutory board under the Ministry of Information and the Arts (MITA).
In July 1998, the Singapore Government passed three major Bills concerning computer networks. They are the Computer Misuse (Amendment) Bill, the Electronic Transactions Bill and the National Computer Board (Amendment) Bill. The Computer Misuse Act (CMA) provides the police with additional powers of investigations. Under the amended Act, it is now an offence to refuse to assist the police in an investigation. Amendments also widened the provisions allowing the police lawful access to data and encrypted material in their investigations of offences under the CMA as well as other offences disclosed in the course of their investigations. Such power of access requires the consent of the Public Prosecutor.
Electronic surveillance of communications is governed by the Telecommunications Authority of Singapore (TAS) Act. However, the government has extensive powers under the Internal Security Act and other Acts to monitor anything that is considered a threat to ‘national security’. The US State Department in 1998 stated:
Divisions of the Government’s law enforcement agencies, including the Internal Security Department and the Corrupt Practices Investigation Board, have wide networks for gathering information. It is believed that the authorities routinely monitor citizens’ telephone conversations and use of the internet. While there were no proven allegations that they did so in 1997, it is widely believed that the authorities routinely conduct surveillance on some opposition politicians and other critics of the Government.
All of the internet services providers (ISPs) are controlled by government owned or government controlled companies. Each person in Singapore wishing to obtain an internet account must show their national ID card to the provider to obtain an account. ISPs reportedly provide information on users to government officials without legal requirements on a regular basis. In 1994, Technet — then the only ISP in the country serving the academic and technical community — scanned through the email of its members looking for pornographic files. According to Technet, they scanned the files without opening the mails, looking for clues like large file sizes. In September 1996, a man was fined US$43,000 for downloading sex films from the internet. It was the first enforcement of Singapore’s internet regulation. The raid followed a tip-off from Interpol which was investigating people exchanging pornography online. Afterwards, the SBA assured citizens that it does not monitor email messages, chat groups, what sites people access, or what they download.
An extensive electronic road pricing system for monitoring road usage went into effect in 1998. The system collects information on an automobile’s travel from smart cards plugged into transmitters in every car and in video surveillance cameras. The service claims that the data will only be kept for 24 hours. Video surveillance cameras are also commonly used for monitoring roads and preventing littering in many areas. It was proposed in Tampines in 1995 that cameras be placed in all public spaces including corridors, lifts, and open areas such as public parks, car parks and neighbourhood centers, and broadcast on the public cable television channel.
Article 12 of the 1994 Taiwanese Constitution states: ‘The people shall have freedom of privacy of correspondence’.
The Computer-Processed Personal Data Protection Law was enacted in August 1995. The Act governs the collection and use of personally identifiable information by government agencies and some areas of the private sector. The Act requires that:
[t]he collection or utilisation of personal data shall respect the rights and interests of the principal and such personal data shall be handled in accordance with the principles of honesty and credibility so as not to exceed the scope of the specific purpose.
Individuals have a right of access and correction, the ability to request cessation of computerized processing and use, and the ability to request deletion of data. Data flows to countries without privacy laws can be prohibited. Damages can be assessed for violations. The Act also established separate principles for the eight categories of private institutions covered: credit information organisations, hospitals, schools, telecommunication businesses, financial businesses, securities businesses, insurance businesses, mass media, and ‘other enterprises, organisations, or individuals designated by the Ministry of Justice and the central government authorities in charge of concerned end enterprises’.
There is no single privacy oversight body to enforce the Act. The Ministry of Justice enforces the Act for government agencies. For the private sector, the relevant government agency for that sector enforces compliance.
Permission for telephone tapping and other similar interferences with privacy of communications must be granted according to law. According to the Taiwanese Association for Human Rights:
prosecutors appeared to have abused their eavesdropping power by authorising law enforcement units to monitor more than 16,000 telephone calls in less than a year. Such behavior has constituted a serious infringement of people’s privacy.
On July 26 1997, the Independence Morning Post accused intelligence director Yin Tsung-Wen of ordering the phone tapping of National Assembly deputies who had opposed a proposal to modify the Constitution to eliminate the provincial government. The report said Yin passed on the phone tapping order to a number of police and other intelligence agencies. Article 315 of Taiwan’s Criminal Code states that a person who, without reason, opens or conceals a sealed letter or other sealed document belonging to another will be punishable under the law. Under a new Draft Criminal Code, a provision covering the interception of electronic communications will be added.
Responding to public concern following repeated incidents of the filming and selling of videotapes of couples making love in motels, the Taiwanese Ministry of Justice has decided to revise the Criminal Code to impose stiffer penalties on those convicted of eavesdropping or making secret videos. A person found guilty of eavesdropping or making secret films without any business motives would be punished with a prison term of up to three years.
Taiwan is planning to issue a new national ID card called the ‘Citizen’s Card’, which will integrate the functions of the cards for ID, health insurance, driver’s licence, taxation and possibly small value payments into one smart card-based card. A special Commission was set up to evaluate privacy concerns after protests about the plan arose.
Article 37 of the 1998 Constitution states:
Persons have the freedom to communication with one another by lawful means. Search, detention or exposure of lawful communication materials between and among persons, as well as actions by other means so as to snoop into the contents of the communications materials between and among persons, is prohibited unless it is done by virtue of the power vested in a provision of the law specifically for the purpose of maintaining national security or for the purpose of maintaining peace and order or good public morality.
The National Information Technology Committee (NITC) approved plans in February 1998 for a series of information technology (IT) laws. Six sub-committees will address the following areas: the data protection draft law, the computer crime draft law, the electronic data interchange draft law, the electronic signature draft law, the electronic transfer of funds draft law and the information infrastructure draft law. The NITC will submit the proposed draft laws to the Cabinet at year’s end, or early next year. The six draft laws will be drawn up after study of standard international laws in each of the six respective areas. A proposed Internet Promotion Act put forward by the Internet Society of Thailand in late 1997 that included censorship provisions generated intense opposition.
Phone tapping is a criminal offence under the 1934 Telegraph and Telephone Act. In 1996, Prime Minister Banharn introduced a Bill that would give the Supreme Commander and the three armed forces chiefs the power to approve wiretapping for national security reasons. It drew strong opposition from the chairman of the House Justice and Human Rights Committee, Witthaya Kaewparadai, who described the proposal as ‘irrational’. The Bangkok Post described it as an ‘unsavory move’. Illegal wiretapping is common in Thailand. In April 1997, tapes and transcripts from wiretaps of Sanan Kachornprasart, the opposition party Democrat Secretary-General, were found in the compound of Government House. The Armed Forces Security Centre was accused of being behind the tapping.
In June 1998, the Royal Thai Police Department asked Thai internet service providers to adopt caller ID in order to keep a record of the telephone numbers and login information of people who access the network. Under the proposal, ISPs will be asked to record this information on their servers, and allow the police to access this information in the course of investigations of internet-related crime.
In 1997, Thailand began issuing a new national ID card with a magnetic strip. The computer system will be linked with other government departments including the Revenue Department, the Ministry of Foreign Affairs, the Ministry of Defence and the Office of the Narcotics Control Board. The Government also plans to link the system with other governments to allow holders to travel in Asian countries without the need for a passport, using only the new card. Bank customers who carry the new ID card can use it as an ATM card as well. In 1995, Control Data Systems was awarded a $11.5 million contract by the Bangkok Metropolitan Administration (BMA) project to install the Computerized National Census and Services Project. The system includes names, addresses, national ID card numbers, and census information such as birth and death records and address changes. It will be used for checking individual tax returns and compiling census statistics. In 1996, three hundred cameras were set up to catch people littering.
David Banisar and Simon Davies, with contributors.
18. Constitution of the Republic of China adopted by the National Assembly on 25 December 1946, promulgated by the National Government on 1 January 1947, and effective from 25 December 1947:<http://www.oop.gov.tw/roc/charter/echarter.htm>. Computer-Processed Personal Data Protection Law of 11 August 1995.
20. <http://jcmc.huji.ac.il/vol2/issue1/asiapac.html>. ‘Taiwan takes stick on human rights’ China News 8 December 1997.  Independence Morning Post 26 July 1997.  George CC Chen, ‘The Internet and its Legal Ramifications in Taiwan’ 20 Seattle Univ L R 677 (Spring, 1997): <http://stlc.iii.org.tw/stlc/seat-u.htm>.  ‘Motel sex tapes prompt revised law’ China News 27 February 1998.  ‘New “national card” set to be issued next year’ China News 26 August 1998.  ‘When smart cards get too smart’ The Industry Standard 7 September 1998.  Constitution of the Kingdom of Thailand 1998 (International Translations Office, Bangkok).  ‘Thailand’s NTIC Approves New IT Laws’ Bangkok Post 21 July 1998.  ‘Thailand: Editorial — Democracy in Danger if Spying Sanctioned’ Bangkok Post 5 July 1996.  ‘Thailand: Politics — PM Denies Chuan’s Wire-tapping Claim’ Bangkok Post 8 April 1997.  ‘Inside Politics Infuriated by tap rap’ FT Asia Intelligence Wire 3 July 1997.  ‘Thailand: Critics Fret Over Govt Access to Internet Records’ Inter Press Service 23 September 1998.  ‘Thailand: Issuing Computerized National Identity Cards’ Newsbytes 8 September 1997.  ‘Control Data Wins Thai Census Project’ Newsbytes 3 October 1995.  ‘Bangkok police to capture litterbugs on camera and videos’ The Straits Times 2 December 1996.