Data Privacy Act
Data Privacy Act Special / Miscellaneous Codals (often compiled) Republic Act No. 10173 - Data Privacy Act of 2012 CHAPTER I Section 1. Short Title Section 2. Declaration of Policy Section 3. Definition of Terms Section...
Results for “Data Privacy Act Section 29. Unauthorized Access or Intentional Breach”
An official of a government regulatory agency gains unauthorized access to a private corporate email server used by N...
...ils to prosecutors who charge A with estafa. (a) Identify the zone of privacy implicated and the controlling constitutional doctrine. (b) Are the emails admissible as evidence? Explain with the applicable rule and any ex...
Citations: Constitution of the Philippines, Article III, Section 3(1) (privacy of communications and correspondence), Republic Act No. 4200 (Anti-Wiretapping Law), Republic Act No. 10173 (Data Privacy Act)
A private software-services firm terminates its senior data-analyst for alleged unauthorized extraction of customer d...
A private software-services firm terminates its senior data-analyst for alleged unauthorized extraction of customer data, claiming breach of confidentiality and the company’s data-privacy policy. The company submits: (i)...
In a civil action for a data-breach and alleged non-compliance with data privacy obligations, the plaintiff seeks to...
In a civil action for a data-breach and alleged non-compliance with data privacy obligations, the plaintiff seeks to depose the defendant’s Chief Information Security Officer about internal breach response memos, vulnera...
Customs Modernization and Tariff Act
Customs Modernization and Tariff Act Taxation Law TITLE I / PRELIMINARY PROVISIONS CHAPTER 1 / SHORT TITLE Section 100. Short Title CHAPTER 2 / GENERAL AND COMMON PROVISIONS Section 101. Declaration of Policy Section 102...
ArdentCloud, a private data services firm, maintains a non-public client database on its internal network. Lia, the l...
ArdentCloud, a private data services firm, maintains a non-public client database on its internal network. Lia, the lead systems administrator with legitimate maintenance access, exports a substantial subset of client re...
Citations: Republic Act No. 10175 (Cybercrime Prevention Act of 2012), Sec. 4(a)(1)–(a)(5)
An independent data consultant, engaged by a private firm, secretly gains access to a private Slack workspace used by...
An independent data consultant, engaged by a private firm, secretly gains access to a private Slack workspace used by TargetCo’s procurement and legal teams and copies all direct messages between employee Dev and the Chi...
Citations: Constitution of the Philippines, Article III, Section 3 (privacy of communications and correspondence)., Republic Act No. 4200 (Anti-Wiretapping Act).
An official of a government agency gains unauthorized access to a private corporate email server and copies all messa...
...uses these emails to prosecute Z for estafa. (a) Identify the zone of privacy implicated and the controlling constitutional doctrine. (b) Are the emails admissible as evidence? Explain with the applicable rule and any ex...
Citations: Constitution of the Philippines, Article III, Section 3(3), Republic Act No. 4200 (Wiretapping Law)
Facts: Avery Cruz, a software designer, is arrested by police in connection with suspected unauthorized access to a f...
Facts: Avery Cruz, a software designer, is arrested by police in connection with suspected unauthorized access to a financial platform and related fraud. He is brought to a small, windowless interrogation room. He is not...
Citations: Constitution of the Philippines, Article III, Section 12
A university contracts a cybersecurity firm to perform vulnerability testing on its admissions portal. The contract a...
...he firm intends to publish the vulnerability publicly and to sell the data. The university files charges of hacking under RA 8792, Sec. 33(a). Which statement best describes liability under Sec. 33(a) for the firm’s cond...
An energy company contracts a cybersecurity firm to perform vulnerability testing on its customer portal. The written...
...d boundary and explicitly prohibits exporting or copying any customer data outside the test environment. During the engagement, the firm uses company-issued administrator credentials to log into the live portal and, beyo...
An engineering firm is contracted by a university to perform security testing on its student portal. The written scop...
...hin a defined boundary and prohibits exporting or copying any student data outside a secure testing environment. During the engagement, the firm uses university-issued credentials to log into the live portal and, beyond...
A city government contracts a cybersecurity firm to test its citizen services portal, which stores residents’ persona...
...to test its citizen services portal, which stores residents’ personal data such as names, addresses, and tax identification numbers. The contract authorizes the firm to conduct login-based vulnerability testing within a...
Juno, a systems consultant contracted to upgrade a private hospital’s data servers, copies the hospital’s non-public...
Juno, a systems consultant contracted to upgrade a private hospital’s data servers, copies the hospital’s non-public patient database to a USB drive without authorization and sells it to a competitor. He then deploys ran...
Citations: Republic Act No. 10175, Sec. 4(a)(1)-(5), Cybercrime Prevention Act of 2012 (RA 10175) - Official text
Civil Code of the Philippines (RA 386)
...R 1 / Requisites of Marriage CHAPTER 2 / Marriages of Exceptional Character CHAPTER 3 / Void and Voidable Marriages CHAPTER 4 / Authority to Solemnize Marriages TITLE IV / LEGAL SEPARATION TITLE V / RIGHTS AND OBLIGATION...
Two individuals, D and M, plan to breach a private online tax filing system to gain unauthorized access. D develops a...
...fore deployment, a routine security patch is applied and no access or data is compromised. Under RA 10175, Sec. 6, which of the following statements best describes their liability? Correct: D and M are liable for conspir...
Code of Professional Responsibility and Accountability (CPRA)
...ible, efficient, and effective legal service Section 2. Merit-based practice Section 3. Freedom from improper considerations and external influences Section 4. Non-interference by a lawyer Section 5. Lawyer's duty and di...
BrightBridge, a Philippine cloud-based e-commerce and messaging platform, stores user chat messages and payment detai...
...four months of BrightBridge user chat transcripts and transaction metadata related to a named suspect. Acting on the MLAT, a domestic court issues an order directing BrightBridge to disclose the data to the foreign agenc...
Citations: Republic Act No. 8792, Section 32 (Lawful Access and Obligation of Confidentiality)., Republic Act No. 10173, Data Privacy Act of 2012 (interplay on confidentiality and data handling).
A bank's security team discovers a vulnerability in its customer-data portal. An employee, Ian, intentionally bypasse...
A bank's security team discovers a vulnerability in its customer-data portal. An employee, Ian, intentionally bypasses the login mechanism using a script, gains access to the portal, and copies 120 customer records (name...
Citations: Republic Act No. 8792, Sec. 33(a) (E-Commerce Act)
A private publisher downloads the National Privacy Commission's Data Privacy Guidelines 2020 from the NPC website and...
A private publisher downloads the National Privacy Commission's Data Privacy Guidelines 2020 from the NPC website and posts the entire text verbatim on its own site. The publisher then publishes a "Plain-English Digest"...
Citations: Republic Act No. 8293 (Copyright Law)
An independent IT consultant, hired by a supplier, secretly breaches the private Slack workspace of Acme Corp and cop...
...ges to prosecutors who charge Z with estafa. (a) Identify the zone of privacy implicated and the controlling constitutional doctrine. (b) Are the messages admissible as evidence? Explain with the applicable rule and any...
Citations: Constitution of the Philippines, Article III, Section 3(3), Republic Act No. 4200 (Anti-Wiretapping Act)
An information filed in RTC Branch 34, Bacolod City charges a former data-security analyst with (i) unauthorized acce...
An information filed in RTC Branch 34, Bacolod City charges a former data-security analyst with (i) unauthorized access and cyber extortion under RA 10175 and (ii) civil damages for data breach and reputational harm aris...
Citations: Republic Act No. 10175 (Cybercrime Prevention Act of 2012), Rules on Joinder of Offenses (Rules of Court)
A private cyber-security contractor hired by a rival political campaign secretly gains access to a private messaging...
...cutors who charge one volunteer with estafa. (a) Identify the zone of privacy implicated and the controlling constitutional doctrine. (b) Are the messages admissible as evidence? Explain with the applicable rule and any...
An information is filed in RTC Branch 12, Makati City, charging a former IT consultant with (i) unauthorized access a...
...i) cyber libel arising from a defamation post, plus civil damages for data breach and reputational harm arising from the same incident. The Information designates the cybercrime counts as the principal offense and includ...