The lack of clear, strict limitations on further use and cross-referencing of verification data raises the concern of sensitive information being used beyond verification.

By Ruth Nacional

Bulatlat.com

“There is no historical evidence that removing everyone’s right to privacy in online spaces will reduce cybercrime.”

MANILA– The Computer Professionals’ Union (CPU) and Advocates of Science and Technology for the People (Agham) launched a campaign against the Department of Information and Communications Technology’s (DICT) proposed Department Circular on the Mandatory Identity Verification of User Accounts in Social Media Platforms.

The draft circular requires the registration of all social media accounts using locally registered SIM numbers as the basis for verification. It is said to be an attempt to reduce the proliferation of computer-related issues like online scams, cyber-libel, and online sexual abuse and exploitation.

‘Maximally intrusive tool’ with high privacy risks

In their position paper submitted to the DICT, CPU and Agham said that the draft circular contradicts Article 19(3) of the International Covenant on Civil and Political Rights (ICCPR) and the restrictions elaborated in the general comments of the UN Human Rights Committee which stress that restrictions on freedom of expression must be the “least intrusive instrument” proportionate to the interest to be protected.

This ‘blanket identity-verification regime’ is said to be disproportionate as it imposes the verification on all users in all types of social media accounts, and links a user’s digital footprint to a state-traceable SIM identity regardless of whether there is any indication of risk or wrongdoing.

Processing personal data of the entire user base also poses potential conflicts with the Data Privacy Act (RA 10173) which states that handling must comply with the principles of transparency, legitimate purpose, and proportionality. Identity collection, for example, may not be necessary for purposes such as combating deepfakes, online sexual abuse and exploitation, as these can often be addressed through content- and behavior-based measures.

According to the groups, the lack of clear, strict limitations on further use and cross-referencing of verification data raises the concern of sensitive information being used beyond verification.

Controversial SIM Registration Act

Some of these concerns stem from a similar policy that has yet to be proven successful. They stressed that the draft circular is built upon a flawed foundation that is the SIM Registration Act, meaning that it would ‘significantly multiply’ the risks to privacy and data protection since it would contribute to a highly sensitive dataset connecting identities, phone numbers, and social media accounts.

RELATED: IT professionals, activists condemn signing of SIM registration bill into law

Passed in 2022, its objective to “provide law enforcement agencies the tools to resolve crimes which involve its utilization and a platform to deter the commission of wrongdoings” bears resemblance to the overbroadness of the draft circular.

Law enforcement still discovered registered SIMs engaged in online scams despite the enacted measure. Perpetrators have found ways to bypass this law through pre-registered accounts from the black market, and they would continue to do so even with the draft circular so long as there are no specific solutions for cybercrime.

RELATED:  Lab Notes | Fraudulent activities via SIM registration

Vulnerability of critics and minorities

Section 1 of the draft circular states the intention to remove anonymity, as well as identify and deactivate accounts “designed to manipulate public opinion and destabilize national security”. Once in effect, the groups said that it is likely to be used to silence critics in online spaces for public discourse, similar to how cyber-libel laws were weaponized against journalists, advocates, and citizens for voicing their opinions about the Duterte and Marcos administrations.

RELATED: What happened before: Cyber libel in the Philippines

The measure also requires that users under 18 register through a parent or legal guardian, posing barriers for children without legal guardians, victims of domestic abuse, and minors seeking information relating to sensitive issues.

Immediate cancellation

“We call for the immediate cancellation of said proposal and for DICT to instead invest their time, effort, and the Filipino people’s tax money more productively and effectively so that issues such as cybercrime and fraud, among many other concerns of the Filipino people, are actually addressed,” the expert-advocate groups said.

CPU and Agham said that instead of blanket-identity collection, specific solutions such as content- or behavior-based measures can better address cybercrime. They stressed that the necessary legal provisions are already in the Data Privacy Act of 2012 and that the problem is its inconsistent implementation. (RVO, DAA)

The post Proposed socmed registration repressive – ICT experts appeared first on Bulatlat.

From Bulatlat via This RSS Feed.