In March 2016, the Philippines made headlines when the personal data of around 55 million

registered voters were leaked online. In the wake of the controversy, discussions on security
and privacy resurfaced among legislators and the public. Among those taken up were relevant
policy proposals, like the establishment of a national identification (ID) system.

A national ID system is a State apparatus often used to verify the identities of individuals who
avail of public services or engage in certain public transactions. Under a typical system, a
person is assigned an ID number at birth or upon reaching the legal age. It usually covers a
country’s citizens, although resident foreigners have also been included from time to time.

Today, they are used for several reasons, the most visible of which is the provision of
government services and the management of public and private transactions. The idea is that a
national ID, as an effective authentication mechanism, can help improve service delivery by
addressing societal exclusion issues brought about by the lack of or shortage in official
identification documents. Such notion, however, does not address the reality that’d systems are
also used by those in power to exercise control, particularly over vulnerable or under-served
populations.

In the Philippines, several attempts were made to establish a universal ID scheme dating back
from 1973 with President Ferdinand Marcos’ Presidential Decree No. 278, 1996 with President
Fidel Ramos’ Administrative Order (AO) No. 308, and in 2005 with President Gloria
Macapagal-Arroyo’s Executive Order No. 420.

In 1973, President Marcos signed Presidential Decree No. 278, which called for a National
Reference Card System and the creation of a National Registration Coordinating Committee.
It sought to replace all existing identification systems prescribed by government agencies with
a single National Reference Card, covering not only Filipinos but also the country’s resident
foreigners. None of these plans materialized.

In 1996, almost two decades later, President Ramos’ AO No. 308 falls short of assuring that
personal information which will be gathered will only be processed for unequivocally specified
purposes. The lack of proper safeguards in this regard of A.O. 308 may interfere with the
individual’s liberty of abode and travel by enabling authorities to track down his movement; it
may also enable unscrupulous persons to access confidential information and circumvent the
right against self-incrimination; it may pave the way for “fishing expeditions” by government
authorities and evade the right against unreasonable searches and seizures. The possibilities of
abuse and misuse of the Population Reference Number (PRN), biometrics and computer
technology are accentuated when we consider that the individual lacks control over what can
be read or placed on his ID, much less verify the correctness of the data encoded.

In 2005, President Arroyo issued Executive Order No. 420, directing all government agencies
and government-owned and controlled corporations to adopt a uniform data collection and
format for their existing identification (ID) systems. The EO was assailed as unconstitutional
based on the same grounds used in the earlier case of Ople vs. Torres — EO 420 is a usurpation
of legislative power by the President and that it is an infringement on the citizen’s right to
privacy.

In Congress, legislators in both chambers have long played with the idea of establishing the
country’s first national ID system. And thus far, the current (17th) Congress appears to have the
best chance of making it real.

1
In the Senate, ten bills have been filed as of this writing, all lodged within a span of three
months. These are now being taken up in a Technical Working Group that is set to produce a
consolidated version of the different proposals. By comparison, three bills were filed in the
Senate in the previous Congress, and none of them went beyond committee level discussions.

At the House of Representatives, national ID proposals usually meet little to no opposition.

Things are no different in this Congress, with House Bill No. 6221—already a consolidated
bill—having already been approved on third and final reading, and transmitted to the Senate.

However, a National ID system is faced by resistance due to several notable issues which
includes Rights to Privacy Violations, Doubts over Effectiveness Against Crime and Terrorism,
Costs, Data Security, and Technical Complexity and Logistical Issues.

One positive development in the Philippines has been the passage of the country’s first
comprehensive data protection law: Republic Act No. 10173, also known as the Data Privacy
Act of 2012 (DPA). The law provides numerous legal safeguards that ensure the security and
protection of personal data.

Conclusion
With the passage of the DPA, all debates surrounding an ID proposal must now be properly
guided by the principles and standards preserved in the law. The need for such a system must
now be pitted against the dangers it poses and the data security measures prescribed by the
DPA. More importantly, if a proposal were to garner Congressional approval, adopting a
“privacy by design” approach and appropriate accountability mechanisms naturally becomes
imperative.

However, the DPA alone cannot keep a national ID system in check. Data security is one of the
most critical component of having a national ID system. We must ensure first that the
controversy that happened last March 2016 is something that cannot and will not happen again
in the future as this threatens the very abuses that the Bill of Rights seeks to prevent.