Are prison records publicly accessible?

A convicted felon is set to be released after his sentence was reduced on account of his “good behavior” during incarceration.

This does not sit well with a lot of people and understandably, so. While early release schemes are not odd or unique to the Philippines, the identity of the prisoner involved and the heinous crimes he has committed make this a current hot-button topic.

The issue has raised a lot of questions and among them is the propriety of releasing this particular criminal given his questionable track record in prison. He is no saint, they say. He has violated prison rules. He couldn’t have possibly earned this reward (or blessing?) he supposedly deserves.

People have argued that if the government is keen on setting this man free, it should provide proof that he has really earned it. It should present clear and convincing evidence of his good behavior. The call, in other words, is for greater transparency in the enforcement of this State-sponsored initiative.

When asked to respond to the demand, Justice Secretary Menardo Guevara supposedly said that the felon’s prison records may be covered by the country’s data protection law — the Data Privacy Act of 2012 (DPA)— implying, in effect, that it may be beyond public scrutiny.

Would that be a correct appreciation of the situation?

Before delving into the text of the DPA, it is important that one appreciates first how two fundamental rights figure and clash anew in this situation: (1) the right to information, especially those pertaining to matters of public concern; and (2) the right to privacy. Each one is an indispensable pillar of a genuine democratic society.

Conflicts between these two concepts are often remarkable because neither one constitutes an absolute right. Each one admits of exceptions, including the interests protected by the other. The right to information may be regulated, especially if necessary to protect an individual’s right to privacy. Privacy intrusions, on the other hand, are sometimes permitted if it is perceived that public interest is better served in a situation over that of one or two persons.

In this controversy, one debate revolves around the propriety of disclosing the prison records of an individual in order to determine his eligibility vis-à-vis a particular benefit provided by law. One of the standards such propriety is being measured against is the DPA.

To the extent that they identify a specific individual, prison records constitute personal information. There is also a strong argument to suggest that they are sensitive personal information, since the latter term is defined by the DPA as including personal information “specifically established by an executive order or an act of Congress to be kept classified”.

Note that in 1964, the Office of the President issued Memorandum Circular No. 78 (s. 1964), which defines confidential matter as including those “(i)nformation and material (matter) the unauthorized disclosure of which, while not endangering the national security, …would cause administrative embarrassment or unwarranted injury to an individual”.

Moreover, sensitive personal information may also consist of information about any proceeding for any offense committed or alleged to have been committed by a person, including the disposal of such proceeding, or the sentence of any court in such proceeding. If the prisoner here has indeed been the subject of investigations while in jail for prison rules violations, then those investigations, once incorporated in his prison records, also qualify such records as sensitive personal information.

The thing is, though, sensitive personal information are not really beyond the ambit of review. As far as the DPA is concerned, processing them is not a prerogative reserved only for their principal custodian (prison authorities, in this case). Other entities can still process them, provided there is adequate justification in the form of at least one of the criteria for their lawful processing.

Those included in the criteria prescribed by the DPA which may have some bearing on the resolution of this issue include:

1. when the consent of the concerned individual has been obtained
2. when (data) processing is provided by an existing law and/or regulation that guarantee the protection of the data involved (NOTE: The law and/or regulation itself must not require the consent of the concerned individual.)
3. when processing is necessary for the protection of lawful rights and interests of natural or legal persons in court proceedings
4. when processing is necessary for the establishment, exercise, or defense of legal claims
5. when the sensitive personal information is to be provided to government or a public authority

Any one of these can be used as a legitimate basis for reviewing an individual’s prison records. It is granted, though, that some may only be available to specific entities or classes of entities. For instance, only those who are legally required to provide the information to the government and/or a public authority can invoke the fifth ground listed above.

The National Privacy Commission also suggests considering a handful of factors when evaluating a request for access to personal data in the custody of the government, namely:

1. the information requested falls under matters of public concern;
2. the requesting individual has declared and specified the purpose of the request;
3. the purpose is not contrary to law, morals, and public policy; and
4. the personal data requested is necessary to the declared purpose.

Although these items are featured in an Advisory (i.e., 17-02) concerning access to personal data sheets of government personnel, they are equally relevant in situations involving other government-held data, such as prison records. They are also consistent with pronouncements by the Supreme Court stating that the constitutional guarantees relating to the right to information and/or the right to access public records are not absolute. The people’s right to know is limited to those matters of public concern and, as such, may be restricted by limitations provided by law.

And so, are prison records publicly accessible?

Unless there is a law that explicitly allows for such unfettered access, it will ultimately be the Supreme Court that resolves such question, based on its interpretation of existing laws and prevailing legal doctrines. In the meantime, the custodian of such records is left to grapple with the issue on its own.

This does not mean, however, that a review of such records is impermissible today. What we have shown here is that there are a number of lawful ways to carry it out — each one consistent with the country’s data privacy law. Some may not necessarily involve the public, but they will at least facilitate a review. And isn’t that what people really want?

There is one more critical thought to remember when dealing with this issue: It is true that privacy is not meant to be a refuge for the wicked, a convenient shelter for those who refuse to take responsibility for their sins against society. But transparency itself should also be handled with care. A world that leaves no room for personal space can only offer simulated freedom and a token respect for human dignity.

Jamael Jacob (@jamjacob) is a lawyer specializing in the field of law, ICT, and human rights. He is currently the Director of the University Data Protection Office of the Ateneo de Manila University, and Policy and Legal Advisor to the Foundation for Media Alternatives. The views expressed herein do not necessarily represent or reflect the views of the organizations he is currently affiliated with.