CURRENT SOCIETAL CONCERNS
Elpidio V. Peria
2 November 2014
Much has already been written about the recent Supreme Court decision in the case of what newspapers call the “Bikini Girls” (Rhonda Ave Vivarez and Spouses Margarita and David Suzara v. St. Theresa’s College, Mylene Rheza T. Escudero and John Does, G.R. No. 202666, September 29, 2014) in an exclusive girl’s school in Cebu City where the Supreme Court held that
STC (St. Theresa’s College) can hardly be taken to task for the perceived privacy invasion since it was the minors’ Facebook friends who showed the pictures to Tigol. Respondents were mere recipients of what were posted. They did not resort to any unlawful means of gathering the information as it was voluntarily given to them by persons who had legitimate access to the said posts. Clearly, the fault, if any, lies with the friends of the minors. Curiously enough, however, neither the minors nor their parents imputed any violation of privacy against the students who showed the images to Escudero.
This case involved graduating high school students who took pictures of themselves while changing into their swimsuits for a beach party they were about to attend, while one of their friends uploaded these photos (and similar photos taken in different occasions) into Facebook, an online social networking (OSN) platform. Later these pictures were shown by the classmates of these students to a teacher (Escudero) and the school’s Discipline-in-Charge (Tigol), who reported them to the school’s authorities where the students were reprimanded (the ponencia used the term “verbally abused”) and not allowed to attend the school graduation, after which the student’s parents sued to prevent the school from barring them to attend their graduation.
The Supreme Court was given an opportunity to articulate a framework on privacy that would have guided regular online social networking users but it put the onus or burden instead on these users:
OSN users should be aware of the risks that they expose themselves to whenever they engage in cyberspace activities. Accordingly, they should be cautious enough to control their privacy and to exercise sound discretion regarding how much information about themselves they would like to give up. Internet consumers ought to be aware that, by entering or Uploading any kind of data or information online, they are automatically and inevitably making it permanently available online, the perpetuation of which is outside the ambit of their control. furthermore, and more importantly, information, otherwise private, voluntarily surrendered by them can be opened, read, or copied by third parties who may or may not be allowed access to such.
What the Supreme Court could have done is lay down the metes and bounds of a framework that would guide further actions and decisions on whether privacy has been violated, especially in online situations.
Helen Nissenbaum, in 2004, as an Associate Professor in the Department of Culture and Communication, New York University posited (in Washington Law Review, Vol. 79:119, Privacy as Contextual Integrity) “contextual integrity”, a concept proposed as an alternative benchmark for privacy, to capture the nature of challenges posed by information technologies. It ties adequate protection for privacy to norms of specific contexts, demanding that information gathering and dissemination be appropriate to that context and obey the norms of distribution within it.
There are two types of informational norms that Nissembaum is concerned with, one is the norm of appropriateness and the other is the norm of flow or distribution. Norms of appropriateness dictate what information about persons is appropriate, or fitting, to reveal in a particular context. Generally, these norms circumscribe the type or nature of information about various individuals that, within a given context, is allowable, expected, or even demanded to be revealed. Norms of flow or distribution of information deal with the movement or transfer of information from one party to another or others. Contextual integrity is maintained when both types of norms are upheld, and it is violated when either of the norms is violated.
According to the theory of contextual integrity as Nissenbaum elaborated, it is crucial to know the context- who is gathering the information, who is analyzing it, who is disseminating it and to whom, the nature of the information, the relationships among the various parties, and even larger institutional and social circumstances. It is important to ask whether the information practice under consideration harms subjects; interferes with their self-determination; or amplifies undesirable inequalities in status, power and wealth.
Specifically, whether a particular action is determined a violation of privacy is a function of several variables, including the nature of the situation, or context; the nature of the information in relation to that context; the roles of agents receiving information; their relationships to information subjects; on what terms the information is shared by the subject; and the terms for further dissemination.
Applying the concept to the case at bar, the context is that the ones who got the information are the classmates of the students who are the friends of the latter in the OSN platform Facebook; these students passed it on to the teachers, and the teachers analyzed the pictures and used them as basis to test whether the students’ behavior conformed to the school’s rules and regulations. It cannot be denied that the relationship of the students to the school is that the former should follow the rules of the school, while inside the school, and perhaps even outside the school premises, to a certain extent. But should the school still have bothered whether students wear the proper attire – of course, the students wore bikinis as they were about to go to a beach party, or they wore what they wore – when they are no longer inside the school premises? The larger institutional and social circumstance is this : was it proper for the school to use the information they have come across as in fact they were voluntarily provided by the students, and use it to apply the rules of the school, in effect, to the detriment of the students, as they were not allowed to attend their graduation (it was not clear in the factual narration of the Supreme Court if the failure of the students to attend their graduation resulted in them not moving on to college) ?
Applying the norm of appropriateness and the norm of information flow of contextual integrity, it may be appropriate for the classmates of the students to get the information from the same OSN platform as they are all part of it, they are friends, within that platform, but when such information is passed on from the OSN platform to the school which used the information that resulted in the students failing to attend their graduation, the student’s contextual integrity is violated.
It must be noted that the parents of the students, the petitioners in this case, used the remedy of the WRIT of HABEAS DATA, which according to Atty. Neri Javier Colmenares, in a primer prepared for the National Union of Peoples’ Lawyers, is a relatively new legal notion compared to the traditional writ of habeas corpus and the recently promulgated writ of amparo.
According to Atty. Colmenares, the words “habeas data” literally means you should have the data’, and is defined by Latin American legal scholars as a writ “designed to protect through a petition or complaint, the image, privacy, honor, information self-determination and freedom of information of a person”.
The rules promulgated by the Supreme Court back in 2008 for this legal remedy states that :
The writ of habeas data is a remedy available to any person whose right to privacy in life, liberty or security is violated or threatened by an unlawful act or omission of a public official or employee, or a private individual or entity engaged in the gathering, collecting or storing of data or information regarding the person, family, home and correspondence of the aggrieved party.
The writ has laid out the various aspects of a person’s being where privacy is to be expected, as it refers to “right to privacy in life, liberty or security.” Given the broad spheres where privacy is to be examined, the Supreme Court should have used the concept of contextual integrity to clarify the various privacy expectations in a person’s life, liberty or security.
Going back to the elaboration of the context of this case using the framework, the students have an expectation of privacy vis-à-vis the school, and the school had no business intruding upon the affairs of the students after school hours. The school breached the privacy expectations of the students notwithstanding that the pictures were posted in the OSN platform Facebook.
What this will result to is that now, students who are not popular or who may have enemies, can just troll the OSN platforms and get pictures from these sites and give it to the school authorities, who may or may not be interested initially but could eventually be interested in those pictures if it relates to the upholding of a school’s rules or regulations.
But the contexts of a school and that of the online social networking (OSN) platforms are different, applying the concept of contextual integrity to analyze the privacy concerns raised by the students, the Supreme Court should have ruled in their favor.