What employers should knowJanette Toral
This article was first published in Sun.Star Online last July 3, 2003
Let me give you a perspective on what The E-Commerce Law or Republic Act 8792 is all about. This law was signed last June 14, 2000.
What the E-Commerce Law does is empower all existing laws by recognizing their electronic counterpart. A promise-to-pay note sent through a text message can be considered a promissory note, and so is an order confirmation sent through such medium. Four years ago, it was also proven that sexual harassment can take place by using modern technologies and be penalized.
The law was also created to empower entrepreneurs to be able to trade online and offer the necessary protection for buyers by making transactions legally recognized and admissible as evidence in court. These electronic documents can’t be denied legal admissibility as evidence just because they are in electronic form.
Anyone who uses the Internet, computer, cellular phone and other IT-enabled devices has the duty to know RA 8792. Companies who use computers and/or the Internet should have an email, software and Internet use policy in their organizations.
Without it, any illegal activity, virus outbreak, hacking, fraudulent online purchase that initiates from your workplace can also identify you as a culprit and guilty of committing hacking or piracy, for not having an explicit policy prohibiting personnel from using your computer and Internet facilities for such actions.
Imagine an institution where one of its personnel tried to avail herself of a trial software system. Before the person could download, she had to type her credit card info. She decided to input a fake or made-up number to see if her form would go through and allow her to download the software. It didn’t, for the credit card number was not recognized. She decided to abandon the purchase.
On the other end, the website owner considered this an attempt of fraud and tried to track down the purchaser using the system logs, among others. They were able to and pointed to an education institution here in our country. They wrote to the administrator contact stated in its domain name. However, the person who received it was not trained. He recognized the action made, defended the person who did the purchase and said she was not able to download the trial anyway.
You can just imagine what happened from there. The institution had no choice but to pay up to avoid the embarrassment caused by its employee rather than be publicly exposed. If this institution only had such policy, it could have take action against the employee and denied liability for her action.
New areas of concern as well is the proper handling of personal data of our clients. Employees who have access to this may sell or gain a copy for their personal purpose. Note that the recent DTI Administrative Order #8: Prescribing Guidelines for the Protection of Personal Data in Information and Communication Systems in the Private Sector (PDF file) gives Filipinos the right to question how their data is used that may have lead to abuse. This is one new policy that employers will have to be extremely sensitive to.