“An Analysis on the Perceptions of High School Teachers in Manila, Philippines Towards

Student Data Privacy and Its Legal Implications”

Juan Carlo B. Zamora, De La Salle University-Manila, Philippines

Madeleine Tan, De La Salle University-Manila, Philippines
Sharon Albacete, St. Paul University-Manila, Philippines
Rosemin L. Canulo, De La Salle University-Manila, Philippines

Official Conference Proceedings

Abstract
Information and communication technology (ICT) has been making its way into our
lives since the invention of Internet and its applications, which comprises the use of human
data. In the recent years, it has conquered the education industry, providing school
administrators and teachers a more challenging, yet effective and practical way of managing
school operations and student interaction. While the positive effects are staggering, it goes
without notice that privacy of students are being sacrificed. The Philippines enacted its own
privacy law, the Data Privacy Act of 2012 and Cybercrime Prevention Act of 2012 to protect
its people from the growing use of data, these includes teachers and students. As it is
relatively new, the researchers investigated the perceptions of high school teachers and
administrators from public and private schools in Manila, Philippines towards student data
privacy and its legal implications. The methods used in obtaining the perception were
through survey using convenience sampling of participants. Analysis administered for the
perception are descriptive statistics, validity and reliability, and correlation of perception.
Results from the survey were analyzed using the Likert Scale. Results show that the
perception of the teachers show significant effect on their perceived actions to take whenever
there is threat to their legal safety.

Introduction

Present the purposes of the study and provide background for your work.

Introduction
Schools of today are making the most out of the use of technology. The prevalence
and use of computers, the Internet, and social media are continuously evolving and
expanding; and concomitantly so are the legal, ethical, and practical implications in the
employment sector and beyond (Cavivo, Majtaba, Muffler, & Samuel, 2013). According to
the National Association of Secondary School Principals (n.d.), school administrators and
teachers have been using technology-enhanced data collection and analysis as tools to aid
their schools in planning, and implementing personalized, student-centered learning
experiences for their students. Though it seems that current technology has made access to
data much easier and reliable, there are pitfalls to it and one is the increasing trend of sharing
private student information (Bloom and Attai, 2016). In the Philippines, the ‘Data Privacy
Act of 2012’ is a safeguard enacted by the government to such pitfall. The Republic Act No.
10173 aims to “protect the fundamental human right of privacy, of communication while
ensuring free flow of information to promote innovation and growth”. As it is relatively new,
this research would like to gather and compare perceptions of administrators from private and
public high schools in Manila, Philippines on the act, as well as compare data privacy laws in
other countries .

In this research paper, the group aims to provide answers and explanation to the
following research questions:
1) Do the students know their rights and power of their personal data?
2) Do administrators and teachers respect the personal data of the students?
3) What are the administrators perspectives regarding social media scenario that
involves ethical and moral dilemma?

Review of Related Literature

Privacy is a right (MacCarthy, 2014). According to Yang and Wang (2014), it is the
“desire of people to choose freely under what circumstances, and to what extent, they will
expose themselves, their attitude, and their behavior to others”. In other words, a person
chooses what information of his could be shared, disclosed, and used. There are rules created
on privacy, with consideration to the context, because these "govern the transmission of
information and serve to protect the integrity of the context", as stated in MacCarthy (2014).
With access to information just a click away, how can one be protected?

Data Privacy Systems

Data privacy is a common issue in today's technology-plagued society. Free speech is
integrated into different social media platforms. Social media has been consuming countless
minutes of our everyday life and it is one of the primary sources of personal information,
such as Facebook and Twitter, especially for the youth (Clemons and Wilson, 2015). An
ethical problem revolving around sociology may occur whenever technology companies
source data, in which a person may not be fully aware on the usage of their personal human
data. The amount of user-generated media uploaded to the web is expanding rapidly and it is
beyond the capabilities of any human to sift through it all to see which media impacts our
privacy (Smith, Szongott, Henne & Von Voigt ,n.d.). In 2014, an estimate of 2.5 quintillion
bytes of data are created each day (Amihan, 2017).
The internet provides its users the opportunity to communicate with people around the
globe, research and share information, and conduct podcasts, classes, and videos to name a
few; and any of such connection to the internet could potentially be utilized in collecting
and/or accessing data (NASSP, n.d.). These modes of communication through the internet
transmit the littlest of information that is being uploaded into the web or in other words,
whatever is inputted, can be retrieved and used.
Technology-enhanced data collection and analysis have “the power to transform
teaching and learning by helping educators identify and provide supports to all students,
assisting teachers and school leaders in improving their instructional practices, and
informing schoolwide improvement activities" (NASSP, n.d.); That being said, the said
database systems can aide in making structural changes that would enable a more effective
and efficient action, as well as provide a greater impact into their students (NASSP, n.d.).
Furthermore, these data can be used as reference and support in creating activities that can
improve the educational system. According to Strauss (2015), most of the student data
gathered in schools are through students' online usage or the information provided by
teachers, staff, and parents; and these information may be composed of the student's
demographics, school and discipline records, disabilities, medical history and records, and
Individual Education Plan to name a few.
While having online database systems has its many advantages, it comes with its
comparable responsibilities. Schools have collected student data which they had created,
used, and stored over the years, through different means; and with this comes the obligation
of keeping these student information private (Bloom and Attai, 2016).
There have been recent controversies involving such obligation that took down at
least two well-known companies namely 23andm3 and inBloom, the latter being a $100-
million non-profit corporation backed up by the Bill and Melinda Gates Foundation and
Carnegie Corporation of New York (Boyd and Metcalf, 2014). The said corporation's mission
is to personalize learning through the collection of student data and store these in a cloud for
teachers to be able to track, customize lessons in real time, and share the records with
educational tool developers for better and more effective construction of resources (Singer,
2013). However, a few months later, controversies arose which led to the company to shut
down for reasons that there are no policies on the security of information and the amassing
increase of information about the students that are stored, leading parents, school board
members, and privacy lawyers to gravely object (Singer, 2013). To add to the towering
controversies, it is a trend today that school administrators outsource third-party vendors for
their data services that offer support and services for parents, students, and educators in terms
for communication, quality of educational programs, and secure data storage, including the
incorporation of technology into classrooms (NASSP, n.d.; Bloom and Attai, 2016). This
leads to an increase of shared information and contracts with information technology services
and solution providers, adding more to the mounting management concerns and responsibility
because the school will then be responsible for how the third party uses the data given to
them (Bloom and Attai, 2016).
School administrators and teachers have it easier today when it comes to collecting
and analyzing data at the school level because of technology (National Association of
Secondary School Principals, n.d.). With the benefits and loopholes of online database
systems, there must be safeguards to the usage of these data. School administrators must have
policies, besides those of the government, to govern who can access student information, how
these should be stored, and what information can only be shared to private companies such as
third-party vendors (Singer, 2013). Legal contracts and agreements must be clearly discussed
and the partner vendors are well-aware of the privacy laws on such as well (Bloom and Attai,
2016). As a provider of education, a school has the responsibility to protect its staff,
stakeholders, and students, be it in physical form or through information systems, and how
these are being managed within its environment (Aston, 2017). They are accountable as to
what is being done to the information.
For students, each of them has personal, identifiable information in a school's
database, for whatever purpose; and therefore for their protection, there must be movements
towards student data privacy as to present the "legal and ethical limitations on the collection,
use, sharing, and handling of student personal identifiable information". (Bloom and Attai,
2016). In our technology-dependent society today, laws must be made to govern such
handling of private information.

Free Speech Rights of Teachers

The credibility of teachers are affected by their social media content, in which the
perception of the students show that teacher credibility affects whether it is acceptable for a
teacher to have Facebook profile (Wang, Z., et. al., 2015). In light of this, teachers are
believed to be disciplined whenever students profiles are being monitored by educators, even
when the profile is publicly accessible, the students have rights over the information posted
(Folger, T. S., et. al., 2009). Educational institutions might create strict rules for the use of
social media by teachers and students if there is encouragement on the freedom of use of
social media, whatever the medium, on the other hand, if there is discouragement or banning
the use of social media, the development of their innovative creativity may hinder (Folger, T.
S., et. al. 2009).

Free Speech Rights of Students

In February 2014, a Cadet, Jeff Cudia, from the Philippine Military Academy (PMA)
was dismissed for lying about his explanation on tardiness. The family of Cudia posted the
dismissal on Facebook, appealing to the friends and family of Cudia for support in fighting
against the dismissal by having and intervention of the military leadership. The Facebook
post was then held as grounds for breach of confidentiality against the Philippine Military
Academy, as well as smearing the name of the institution. This situation is an example where
the student used social media as a platform to help his dismissal case, in which case it went
going against the student’s case. Cudia argued that the guilty finding on him was not in the
law, but the PMA has the academic freedom to determine who may be admitted to study.
During this time, the Cybercrime Prevention Act or Republic Act No. 10175 of the
Philippines was recently revised, deeming the act to be constitutional. In this case, such
freedom to express strong opinions against educational institutions’ academic freedom may
be detrimental in the safety of the student.

Legal Implications of the Data Privacy Act of 2012

In the Philippines, with the rapid increase in internet usage, an act was passed to
address 21st century crimes, specifically the concern on internet and information. This Act is
known to be RA 10173 or otherwise known as the "Data Privacy Act of 2012".
The National Privacy Commission (n.d.) states that the Act “(1) protects the privacy
of individuals while ensuring free flow of information to promote innovation and growth; (2)
regulates the collection, recording, organization, storage, updating or modification,
retrieval, consultation, use, consolidation, blocking, erasure or destruction of personal data;
and (3) ensures that the Philippines complies with international standards set for data
protection through National Privacy Commission (NPC)”. It is the country’s first
comprehensive data protection law.
Based from Nicolas and De Vega Law Offices (2016), "Data Privacy Act of 2012
protects all forms of information that are personal, private or privileged. It covers all
persons, whether natural or juridical, with particular emphasis to companies or juridical
entities involved in the processing of protected information", though it is worth noting that
the law only protects private information, not of which are publicly accessible. Wapp (2017)
defines private personal information as being:
· About an individual’s race, ethnic origin, marital status, age, color, and religious,
philosophical or political affiliations;

· About an individual’s health, education, genetic or sexual life of a person, or to

any proceeding or any offense committed or alleged to have committed;

· Issued by government agencies “peculiar” (unique) to an individual, such as social

security number;
 · Marked as classified by executive order or act of Congress.

When personal, private, or priviledged data are to be collected and processed, the
purpose must first be specified, legitimate, transparent, legal, and reasonable (Amihan, 2017;
Wapp, 2017). Certain circumstances have been identified though as exceptions when it comes
to processing of such data and Wapp (2007) stated these:
· Consent of the data subject;

· Pursuant to law that does not require consent;

· Necessity to protect life and health of a person;

· Necessity for medical treatment;

· Necessity to protect the lawful rights of data subjects in court proceedings, legal
proceedings, or regulation.

Second, the consented information can be shared to only the agreed recipient. The
information, kept accurate and relevant, must be used only for the stated and agreed upon
purposes and kept for as long as reasonably needed (Amihan, 2017). Third parties, most
especially, who process personal information must have and utilize contracts or other
reasonable means that align with the Act’s implementing rules and regulations (IRR) to
“ensure the confidentiality, integrity and availability of the personal data processed, prevent
its use for unauthorized purposes, and otherwise comply with the law” (Parsons, M. and
Crawford, L., 2016). When unauthorized person has acquired any sensitive personal
information or information that may be used to commit identity fraud, the personal
information controllers must notify NPC within 72 hours as mandatory breach notification
(Parsons, M. and Crawford, L., 2016).
Third, when the personal information is no longer needed, it must be securely
discarded. It must not be visible and accessible to unauthorized parties (Amihan, 2017).
When handled improperly, the Act states that one is punishable for up to six (6) years in
prison or up to five million pesos (PHP 5,000,000), depending on the nature and degree of the
violation (Amihan, 2017).

National Privacy Commission

A commission was created to enforce the R.A. 10173 or the Data Privacy Act of
2012. The National Privacy Commission is assigned to check and validate whether
companies are compliant with the element stated in the republic act. The five (5) elements, as
discussed in Amihan (2017), are:
1. Appointing a Data Protection Officer
2. Conducting a privacy impact assessment
3. Creating a privacy knowledge management program
4. Implementing a privacy and data protection policy
5. Exercising a breach reporting procedure
According to Amihan (2017), the Data Privacy Act of 2012 requires companies with
at least 250 employees or have access to personal and identifiable information of at least
1,000 people to register with the National Privacy Commission and comply with the Act.
Furthermore, as it is relatively new, many are still unaware that they are affected by the law
(Amihan, 2017).
Philippine Data Privacy Act of 2012 versus other Countries
The Philippines enacted the Data Privacy Act of 2012 that took effect on September
8, 2012. As the country has recently been taking greater measures to become globally
competitive, below are details for comparison from different countries, ASEAN and more,
taken from DLA Piper (2018).

ASEAN Countries

Indonesia
There are regulations executed in regards to the use of electronic data such as those on
electronic information and transactions (EIT Law); however, there is no general law on data
protection. A new bill is being discussed and drafted though on the Protection of Private
Personal Data, but the issue date is yet uncertain.

Malaysia
The first comprehensive personal data protection legislation of Malaysia was passed
by the Malaysian Parliament on June 2, 2010 and came into force on November 15, 2013.
The legislation is entitled the Personal Data Protection Act 2010.

Singapore
The country has enacted the Personal Data Protection Act 2012 or otherwise known
as No. 26 of 2012 on October 15, 2012. Data protection, under this Act, is applied to the
private sector; thus, there are separate rules for those of the public sector. In addition, the act
has an extraterritorial effect, wherein it applies to organizations, present or not in Singapore,
collecting personal data from the people of the said country.

Thailand
There is currently no law as to governing data privacy in the country; but a draft is
being reviewed as the Constitution of the Kingdom of Thailand recognizes the protection and
urgency of privacy right. The Personal Information Protection Act is currently a draft being
reviewed by the Office of the Public Sector Development, which later will be passed on to
the Cabinet for further approval. The draft "provides protection of personal data by
restricting the gathering, using, disclosing and altering of any personal data without the
consent of the data owner". Furthermore, a Protection of Personal Data Commission is being
called for to regulate compliance with the draft. With the plans to enact such, there is no yet a
clear date as to when the act will be finalized and bounded.

Countries outside the ASEAN region

China
The People's Republic of China (PRC) had promulgated and taken into effect the PRC
Cybersecurity Law last June 1, 2017. It is the first national-level law that directly addresses
cybersecurity and data privacy protection. The purpose of such law is to "protect online
information security, safeguard the lawful rights and interests of citizens, legal entities or
other organizations, and ensure national security and public interests". Furthermore, the law
enabled provisions in other laws and regulations that may be applicable depending on its type
of information or industry. The Law provides, as well, guidelines that serve as the national
standards that indicate key data protection concepts, principles, and regulations.

United States of America

 The law on data privacy and security in the USA addresses particular issues and/or
industries. The country has about 20 sector or medium specific national data security laws
and hundreds more specific among its 50 states and territories.

Data Protection Case Stories

Research Methodology

The survey was developed and pretested on the respondents of private and public
schools in Metro Manila, Philippines. The participants of the survey were collected mainly
through convenience sampling and was voluntary. In order to be eligible, he respondents
must be currently employed as a teacher full-time teacher in an accredited school.

The context for this research focuses on the Data Privacy Act of 2012 and the
perceptions of the different participants certainly the administrative body of both private and
public schools gathered through interviews, the readiness to allow operational collection and
use of particular information by corporations through online surveys. The study is based on a
renewed study of data from a survey conducted. The survey focuses on views of school
teaching profession from the top to the least level of the organizational structure, which is
from senior management to probationary teachers. Some of the personal information gathered Commented [JCZ1]: Not needed because this is the
through explicit online situations is kept intimate and is treated with utmost respect. The essence of the descriptive data. But could be used in
the introduction in a different way
survey was intended to focus on the way teachers reply to situations when personal
information as these are collected in various manner. This particular survey also aimed at Commented [JCZ2]: To be used in Survey Instrument
defining contributors' general self-importance. For all concepts of this study, plain inquiries portion
were used as a tool for deriving information from the contributors. The survey was developed
and pretested on the respondents of private and public schools in Metro Manila, Philippines.
Survey participants were collected mainly through convenience sampling.

Methodologies and Analysis

Survey Instrument

Participants were asked to complete an online survey composed of 34 questions inquiring

into instructor–student communication: Five questions on demographics, 21 about attitudes
and media behavior and open-ended responses detailing respondents' experiences with
students while communicating socially with them on Facebook, and technical questions
asking the knowledge of the teachers about the laws related to data privacy and the
constitution. The form of the questions and available responses for most of these questions
are described later in this section in the explanation of the major measures and throughout the
remainder of the paper.

The items created were mainly adapted from study of James, T. L. et al (2017), as well as
literature related to information systems (Dinev and Hart, 2006 ; Bélanger et al., 2011;
Johnston and Warkentin, 2010). The researchers also developed a scale related to work
related activities as the legal implications would be reflective of their involvement at work in
the teaching profession. The constructs of the items in the survey, as seen in Table 1, are
divided in different parts of the survey. The researchers tested the measures of central
tendency, with mean and standard deviation for the analysis of the Likert scale. Validity,
reliability, and discriminant validity were measured for the Likert scale items in the survey.

Table 1. Sources of Survey Items

Constructs Items Adapted From:
Social Media Self-efficacy (SEFF) Bélanger et al. (2011)
Information Privacy Concern (PRIV) Dinev and Hart (2006)
Severe Exposure of Others’ Information (SEV) Johnston and Warkentin (2010)
Liability of Exposure by Others (SUS) Johnston and Warkentin (2010)
Scale Developed by Authors
Work Related Activities

Participants
In this research, convenience sampling was used for obtaining the respondents. In this
research, convenience sampling was used for obtaining the respondents. Demographic
information of the respondents were collected in congruence with the survey as shown in
Table 2. The respondents show that there are more than female teachers. The age group were
mostly coming from the ages ranging from 20-25 years old, then a tie between 26-30 years
old and 31-35 years old. Most of the respondents came from private institutions, this means
that the reach of extensive policies for teachers are mostly related to the confines of their
respective private institutions. The teaching experience of teachers were mostly homogenous,
with the exception of 3 years of teaching experience having only four respondents.
Respondents were strictly answered by those in the teaching profession, those who are not
teachers were not included in the survey.

Table 2. Demographic Information

Gender Age Type of School Years of Teaching
Male 7 20-25 12 Public 3 0-1 year 9
Female 20 26-30 6 Private 24 2 years 7
31-35 3 years 4
6
36-54 3 4 & above years 7

The technical exposure of the teachers in relation to the legal information about data privacy,
cybercrime prevention, and the Philippine constitution were collected as seen in Table 3. In
line with the legal information, the teachers were asked about their educational attainment
related to the field of education, as well as asking whether the teachers have an undergraduate
degree in education. Additionally, teachers were asked about their freedom in accessing the
personal information about the student without their consent. It is observed that 93% of the
respondents’ highest education is undergraduate, among the undergraduate degree holders,
80% currently have master’s degree units or completing a master’s degree, while the
remaining 7% have a master’s degree, no respondents have reached a doctorate degree.
Among the teachers, 70% have an undergraduate degree related to education, this means that
the teachers have the basic knowledge about the responsibilities of the teaching profession.
Only 44% have read the data privacy act, and 48% have read the cybercrime prevention act,
while 93% have read the Philippine Constitution. The number of teachers with access to the
students’ personal information is 44%, which means that the data is vulnerable to unwanted
exposure.

Table 3. Technical Exposure

Highest Educational Has an Has read related laws in Access to
Attainment undergraduate in Data Privacy Students’ Data
Education without
Consent
Undergraduate 5 Yes 19 Data Privacy Yes 12 Yes 12
Some Master’s 20 No Act No 15 No 15
Units 8
Master’s Degree 2 Cybercrime Yes 13
Prevention Act No 14
1987 Yes 25
Philippine Not 2
Constitution

The items for the survey instrument, along with their mean and standard deviation for each
item are displayed in Table 4. Regarding the information privacy of teachers, the social
media efficacy, severe exposure of others’ information, liability of exposure by others, and
work-related activities show an interesting profile. The means for information privacy is high,
with means over than 5.00 and low standard deviation, this could mean that the teachers feel
safe with whatever activities they participate in social media. As opposed to privacy, the
means for work related activities are near the score for “disagree = 2”, but it presents a higher
standard deviation ranging about to 2.00 points. The efficacy of social media use, and the
severity of exposure by others’ shows that the respondents are on the neutral stance, and has
differing opinions based on their standard deviation that is near 2.00 points. The liability of
exposure by others shows that the respondents are in the range of “Moderately Agree = 5”
and have a low standard deviation as compared to others, this could mean that the teachers
perceive legal safety is at risk whenever they post activities in social media.

Chronbach’s alpha in Table 4. shows that majority of the items are questionably, but, they are
near 0.700, which is acceptable. Work related items, and the social media policy use under
severe exposure of others’ information is in the acceptable range, which shows that items
related to this have a valid assumption.

Table 4. Descriptive Statistics for Survey Items

Construct Item Mean Std. Cronbach’s
Indicator Dev alpha
I feel comfortable sharing political opinions 3.33 1.861 .670
PRIV1 on Social Media
I believe that everything I posted in social 5.33 1.664 .691
media is in my capacity as PRIVATE
PRIV2 citizen
I feel the need to report any malicious 5.37 1.597 .671
activities by my students whenever posted
PRIV3 in social media
I believe I have the power of preventing 5.26 1.534 .672
harm to my students with the use of social
PRIV4 media
I believe that I can defend myself in Social 4.56 1.805 .683
PRIV5 Media
I feel like I am involved in my colleagues 3.33 1.797 .677
SEFF1 life outside of work
 I feel the need to add my students on 2.70 1.540 .680
SEFF2 Facebook
I feel threatened that my social media 3.74 2.194 .662
SEV1 content is judged by my students
I think that posting personal or explicit 3.22 1.968 .675
content in Social Media is okay as long as I
SEV2 keep it to my friends
I always follow my school's social media 4.44 1.948 .727
SEV3 policy use
Having group pictures with students in 4.85 1.791 .665
socializing events (vacation, off campus
SEV4 activities, etc). is part of Filipino Culture
I keep track of my social media privacy 5.74 2.159 .670
SUS1 settings
I fear that my school is vulnerable to bad 4.63 1.864 .680
SUS2 interpretation in social media
I feel the need to interfere whenever 4.63 1.644 .660
SUS3 someone is being bullied in social media
I believe that my students posts pictures 4.33 2.019 .687
SUS4 with me in it without my permission
I believe that my colleagues posts pictures 4.26 1.992 .683
SUS5 of students without their consent
My school has a policy on Social Media use 3.70 2.216 .721
WORK1 in all School based functions
I believe that faculty need to be disciplined 5.00 2.434 .708
WORK2 in social media use even after work hours
I believe that it is okay for students to post 3.52 2.173 .726
WORK3 their complaints in social media
I share praises, rants, or topics that affect 3.22 1.717 .684
WORK4 teachers in Social Media
I have pictures with my students outside 2.85 2.125 .675
WORK5 school activity
(7-Point Likert Scale; Strongly Disagree = 1 to Strongly Agree = 7)

The testing of our research hypothesis is in Table 5. We only included the hypothesis testing
for those with a p <0.05 so that we may be able show the strongest significance. The
correlation of the of different items are strong since they are far from 0.00, which means that
the effect of the teachers’ answers are valid and true in relation to most participants. An
example of the supported hypothesis is the teacher’s perceived safety of posting rants, topics,
or praises that directly affects to the ability to defend themselves whenever there is a
perceived danger that would affect them.

Table 5 Summarized Results

Hypothesis Item Indication Coefficient P
A teacher's need for adding his/her students Supported .573 .002
on Facebook is positively associated with
their belief of power to interfere when
H1 someone is being bullied in social media
An individual’s concern for privacy for Supported .598 .001
H2a his/her political opinions in social media is
 positively associated with the belief of
preventing harm to their students through
social media
An individual’s concern for privacy for Supported .573 .002
his/her capacity as a private citizen is
positively associated with the belief of
preventing harm to their students through
H2a social media
A teacher's compliance in their social media Supported .718 .000
policy use is positively associated with the
use of social media across all school-based
H3 functions.
A teacher's belief of posting pictures of Supported .704 .000
students without consent is positively
associated with the belief that their students
H4 post pictures without their consent
A teacher's perceived safety in social media is Supported .641 .000
positively associated with their freedom to
post rants, topics, or praises that directly
affects teachers
H5a
A teacher's perceived need to report any Supported -.412 .000
malicious activities by the students is
negatively associated with the belief that it is
okay for students to post their complaints in
H5b social media

Conclusion and Discussion

In this study, we contributed to the perceptions of the Filipino teachers in relation to their
safety views on different activities in social media. The results imply that they are susceptible
to the dangers of data privacy, and cybercrime act by participating into activities that could
influence an legal proceeding. The teachers surveyed felt that they are safe from harm
whenever they put themselves in danger of having a permanent trail social media. The
limitations of this study is that it has only studied teachers from Metro Manila, and most of
the teachers came from public schools. Future research would have the potential in studying
the electronic footprint that teachers leave in social media and on how the legal implications
may be used against them.

References
Amihan. (2017, July 10). The beginner's guide to ra 10173 (data privacy act of 2012).
Retrieved from https://amihan.net/2017/07/10/beginners_guide_to_ra_10173/
Aston, J. (2017, November 10). How the data protection act affects schools. Retrieved
from https://www.stonegroup.co.uk/data-protection-act-affects-schools/

Belanger, F., Collignon, S., Enget, K., & Negangard, E. (2011). User resistance to the
implementation of a mandatory security enhancement. IFIP WG8. 11/WG11, 13.
Bloom, A., & Attai, L. (2016, December 12). The abcs of student data privacy for
administrators. McGrawhill Education. Retrieved from
https://www.districtadministration.com/content/abcs-student-data-privacy-administrators

Boyd, D., & Metcalf, J. (2014, November 10). Example “big data” research controversies.
Retrieved from https://bdes.datasociety.net/council-output/example-big-data-research-
controversies/

Clemons, E. K., & Wilson, J. S. (2015). Family preferences concerning online privacy,
data mining, and targeted ads: regulatory implications. Journal of Management
Information Systems, 32(2), 40-70. doi:10.1080/07421222.2015.1063277

Dinev, T., & Hart, P. (2006). An extended privacy calculus model for e-commerce
transactions. Information systems research, 17(1), 61-80.

DLA Piper. (2018, January). Law - dla piper global data protection laws of the world.
Retrieved from https://www.dlapiperdataprotection.com/index.html?t=law&c=TH

Foulger, T. S., Ewbank, A. D., Kay, A., Popp, S. O., & Carter, H. L. (2009). Moral spaces
in MySpace: Preservice teachers’ perspectives about ethical issues in social networking.
Journal of Research on Technology in Education, 42(1), 1-28.

Johnston, A. C., & Warkentin, M. (2010). Fear appeals and information security
behaviors: an empirical study. MIS quarterly, 549-566.

MacCarthy, M. (2014). Student privacy: harm and context. International Review of

Information Ethics, 21, 11-24. Retrieved from
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3093299

National Privacy Commission. (n.d.). Data privacy act primer. Retrieved from
https://privacy.gov.ph/data-privacy-act-primer/

Nicolas and De Vega Law Offices. (2016). Data privacy in the philippines. Retrieved
from http://ndvlaw.com/data-privacy-in-the-philippines/
he who holds information holds power

SC Rules with Finality on Cudias Dismissal from PMA. (2015, April 14). Manila
Bulletin. Retrieved March 11, 2018, from http://www.highbeam.com/doc/1G1-
511402067.html?refid=easy_hf

Sarapin, S. H., & Morris, P. L. (2015). Faculty and Facebook friending: Instructor–
student online social communication from the professor's perspective. The Internet and
Higher Education, 27, 14-23.

Singer, N. (2013, October 5). Deciding who sees students' data. Retrieved from
http://www.nytimes.com/2013/10/06/business/deciding-who-sees-students-data.html

Strauss, V. (2015, November 12). The astonishing amount of data being collected about
your children. Retrieved from https://www.washingtonpost.com/news/answer-
sheet/wp/2015/11/12/the-astonishing-amount-of-data-being-collected-about-your-
children/?utm_term=.59d456ce1ad1

Parsons, M., & Crawford, L. (2016, September 9). Philippines finalizes data privacy act
implementing rules. Retrieved from
https://www.hldataprotection.com/2016/09/articles/international-eu-privacy/philippines-
finalizes-data-privacy-act-implementing-rules/

Wapp, A. (2017, April 27). Philippines data privacy act and implementing regulations.
Retrieved from https://iapp.org/news/a/summary-philippines-data-protection-act-and-
implementing-regulations/

Wang, Z., Novak, H., Scofield-Snow, H., Traylor, S., & Zhou, Y. (2015). Am I disclosing
too much? Student perceptions of teacher credibility via Facebook. The Journal of Social
Media in Society, 4(1).

Yang, F., & Wang, S. (2014). Students' perception toward personal information and
privacy disclosure in e-learning questionnaire. PsycTESTS Dataset, 13(1).
doi:10.1037/t44647-000

Cavivo, F.J., Majtaba, B. G., Muffler, S. C., & Samuel, M. (2013): Social Media and the
Workplace: Legal, Ethical, and Practical Considerations for Management. Journal of
Law, Policy and Globalization, Vol.12, 2013

Smith, M, Szongott, C., Henne, B. & Von Voigt, G. (n.d.): Big Data Privacy Issues in
Public Social Media
APPENDIX A