Philippines
AI behavior law: bot and agent disclosure, crawler and training-data rules, automated-agent transactions, and algorithmic decision-making.
Summary
The Philippines presents moderate-to-elevated crawling risk, with a uniquely active privacy regulator (National Privacy Commission) that has issued scraping-specific guidance. The Data Privacy Act 2012 (RA 10173) applies fully to automated or manual extraction of personal data from online sources; the NPC expressly rejects the view that public availability equates to consent (NPC Advisory 2026-01, April 2026). The Cybercrime Prevention Act 2012 (RA 10175) s.4(a)(1) criminalises "illegal access" — access to a computer system without right — which applies to scraping that bypasses technical controls or exceeds ToS authorisation. No TDM copyright exception exists (Philippine IP Code uses a fair use model, not broadly construed for commercial AI training). No sui generis database right. No EU baseline applies. NPC is active and has issued binding guidance on scraping, privacy impact assessments, and large-scale profiling — the regulatory posture is tightening.
Automated-access legality
Carried forward from the crawler-law index. Governs whether automated clients may access public websites in this jurisdiction.
| Dimension | Value |
|---|---|
| Authorization test | without permission |
| Public-page carve-out | unsettled |
| Terms-of-service browsewrap enforceable | notice dependent |
| Terms-of-service clickwrap enforceable | yes |
| Copyright exception model | fair use |
| Text and data mining — commercial status | unsettled |
| Text and data mining — opt-out mechanism | none |
| robots.txt legal weight | non binding notice |
| AI training-specific law | none |
| Privacy regime | Data Privacy Act 2012 (RA 10173); NPC Advisory 2026-01 |
| Trespass to chattels | not recognized |
Last reviewed: 2026-05-23. Confidence: medium. Fast-moving area — verify before relying. Not legal advice.