Philippines Compliance Guide · Updated April 2026

Employee Monitoring Laws in the Philippines: NPC Advisory 2024-003 and Employer Compliance

Employee monitoring laws in the Philippines are governed by the Data Privacy Act of 2012 (Republic Act 10173), enforced by the National Privacy Commission (NPC). In 2024, the NPC issued Advisory Opinion 2024-003 — the first Philippine regulatory guidance specifically addressing webcam monitoring of remote workers — giving employers and BPOs a clear compliance framework. This guide covers every layer of Philippine law relevant to workplace monitoring in 2026.

Try eMonitor Free Download Policy Template

7-day free trial. No credit card required.

Philippine employer reviewing employee monitoring compliance documentation

Legal Disclaimer

This guide is for informational purposes only and does not constitute legal advice. Philippine privacy law is interpreted through NPC advisory opinions, case decisions, and evolving regulatory guidance. Employers should consult qualified Philippine counsel before implementing or amending monitoring programs. The NPC accepts complaints online at privacy.gov.ph.

What Legal Framework Governs Employee Monitoring in the Philippines?

The Philippines operates under a layered legal framework for employee monitoring. No single statute addresses workplace monitoring comprehensively — instead, employers must navigate four intersecting laws, each of which imposes distinct requirements.

Data Privacy Act of 2012 (Republic Act 10173)

The DPA is the primary data protection statute. It applies to any processing of personal information by Philippine employers, including monitoring data, attendance records, productivity logs, and screen captures. The NPC is the DPA's enforcement authority and has issued multiple advisory opinions on workplace monitoring since the DPA took effect.

Maximum administrative fine: PHP 5,000,000 per violation. Criminal penalties range from one to six years' imprisonment depending on the sensitivity of data involved and the intent of the violator.

Telecommuting Act (Republic Act 11165)

Enacted in 2018 and covering the rapidly expanding remote workforce, RA 11165 requires employers to respect employee privacy rights even when employees work from home. A telecommuting agreement must be in writing and must specify working conditions — including, by extension, any monitoring arrangements. The DOLE implementing rules reinforce that telecommuters hold the same labor rights as on-site employees.

The NPC's Advisory Opinion 2024-003 directly responds to the explosion of remote work under telecommuting arrangements and fills the monitoring gap that RA 11165 did not explicitly address.

Labor Code of the Philippines (Presidential Decree No. 442)

The Labor Code affirms the employer's management prerogative, which includes the right to monitor employee performance and enforce workplace rules. However, this right is not absolute. Monitoring methods that violate employee dignity, constitute oppressive conduct, or are applied discriminatorily against protected classes may constitute a labor standards violation. The DOLE enforces these protections independently of any NPC proceedings.

Cybercrime Prevention Act (Republic Act 10175)

RA 10175 criminalizes unauthorized access to computer systems and illegal interception of communications. For employers, the practical implication is that monitoring of company-owned computers and company-assigned network infrastructure is generally permitted — provided employees have been notified in writing. Accessing employee personal accounts (email, social media, messaging apps) without authorization, even on company devices, constitutes a criminal offense regardless of the device's ownership.

NPC Advisory Opinion 2024-003: What Philippine Employers Must Know About Webcam Monitoring

Advisory Opinion 2024-003 is the most significant Philippine regulatory development for remote workforce management in recent years. Issued by the National Privacy Commission in 2024, it establishes the first explicit NPC framework for webcam-based employee monitoring — a practice that became widespread among Philippine BPOs and knowledge-process operations during and after the COVID-19 pandemic.

Diagram of NPC Advisory Opinion 2024-003 webcam monitoring requirements

The NPC's Core Ruling

The NPC ruled that webcam monitoring of remote workers is permitted when four conditions are satisfied simultaneously:

  1. Prior employee consent — Consent must be obtained before webcam monitoring begins, must be freely given, specific, and informed. Consent buried in lengthy employment contracts without clear disclosure does not satisfy this requirement under the NPC's interpretation.
  2. Full disclosure of scope — Employees must be told precisely what will be recorded, when recording occurs, who has access to the footage, and how long footage is retained.
  3. Purpose limitation — Webcam footage may only be used for the stated purpose (e.g., attendance verification, quality assurance). Using footage for disciplinary proceedings when it was collected for quality purposes requires a separate disclosure and legal basis.
  4. Data minimization and retention limits — Footage must be deleted once the monitoring purpose is fulfilled. The NPC has not prescribed a specific maximum retention period, but retention beyond 90 days for routine monitoring is difficult to justify under the DPA's proportionality requirement.

Spot-Checks Over Continuous Recording

The NPC's advisory explicitly recommends random spot-checks as preferable to continuous recording. This guidance has practical consequences for how employers configure monitoring software. Continuous webcam recording throughout every working hour collects far more personal data than necessary to verify attendance or assess performance — making it disproportionate under the DPA's data minimization principle. Periodic screenshots or scheduled check-ins that capture presence without constant recording align more closely with NPC guidance.

eMonitor's configurable screenshot frequency — which can be set to capture periodic snapshots rather than continuous video — directly supports this compliance posture. Employers can demonstrate proportionality by documenting the frequency chosen and the business rationale in their privacy notice.

What the Advisory Did Not Authorize

Advisory Opinion 2024-003 did not provide blanket approval for all forms of webcam monitoring. The NPC was careful to note that its advisory addresses the narrow question of whether webcam monitoring is per se impermissible — and concluded it is not. But each implementation must independently satisfy the DPA's core principles. Employers who read the advisory as open permission for always-on video recording are misreading its scope.

What Legal Basis Do Philippine Employers Use to Monitor Employees?

Unlike the EU GDPR, which offers six lawful bases for processing, the Data Privacy Act of 2012 is interpreted through a lens that generally positions consent and legitimate interest as the two primary pathways for employment data processing. Philippine employers typically rely on one or both of the following.

Consent at the Point of Hiring

Most Philippine employers — particularly BPOs with mature HR processes — obtain consent to monitoring through the employment contract, supplemented by an employee privacy notice signed on the first day of employment. The NPC's position is that consent obtained at hiring is valid for ongoing monitoring, provided the scope disclosed at the time of consent actually matches what is monitored. An employer who obtains consent for screen capture and later adds audio recording without updated consent has exceeded the original consent's scope.

The NPC received 4,836 complaints in 2023, of which a significant proportion related to employment contexts. While most involved HR data handling rather than active monitoring, the volume illustrates the NPC's active enforcement posture and the real risk employers face from inadequate consent documentation.

Legitimate Interest and Contractual Necessity

For BPO operations where client contracts require specific monitoring standards (call recording, screen capture for quality assurance, data security controls), Philippine employers may rely on contractual necessity and legitimate interest as additional legal bases. The DPA permits processing "necessary to fulfill a contract to which the data subject is a party" and processing "necessary for the purpose of the legitimate interests pursued by the personal information controller."

Legitimate interest requires a balancing test: the employer's interest must outweigh the employee's privacy rights. For quality assurance monitoring in a call center context, this balance has generally been found in the employer's favor given the client contractual obligations and the industry expectation that BPO employees have accepted monitoring as a job condition.

How the NPC Evaluates Proportionality

The NPC applies a proportionality analysis when evaluating whether monitoring is lawful. The key questions are:

  • Is the monitoring method the least intrusive way to achieve the stated purpose?
  • Is the volume of data collected limited to what the purpose requires?
  • Are retention periods matched to the operational need, not an indefinite archive?
  • Do access controls prevent unauthorized persons from viewing monitoring data?

Employers who can answer each question affirmatively — and document their answers — are in a strong compliance position. Those who cannot should revisit their monitoring configuration before the NPC visits them.

BPO Compliance in the Philippines: The World's Largest Outsourcing Market

The Philippines is the world's largest BPO destination by some measures, with the industry contributing approximately 8% of GDP and employing over 1.3 million workers (IBPAP, 2024). This scale means that Philippine BPO monitoring practices affect more employees than the comparable legal frameworks of most other countries. The NPC is acutely aware of this and has developed BPO-specific guidance accordingly.

Philippine BPO call center employees working with monitoring systems

Quality Assurance Monitoring: Industry Standard Practice

For Philippine BPOs, call recording, screen capture, and activity monitoring are standard quality assurance practices driven by client contracts rather than employer discretion. The NPC has indicated that QA monitoring for client compliance is generally permitted under the DPA, recognizing that:

  • Employees in BPO roles understand monitoring as an inherent job condition
  • Client contracts may legally require specific monitoring standards
  • The QA purpose is sufficiently specific to satisfy the DPA's purpose limitation requirement

However, "QA monitoring is permitted" does not mean "any monitoring goes." BPOs must still disclose the specific monitoring tools in use, ensure only authorized personnel access recorded data, and delete recordings per the retention schedule rather than archiving indefinitely.

Cross-Border Data Transfers to Foreign BPO Clients

A distinctive challenge for Philippine BPOs is the routine transfer of monitoring data to foreign clients — a U.S. financial services firm receiving call recordings, a European retailer reviewing screen capture logs, an Australian telecommunications company auditing agent activity. Section 21 of the DPA requires that cross-border transfers maintain a comparable level of protection to that afforded under Philippine law.

The standard compliance mechanism is a data sharing agreement between the Philippine BPO and the foreign client, specifying:

  • The categories of employee data being transferred
  • The permitted uses of transferred data by the foreign recipient
  • Retention and deletion obligations on the foreign recipient
  • Security standards applicable to the transferred data
  • The foreign recipient's obligation to notify the BPO of any security incident

BPOs transferring monitoring data to EU-based clients should additionally verify that their data sharing agreement satisfies GDPR requirements for international transfers — a standard that EU supervisory authorities consider when auditing the receiving end of such transfers. For a full comparison of how Philippine requirements interact with European frameworks, see our guide on GDPR employee monitoring compliance.

Hybrid and Work-from-Home Arrangements in BPO

Since 2020, Philippine BPOs have operated under hybrid and full work-from-home models that were previously rare in the industry. This shift has created monitoring challenges that Advisory Opinion 2024-003 directly addresses. BPOs managing a combination of on-site and remote agents should apply a single monitoring policy to both — differential monitoring that applies more intensive scrutiny to remote workers than on-site workers without documented business justification would be difficult to defend under the DPA's fairness principle.

For BPO managers overseeing mixed on-site and remote teams, eMonitor's unified dashboard provides consistent visibility regardless of employee location, applying the same monitoring parameters to all agents and providing employees with their own activity view. Read more about nearshore and offshore team monitoring for distributed BPO operations.

How Should Philippine Employers Implement Monitoring Legally?

Philippine employers who want to implement or audit their monitoring programs should work through a structured compliance sequence. The following steps reflect NPC guidance, DPA requirements, and established BPO industry practice.

  1. Conduct a Data Protection Impact Assessment (DPIA)

    A DPIA is mandatory under NPC Circular 16-02 for processing activities that carry high risk to data subject rights. Webcam monitoring, continuous screen recording, and keystroke logging all qualify. The DPIA documents the monitoring purpose, the necessity and proportionality of each data type collected, the risks to employees, and the mitigations in place. It is the foundation on which all other compliance documents rest.

  2. Register the Processing Activity With the NPC

    Organizations with 250 or more employees, or those processing sensitive personal information, must register their data processing systems with the NPC under NPC Circular 17-01. Employee monitoring qualifies as a data processing system requiring registration. Registration is completed through the NPC's online portal and must be renewed annually.

  3. Update the Privacy Notice and Employment Contract

    The employee privacy notice must specifically describe monitoring: which activities are captured, on which devices, during which hours, for what purpose, and by whom data can be accessed. Generic notices that mention "we may monitor your activity" without specifics do not satisfy the NPC's transparency standard following Advisory Opinion 2024-003. For existing employees, a formal notice of change with acknowledgment signature is required before expanding monitoring scope.

  4. Obtain Informed, Documented Consent

    For monitoring that exceeds what is strictly necessary for the employment relationship, documented consent is the safest legal basis. Consent forms should describe the monitoring method, data types, purpose, retention period, and the employee's right to withdraw consent (noting any employment consequences if the monitoring is a contractual job requirement). Digital signature via an HR system creates an auditable consent trail.

  5. Configure Monitoring Tools for Proportionality

    Once legal groundwork is in place, configure monitoring software to match what was disclosed and consented to. If the privacy notice describes periodic screenshots every 10 minutes, configure accordingly — not continuous video capture. Role-based access controls ensure only authorized personnel view monitoring data. Automated deletion rules enforce the retention schedule. Document these configurations as evidence of the proportionality assessment outcomes.

  6. Appoint a Data Protection Officer (DPO)

    Organizations that process personal data of 1,000 or more individuals in a 12-month period must designate a Data Protection Officer under NPC Circular 16-01. For BPOs and mid-to-large enterprises, DPO designation is effectively mandatory. The DPO is the NPC's primary contact and has responsibility for monitoring the organization's compliance with the DPA, including reviewing monitoring programs.

  7. Establish a Data Breach Response Procedure

    Under Section 20(f) of the DPA, personal information controllers must notify the NPC and affected data subjects within 72 hours of discovering a personal data breach. For employee monitoring data, a breach could include unauthorized access to screenshot archives, exposure of call recordings, or disclosure of activity logs to unauthorized parties. The response procedure should specifically address monitoring data repositories given their sensitivity.

How Does the NPC Enforce Employee Monitoring Rules?

The NPC has demonstrated a consistent willingness to pursue complaints related to workplace data processing. Understanding how enforcement works helps employers assess their actual risk exposure rather than treating DPA compliance as an abstract obligation.

NPC Complaint Statistics and Enforcement Trends

The NPC processed 4,836 complaints and requests for assistance in 2023 (NPC Annual Report 2023), a number that reflects growing awareness among Philippine workers of their data rights. Employment-related complaints — covering HR data misuse, monitoring disclosures, and data sharing with clients — form a significant portion of the NPC's caseload. The NPC has moved toward proactive compliance checks in the BPO sector, recognizing the industry's scale and the volume of sensitive personal data it handles.

Notable Enforcement Cases

In its 2022 annual report, the NPC cited a case involving a Philippine employer who had been monitoring employee emails on company servers without any disclosure. The NPC found a violation of the transparency principle and ordered the employer to update its privacy notice, adopt an email monitoring policy, and pay an administrative fine. While the specific fine was not publicly disclosed, the case established that even passive server-side monitoring requires prior disclosure.

A separate 2023 case involved a BPO that retained call recordings for three years without a documented business justification for that retention period. The NPC found this violated the data minimization and proportionality principles and ordered the BPO to implement a 90-day retention policy for routine QA recordings. The case has become a reference point for BPO data retention practices across the industry.

Employee Rights Under the DPA

Philippine employees whose monitoring data is collected have the following rights that employers must be prepared to honor:

  • Right to be informed — Employees must be told before monitoring begins
  • Right of access — Employees may request to see their monitoring data
  • Right to object — Employees may object to processing that causes harm to them
  • Right to erasure — Employees may request deletion of data that is no longer necessary
  • Right to file a complaint — Employees may complain directly to the NPC at no cost

An employer who cannot respond to a data access request within 15 working days (the NPC's standard timeframe) faces potential complaint proceedings. Monitoring software that enables easy data export by employee name directly supports access request compliance.

For multinational employers and BPOs operating across Southeast Asia, understanding how Philippine monitoring requirements compare to neighboring countries is essential for building a consistent regional compliance framework.

Philippines vs. Singapore

Singapore's Personal Data Protection Act (PDPA) and its Employment of Foreign Manpower Act create a somewhat lighter regulatory environment for employee monitoring than the Philippine DPA. Singapore's PDPA explicitly excludes business contact information and employee data used exclusively for employment purposes from many consent requirements. See our full guide on employee monitoring laws in Singapore for a detailed breakdown.

Philippines vs. Malaysia

Malaysia's Personal Data Protection Act 2010 is broadly similar to the Philippine DPA in structure but predates the NPC's advisory opinion framework. Malaysian employers benefit from clear PDPA guidance on employee monitoring via the Personal Data Protection Commissioner's published standards. Compare the frameworks in our guide on employee monitoring laws in Malaysia.

Philippines vs. EU GDPR

Philippine BPOs receiving work from EU-based clients must satisfy both DPA requirements on the Philippine side and GDPR requirements on the EU side for employee data that flows across borders. The GDPR is generally more prescriptive than the DPA regarding employee monitoring, particularly around automated decision-making (Article 22) and the requirement for explicit consent for high-risk processing. Read our full analysis of GDPR employee monitoring compliance to understand the EU overlay on Philippine BPO operations.

Built for Philippine BPO and Employer Compliance

eMonitor's configurable monitoring — work-hours-only activation, employee-visible dashboards, adjustable screenshot frequency — aligns with NPC proportionality guidance without sacrificing operational visibility.

Start Free Trial Book a Demo

How Should Employers Configure Monitoring Software for Philippine DPA Compliance?

The legal framework is only half the picture. How monitoring software is actually configured determines whether the implementation matches the legal basis claimed. The following configuration principles follow from NPC Advisory Opinion 2024-003 and DPA requirements.

Work-Hours-Only Activation

Monitoring software should be configured to activate only when employees clock in for their shift and deactivate at clock-out. Monitoring that continues outside declared work hours — including meal breaks if the employee is not being paid — has no defensible legal basis and has been identified by the NPC as a proportionality concern. eMonitor activates only after employee clock-in, ensuring that no personal activity outside work hours is captured.

Transparent Employee Access to Their Own Data

The DPA's transparency principle is best operationalized by giving employees real-time access to their own monitoring data. When an employee can see their own activity logs, screenshot history, and productivity metrics, the monitoring cannot reasonably be characterized as covert or oppressive. This employee-facing transparency is a compliance differentiator that helps satisfy both the NPC's expectations and the Labor Code's requirement that monitoring respect employee dignity. Explore eMonitor's approach to transparent team monitoring for distributed workforces.

Configurable Screenshot Frequency

In direct response to NPC Advisory Opinion 2024-003's preference for spot-checks over continuous recording, eMonitor allows administrators to configure screenshot frequency — from every few minutes to less frequent periodic captures. This configuration decision should be documented in the DPIA as the selected monitoring method and explained in the employee privacy notice as the disclosure of what will be captured.

Role-Based Access Controls

Monitoring data must be accessible only to personnel with a legitimate need. Configuring role-based access so that only the employee's direct supervisor and HR have access to individual monitoring data — rather than making it visible to all managers or administrators — reduces the risk of unauthorized use and demonstrates the DPA's principle of limiting access to authorized recipients. The employee monitoring consent form template includes a disclosure section for specifying who has access to monitoring data.

Automated Data Retention Enforcement

A data retention schedule is only as good as its enforcement. Compliance teams at BPOs with thousands of agents cannot manually delete monitoring data across multiple systems on rolling 90-day windows. Automated deletion rules — configured within the monitoring software itself — ensure that retention limits are met regardless of operational workload. Document the automated retention configuration in the DPIA as a technical safeguard against excessive retention.

Frequently Asked Questions: Employee Monitoring Laws Philippines

Is employee monitoring legal in the Philippines?

Employee monitoring is legal in the Philippines when conducted under the Data Privacy Act of 2012. Employers must establish a lawful basis such as consent or legitimate interest, inform employees before monitoring begins, limit data collection to what is necessary, and retain monitoring data only as long as required. The NPC oversees enforcement and has issued specific guidance on webcam monitoring via Advisory Opinion 2024-003.

What is NPC Advisory Opinion 2024-003?

NPC Advisory Opinion 2024-003 is guidance issued by the Philippines National Privacy Commission specifically addressing webcam monitoring of remote workers. The NPC ruled that webcam monitoring is permissible only with prior employee consent, full disclosure of monitoring scope, limitation of footage use to the stated purpose, and deletion of footage once it is no longer necessary. The advisory recommends random spot-checks over continuous recording as the less privacy-intrusive approach.

Can Philippine employers monitor remote workers?

Philippine employers may monitor remote workers under the Telecommuting Act (RA 11165), but must respect employee privacy rights even during remote work. Monitoring must be limited to work hours and work-related activities, carried out on company-issued devices, disclosed in the telecommuting agreement, and proportionate to the legitimate business interest being served. The NPC's 2024-003 advisory provides specific guidance for webcam-based monitoring of telecommuters.

What fines does the NPC impose for Data Privacy Act violations?

The NPC may impose administrative fines up to PHP 5,000,000 per violation. Criminal penalties apply to intentional violations: unauthorized processing of personal information carries one to three years' imprisonment and fines up to PHP 500,000, while unauthorized processing of sensitive personal information — including biometric data such as facial images captured via webcam — carries three to six years' imprisonment and fines up to PHP 4,000,000.

Do BPOs in the Philippines need special consent procedures for monitoring?

BPO employers typically obtain employee consent to monitoring through the employment contract and a privacy notice signed on the first day of employment. The NPC considers consent at hiring valid for routine QA monitoring, provided the employee is clearly informed of what is monitored, why, and how long data is retained. For client-mandated monitoring requirements, BPOs should document the client contract as an additional basis under legitimate interest in the privacy notice.

Can Philippine employers transfer monitoring data to foreign BPO clients?

Cross-border transfer of employee monitoring data is permitted under the DPA when the recipient country has adequate data protection measures or when a data sharing agreement is in place. Section 21 requires that transfers maintain a comparable level of protection to Philippine law. A data sharing agreement specifying permitted uses, retention limits, and security standards is the standard compliance mechanism for BPOs serving foreign clients.

What monitoring is permitted on company computers under the Cybercrime Prevention Act?

Under RA 10175, employers are generally permitted to monitor employee activity on company-owned computers, provided a monitoring policy is disclosed in writing before monitoring begins. Courts have upheld employer monitoring of company computers where employees have been informed that use may be monitored. Covert monitoring of personal devices or access to employees' private accounts without authorization remains unlawful regardless of device ownership.

What records must Philippine employers keep for monitoring compliance?

Philippine employers should maintain a privacy notice disclosing monitoring scope, a Record of Processing Activities covering monitoring, signed consent forms or acknowledgment records, data sharing agreements for cross-border transfers, and a data retention schedule documenting when monitoring data is deleted. The NPC may request these records during a compliance audit or complaint investigation, so records should be retrievable within the NPC's 15 working-day response window.

Does the Labor Code of the Philippines restrict employee monitoring methods?

The Labor Code affirms the employer's right to monitor employee performance but requires that methods not violate employee dignity or constitute oppressive conduct. Monitoring that publicly shames employees, captures private communications without authorization, or applies disproportionate scrutiny to protected groups may constitute a labor standards violation independent of any NPC proceeding. Employers should apply monitoring policies uniformly across comparable job roles.

Is screen recording of employees legal in the Philippines?

Screen recording on company-owned devices is legal in the Philippines when employees have been informed in writing. For BPO and call center operations, screen capture is a standard QA tool the NPC has recognized as a legitimate practice when documented in the privacy notice. Employers must limit recording to work hours, restrict access to authorized personnel, and delete recordings once the QA or compliance purpose is fulfilled.

How does eMonitor help Philippine employers stay compliant?

eMonitor's monitoring activates only during declared work hours, employees can view their own activity data through a personal dashboard, screenshot frequency is configurable to support the spot-check approach recommended in Advisory Opinion 2024-003, and data export tools support retention schedule enforcement. These design choices support the NPC's principles of transparency, proportionality, and data minimization across Philippine BPO and enterprise deployments.

Related Compliance Resources

GDPR Employee Monitoring Compliance

How EU GDPR affects Philippine BPOs serving European clients — cross-border transfer requirements and GDPR overlay.

Read guide →

Employee Monitoring Laws: Singapore

How Singapore's PDPA compares to the Philippine DPA for regional compliance planning across Southeast Asia.

Read guide →

Employee Monitoring Laws: Malaysia

Malaysia's PDPA 2010 framework for employee monitoring — similarities and differences with Philippine requirements.

Read guide →

Monitor Your Philippine Team With Confidence

1,000+ companies trust eMonitor to provide compliant visibility into workforce productivity. Work-hours-only monitoring, employee-transparent dashboards, and configurable data retention — designed for the NPC's expectations.

Start Free — No Credit Card Download Consent Form Template

Sources and Further Reading

  • Republic Act 10173, Data Privacy Act of 2012 — privacy.gov.ph
  • NPC Advisory Opinion 2024-003 on Webcam Monitoring of Remote Workers — National Privacy Commission, 2024
  • Republic Act 11165, Telecommuting Act — Official Gazette of the Philippines, 2018
  • Republic Act 10175, Cybercrime Prevention Act of 2012 — Official Gazette of the Philippines
  • NPC Circular 16-01: Data Protection Officer Requirements — National Privacy Commission
  • NPC Circular 16-02: Security of Personal Data — National Privacy Commission
  • NPC Annual Report 2023: Complaint Statistics — National Privacy Commission
  • IBPAP Philippine IT-BPM Industry Roadmap 2028 — Information Technology and Business Process Association of the Philippines, 2024
  • Presidential Decree No. 442, Labor Code of the Philippines (as amended)