‘Comeleaks’ included in impeach raps vs Bautista
The breach in voters’ data prior to the elections last year or the so-called “Comeleaks” will be included in the impeachment complaint to be filed against Commission on Elections (Comelec) Chairman Andres Bautista in the House of Representatives tomorrow.
The complainants, to be led by former Negros Oriental representative Jacinto Paras, will raise the criminal liability of Bautista in the hacking of the Comelec website that led to the leakage of voters’ database – as discovered by the National Privacy Commission (NPC) – as one of the grounds in the impeachment complaint.
Paras’ lawyer Manuelito Luna bared that Bautista’s accountabilities for the data breach and the script tweak of the server during the 2016 elections constitute betrayal of public trust and culpable violation of the Constitution.
He said they would submit to the House the NPC decision last December finding Bautista liable for lack of appreciation for data protection, which the commission said was more than just the implementation of security measures.
The NPC concluded that Bautista’s willful and intentional disregard of his duties as head of agency is tantamount to gross negligence.
“A head of agency making his acts depend on the recommendations of the executive director of the Information Technology Department amplifies the want of even slight care. The duty to obey the law should begin at the top and
should not be frustrated simply because no employee recommended such action,” the NPC said in its decision released last January.
“Data privacy is more than the deployment of technical security; it also includes the implementation of physical and organizational measures, as well as regular review, evaluation and updating of Comelec’s privacy and security policies and practices,” it stressed.
The commission specifically cited violations of Sections 11, 20 and 21 of Republic Act 10173 or the Data Privacy Act in dispensing the poll body’s duty as personal information controller.
The NPC stressed that Bautista also violated several provisions of the same law, which penalizes accessing sensitive personal information due to negligence and imposes imprisonment of three to six years and a fine of P500,000 to P4 million.
The law also accords additional penalties when the offender is a public officer, consisting of disqualification from public office.
Bautista was ordered to appoint a data protection officer and conduct an agency-wide privacy impact assessment.
The NPC also recommended to the Department of Justice to look into possible prosecution of Bautista under the Cybercrime Prevention Act.
The DOJ indicted last June an official of Smartmatic Inc., the technology provider of Comelec for the automated polls, over the alteration of script in the transparency server on the eve of the general elections in May 2016.
Prosecutors have found probable cause to file a case for violation of Republic Act 10175 (Cybercrime Prevention Act) against Smartmatic technical support head Marlon Garcia for unauthorized access of the computer and intentional and reckless altering of computer data.
The DOJ resolution, however, did not include Bautista, owing to his immunity from criminal suit as an impeachable official.
Apart from the “Comeleaks” controversy, the impeachment complaint is expected to cite as grounds the alleged hidden wealth of Bautista or misdeclaration in his statement of assets, liabilities and net worth (SALN) and receipt of referral fees or commissions from the Divina Law Office as alleged by his estranged wife Patricia Paz.