SEC wants financial markets to protect stakeholders vs online privacy breach
The Securities and Exchange Commission (SEC) has ordered the Philippine Stock Exchange (PSE), the Philippine Dealing and Exchange Corp. (PDEX), listed companies and other market institutions to protect their stakeholders against online data breach and other cyber crimes.
Specifically, the SEC’s Markets and Securities Regulation Department (MSRD) ordered the different market institutions to comply with data privacy laws and data protection regulations.
The market institutions are required to submit their compliance report within 30 days.
In a letter to the PSE, MSRD director Vicente Graciano Felizmenio Jr. said Republic Act 10173 or the Data Privacy Act of 2012 aims to protect personal data in the information and communications systems both in the government and the private sector.
“It mandates entities or organizations processing personal data to establish policies and implement measures that guarantee the safety and security of personal data under their control or custody,” Felizmenio said.
“Aside from the Data Privacy Act and the EU General Data Protection Regulations, the Securities and Regulation Code (SRC) rules mandate market participants to have a comprehensive information technology plan and to subject their IT, trading, business continuity, disaster recovery and risk management systems to a regular review and audit by is dependent firm,” he said.
All of these are designed to ensure that trading in the market are efficient, not interrupted and not susceptible to glitches, as well as for the protection of personal and other data against any accidental or unlawful destruction, alteration and disclosure, and against any other unlawful processing,” Felizmenio added.
The SEC has recognized that data breaches have become more rampant with the advancement of technology.
ABS-CBN Corp. last month temporarily shut down two online stores that were targets of a data breach that could have exposed the personal and financial information of over 200 customers.
The stores involved were ABS-CBN stores (store.abscbn.com) and the UAAP Store (uaapstore.com).