Pri­vacy is­sues wors­en­ing

Sun.Star Cebu - - OPINION - NINI CABAERO nini­[email protected]

The agency placed in the lime­light when­ever there is a mas­sive data breach that af­fects per­sonal in­for­ma­tion of Filipinos is the Na­tional Pri­vacy Com­mis­sion (NPC).

With the steal­ing of con­fi­den­tial data of in­di­vid­u­als no longer iso­lated, this gov­ern­ment agency has to in­ves­ti­gate the breach, re­quire those re­spon­si­ble to ac­count for what hap­pened, and as­sure the pub­lic that the steal­ing of their in­for­ma­tion will not hap­pen again.

The year 2018 saw sev­eral in­ci­dents of mas­sive data breach where per­sonal and con­fi­den­tial in­for­ma­tion of Filipinos was taken with­out per­mis­sion, il­le­gally or by fraud. There was the Face­book data breach last Oc­to­ber and sim­i­lar vi­o­la­tions of the Mar­riott and Cathay Pa­cific sys­tems.

In the case of the Face­book breach, the NPC or­dered the so­cial me­dia gi­ant to in­form Filipino users who were af­fected by the se­cu­rity vi­o­la­tion and tell them what to do to pro­tect them­selves. Face­book said a se­cu­rity breach may have com­pro­mised 30 mil­lion ac­counts last Septem­ber. Of the 30 mil­lion, 755,973 users are in the Philip­pines. What the data thieves did with the in­for­ma­tion they stole was not known.

So, what hap­pened at the Depart­ment of For­eign Af­fairs (DFA) last week was not the first time a mas­sive data breach af­fect­ing thou­sands of Filipinos hap­pened. But, in the DFA in­ci­dent, the num­ber of those who may have lost their per­sonal in­for­ma­tion in their pass­ports could bal­loon to the mil­lions. You would think lessons were learned af­ter the gov­ern­ment faced past pri­vacy chal­lenges. Ap­par­ently not when the breach in­volves a gov­ern­ment sys­tem, rather than a pri­vate cor­po­ra­tion.

The NPC said it would in­ves­ti­gate the case of a for­mer DFA con­trac­tor who re­port­edly stole pass­port data. How the NPC han­dles this case will be a test of its ef­fec­tive­ness in pro­tect­ing pri­vacy. How it acts on this breach would re­flect on its abil­ity to pro­tect Filipinos as gov­ern­ment em­barks on a mas­sive data gath­er­ing through the na­tional iden­ti­fi­ca­tion or ID sys­tem that will be im­ple­mented this year.

I got to know about the NPC af­ter Pres­i­dent Ro­drigo Duterte signed the na­tional ID law last Au­gust. The law cre­ated the Philip­pine Iden­ti­fi­ca­tion Sys­tem and said its pur­pose is “to im­prove the de­liv­ery of gov­ern­ment and other ser­vices to the pub­lic, es­pe­cially those who lack gov­ern­ment-is­sued iden­ti­fi­ca­tion cards.”

In brief­ings, the NPC said it would pro­tect the peo­ple’s data pri­vacy rights un­der the na­tional ID sys­tem in the light of fears of pri­vacy vi­o­la­tions.

This is the im­me­di­ate chal­lenge for the NPC – to ver­ify re­ports on the pass­port data breach, find the ex­tent of the vi­o­la­tion, and iden­tify those re­spon­si­ble for the in­fringe­ment of peo­ple’s rights. The next steps will be on safe­guard­ing it does not hap­pen again.

How it ad­dresses this lat­est DFA data breach would show the NPC’s sin­cer­ity to up­hold pri­vacy rights of Filipinos who will be re­quired by law to give out per­sonal in­for­ma­tion as data re­quire­ment for the na­tional ID.

Newspapers in English

Newspapers from Philippines

© PressReader. All rights reserved.