March 28, 2017 | 11:10 AM GMT+0800 Last Edit: March 28, 2017
About a year after the Comeleak data breach, which exposed the personal data of over 55 million Filipino voters, the National Privacy Commission (NPC) is rallying Data Protection Officers (DPOs) from government agencies to adopt a proactive approach in the fight for data protection of citizens in a series of conferences, which invoke the famous 70’s slogan “Kung ‘di tayo kikilos, sino ang kikilos? Kung hindi ngayon, kailan pa?”
Privacy Commissioner and Chairman Raymund Enriquez Liboro said the slogan is very appropriate as a DPO battle cry, which is attributed to student journalist Abraham “Ditto” Sarmiento Jr.
“The biggest lesson we have learned from the Comeleak breach is that, at the end of the day, we have no better recourse really than prevention and vigilance, which are essentially roles of DPOs. They are the people’s first line of defense against privacy violations inside an organization, and the NPC is here to help them help their organizations in fully complying with the Data Privacy Act of 2012 to reduce the likelihood of breach incidents like the Comeleak from happening,” Liboro said.
Dubbed as “DPO1: The 1st Data Protection Officers’ Assembly,” the first conference in the series focuses on government DPOs. It is a half-day event set on April 05, 2017, 8:00 AM, at the Diosdado Macapagal Hall, 10th Floor, Land Bank Plaza, 1598 M.H. Del Pilar, corner Dr. J. Quintos St., Malate, Manila.
In a meeting with palace reporters today, Commissioner Liboro said the DPO1 is meant to enable government DPOs to quickly master their new responsibilities and assert their crucial role within their respective organizations.
“The DPO functions as an advocate and watchdog for data privacy inside an organization. Although the DPO works as an employee of the organization, it is his or her job to champion the privacy rights of individuals, and advocate for it above the immediate business interests of his employer,” Liboro said.
DPO1 is tailor-fitted to the unique needs and more stringent requirements of government DPOs. It is designed to provide them with basic compliance support for their organizations, access to the DPO1 knowledge database, and membership to NPC’s long-term professional support network for DPOs, among others. The NPC intends to primarily do this through its website, which will be launched during the event. The agency website will also cater the public who would want to know more about data privacy or file related complaints.
The NPC intends the DPO conference series to institutionalize the profession to world-class standards. Since data protection issues vary across sectors and industries, however, the Commission decided on a targeted communication approach. After DPO1, the NPC shall prepare for the next round of DPO conferences for other sectors such as banks and financial institutions, BPOs, academic institutions, and health service establishments.
The Commission expects around 300 participants in the DPO1, coming mostly from national government agencies (NGAs) and government-owned and controlled corporations (GOCCs). Through the event, the NPC also hopes to establish a sense of community among government DPOs, enabling them to collaborate on mutual projects, consult on common concerns, and share best practices.
Speaking last week at the Manila Chapter of ISACA, a nonprofit, global association for IT and information systems professionals, Commissioner Liboro has announced the release of the NPC’s official DPO guidelines for organizations. It discusses the job-scope, responsibilities, and qualifications of a DPO for public and private organizations.
The NPC is a regulatory and quasi-judicial body constituted in March 2012 by virtue of RA 10173, otherwise known as the Data Privacy Act of 2012. Headed by one commissioner and two deputy commissioners, the agency is mandated to uphold the right to data privacy and ensure the free flow of information, with a view to promoting economic growth and innovation.
Contact Person: Michelle Saquido – [email protected]