PAW 2020: NPC calls for privacy boost amid quarantine easing

May 30, 2020 | 1:39 PM GMT+0800 Last Edit: June 2, 2020

As the government gradually eases quarantine restrictions in the country, Filipino privacy professionals and advocates on Friday gathered virtually for the 3rd National Data Privacy Conference to discuss how organizations may best navigate the emerging new normal to ensure data subject trust remains intact.

Speaking to some 2,000 online participants, many of whom are registered Data Protection Officers (DPOs), Privacy Commissioner Raymund Enriquez Liboro urged for the adoption of better defenses against growing attempts at breaching walls protecting sensitive personal data of the public in the time of pandemic.

“Many of the coping and mitigation measures to deal with the pandemic involve the use of personal data,’’ Liboro said in his opening remarks at the half-day virtual conference titled, “Enabling Trust in the New Normal: Reimagining Privacy in the Time of Pandemic.”

“While some aspects of data processing may have changed due to the state of public crisis, the basics remain the same – people’s sense of trust that their data is in good hands will largely determine our level of success with those measures,’’ he added.

Organized by the National Privacy Commission (NPC) in celebration of the Privacy Awareness Week (PAW) 2020, the online event also gained over 11,000 views on a social media platform.

Liboro’s call for reinforced privacy safeguards comes as cyberattacks are showing no signs of abating.

18 million phishing attacks daily

Panelist Raymund Nuñez, an adjunct professor at the Electrical and Engineering Institute of UP Diliman, noted that Google was blocking 18 million daily phishing attacks.

The conference took place just hours after PLDT ‘s broadband customer service account on Twitter was hacked, endangering the personal data of more than 100,000 followers and as many accounts.

`We have preliminary findings,’’ said PLDT DPO Leah Camilla Jimenez, also a panelist, said of the breach. PLDT is required to submit a report to the National Privacy Commission about the breach as part of the protocol under the Data Privacy Act.

Jimenez said that trust was connected to safekeeping of information and that “the trustworthiness of a company and the DPO will be tested all the time, especially today.’’

Citing Frank William Abagnale Jr., a con man turned international cyber security expert, EastWest Bank DPO Manuel Joey Regala said it was four times easier to hack today.

DPOs must adapt like the insect-eating chameleon as the environment changes abruptly “so we can hunt hackers,’’ said Regala, also a panelist. “The hacker is to the DPO as the insect is to the chameleon.’’

PPEs for DPOs
Using one of the commonly used terms in the pandemic, he said DPOs must be equipped with PPEs, referring to personal knowledge, process and equipment.

Personal knowledge includes having timely awareness of current threats and phishing attacks, while process involves adopting policies and guidelines, according to Regala.

He said equipment would refer to a secured Wi-Fi connection and VPN, which hides one’s location, as well as multifactor authentication, hard-disk encryption, and data- leak and advanced-threat protection.

San Miguel Corp. DPO Gelalyn Boquiren shared her insights on the impact of the pandemic on the retail and sectors, and on data subjects.

Boquiren said many activities in retail and manufacturing could be done at home save for the actual making of goods.

She observed that the retail to customer cycle had become more digital and more secure.

Princess Lou Ascalon of IBM Philippines said that clients had demanded the names of PUI (person under investigation for the new coronavirus) among BPO employees. But because of the guidelines issued by the NPC and Department of Health on contact tracing, IBM decided to just tell the clients about the presence of PUIs but their names were not disclosed.

“Data privacy has never been more important than today for consumers and businesses,’’ Ascalon said.

“Data trust marks are important for businesses and coveted by those who don’t have it,’’ she added.

In his remarks, Liboro said: “PAW 2020 is all about exploring how government and private organizations may win and maintain trust amid the changing times and the emerging new normal.’’

PAW 2020 is annually celebrated every May 25 to 31, pursuant to Presidential Proclamation No. 527 signed by President Rodrigo Roa Duterte in 2018. It is observed in recognition of the “need to inform and educate the public about data privacy, data protection and fair information rights and responsibilities as part of reinforcing the efforts of the NPC in protecting personal data and ensuring the Philippines’ compliance with international standards set for data protection.”

Highlights of the video conference may be viewed at paw2020.privacy.gov.ph, while the full recording is available for replay at facebook.com/privacy.gov.ph.

# # #