LATEST UPDATES



52nd APPA FORUM OPENS IN CEBU

December 2, 2019

The 52nd Asia Pacific Privacy Authorities (APPA) Forum officially opened in Cebu today, with privacy commissioners from 14 jurisdictions across the region convening in closed sessions, to deliberate on emerging technology trends and threats that impact privacy, share best practices, explore new policy directions, and build institutional partnerships. In his opening remarks, Philippine Privacy Commissioner […]

READ MORE



Following NPC stop processing order on 26 online lenders, drop in complaints seen

December 1, 2019

Privacy-related online lending complaints have drastically declined a month following recent enforcement actions by the National Privacy Commission (NPC) on dubious online lending applications. The issue is among the topics for discussion at the 52nd Asia Pacific Privacy Authorities (APPA) Forum in Cebu City, where privacy commissioners from all over the Asia Pacific region and […]

READ MORE



PH to host 52nd APPA Forum in Cebu

November 22, 2019

The Philippines is set to host the 52nd Asia Pacific Privacy Authorities (APPA) Forum in Cebu with the National Privacy Commission (NPC) taking the lead. Privacy commissioners from the region and guest ASEAN representatives are expected to converge for the main event at the Shangri-La’s Mactan Resort and Spa on 2-3 December 2019. During the […]

READ MORE



NPC sets up DPO COMPLex workshop for GOV’T

November 12, 2019

The National Privacy Commission (NPC) is set to conduct the DPO COMPLex experiential compliance workshop for government Data Protection Officers (DPOs) on November 13 – 14 at the Luxent Hotel in Quezon City. This following a marked improvement in this year’s DPO registration figures for the sector. State Universities and Colleges (SUCs) saw the biggest […]

READ MORE



NPC issues guidelines to prevent data compromise this Undas 2019

October 31, 2019

The National Privacy Commission (NPC) advises Filipinos observing All Saints’ Day and All Souls’ Day to take preventive security measures to avoid compromising data on their device and data systems. For travelers, something as simple as avoiding the use of a public charging station will help keep their device and personal data safe. In the […]

READ MORE



Order: Violations of the Data Privacy Act by Several Companies Operating Online Lending Applications

October 23, 2019

Order to Stop Personal Data Processing in re: Violations of the Data Privacy Act by Several Companies Operating Online Lending Applications As published in The Philippine Star, The Daily Tribune and Philippine Daily Inquirer on 21 October 2019.

READ MORE



NPC shuts down 26 online lending companies

October 21, 2019

The National Privacy Commission has imposed a ban on the processing of personal data against operators of 26 online lending applications, as part of the agency’s continuing crackdown on online lenders that resort to public shaming of borrowers. In an Order dated 18 October 2019 published today, the NPC said the companies behind the 26 […]

READ MORE



Violations of the Data Privacy Act of Several Companies Operating Online Lending Applications

October 8, 2019

Order for Summary Hearing on 15 October 2019 re Violations of the Data Privacy of Several Companies Operating Online Lending Applications As published in The Philippine Star, The Daily Tribune and Philippine Daily Inquirer on 04 October 2019

READ MORE



NPC Summons 67 more online lenders

October 4, 2019

The National Privacy Commission (NPC) today issued summons by publication aimed at 67 unlisted operators of online lending applications, who were subject of data privacy complaints but whose identities and business addresses elude detection. In an Order for Summary Hearing published in three newspapers of general circulation, the NPC is ordering the board of directors […]

READ MORE



PH joins APEC privacy system

September 20, 2019

The Philippines has formally joined the Cross-Border Privacy Rules (CBPR) System, a move seen to expand its trading opportunities within the Asia Pacific region by eliminating data-flow barriers when transacting with member economies of the Asia Pacific Economic Cooperation (APEC) through the adaption of common standards for data privacy. The National Privacy Commission (NPC) recently […]

READ MORE



Press Statement of Privacy Commissioner Raymund Enriquez Liboro on the industry-wide Code of Ethics and Code of Conduct by FinTech Alliance

September 16, 2019

The National Privacy Commission is steadfast in protecting Filipino citizens in this rapidly-developing field of financial technology. We are very much committed to our primary goal: “to ensure balance of free flow of information while protecting the privacy of all data subjects”. Our Commission recognizes that one important component of successful digital governance is making […]

READ MORE



PH, Singapore sign MoU on Personal Data Protection

September 10, 2019

MANILA, Philippines — The Philippines and Singapore agreed to share best practices in personal data protection and develop compatible mechanisms to facilitate trusted cross border data flows including mutual recognition of comparable protection afforded by their respective laws to safeguard both Philippines and Singapore citizens. Philippine President Rodrigo R. Duterte and Singapore President Halimah Yacob […]

READ MORE



Press Statement of Privacy Commissioner Raymund E. Liboro RE: Fact-finding reports on 3 major online lenders

September 6, 2019

The National Privacy Commission received this year multiple complaints against online lending companies. We received a total of 921 complaints reporting essentially the same facts: Use of contact list or phone directory without consent or authority; Disclosure of unwarranted or false information to other persons; Use of personal information for harassment and threatening communications; and […]

READ MORE



Online lending execs face jail terms for data privacy violations

September 6, 2019

The National Privacy Commission (NPC) has concluded its investigation on three major online lending companies in the country for alleged public shaming of borrowers and has found that their operators may be liable for imprisonment of up to 7 years and fines of not more than P5 Million under the Data Privacy Act of 2012 […]

READ MORE



NOTICE TO THE PUBLIC: Beware of fakers pretending to represent the NPC

September 4, 2019

This is to warn the public about scammers pretending to be employees of the National Privacy Commission (NPC). The NPC has received several reports that the administrator/s of a Facebook page named “Anti-Loan Shark Philippines” are claiming to be employed or connected with us. Worse, they pretend to be authorized to collect fees for individuals […]

READ MORE



PH leads ASEAN’s move to protect privacy

August 22, 2019

The Association of Southeast Asian Nations (ASEAN) took a major step in harmonizing regional data protection, privacy regulations and initiatives by launching the first ASEAN Data Protection and Privacy Forum in Bangkok, Thailand with the Philippines at the helm. The Philippines was represented by Privacy Commissioner Raymund Enriquez Liboro, who chaired the Forum’s inaugural meeting. […]

READ MORE



NPC forms coalition to protect “digital Filipino”

May 23, 2019

Coming on the heels of a surge in citizen complaints of alleged privacy harassments from online lenders, more than 2,000 Data Protection Officers (DPO) from major government offices and leading businesses today joined the National Privacy Commission’s (NPC) call to form a united front to strengthen the protection of peoples’ personal data. “Our common goal […]

READ MORE



NPC conducts hearings on 48 online lending apps after over 400 harassment complaints

May 21, 2019

Over 400 complaints of alleged harassment and shaming by various mobile online lending operators have swamped the National Privacy Commission (NPC) recently, with borrowers crying foul over perceived reputational harm and abuse of their data privacy rights. Speaking to reporters, Privacy Commissioner Raymund Enriquez Liboro said the agency is presently handling a total of 485 […]

READ MORE



Press Statement of Privacy Commissioner Raymund Enriquez Liboro
RE: PERSONAL DATA PROCESSING BY ELECTION CANDIDATES

May 10, 2019

1. It has come to our attention that some individuals posted on social media about receiving from candidate/s a “precinct locator” or “voter’s information” card, printed with their personal data – name, complete residential address, date of birth, among others. 2. Concerns were raised over the possibility that these candidates may be processing voter personal […]

READ MORE



NPC launches Privacy Awareness Week 2019 official website

May 6, 2019

The National Privacy Commission (NPC) is enjoining personal information controllers and processors in the private and public sectors to celebrate the National Privacy Week 2019 (PAW) on May 25 to 31, with the launch on Friday of its official event website: paw.privacy.gov.ph. Pursuant to President Rodrigo Roa Duterte’s Proclamation No. 527 signed last year, the […]

READ MORE



PH, Singapore co-lead the ASEAN Data Protection and Privacy Forum

May 1, 2019

The National Privacy Commission (NPC) is closely working with Singapore’s Personal Data Protection Commission (PDPC) in developing the ASEAN Framework on Digital Data Governance. In the 2nd Working Group Meeting on ASEAN Digital Data Governance Framework recently at the Diamond Hotel in Makati, Privacy Commissioner Raymund Enriquez Liboro formally accepted Singapore’s invitation for the Philippines […]

READ MORE



Press Statement of Privacy Commissioner Raymund Enriquez Liboro
RE: BREACH NOTIFICATION BY CEBU AIR, INC.

April 25, 2019

1. At 11:37 AM today, Cebu Air, Inc. emailed a preliminary notification to the National Privacy Commission informing us of an “unauthorized breach” of its website’s database (www.getgo.com.ph), as prescribed by NPC protocols. 2. In the notification, the company’s Data Protection Officer (DPO) Randall Evangelista, said the “extent and nature” of the breach is still […]

READ MORE



NPC cautions offices on personal data protection issues during Holy Week 2019

April 17, 2019

The National Privacy Commission (NPC) is reminding public and private offices to be extra vigilant against hackers and data thieves this Lenten break. Privacy Commissioner Raymund Enriquez Liboro said Personal Information Controllers (PICs), Personal Information Processors (PIPs), and Data Protection Officers should ensure personal information under their organization’s care are safeguarded from potential cybersecurity attacks, […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro on the recent April Fool’s hacking incidents

April 4, 2019

1. Beginning 1 April 2019 until yesterday, the National Privacy Commission has gathered reports and claims of alleged hacking incidents of certain websites that may have involved personal data. 2. The incidents include hacking of individual user accounts on Facebook, Twitter, Yahoo, and Wattpad, among others. There were also some websites operated by some private […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro on Facebook’s Use of Plain Text in Stored Passwords

March 22, 2019

1. Today Facebook announced that millions of users’ passwords were discovered in January to be stored in a readable format within their internal data storage systems. This first came about after a revelation by a security expert, who claims that this practice has been going on since 2012 and that the passwords could be accessed […]

READ MORE



NPC postpones submission of 2018 Annual Security Incident Report

March 21, 2019

The National Privacy Commission (NPC) has postponed indefinitely the submission of the Annual Security Incident Report (ASIR) covering the calendar year 2018. The Commission is currently revising some of its key processes with a view to enhancing reportorial efficiency and harmonizing documents submissions with the Department of Information and Communications Technology. The revisions aim to […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro on the Mobile Number Portability Act recently signed by President Rodrigo Roa Duterte

February 20, 2019

1. We laud President Rodrigo Roa Duterte for signing the Mobile Number Portability Act. The law provides mobile postpaid or prepaid subscribers with the mechanism to retain an existing mobile number despite having moved from one mobile service provider to another. This gives data subjects control over their data which is a basic tenet under […]

READ MORE



Official Statement of Privacy Commissioner Raymund E. Liboro

January 30, 2019

Re: BREACH NOTIFICATION BY GLOBE TELECOM INC. On Sunday, Jan 27, 2019, Globe Telecom, through its Data Protection Officer, formally notified the NPC of a personal data breach. Based on their report, the personal data breach occurred due to a system error, potentially affecting 8851 customers. Our team is still evaluating the incident and verifying […]

READ MORE



Privacy Commission extends validity of registration until 2020

January 22, 2019

Personal Information Controllers (PICs) and Personal Information Processors (PIPs) that completed at least Phase-I of their registration with the National Privacy Commission (NPC) by 2018 are not required to renew their registration this year. The validity of their registration is extended until 8 March 2020. They are also entitled to an official digital certificate of […]

READ MORE



Official Statement of Privacy Commissioner Raymund Enriquez Liboro on the Cebuana Lhuiller Breach

January 19, 2019

1. On Friday, 18 January 2019, representatives from Cebuana Lhuiller went to the National Privacy Commission to seek assistance regarding a data breach involving their email server. At the meeting, they committed to submit a more detailed report regarding the data breach. Cebuana Lhuiller informed us that it has engaged the services of a third […]

READ MORE



NPC opens passport data probe

January 16, 2019

The National Privacy Commission (NPC) has granted the Department of Foreign Affairs (DFA) 5 more days before formally facing its preliminary fact-finding inquiry on the passport data issue. In a meeting this morning, the NPC’s Legal and Enforcement Office asked DFA representatives headed by Director Anthony A.L. Mandap to give preliminary details surrounding the issue. […]

READ MORE



Press Statement of Privacy Commissioner Raymund E. Liboro on DFA’s Claim Regarding Philippine Passport Data

January 12, 2019

The National Privacy Commission shall conduct its own investigation on the Department of Foreign Affairs assertion that a private contractor has caused the non-availability of Filipino passport data and other documents entrusted to it for processing. Any form of non-availability of personal data, infringement of the rights of data subjects, and harms from processing that […]

READ MORE



NPC launches DPO ACE Program, sets benchmark for data privacy training in PH

December 12, 2018

The National Privacy Commission (NPC) today unveiled its DPO Accountability, Compliance, and Ethics (ACE) Program, aimed at establishing a skills benchmark for local privacy professionals, amid the spike in demand for high-quality data privacy trainings in the country. Around 50 practicing Data Protection Officers (DPOs) from leading government offices and top corporations attended the pilot […]

READ MORE



PH telcos, 3rd player told: compete on data privacy and protection to win customer trust

December 6, 2018

The National Privacy Commission (NPC) is urging local telecommunications operators Globe, Smart, and the incoming third player, Mislatel consortium to compete for consumer trust in terms of better services and better data privacy protection. “This is what’s good about competition, it’s the customers who decide who to trust. So, why not let the telcos compete […]

READ MORE



NPC calls for data privacy compliance in the travel & tourism sector at DPO20

November 21, 2018

Travel and tourism services in the country are seeing a steady, vibrant growth in demand, owing to the strong business climate and increasing domestic spending. Thus, there is a need for industry players to safeguard their customers’ trust by ensuring that personal information remains secure against data theft. At the 20th Data Protection Officers Assembly […]

READ MORE



NPC lauded for PH’s global leadership spot in ICDPPC

October 28, 2018

International and local governing bodies have commended the National Privacy Commission (NPC) for earning a global leadership role for the Philippines in international discussions on data privacy. Privacy Commissioner Raymund Enriquez Liboro represented the country in the International Conference of Data Protection and Privacy Commissioners (ICDPPC) held in Brussels, Belgium on Oct. 23. Following closed […]

READ MORE



PH WINS SEAT IN INT’L. PRIVACY BODY

October 25, 2018

Brussels- Belgium, Despite being a newcomer to data privacy regulation, the Philippines has earned a voting seat in the 5-member executive committee of the International Conference of Data Protection and Privacy Commissioners (ICDPPC), a worldwide conference of 119 independent regulators from all over the world, coming together to explore high-level proposals on data privacy and […]

READ MORE



PH joins 40th Int’l. Privacy Commissioners’ Conference

October 22, 2018

BRUSSELS, BELGIUM — The National Privacy Commission (NPC) is representing the Philippines in the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC), a premier global forum connecting the efforts of about 119 privacy and data protection authorities from over 70 countries across the globe. The NPC’s chairman and Philippine Privacy Commissioner Raymund Enriquez […]

READ MORE



UPDATED: PRESS STATEMENT OF PRIVACY COMMISSIONER RAYMUND ENRIQUEZ LIBORO ON FACEBOOK’S LATEST BREACH

September 29, 2018

1. At around 12:49 AM of September 28, we received informal notice from Facebook representatives that they had found a vulnerability in their app that was exploited by malicious attackers. 2. Facebook claims that the vulnerability affected around fifty million users, exposing personal data stored in their Facebook profiles. 3. The vulnerability was attributed to […]

READ MORE



Gov’t. taps “hack bayani” community to help secure PhilSys, data-driven public projects

September 28, 2018

1. Privacy Commissioner Raymund Enriquez Liboro is tapping the assistance of white hat hackers in the country to help secure Philippine cyberspace and help create robust public ICT systems in the country beginning with the soon-to-be implemented national identification card. 2. “We can do a lot more to help protect the data that will come […]

READ MORE



NPC eyes fully digital PH by 2040

September 19, 2018

1. The National Privacy Commission (NPC) said the country’s bid to be a fully-digital, high-trust society in 20 years is feasible as the government’s ICT and data privacy initiatives remain on on-track. 2. “Ambisyon 2040 provides the beacon towards a high trust society, where every Filipino is secure in their physical and digital lives and […]

READ MORE



Updated: Press Statement of Privacy Commissioner Raymund Enriquez Liboro on the Data Breach Incident of ABS-CBN’s online Stores

September 19, 2018

RELEASE 01 – September 19, 2018 1. News of a possible data breach of ABS-CBN’s online stores has reached the National Privacy Commission this morning, where customers reportedly face the possibility of theft of their financial data due to a payment skimmer which has been discovered by a Dutch security researcher. 2. At 12:37 PM, […]

READ MORE



Press Statement of Privacy Commissioner Raymund Enriquez Liboro on the President’s Signing of the National ID Law

August 7, 2018

1. President Rodrigo Roa Duterte has signed the National ID law on the 6th of August 2018, creating the Philippine Identification System to improve the delivery of government and other services to the public, especially those who lack government-issued identification cards. 2. The National Privacy Commission supports the proper implementation of this law in accordance […]

READ MORE



5 gov’t. agencies to jointly handle telco consumer complaints

July 6, 2018

The government will launch an all-out, synchronized effort to promptly deal with consumer complaints on telco services such as those involving data privacy violations, text-scams, vanishing load, unauthorized charges, defective product, and denial of subscription plan activation, among others, Privacy Commissioner Raymund Enriquez Liboro said on Friday. Liboro said the National Privacy Commission (NPC) is […]

READ MORE



Celebrate Filipino Data Privacy Rights on Privacy Awareness Week 2018 –NPC

May 10, 2018

In the wake of the recent spate of media reports linked to data breaches and other privacy-related concerns, the National Privacy Commission (NPC) is urging business, government and civil society organizations to participate in the upcoming Privacy Awareness Week (PAW) on May 28 to 31 and publicly commit to the safeguarding of people’s personal data. […]

READ MORE



NPC investigates multiple government website breach

April 24, 2018

1. The National Privacy Commission (NPC) yesterday summoned the management and other responsible officials of seven schools, institutions, and local government units as it investigates data breaches they sustained following an organized attack on government and commercial organizations last April 1, 2018. 2. The privacy body earlier sent notice to top officials of Taguig City […]

READ MORE



NPC opens probe on Facebook

April 13, 2018

The National Privacy Commission (NPC) is opening an investigation on Facebook following Mark Zuckerberg’s admission of the company’s faults in the Cambridge Analytica data scandal that affected Filipino Facebook users. In a formal letter addressed to Zuckerberg, the NPC is requiring Facebook to submit a number of documents relevant to the case, to establish the […]

READ MORE



Joint Press Statement from Privacy Commissioner Raymund Enriquez Liboro and LTFRB Board Member Atty. Aileen Lourdes Lizada

April 6, 2018

1. In the common pursuit of protecting the rights and interests of drivers and the commuting public, the National Privacy Commission (NPC) and the Land Transportation Franchising and Regulatory Board (LTFRB) are jointly looking into the transaction details of the announced Grab-Uber acquisition. Since this acquisition potentially involves personal data, the NPC is keen on […]

READ MORE



Press Statement from Privacy Commissioner Raymund Enriquez Liboro on the Facebook Controversy involving Cambridge Analytica

April 6, 2018

1. The National Privacy Commission (NPC) has been in touch with Facebook since information on the controversy involving Cambridge Analytica rose to prominence following whistleblower allegations in March 2018. 2. On March 27, the NPC met with Facebook representatives to look into the matter and ascertain if and to what extent, Filipino users were affected. […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro On the Uber and Grab Merger

March 27, 2018

Yesterday, both Uber and Grab issued public statements announcing the sale of Uber’s TNV and food delivery business in Southeast Asia to Grab. From these statements, we understand that the Uber service will no longer be available in Southeast Asia including the Philippines, from 8 April 2018. In the interim, Grab is to take Uber’s […]

READ MORE



NPC extends data processing systems registration for covered professionals

March 8, 2018

The National Privacy Commission (NPC) is extending up to July 2 the registration period for the data processing systems (DPS) of individual Personal Information Controllers (PICs) and individual Personal Information Processors (PIPs), specifically for covered professionals. These include medical doctors, lawyers, accountants and dentists, among others, who process personal data and satisfy the criteria for […]

READ MORE



NPC extends deadline of 2017 annual incident report to June 30

March 6, 2018

Organizations and professionals processing personal data in the country now have until June 30 to submit their first annual security incident report to the National Privacy Commission (NPC) after the agency adjusted the deadline, which was initially set on March 31. The annual security incident report is among the yearly compliance obligations of Personal Information […]

READ MORE



Privacy Commission cautions DOH on sharing of Dengvaxia master list

March 6, 2018

PRESS RELEASE The National Privacy Commission (NPC) has advised the Department of Health (DOH) to be circumspect in sharing sensitive personal information of individuals, saying it should only do so if it deems that such sharing or disclosure is authorized under law, adheres to data privacy principles, and there are reasonable and appropriate security measures […]

READ MORE



NPC makes telco take measures against SIM-swap fraud; public warned on identity theft

January 23, 2018

The National Privacy Commission (NPC) has caused Globe Telecom, Inc. to enforce more stringent subscriber verification protocols to better protect its customers following reports that one of its prepaid mobile customers fell victim to identity theft, made possible through the perpetrator that resulted in the unauthorized access to the customer’s online banking account. In a […]

READ MORE



NPC sets March deadline for submission of 2017 Annual Security Incident Report of personal information controllers

January 4, 2018

PRESS RELEASE 1. Personal Information Controllers (PICs) in the country may begin submitting their 2017 Annual Security Incident Report to the National Privacy Commission (NPC), from January 3 to March 31, 2018. 2. The law requires all PICs to submit an Annual Security Incident Report, even if the PIC concerned does not need to register […]

READ MORE



NPC launches PH-wide data protection drive for LGUs in Region 11

December 18, 2017

DAVAO CITY, Philippines – The National Privacy Commission (NPC) recently launched its nationwide campaign here on how local government units (LGUs) can start their journey to compliance and reap the benefits of the Data Privacy Act of 2012. Speaking to Davao Region LGU chief executives and representatives on Monday last week at DPO11: The LGU […]

READ MORE



Latest Statement of Privacy Commissioner Raymund Enriquez Liboro on the Uber Personal Data Breach

December 15, 2017

Today, Uber made public additional information earlier made available to us on their 2016 data breach. We were informed that around 171,000 Filipino citizens consisting of drivers and passengers were affected by the breach. We understand this to be based on the mobile phone numbers included in the registry. We were also informed that the […]

READ MORE



PH Strengthens Extraterritorial Reach through the APEC Cross Border Privacy Enforcement Arrangement

December 5, 2017

1. The Philippines has joined the APEC Cross Border Privacy Enforcement Arrangement (CPEA), the government backstop enforcement network developed for the Cross-Border Privacy Rules (CBPR). It is an initiative that facilitates information sharing among privacy enforcement authorities in APEC economies, provide mechanisms to promote effective cross-border privacy cooperation, and encourage information sharing and cooperation with […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro on the Uber Personal Data Breach

November 28, 2017

Press Statement 28/11/2017 1. Yesterday, Uber wrote to us in compliance with their commitment to provide more detailed information about their data breach of October 2016. 2. In that letter, Uber confirmed to us that personal information of Filipinos were exposed in the data breach. As such, the National Privacy Commission has jurisdiction over the […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro on NPC’s November 23 meeting with Uber PH

November 24, 2017

Press Statement 24/11/2017 1. The National Privacy Commission summoned Uber to a meeting on Thursday, November 23, 5:30 PM to discuss the self-reported breach that was admitted by the CEO of the transport network vehicle service company. 2. Uber came to the meeting represented by its Data Protection Officer, Atty. Yves Gonzalez, accompanied by external […]

READ MORE



Statement of Privacy Commissioner Raymund Enriquez Liboro on the personal data breach sustained by Uber in 2016

November 22, 2017

Late last night, Uber Chief Executive Officer Dave Khosrowshahi issued a statement to the public announcing that personal data of around 50 million Uber users and 7 million Uber drivers were compromised in a security incident dating back to October 2016, and that Uber concealed the fact of this security incident. The National Privacy Commission […]

READ MORE



Statement of the Privacy Commissioner Raymund Enriquez Liboro on the possible personal data breach sustained by COL Financial Group, Inc.

October 23, 2017

The National Privacy Commission has received a notification at 3:30 in the afternoon of October 20, 2017, Friday, from COL Financial Group, Inc. of a potential data breach to its system. We note that this notification has adhered to standard breach reporting protocols set forth in NPC Circular 16-03, on Personal Data Breach Management. In […]

READ MORE



NPC Statement on SALN and Data Privacy

September 28, 2017

Privacy Commissioner and Chairman Raymund Enriquez Liboro is issuing the following statement related to the Data Privacy and SALN redaction issue: The Data Privacy Act (DPA) is not designed to prevent access to personal information under any circumstances. Rather, it promotes responsible and lawful use of personal information. Section 11 of the DPA states: “The […]

READ MORE



Ahead of PHIE, Private Hospitals Complying with Data Privacy Act

September 20, 2017

With the upcoming implementation of the Philippine Health Information Exchange (PHIE), private hospitals have committed to comply with the Data Privacy Act (DPA) of 2012 and are implementing data protection measures in their data processing systems to protect sensitive personal information of their patients. This was revealed at the first general assembly of Data Protection […]

READ MORE



NPC: Late Registrants, May Face Privacy Compliance Checks

September 14, 2017

Public and private companies that failed to beat the September 9 deadline for the registration of their data processing systems starting with the registraton of their Data Protection Officer (DPO) could face compliance checks, the National Privacy Commission (NPC) warned.   Since September 9 fell on a Saturday, a non-working day, the deadline automatically moves […]

READ MORE



NPC Survey: Filipinos Value Data Privacy

August 30, 2017

Speakers, organizers and participants of a Data Protection Officers’ General Assembly for Media and Social Media professionals pose for a group photo. The event called DPO6 is the 6th of a series of industry specific seminars and workshops organized by the National Privacy Commission (NPC) aimed at improving compliance with the Philippines’ data protection and […]

READ MORE



DPO Forum Issue #01

August 14, 2017

We’re opening the very first Philippine Privacy Awareness Week today with the launch of our Data Privacy Newsletter, featuring updates from the NPC, recaps on events and issues for the past few months, and an interview with a DPO. Get the downloadablehere

READ MORE



DPO3: Telco DPOs show commitment to data privacy compliance in NPC assembly

August 11, 2017

The country’s leading telecommunications firms on Tuesday demonstrated their commitment to upholding data subject rights in the first gathering of Data Protection Officers (DPOs) for the sector conducted by the National Privacy Commission (NPC) at the GT-Toyota Asian Center, Katipunan Avenue, Diliman, Quezon City. Dubbed DPO3: The Data Protection Officers’ Assembly for the Telecommunications Sector, […]

READ MORE



Data privacy compliance a competitive edge for PH companies

July 31, 2017

In this information age, compliance with data privacy and data protection regulations is considered by organizations as a competitive advantage in their business operations. This was confirmed by contact center managers and data protection experts at the recent Data Privacy Asia conference organized by the Contact Center Association of the Philippines. (CCAP). Contact center clients […]

READ MORE



NPC conducts privacy compliance check on BPI

June 16, 2017

The National Privacy Commission (NPC) is conducting a privacy compliance check on the Bank of Philippine Islands (BPI) after the recent incident that caused the bank’s electronic channels to be temporarily suspended, inconveniencing many of its clients. The compliance check will evaluate the existing governance, organizational, physical and technical measures in place and seek to […]

READ MORE



NPC pushes data privacy compliance in banking sector in upcoming DPO2

May 26, 2017

The National Privacy Commission (NPC) is set to convene the Data Protection Officers (DPOs) of the financial services sector on 31 May 2017. Dubbed as “DPO2: The 2nd Data Protection Officers’ Assembly,” the event will be held in cooperation with the Bangko Sentral ng Pilipinas (BSP) and the Bankers Association of the Philippines (BAP). It […]

READ MORE



Threats to Security and Privacy

May 16, 2017

KNOW YOUR ENEMY — This timeless piece of advice is especially relevant today as data privacy threats, both online and offline, have become as rampant as ever. Undetected attacks on our privacy may suddenly be leveraged to wreak havoc at any moment. While defenses and legislation struggle to catch up with fast-paced technological advancements, understanding […]

READ MORE



Holy Week 2017 Advisory for all Data Protection Officers in Government (DPO1)

April 11, 2017

The National Privacy Commission would like to remind all Data Protection Officers to ensure the security of personal data in their respective agencies’ care during the long weekend of Holy Week 2017 (13 to 16 April 2017). This is in order to prevent data breaches such as the one that occurred during the same period […]

READ MORE



Privacy Commission rallies support for data protection in government

April 6, 2017

The National Privacy Commission (NPC) has called on Data Protection Officers (DPOs) in the public sector to get proactive in conducting their duty as watchdogs and advocates of the data privacy rights of Filipinos from within their respective organizations. Speaking to government data protection professionals on Wednesday at DPO1: The 1st Data Protection Officers’ Assembly, […]

READ MORE



A year after COMELEC breach: National Privacy Commission to hold first general assembly of Data Protection Officers

March 28, 2017

Photo by Marinel Mamac / PIAD. About a year after the Comeleak data breach, which exposed the personal data of over 55 million Filipino voters, the National Privacy Commission (NPC) is rallying Data Protection Officers (DPOs) from government agencies to adopt a proactive approach in the fight for data protection of citizens in a series […]

READ MORE



NPC starts probe into COMELEC’s 2nd large scale data breach; issues compliance order

February 20, 2017

Photo by Katrice Obrero / PIAD. The National Privacy Commission (NPC) has ordered the Commission on Elections (COMELEC) on Monday to take serious measures to address its data processing vulnerabilities after the computer of the Office of the Election Officer (OEO) in Wao, Lanao Del Sur was stolen last January 11, 2017. The stolen computer […]

READ MORE



Privacy Commission recommends criminal prosecution of Bautista over “Comeleak”

January 5, 2017

The National Privacy Commission (NPC) has found that the Commission on Elections (COMELEC) violated the Data Privacy Act of 2012 and has recommended the criminal prosecution of Chairman J. Andres D. Bautista for the data breach that occurred between 20 and 27 of March last year. In its decision dated December 28, 2016 on NPC […]

READ MORE



PH Privacy Commission gets international accreditation

October 21, 2016

PH National Privacy Commission approved as full member of the International Conference of Data Protection and Privacy Commissioners (ICDPPC) . Out of 12 data privacy authorities from as many countries that applied for membership this year, the Philippines was only one of five approved for full membership, meeting ICDPPC’s stringent standards for data protection and […]

READ MORE



Government Open Data to Improve with Data Sharing Directives

October 19, 2016

The free flow of information within the government is expected to improve with the issuance of the latest memorandum circular of the National Privacy Commission’s (NPC). (NPC MC 16-02) on Data Sharing Agreements Involving Government Agencies. This issuance from the NPC reinforces its mandate to support the free flow of information and safeguard the right […]

READ MORE



Stricter government handling of personal data ordered in Privacy Commission issuance

October 17, 2016

Personal data in the hands of government offices and all branches of government including state-run schools and colleges are expected to be made more secure with the issuance of the National Privacy Commission’s (NPC) first memorandum circular (#16-001) on the “Security of Personal Data in Government”. According to Commissioner Raymund E. Liboro, the circular is […]

READ MORE



Privacy Commission Advisory on Yahoo Breach

September 24, 2016

Photo/Graphic Source: money.cnn.com The National Privacy Commission (NPC) would like to reiterate the recommendations of Yahoo and cybersecurity experts to Yahoo users to change their passwords on their Yahoo accounts. This follows after the compromise of half a billion user accounts from Yahoo’s servers in 2014 that was only discovered and confirmed by Yahoo this […]

READ MORE



Privacy Act IRR released – NPC to educate public about privacy

August 30, 2016

Photo 1: (From Left to Right) Deputy Privacy Commissioner Dondi Mapa, Deputy Privacy Commissioner Ivy Patdu, and Privacy Commissioner and Chairman Raymund E. Liboro listened to inputs from health information and research stakeholders at a public consultation on R.A. 10173’s Implementing Rules and Regulations / Photo courtesy of Ramon Duremdes Jr. The Implementing Rules and […]

READ MORE



27 July 2016 version of the Proposed IRR

July 27, 2016

For the upcoming public consultation in Cebu this July 28, 2016, and those interested in seeing the latest version of the proposed implementing rules and regulations (IRR) of the Data Privacy Act of 2012 (R.A. 10173). you can download the copy through this link: IRR Version 072716.pdf

READ MORE



Data Privacy Act. IRR Public Consultation – Cebu, 28 July 2016

July 26, 2016

This might be your last chance for a face to face public consultation on the IRR. This one will happen in Cebu. for those who can’t make it, feel free to send us an email at [email protected] Register for the pubcon here: http://bit.ly/2acM0lc Access the draft IRR here: http://www.gov.ph/2016/06/20/irr-data-privacy-act-2012/ Access the E.O.10173 or the Data […]

READ MORE



National Privacy Commission Position on FOI EO

July 26, 2016

The National Privacy Commission  lauds  the signing of the Executive Order on the Freedom of Information as an important step towards greater transparency and people’s participation in government.  The right to information on matters of public concern is a fundamental right provided in the Constitution and the right to privacy must always be balanced with […]

READ MORE



Data Privacy Act Cannot Be Used As Shield Against FOI

July 26, 2016

The Data Privacy Act of 2012 cannot be used by government officials as protection against the Freedom of Information Executive Order issued by President Duterte last week, this was said by the Data Privacy Commission” in a position paper in reaction to concerns that the Data Privacy Act will be used by Government Officials to […]

READ MORE



Invitation to Comment: Proposed Implementing Rules and Regulations of The Data Privacy Act

July 19, 2016

The Data Privacy Act of 2012 is the law for the protection of individual personal information in information and communications system in both government and private sector.  We recognize the need to support the free flow of information for national development, while safeguarding the fundamental right of every individual to privacy. The National Privacy Commission […]

READ MORE