12 Mar FORUM ON DATA PRIVACY ACT
SEAMEO INNOTECH officials and staff members participated today in a forum on the protection of personal information with Atty. JJ Disini, technology law expert and Associate Professor at the University of the Philippines College of Law.
Atty. Disini gave a briefing on the right to privacy in the Philippines before proceeding to a discussion on the contents of RA 10173 or the Data Privacy Act of 2012, which President Benigno Aquino, Jr. signed into law in August 2012.
The law applies to the processing of all types of personal information, including “any natural and juridical person involved in personal information processing.” It also specifies the creation of the National Privacy Commission which shall “monitor and ensure compliance of the country with international standards set for data protection.”
Businesses and offices affected by the implementation of the law is given a “one year transitory period from the effectivity of the IRR, or such other period as may be determined by the Commission, to comply with (its) requirements.”
Atty. Disini said companies may need to appoint a “data privacy officer” who will ensure that their companies comply with the requirements of the law. The data privacy officer will need to apply appropriate measures to safeguard personal information under its control or custody, including sensitive personal data “against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing.”
Atty. Disini further said that once the implementing rules and regulations of the RA 10173 comes out, an individual will have the right to know if his/her personal information is being processed and how it is being used. An individual also has the right to demand removal or destruction of his/her stored personal data from a system unless there is a legal basis for such info to be kept or processed.