An orientation concerning RA 10173,
the Data Privacy Act of 2012, was conducted by the University of the
Philippines (UP) Visayas for its employees.
Mr Wilfredo Palete Jr., the University’s
designated Data Protection Officer, presided over the talk, which happened in
Miagao, Iloilo campus.
According to the report
made by the University, the reason behind the creation of the Data Privacy Act
(DPA) is it being a response to the ever-growing use of the internet in the
Philippines for business, particularly through the digital economy and
international trade relations.
Add to that how Filipinos have increased
their internet usage for personal use because of their heavy penchant for
social media. With more and more people gaining access, the need for privacy
and security protections have strengthened.
According to Republic Act No. 10173, Ch. 1,
Sec. 2, the purpose of the DPA is “to protect the fundamental human right of
privacy, of communication while ensuring free flow of information to promote
innovation and growth.
In order to enforce and oversee the DPA,
the National Privacy
Commission (NPC) was established. NPC is tasked to protect the
individual personal information and upholds the right to privacy by regulating
the processing of personal information.
Based on the defined purpose of DPA,
personal information should be safeguarded not only by the person directly
concerned, but also by the company or institution to which they are connected.
As defined by the National Privacy
Commission Tool Kit, personal information is referred to as “any information,
whether recorded in a material form or not, from which the identity of an
individual is apparent or can be reasonable and directly ascertained by the
entity holding the information, or when put together with other information
would directly and certainly identify and individual.”
The report further explained what
constitutes as personal information. It includes sensitive personal information
that covers an in individual’s race, ethnic origin, marital status, age, colour,
and religious, philosophical or political affiliations.
Moreover, an individual’s health,
education, genetic or sexual life, and any proceeding for any offense committed
or alleged to have been committed by such person, the disposal of such
proceedings, or the sentence of any court in such proceedings are also included
to their personal information.
Before personal information may be disclosed,
in cases when it is needed for a legitimate purpose, the consent of the person
connected should be given. It should also be remembered that the information be
used for the purpose it was intended.
Moreover, under the DPA, appointment of a
Data Protection Officer (DPO) is a legal requirement for Personal Information
Controllers (PICs) and Personal Information Processors (PIPs). Having a DPO is
a must since they serve as the focal person protecting personal data collection
and processing.
An announcement released
earlier highlighted the Privacy Awareness Week (PAW), which commemorates the
data privacy rights of the Filipino people, along with all the benefits of data
privacy protection. Participating in PAW is beneficial for organisations that
process personal data since this can boost better customer trust, greater
competitive advantage and stronger protection of company assets.