Cybersecurity DIGITAL TRAVEL

DICT agency grants DFA only 5 additional days before facing initial passport fact-finding inquiry

Passport - Science and Digital News

FIVE days. Or 120 hours. Or 7,200 minutes. Or 432,000 seconds.

That’s the length of time the Department of Foreign Affairs (DFA) has before being put in the hot seat by the National Privacy Commission (DICT-NPC).

The NPC is an attached agency of the Department of Information and Communications Technology (DICT).

Headed by Commissioner Raymund E. Liboro, the NPC, the guardian of Filipinos’ data, more importantly personal and private information, has opened an inquiry into the DFA’s supposed “data breach” concerning passport details of millions of citizens.

 

The privacy commission was supposed to start the probe Wednesday, January 16, at the NPC headquarters based at the Philippine International Convention Center (PICC), Pasay City, Metro Manila.

But the DFA, in a letter to the NPC addressed to lawyer Gilbert V. Santos, Director IV, Legal and Enforcement Office, requested a 10-day delay of the inquiry to be made at the latter’s office.

“(O)n behalf of the DFA, I respectfully request the proposed meeting with this Department be reset ten (10) days hence, or on or about 25 January,” Medardo G. Macaraig, data privacy officer (DPO) at the DFA.

Instead of January 25, the NPC gave the DFA only five days, meaning the meeting would be on Monday, January 21, barring any hitch.

“This Department is still conducting an internal investigation on the matter, and would like to be able to appear before the NPC with complete information in order to satisfactorily address NPC’s queries.”

Macaraig relayed to the NPC that the DFA’s preliminary inquiries indicated the absence of data breach because the Department and the Asia Productivity Organization (APO) Production Unit still have custody of the data of passport applicants, nor was it shared or accessed by unauthorized third party.

Passport Raymund E. Liboro

NPC Commissioner Raymund E. Liboro orders fact-finding probe on alleged ‘passport data breach’ at the DFA. (Image: NPC)

Instead of the supposed meeting at the NPC on Thursday, the DFA sent representatives led by Director Anthony A.L. Mandap of the legal department but only to “formally convey” the Department’s written request for postponement.

The NPC asked the DFA representatives to give preliminary details involving the passport data issue but they were not authorized to speak more than what the DFA letter contained.

On the other hand, as the NPC statement sent to SDN — Science and Digital News indicated the privacy commission did not show impatience, with Liboro saying their initial meeting though short was productive.

“The NPC’s investigation continues. In their own preliminary probe, the DFA said it is in control of the data. That says a lot already to assuage the public. The data in question is not controlled by any unauthorized parties. That was what today’s meeting with the DFA established. The data is under their safekeeping,” Liboro said.

He said he looks forward to the scheduled fact-finding meeting with DFA and APO representatives.

Liboro sees something positive arising from the incident.

“The lessons we could learn from this incident would go a long way in ensuring better government practices. They would form part of the recommendations the NPC shall later issue to government offices contracting third parties.

“We’re looking to the future for ways to further protect personal data.  The law obliges data controller like the DFA to strictly implement contractual means to protect data when they deal with third parties and government contractors. We look forward to improving on that based on lessons we learn here,” the NPC commissioner said, a former director of the Science and Technology Information Institute of the Department of Science and Technology (DOST-STII).

The NPC shared with reporters the DFA letter dated January 15.

It can be recalled that Foreign Secretary Teodoro “Teddyboy” Locsin, Jr. revealed in his Twitter feed on January 8that DFA’s former contractor for Philippine passports “took off” with Filipinos’ passport personal data when its contract with the Department lapsed (per a Rappler report).

He later took back his claim and said there was no data breach, only that the passport data is not accessible.

But the controversy has been stirred already.

Thus, the NPC inquiry. (EKU)

Hello, Cyber World! A journalist's passion for news, which for me is every and any kind of news, but specially on Science, Technology, Innovation, Digital, and Current News, or just about anything under Heaven, birthed this news platform. Disclosure: I am not a scientist nor an expert on anything Science, and not a techie either; just some journalist who loves and care to bring the good news and share them to everyone out there. It is a big, big physical world out there, but the Industrial Revolution 4.0, the Internet in the Digital Age, has shrunk Earth into one small virtual community. Each human being a "neighbor" to everyone in the Philippines and in any point of the compass. Whatever you may see or think could be my and this site's shortcoming, my apologies. So, there, please join me in my journey in cyberspace! Be home, be safe, be mindful of your neighbors, of the Creator! Thanks so much.

0 comments on “DICT agency grants DFA only 5 additional days before facing initial passport fact-finding inquiry

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: