The National Privacy Commission (NPC) is extending the cease-and-desist order (CDO) on lisensya.info following the failure of its owners and operators to counter privacy violation allegations the Commission received late last year that the website had breached personal information of Land Transportation Office (LTO)-registered motorists.
Google Safe Browsing recently detected phishing activities on lisensya.info.
The CDO was first served on Nov. 12, 2020 against respondents Jose Minao and Billy James Jimena, the website’s owners and operators, who were given until Nov. 22, 2020 to file a comment on the allegations and to present their defense, as provided by Section 12 of NPC Circular No. 20-02 or the “Rules on the Issuance of Cease and Desist Order.”
Lisensya.info provided a “Motor Vehicle Authenticator,” which, through the mere input of the motor vehicle file number by anyone, would show sensitive information, such as the make, plate number, engine number, chassis number, registration expiry date and name of the owner.
Netizens claimed the data the site provided were accurate, raising suspicions of a leak in LTO’s database as these were the types of information the LTO was collecting from motorists for registration. A total of 12.725 million vehicles were registered with the LTO in 2019.
Based on results of NPC’s initial investigation, lisensya.info had neither a privacy notice nor any contact details of its owner.
Lisensya.info associated itself with the LTO, but the agency assailed it for using the LTO logo on its website to establish a false connection with the transportation office.