TWO incidents, both involving identity theft and cyberspace shenanigans, are in the news lately. First, a senator’s son lost half of his savings to scammers who called him to ask for some personal information after he received his new credit card. Second, the National Privacy Commission (NPC) has warned business establishments and their personnel that taking photos of customers’ identification cards poses great risks such as data breaches.
Sen. Joseph Victor “JV” Ejercito reported that his son Emilio, who is in his early 20s, lost more than half of his P120,000 savings after falling victim to scammers last month. Although the National Bureau of Investigation has started to work on the case, the senator is still worried because it was clear that the perpetrators knew his son’s personal information, leading him to think that it was an “inside job.”
The hoax left the young Ejercito with a traumatic experience that cannot be ignored, especially because it happened after the lapse of the SIM registration period which could have prevented such a racket from happening. The caller was so dexterous that Ejercito, convinced that the call was legitimate, gave him his one-time pin. Registering SIM cards is supposed to curb text fraud.
Knowing others who have been similarly victimized by online syndicates, Senator Ejercito said these criminals are targeting “the vulnerable, young people, senior citizens and house helpers.” We read this as most everybody is the target of various fraudulent schemes.
We might not give it serious thought but many Filipinos are just careless in matters of personal security. This prompts the National Privacy Commission to remind business establishments that taking pictures of their clients’ ID cards may lead to problems of data breaches.
‘We might not give it serious thought but many Filipinos are just careless in matters of personal security.’
The NPC noted that some personnel of businesses and associations take photos of the IDs of customers, guests, etc. using their personal electronic devices (cellphones, gadgets) without appropriate safeguards and/or without the required privacy notice. Among the incidents are hotel receptionists taking photos of guest IDs using their personal smartphones instead of company-issued phones; car sales agents taking photocopies of a client’s ID for “verification purposes”; telco agents requesting a client to send a photo of their ID through Viber, WhatsApp or Facebook Messenger; and homeowners and condominium associations making copies and requiring the deposit of physical IDs.
The NPC said, “The Commission emphasizes that these types of activities carry a great risk of causing security incidents, data breaches, unauthorized uses, inadequate disposal, lack of informed consent and profiling or discrimination, among others.” Customers and the general public are seldom aware that under the Data Privacy Act of 2012, it is the duty of these employees, agents or representatives working in business establishments and organizations to obtain consent in handling personal data, aside from upholding the confidentiality and privacy of the personal data they process.
We note that correct data handling includes proper disposal of copies of IDs, documents and other personal information of guests and customers, including the deletion of photos once the purpose of data disclosure has been fulfilled.
Senator Ejercito said he is supportive of more intelligence funds for the Department of Information and Technology if only to lessen the number of Filipinos being victimized by fraud and cybercrime.
This is really what intelligence funds are for.
