CEBU CITY, (December 3) — The National Privacy Commission hosted both the 52nd Asia Pacific Privacy Authorities (APPA) Forum and the Data Privacy Officers Accountability, Compliance and Ethics (DPO-ACE) program in Cebu City. Both events were designed to increase the country’s data privacy understanding and compliance through learning from experts and sharing of best practices among attendees.
The APPA Forum officially opened December 2 and will run until December 4 with privacy commissioners from 19 jurisdictions across the region convening in closed sessions. They will deliberate on emerging technology trends and threats that impact privacy, share best practices, explore new policy directions, and build institutional partnerships.
The DPO-ACE will run for a whole day, culminating with a series of knowledge evaluation sessions for data privacy officers seeking to get level 1 certification and accreditation. This certification allows the DPOs to capably understand the policies, and handle most requirements of the Philippine Data Privacy Act of 2012. Certified DPOs will also able to provide proper privacy impact assessment, evaluate and amend, if needed, current privacy policies of companies they serve. They can provide the documentary evidence that can help defend companies or prosecute violators of privacy laws.
“Value in today’s data-driven world is created by building bridges and not walls. And that’s what we intend to accomplish today at the APPA Forum. To build bridges towards a future that is safe and progressive, which our children could immensely benefit from,” Raymund E. Liboro, Philippine Privacy Commissioner emphasized.
In a press conference that followed the first day of the APPA Forum, Liboro along with Michael McEvoy, Commissioner of the Information and Privacy Office of British Columbia in Canada and Stephen Kai-Yi Wong, Hong Kong’s privacy commissioner hailed the gains of the National Privacy Commission. Cited were efforts in the fields of privacy regulation implementation and implementation of the law that has helped safeguard Filipino’s individual rights and protect personal data.
“We would like to recognize the efforts of the Philippines, it being the youngest but also the most determined in implementing privacy regulations. We are impressed by the way it is leading the way towards getting your country into a more compliant and regulatory status with regards to privacy. I am particularly impressed by how it had been able to execute your privacy laws well, and in such a short time,” British Columbia Privacy Commissioner McEvoy said.
Recently, the NPC shut down 26 of 67 online lending firms reported to have had privacy violations of their subscribers. These online firms had violated the use of their data subject’s information by using emails and numbers of their contacts to embarrass them when borrowers using these platforms miss a payment. Other related violations include the unauthorized cross sharing of information for marketing purposes.
Hong Kong’s privacy commissioner Wong explained how technology is continually playing a role in the evolution of data privacy in the region. He pointed out how the APPA is a “technology neutral” organization, meaning that though current technologies like social media or ride sharing apps have changed the privacy ecosystem, the rights to privacy has not changed.
“Technology when the APPA started was much different from now. But the basis of the creation of this organization remains the same–the protection of individual’s rights to privacy–and this should not be affected by technology. But we have for many years recognized the rapid changes in technology to which we are creating the proper actions to respond to in a unified fashion,” Wong stressed.
In the morning session of the APPA Forum, reports from three working groups were shared.
Tackled were the Privacy Awareness Week (PAW) activities in 2019, plans for 2020 and other continuing communication initiatives. A report on the results of a survey on top breaches was also discussed as well as a survey on complaints handling.
Other reports discussed in mostly closed door sessions were about de-identification, open data, data sharing, data portability, information aspects of indigenous people, education and outreach activities, as well developments on key investigation and enforcement matters.
Delegations from 19 jurisdiction have joined the forum. They are, namely, Australian Information Commissioner and Privacy Commissioner, Australia; Information and Privacy Commissioner (British Columbia); Office of the Privacy Commissioner, Canada; Deputy Superintendent for the Protection of Personal Data; Privacy Commissioner for Personal Data (Hong Kong); Personal Information Protection Commission (Japan); Korea Internet Security Agency; Office of Personal Data Protection, Macao; National Institute for Transparency, Access to Information and Personal Data Protection, Mexico; Information and Privacy Commission, New South Wales; Office of the Privacy Commissioner, New Zealand; Office of the Northern Territory Information Commissioner; National Authority for Data Protection, Peru; Office of the Information Commissioner, Queensland; Personal Data Protection Commission, Singapore; Federal Trade Commission, United States; and the Office of the Victorian information Commissioner, Victoria.
This is the first time for the Philippines to host APPA, which is acknowledged as the principal forum for privacy and data protection authorities in the region.