Sunday, August 6, 2017

NPC: TELCOs and ISPs DPA Compliance Crucial to Data Protection and Privacy



Wazzup Pilipinas!


Telecommunications companies and Internet Service Providers (ISP) are critical industry segments that need to comply with the Data Privacy Act of 2012 (DPA). This was revealed during the first general assembly of Data Protection Officers (DPO) in the telecommunications and value added service (VAS) provider industry sector. The event entitled DPO3 is the third of a series of industry sector targeted DPO general assemblies. The first two were for government, and the banking and financial services sector.

Privacy Commissioner Raymund Enriquez Liboro mentioned that majority of data that traverse telco and internet providers’ networks is personal data; data that has to be protected under the DPA by entities in the business of transporting that data, like telcos and ISPs.

“Personal data is not limited to email and voice communications, most users are not aware that before a conversation can happen over telecommunications networks, they have to provide their personal data; starting with their phone numbers, then the IMSI number of their SIM cards, the IMEI number and the MAC address of their device; networks also geo-tag users’ location based on the which cell site or street cabinet they used. That is just a voice conversation, subscriber activity within telco and ISP networks generate volumes of personal data as well.” commissioner Liboro said.

DPO3 was organized by the NPC in cooperation with the Philippine Chamber of Telecommunication Operators (PCTO). According to Atty. Roy Ibay, Vice President of PCTO; “After government, telcos are the largest processors of personal data, and as such; we need to be the vanguards of data protection and privacy, it should not be treated as a burdensome compliance task, but instead, should be inherent in our operations and adds value to our organizations, ensuring competitiveness in a dynamic industry.”



It was also announced at the event that the registration of personal information controllers (PIC) and DPOs is still on 9 September 2017, while the deadline for the online-registration of Data Processing Systems (DPS) will commence on January 2018 and will have a deadline of 8 March 2018. About NPC: The NPC is a regulatory and quasi-judicial body constituted in March 2012 by virtue of RA 10173, the Philippines’ data privacy and data protection watchdog, the agency is mandated to uphold the right to data privacy and ensure the free flow of information, with a view to promoting economic growth and innovation. To know more about the NPC you can visit www.privacy.gov.ph

No comments:

Post a Comment