Philippine Government to Improve Business Data Privacy Standards
According to the National Privacy Commission (NPC), the Philippine government is now taking further initiatives towards increasing the standards of business data privacy in the country.
In August, the Philippine government signed up to be the ninth country in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (APEC CBPR) system. The CBPR system serves as a formal data certification mechanism that grants accredited corporations the facilities to handle and transfer data securely across APEC economies.
The CBPR system will also provide businesses in the Philippines with a clear road map of guidelines that meets the system’s standards for data protection. Companies may use the road map to design policies that meet their individual needs while complying with the privacy rules set across international markets.
Privacy Commissioner Raymund E. Liboro recently spoke about NPC data security efforts at an executive briefing for reporters at the Makati Business Club. He said the new mechanism will be a marginal step forward towards our neighboring countries fully recognizing our local company data practices. Adding that, “you prevent data privacy being weaponized against you [or your company] because you know that your standards are at par.”
When asked to name one of the most significant rising concerns in the business industry in the Philippines, Commissioner Liboro mentioned business data negligence. Where he says “data breaches due to carelessness” happen.
“Being hacked is not a crime, but being negligent is,” he added.
“This [system] is really to enable widespread trust among businesses. That’s the end-all of the law — that everyone will trust business here. So that it can create social stability and employment,” the commissioner said.
In response to the expected reaction of the local workforce to the system, Commissioner Liboro told reporters that “Privacy is now an additional quality that sets businesses apart for the workforce. More and more Filipinos now choose companies that are more trustworthy when it comes to data.”
After the Philippines formally joins CBPR, it will be mandated to acquire local “Accountability Agents.” These public or private agents will be tasked to certify the data security systems of local businesses and endorse them in all jurisdictions in the country.
To receive certification, companies in the market will have to adhere to the APEC-CBPR certification process consisting of the following:
- a self-assessment and submission of relevant documents;
- compliance review by accountability agents;
- recognition and acceptance; and
- compliance and enforcement by accountability agents and the National Privacy Enforcement Authority, the equivalent of which is the NPC in the Philippines.
The official acceptance of the Philippine’s application is expected to arrive before the end of this year or by early 2020.
The current eight APEC participating economies are the United States, Mexico, Japan, Canada, Singapore, South Korea, Australia, and Taiwan.