ZAMBOANGA CITY, Philippines — The National Privacy Commission is calling on government agencies and private firms to comply with privacy requirements, saying most data breaches can be attributed to employees.
NPC Commissioner Raymund Enriquez Liboro said this Thursday at a regional data privacy summit in Zamboanga City to encourage representatives from the public and private sectors as well as the academe to adopt measures to safeguard data privacy.
Liboro said that 53 percent of data breaches can be traced to employee negligence against 47 percent that are attributed to hackers and cybercriminals.
“So that’s what we are avoiding that why we called them here to address that 53 percent, by preventing and mitigating by following the compliance measures,” Liboro said at the sidelines of the event.
He added 37 percent of complaints are due to the unauthorized processing of data. He said data controllers are not transparent on how data is processed.
“Meaning the people weren't aware that their data was being processed, and so they are complaining," he said.
RELATED: NPC: Data security now a priority for businesses
'A culture of privacy'
Liboro also likened data breaches to disasters, where casualties can still happen despite warnings because of a lack of preparations.
“Ultimately, what we want is to build up a culture of privacy to lower the risk for individuals and to companies who will face trouble with us. And we can only do that by requiring maximum compliance from all companies,” Liboro said.
Liboro said a majority of data breaches are preventable by simply having an accountable officer and having a privacy management program or plan.
He warned that under Philippine law, violations of data privacy can be penalized with three to six years in prison.
"In terms of the strict privacy, we have the steepest penalty and many countries were amending their laws to follow ours and amending it to make it even more stricter because with data as the new oil it like money and managing its it really important," Liboro said.
The NPC official said that due to the implementation of the privacy law other countries are viewing not just on trade but also with the cross border date flows with Filipinos as responsible stewards in the personal data.
RELATED: PGH emergency room not a 'public place', data privacy lawyer says