PH telcos undergo data privacy compliance checks

MANILA, PHILIPPINES — The National Privacy Commission (NPC) conducted on-site visits to the head office of telecommunication companies to ensure that they are complying with data privacy laws in the country. 

This move comes as the Philippine government implemented the SIM Registration Act, which collects personal data of mobile phone users in the country. 

Privacy Commissioner John Henry Naga and NPC Compliance and Monitoring Division Chief Rainier Anthony Milanes led the visits to oversee the activities and discuss the importance of the compliance check with the data protection team of each telco. 

According to Naga, telcos should consider these visits as an “opportunity to demonstrate that they have sufficient organizational and program controls, and security measures in place to guarantee that the personal data being processed in relation to the SIM registration are safe and secured.”

He added that telcos must take responsibility of protecting the privacy rights of their subscribers seriously by “ensuring that personal data related to SIM registration are properly collected and stored, access to the data is restricted by role-based access controls, and data servers are protected by encryption and layers of firewall.”

Meanwhile, Milanes said that they shall continue to conduct various mechanisms that would ensure telcos’ compliance with the Data Privacy Act of 2012.

Upon the conclusion of the visits, the three major telcos in the Philippines — SMART, Globe, and Dito — were appraised of some gaps in their personal data privacy implementation and were required to submit proof of compliance within fifteen (15) days.