Carmela Fonbuena reports:
President Benigno Aquino III has signed into law a measure that penalizes unauthorized disclosure of personal information collected by the government and the private sector.
Republic Act 10173, or the Data Privacy Act of 2012, seeks to make the Philippines compliant with international data security standards to attract investors in the Information Technology and Business Process Outsourcing (IT-BPO) industry. It was signed on August 15.
Read more on Rappler.com. The law creates a National Privacy Commission and imposes new duties and penalties as well as the rights of data subjects.
Reading the law, I keep mumbling to myself, “OMG, OMG, OMG!” The Philippines may now have the strongest data privacy, security, and protection law I’ve ever read, including jail time for negligence in data protection that results in release of sensitive personal information, etc. And of course, they are now waaaay ahead of the U.S. in terms of requiring data security and protection, mandatory breach notification, privacy rights of consumers, and statutory penalties for noncompliance.
This is wonderful and great kudos to Sen Edgardo Angara, the bill’s sponsor, who worked tirelessly to get this into law.