The National Privacy Commission (NPC) revealed on Thursday night, Nov. 12, that it has issued a cease and desist order (CDO) against Lisensya.info, a website that falsely claims to be associated with the Land Transportation Office (LTO).
The privacy body said it has already sent the CDO via e-mail to Lisensya.info, the LTO, and the National Telecommunications Commission (NTC). Also enclosed with the CDO is an order for the site to file its comment to explain its side.
The Department of Information and Communications Technology (DICT) clarified on Tuesday, Nov. 10, that the online site is not connected to the government.
“This is to advise everyone that lisensya.info is not an official website of the LTO and is not in any way connected with the agency. Information inputted in the website [is] harvested by the people behind it and may be used for acts of cybercrime,” the DICT said in its advisory.
As of November 13, the site has been flagged by Google as a deceptive site that may compromise the online security of online visitors. Meanwhile, the LTO-run website “lto.net.ph,” which provides the status of the availability of license plates, is down or unavailable.
Under Republic Act 10173, also known as the “Data Privacy Act of 2012,” the NPC has the power to issue cease and desist orders as long as the following requisites are present:
- The respondent is doing, threatening or is about to do, is procuring to be done, some act or practice in violation of the DPA, its IRR, or other related issuances;
- Such act or practice is detrimental to national security or public interest, or the CDO is necessary to preserve and protect the rights of a data subject; and
- The commission or continuance of such act or practice, unless restrained, will cause grave and irreparable injury to a data subject.
Last week, the LTO issued a statement assailing lisensya.info for using the LTO logo on its website to establish a false connection with the agency.
The questionable website provided a “Motor Vehicle Authenticator” which, through the mere input of the motor vehicle file number by anyone, would show sensitive information, such as the make, plate number, engine number, chassis number, registration expiry date, and name of the owner.
Netizens claimed the data the site provided were accurate, raising suspicions of a leak in LTO’s database as these are the types of information the LTO collects from motorists for registration.
Based on results of NPC’s initial investigation, lisenysa.info has neither a privacy notice nor any contact details of its owner.