Pres. Ferdinand Marcos Jr. has announced the appointment of lawyer Johann Carlos S. Barcena as the country’s new privacy commissioner, according to a post on the official Facebook page of the National Privacy Commission.
Barcena will serve a three-year term of office, as mandated under the Data Privacy Act of 2012 (RA 10173), which provides fixed terms for NPC commissioners to ensure continuity, independence, and stability in the agency’s regulatory mandate.
Prior to his appointment, Barcena served as executive director at the Office of the Commissioner under the Governance Commission for Government Owned and Controlled Corporations (GCG).
He holds a Juris Doctor degree from the University of the Philippines (2010) and a Bachelor of Arts in Political Science from the Ateneo de Manila University (2005).
In his new role, Barcena will lead the independent agency tasked with administering and enforcing the Data Privacy Act of 2012, which seeks to protect the personal data of Filipino citizens and ensure compliance with global data protection standards.
The NPC was created in March 2016 under Republic Act No. 10173 (Data Privacy Act of 2012), with Raymund E. Liboro appointed as its first Privacy Commissioner by then-president Benigno S. Aquino III.
Liboro, a former Department of Science and Technology official, oversaw the commission’s formative period, including issuance of the RA 10173’’s Implementing Rules and Regulations (IRR) and essential policy frameworks.
In late 2021, John Henry D. Naga succeeded Liboro as NPC Commissioner following his appointment by then president Rodrigo Duterte. Naga had served as NPC deputy commissioner before being elevated as chair of the agency.
Barcena’s appointment marks the next chapter in the commission’s leadership, as data protection issues continue to intensify amid rapid technological change, rising cyber threats, and growing public demand for stronger privacy safeguards.
As NPC chairman, Barcena will be responsible for steering policy formulation, enforcement actions, and international cooperation in data privacy matters — including compliance monitoring, advisory issuance, and public education efforts aimed at fostering a culture of privacy among individuals and organizations.
