The National Privacy Commission (NPC) is extending the cease-and-desist order (CDO) on lisensya.info following the failure of its owners and operators to counter privacy violation allegations hurled against the site.
Software teams developing Covid-19 contact-tracing apps for local government units (LGUs) are advised to incorporate a privacy-by-design (PbD) approach and allow users to opt in and out of digital contact tracing.
The capture, use, retention and destruction of video and/or audio footage obtained from CCTVs are forms of personal data processing under the Data Privacy Act.
The National Privacy Commission revealed on Thursday night, Nov. 12, that it has issued a cease and desist order against Lisensya.info, a website that falsely claims to be associated with the Land Transportation Office.
Netizens claimed the data the site provided were accurate, raising suspicions of a leak in LTO’s database as these are the types of information the LTO collects from motorists for registration.
Repurposing personal data is punishable under the Data Privacy Act (DPA), the NPC said in an advisory issued on October 23 in response to complaints from citizens against business establishments over mishandling and misuse of contact-tracing data, such as a customer’s name, address, age, cellphone number and e-mail.
As a privacy advocate, I feel there are so many other things to be said about how the government has handled this task of helping businesses set up their respective contact tracing systems.
The NPC said the chief concerns were the improper use of logbooks and the lack of appropriate data-protection measures that left in the open filled-out contact-tracing forms that contain customers' data, such as names, addresses and contact details, which other people could see.
The guidelines cover areas such as online decorum, learning management systems, online productivity platforms, social media, storage of personal data, webcams and recording videos of discussions, and proctoring.
