The National Privacy Commission (NPC) is extending the cease-and-desist order (CDO) on lisensya.info following the failure of its owners and operators to counter privacy violation allegations hurled against the site.
Software teams developing Covid-19 contact-tracing apps for local government units (LGUs) are advised to incorporate a privacy-by-design (PbD) approach and allow users to opt in and out of digital contact tracing.
The capture, use, retention and destruction of video and/or audio footage obtained from CCTVs are forms of personal data processing under the Data Privacy Act.
Repurposing personal data is punishable under the Data Privacy Act (DPA), the NPC said in an advisory issued on October 23 in response to complaints from citizens against business establishments over mishandling and misuse of contact-tracing data, such as a customer’s name, address, age, cellphone number and e-mail.
As a privacy advocate, I feel there are so many other things to be said about how the government has handled this task of helping businesses set up their respective contact tracing systems.
The NPC said the chief concerns were the improper use of logbooks and the lack of appropriate data-protection measures that left in the open filled-out contact-tracing forms that contain customers’ data, such as names, addresses and contact details, which other people could see.
The guidelines cover areas such as online decorum, learning management systems, online productivity platforms, social media, storage of personal data, webcams and recording videos of discussions, and proctoring.