In issuing NPC Circular 2020-03 just a couple of days before Christmas last year, the National Privacy Commission basically sounded the death knell for Data Sharing Agreements (DSAs), which are a key feature of the Commission’s very own Data Privacy Accountability and Compliance Checklist.
Online lending firm Cashalo issued a statement on Saturday, Feb. 20, saying its “IT security team discovered a potential data security incident involving a Cashalo-only database archive”.
According to a discussion thread in the Facebook page of Privacy.PH, the personal data being peddled at the dark Web appears to be legitimate although Cashalo has not yet submitted any breach incident report to the NPC.
In what is believed to be the first case of a local firm found violating the data privacy law, the National Privacy Commission (NPC) has recommended the criminal prosecution of Fynamics Lending Inc., the operator of the PondoPeso online lending application that was the subject of numerous data privacy complaints.
Non-profit group Foundation for Media Alternatives (FMA) has released a new report on the mobile lending issue, which has been lingering in the last couple of years due allegations of debt-shaming and other forms of harassment.
The NPC said a strict social media policy entails prohibiting teachers and other school personnel from using personal data collected in an official capacity or during an official school activity for personal purposes.
WhatsApp is set to change its privacy policy in a way that would allow the sharing of data with third-party companies hosted by its parent firm Facebook, the NPC said.
The National Privacy Commission (NPC) is extending the cease-and-desist order (CDO) on lisensya.info following the failure of its owners and operators to counter privacy violation allegations hurled against the site.
Software teams developing Covid-19 contact-tracing apps for local government units (LGUs) are advised to incorporate a privacy-by-design (PbD) approach and allow users to opt in and out of digital contact tracing.
The capture, use, retention and destruction of video and/or audio footage obtained from CCTVs are forms of personal data processing under the Data Privacy Act.
