NPC Holds Data Privacy by Design Forum for Developers

On September 27, the National Privacy Commission (NPC) conducted a forum on data privacy by design. Over 500 developers from local governments and the private sector attended and learned how to adopt privacy principles in all stages of their product development and business processes.

 

Privacy by design was developed in the 1990s by Dr. Ann Cavoukian. These approaches were adopted by the European Union’s General Data Protection Regulations (GDPR). These regulations have influenced the Philippines’ own Data Privacy Act. The GDPR requires data processors and engineers to design products such that they are friendly to data subjects.

 

The forum also discussed consent best practices. Atty. Rainier M. Milanes, chief of NPC’s Compliance and Monitoring Division, reminded developers to include privacy notices and consent collection forms. In particular developers must “include specific consent” and describe what happens to the data once collected, stored, and when it will be disposed of.

 

Cross-border data transfers were also covered in the forum. Atty. Ivy Grace Villasoto, Policy Development Division chief, explained the obligations in sharing and transferring data. Other topics discussed in the forum were the identification of vulnerabilities, “brute forcing” credit card numbers, and penalties for violations, among other subjects.

 

The full press release can be accessed here.