Content area
Full text
The Philippines’ National Privacy Commission (NPC) has found the Commission on Elections (Comelec) liable for the data breach at its voter database last March. Comelec Chairman J. Andres D. Bautista will face criminal charges for the negligence.
In a ruling signed last December 28, the NPC underscored Bautista’s “lack of appreciation” of the principle that data protection is more than just implementation of security measures.
“Data privacy is more than the deployment of technical security; it also includes the implementation of physical and organizational measures, as well as regular review, evaluation, and updating of Comelec’s privacy and security policies and practices,” the decision reads.
The hacking incident last March leaked the entire database of the Comelec and exposed data of 55 million Philippine voters, making them susceptible to fraud and other risks. While the agency downplayed...