FILIPINOS’ inherent friendly attitude is seen as a challenge to the full implementation of the Data Privacy Act (DPA), an official of an auditing firm said.
Although many companies have started to implement the DPA to protect their businesses from data hacking and other forms of data breach, Emiliano Librea III, head of advisory services of P&A Grant Thorton, said it may take time for the law to gain full traction.
“We are not private by default,” said Librea. “The demand for privacy should come from the person.”
Librea explained that Filipinos are naturally sociable to the point that even private details are easily out in the public. He cited, as an example, the Filipinos’ fondness for using social media platforms to disclose life’s activities including the location and the people they are with.
“Our being friendly sometimes exposes us to risks. And a lot of us don’t realize this,” said Librea, adding that Filipinos should be cautious when sharing information as this may be used against them.
“The times have changed. It’s a lot riskier now,” he warned.
Republic Act 10173 or the DPA was created to protect the fundamental human right of privacy, of communication while ensuring the free flow of information to promote innovation and growth.
But for this law to be fully embraced and adopted, Librea said it would take some “cultural change.” He said the government should beef up its campaign raise awareness.
Data protection officer
As for businesses, Librea stressed the need for small, medium and large companies to appoint a data protection officer (DPO) as mandated by law.
The DPO is responsible for the overall management and oversight of data protection. The officer must be a full-time or organic employee of the government agency or private entity.
According to Librea, companies have started to appoint a DPO in their respective businesses, however, there are still some who do not know how to go about it.
Librea said P&A Grant Thorton is helping businesses across industries comply with the DPA, from the appointment of the DPO up to the monitoring of their compliance.
“It is not only enough that businesses invest in sophisticated technologies to help them get ahead of the competition. They must also ensure that their data is protected,” he said.
Anyone caught violating the law will be fined of up to P5 million and imprisoned for up to six years. (KOC)