upholding data privacy

8/4/2019 Upholding Data Privacy

1/24

UPHOLDING DATA PRIVACYCommittee Report Number 56Sponsorship Speech * 21 September 2011

Sen. Edgardo J. AngaraChair, Senate Committee on Science & Technology


2/24

INFORMATION AGE IS DEFINED BY

Electronics

Devices

Transactions

Processes


3/24

ICT empowers delivery of theseservices but with a risk

Banking

HealthServices

Travel

CriminalInvestigation


4/24

ICT can either go 2-ways

CONVENIENCE

Cut red tape

ABUSE

Cut through security

for information theft

or misuse


5/24

Risk Team Netherlands

3.8 M RECORDS COMPROMISEDPhilippines is among the 22

countries in which a data breach

occurred in 2010.


6/24


96 % were card payment data3% usernames & passwords

1% personal information

Major causes were hacking

and malware.


7/24


GOOD NEWS IS:Number of records compromised are decreasing

In 2008, 360.8 M records werecompromised, a record high.

In 2009, 143.6 M records werecompromised.

But because of successfulidentification, prosecution andincarceration magnitude of breacheshas been reduced.


8/24

DATA BREACHES ARE COSTLY

Year

Cost per

compromised

record

Average total cost

per-incident

2009 $204 $6.75 M

2008 $202 $6.65 M

Cost gets

higher by the

year.


9/24

DATA SECURITY VS. DATA PRIVACY

Data Securityinfrastructure lockdown that allows or prohibits

access to data based on authorization through

passwords & encryption.

Data Privacy

ensure that authenticated users do have

legitimate reason to access specificinformation.


10/24

The digital era requires a legislative

framework on data privacy that is aligned

with international standards. This has

immense implications on business

opportunities for the country.


11/24

IT-BPO INDUSTRY GROWTH

IN THE LAST 5 YEARS

Year Revenues Jobs

2010 US$ 9 B 525,000

2006 US$ 3.3 B 236,000

BPAP believes that the country can earn as much

US$25 billion in revenues, or about 8.6% of GDP, and

create 4.5 million direct and indirect jobs if the govt

can foster a conducive business environment.


12/24

Philippines slipped to a lower ranking in the

Global Services Location Index (GSLI)

Rank Country

1 India

2 China

3 Malaysia4 PHILIPPINES

5 Singapore

6 Thailand

7 Czech Republic

8 Chile

9 Canada

10 Brazil

Rank Country

1 India

2 China

3 Malaysia4 Egypt

5 Indonesia

6 Mexico

7 Thailand

8 Vietnam

9 PHILIPPINES

10 Chile

Year 2011Year 2005


13/24

Philippines slipped to a lower ranking in the

Global Services Location Index (GSLI)

Rank Country

1 India

2 China

3 Malaysia4 PHILIPPINES

5 Singapore

6 Thailand

7 Czech Republic

8 Chile

9 Canada

10 Brazil

Rank Country

1 India

2 China

3 Malaysia4 Egypt

5 Indonesia

6 Mexico

7 Thailand

8 Vietnam

9 PHILIPPINES

10 Chile

Year 2009Year 2005

Philippines ranks high in financialattractiveness but...

We still rank

42nd out of 50 countriesin terms of business environment.


14/24

In the case of the IT-BPO industry, locators look

not only for good ICT infrastructure or fiscal

incentives but also prefer destinations where

security and privacy of their data andintellectual property are upheld.


15/24

CONSEQUENCE OFNON COMPLIANCETO GLOBAL STANDARDS

Earlier this year, the Chinese

government released draft

privacy regulations, proposing

that:

Companies holding personal

data must first receive explicitconsent to divulge data to

third parties; and

Personal data cannot be

shared unless specificallyallowed by law or government

authorities.


16/24


Some business leaders

expressed concerns that

such regulations would

hamper the growth of

Chinas IT-BPO industry,

given that these regulationswere stricter than their

Western counterparts


17/24


In India, new rules in their

Information Technology Act

initially caused uproar in the

BPO industry. Observers

initially interpreted that the

new regulations wouldrequire firms to first obtain

written consent through

letter, fax or email beforecollecting any personal data.


18/24

DATA PRIVACY LAW

ALIGNED WITHGLOBAL STANDARDSProposed privacy regulations will keep

our information systems safe withoutunnecessarily restricting our IT-BPOindustry and other ICT-driven sectors.

We have chosen to follow the Asia-Pacific Economic Cooperation (APEC)Privacy Framework as it providesample flexibility in implementation.


19/24

ADHERENCE TO GLOBAL STANDARDS:

COMMITTEE REPORT NO. 56 UPHOLDS

THE FOLLOWING APEC INFORMATION

PRIVACY PRINCIPLES

Preventing Harm

Notice

Collection LimitationUses of Personal Information

Choice

Integrity of Personal Information

Security Safeguards

Access and Correction

Accountability

56


20/24

SAFE HARBOR CLAUSE

The measure will also adopt a Safe

Harbor clause to ensure that we

comply to the data processing

procedures that might arise in

countries with stricter privacy laws.

56


21/24

Will oversee, monitor and

enforce standards for data

protection and privacy

regulations, especially to keep

the IT-BPO industry globallycompetitive.

56 NATIONAL

PRIVACYCOMMISSION


22/24

The Data Privacy Act will enable our IT-BPO

industry to maximize its potential which is

presently hindered by several constraints

including our lack of privacy controls.


23/24

Coupled with 2 other ICT laws we are

pushing for, the Data Privacy Act will send

a strong message that the Philippines is a

serious player in the global knowledge-based economy. And it is high time we

truly become one.


24/24

Thank you.

upholding data privacy

Documents