NPC hostS APPA conference, GLOBAL FORUM

Lourdes C. Escolano

Privacy commissioners in Asia Pacific come together to discuss the future of privacy in the region.

CEBU CITY, (December 3) – The National Privacy Commission hosted the 52nd Asia Pacific Privacy Authorities (APPA) to align the country’s data privacy understanding and compliance, learn from experts and share best practices with the global privacy community.

The APPA Forum officially opened December 2 and will run until December 4 with privacy commissioners from 19 jurisdictions across the region convening in closed sessions, to deliberate on emerging technology trends and threats that impact privacy, share best practices, explore new policy directions, and build institutional partnerships.

“Value in today's data-driven world is created by building bridges and not walls. And that’s what we intend to accomplish today at the APPA Forum. To build bridges towards a future that is safe and progressive, which our children could immensely benefit from,” Raymund E. Liboro, Philippine Privacy Commissioner emphasized.

During the formal sessions, members and invited guests will meet in closed-door sessions to discuss best practices, build partnerships, share information on emerging technology and trends, as well as explore new policy directions across the region.

Other activities in the agenda include, the discussion of jurisdictional reports from each delegation, conduct of roundtable dialogues, exchange views on the challenges linked with international data transfer and the cross-border enforcement of privacy laws across Asia Pacific.

In a press conference that followed the first day of the APPA Forum, Liboro along with Michael McEvoy, Commissioner of the Information and Privacy Office of British Columbia in Canada and Stephen Kai-Yi Wong, Hong Kong’s privacy commissioner hailed the gains of the National Privacy Commission especially in the fields of privacy regulation implementation and implementation of the law that helped safeguard Filipino’s individual rights and protect personal data. 

“We would like to recognize the efforts of the Philippines, it being the youngest but also the most determined in implementing privacy regulations. We are impressed by the way it is leading the way towards getting your country into a more compliant and regulatory status with regards to privacy. I am particularly impressed by how it had been able to execute your privacy laws well, and in such a short time,” British Columbia Privacy Commissioner McEvoy said.

Recently, the NPC shut down 26 of 67 online lending firms reported to have had privacy violations of their subscribers. These online firms had violated the use of their data subject’s information by using emails and number of their contacts to embarrass them when borrowers using these platforms miss a payment. Other related violations include the unauthorized cross sharing of information for marketing purposes.

Hong Kong’s privacy commissioner Wong explained how technology is continually playing a role in the evolution of data privacy in the region. He pointed out how the APPA is a “technology neutral” organization, meaning that though current technologies like social media or ride sharing apps have changed the privacy ecosystem, the rights to privacy has not changed.

“Technology when the APPA started was much different from now. But the basis of the creation of this organization remains the same—the protection of individual’s rights to privacy—and this should not be affected by technology. But we have for many years recognized the rapid changes in technology to which we are creating the proper actions to respond to in a unified fashion,” Wong stressed.

In the morning session of the APPA Forum, reports from three working groups were shared. Tackled were the Privacy Awareness Week (PAW) activities in 2019, plans for 2020 and other continuing communication initiatives. A report on the results of a survey on top breaches was also discussed as well as a survey on complaints handling.

Other reports discussed in mostly closed door sessions were about de-identification, open data, data sharing, data portability, information aspects of indigenous people, education and outreach activities, as well developments on key investigation and enforcement matters. 

Delegations from 19 jurisdiction have joined the forum. They are, namely, Australian Information Commissioner and Privacy Commissioner, Australia; Information and Privacy Commissioner (British Columbia); Office of the Privacy Commissioner, Canada; Deputy Superintendent for the Protection of Personal Data; Privacy Commissioner for Personal Data (Hong Kong); Personal Information Protection Commission (Japan); Korea Internet Security Agency; Office of Personal Data Protection, Macao; National Institute for Transparency, Access to Information and Personal Data Protection, Mexico; Information and Privacy Commission, New South Wales; Office of the Privacy Commissioner, New Zealand; Office of the Northern Territory Information Commissioner; National Authority for Data Protection, Peru; Office of the Information Commissioner, Queensland; Personal Data Protection Commission, Singapore; Federal Trade Commission, United States; and the Office of the Victorian information Commissioner, Victoria.

This is the first time for the Philippines to host APPA, which is acknowledged as the principal forum for privacy and data protection authorities in the region. 

Photo shows NPC Commissioner leading the APPA conference

“Since its founding in 1992, the APPA has inspired alliances among authorities in the region, paving the way for establishing cooperative arrangements that push for data subject protection.” -- Privacy Commissioner Raymund Enriquez Liboro.



Raymond B. Tribdino

AS the 52nd APPA , three side events are also scheduled during the APPA Forum, open to all Data Protection Officers (DPOs) and the general public. They are the NPC’s DPO ACE (Accountability, Compliance, and Ethics) certification program, the Global Privacy Forum, and the PSST! (Privacy, Security, Safety, and Trust) symposium for students and educators.   

The DPO-ACE will run for a whole day, culminating with a series of knowledge evaluation sessions for data privacy officers seeking to get level 1 certification and accreditation. This certification allows the DPOs to capably understand the policies, and handle most requirements of the Philippine Data Privacy Act of 2012. Certified DPOs will also able to provide proper privacy impact assessment, evaluate and amend, if needed, current privacy policies of companies they serve. They can provide the documentary evidence that can help defend companies or prosecute violators of privacy laws. 

Around 800 DPOs in the Visayas and Mindanao are expected to join the NPC’s DPO ACE (Accountability, Compliance, and Ethics) certification program on December 3 at the Waterfront Hotel & Casino, Cebu City. It shall cover the standard seven modules, to be discussed by top agency officials, while the written examination is scheduled on December 5.

Meanwhile, the flagship Global Privacy Forum is set on December 4, with the theme “Bridging East and West”. Around 800 participants are also expected to join in the discussions, which features panel sessions to discuss policy reforms, projects, and programs in different jurisdictions that are relevant to the operations and activities of local sectors. Among the guests and panelists include United Kingdom Deputy Information Commissioner James Dipple-Johnstone, Hong Kong Privacy Commissioner Stephen Kai-Yi Wong, New Zealand Privacy Commissioner John Edwards, British Columbia Privacy Commissioner Michael McEvoy, Canada Deputy Privacy Commissioner Brent Homan, and Allison M. Lefrak of the US Federal Trade Commission.      

Also, on December 4, the PSST! Symposium is to be held at the University of Southern Philippines Foundation. Meant as a youth-oriented public awareness campaign on the risks brought on by careless and carefree use of online services, around 500 students are set to join the whole-day event. Among its highlights include the launch of “Kabataang Digital”, an advocacy campaign to promote a safe digital environment for teens and kids.

Day one result of privacy conference

Photo shows (from left to right) HK privacy commissioner Stephen Kai-Yi Wong, NPC commissioner Raymond E. Liboro and British Columbia privacy commissioner Michael McEvoy answer questions from the media.