De Lima seeks Senate probe on passport data breach

Opposition Senator Leila M. de Lima has joined the call to hold government officials and private contractors involved in the suspected data breach at the Department of Foreign Affairs (DFA) accountable for their failure to protect people's personal data.

In filing Senate Resolution (SR) No. 988, De Lima urged the appropriate Senate committee to look into the alleged data breach in the passport databank of the DFA and provide immediate remedies to uphold data privacy and protection of the citizens.

"The right to privacy is a fundamental human right and is central to the protection of human dignity. Privacy and protection of personal data must be safeguarded and guaranteed by no less than the state itself," she said.

"The government officials and contractors who are involved in this data breach must be held accountable and liable. There is need to determine the extent of government accountability leading to this malfeasance and how to prevent the same from happening again," she added.

In a Twitter post last week, Foreign Affairs Secretary Teodoro Locsin Jr. claimed that a former outsourced passport maker "took all" the data of the applicants upon the termination of its contract.

It however remains unclear what the extent of the data breach is and whether sensitive personal information taken by the passport contractor terminated by government were safeguarded or can be still retrieved.

De Lima noted the DFA failed to immediately implement appropriate measures to protect data of Filipinos against possible data breach even after it was informed that in 2017, the United Graphic Expression Corporation - which continues the illegal production of the E-passports - has not complied with the terms of the awarded contract of the Philippine Passport Printing.

The lady Senator from Bicol underscored the importance of establishing legislative safeguards to ensure that private contractors will not have control and storage of the data and information of persons doing business with the government.

"Government agencies need to be put on notice to ensure that all private contractors performing outsourced government functions are complying with all the provisions on their service contracts as well as relevant laws protecting and preserving personal data from our citizens," she said.

"There is also need to examine the current laws regulating the agreements with contractors that involve the handling of personal information," she added.

In order to prevent data theft and breach in the future, De Lima said the concerned government agencies should ensure that rigorous security measures are well set in place against potential data breaches in the future.