Announcement

NOTICE OF PUBLIC CONSULTATION

Interested parties are invited to submit their comments on the draft Circular on the Data Privacy Competency Program of the National Privacy Commission (NPC).

Through this Circular, the NPC will introduce new programs that will cover the foundational and operational aspects of the Data Privacy Act of 2012 (DPA) essential for practitioners as well as anyone who seeks to have a better understanding of the DPA and its application to actual situations. Please see the draft Circular for your reference at link.

Please send your comments to [email protected] on or before 09 June 2023 with the
following subject – “Public Consultation – Competency”.

The NPC will conduct an online public consultation on 16 June 2023 at 2:00 p.m. Interested parties
who wish to join may send an email to [email protected] on or before 09 June 2023.

Thank you.

NOTICE OF PUBLIC CONSULTATION

Concerned organizations, stakeholders, and other interested parties are invited to submit their comments/suggestions/opinions and other valuable inputs regarding the draft Guidelines on Identification Cards Issued by Private Sector Personal Information Controllers to be adopted by the National Privacy Commission.

Please see attached Draft NPC Circular for your reference at this link.

These guidelines shall inform and guide personal information controllers in the private sector on the issuance of ID cards, specifically on the contents thereof in relation to the principle of proportionality.

Please send your comments/suggestions/opinions and other inputs to [email protected] not later than 9 June 2023 with the following subject: “Public Consultation – ID Cards.”

The Commission will conduct an online public consultation on 15 June 2023 at 1:30pm. Interested participants who wish to join may send an email to the address provided above on or before 9 June 2023.

Thank you.

NOTICE OF PUBLIC CONSULTATION

Concerned organizations, stakeholders, and other interested parties are invited to submit their comments/suggestions/opinions and other valuable inputs regarding the draft Guidelines on Consent to be adopted by the National Privacy Commission.

Please see attached Draft NPC Circular for your reference at this link.

These guidelines shall inform and guide personal information controllers on the use of consent as a lawful basis for processing personal data

Please send your comments/suggestions/opinions and other inputs to [email protected] not later than 9 June 2023 with the following subject: “Public Consultation – Consent.”

The Commission will conduct an online public consultation on 15 June 2023 at 10am . Interested participants who wish to join may send an email to the address provided above on or before 9 June 2023.

Thank you.

CALL FOR PUBLIC INPUT

Guidelines on Closed-Circuit Television (CCTV) Systems

The National Privacy Commission (NPC) previously issued NPC Advisory No. 2020-04, or the Guidelines on the Use of Closed-Circuit Television (CCTV) Systems, which provided for guidance to all personal information controllers and personal information processors on the use of CCTV systems operating in public and semi-public areas.

As technology for CCTV systems continue to evolve, and the use thereof becomes accepted and even mandated in certain instances, there is a need to provide for an updated policy framework on the use of CCTV systems ensure that such systems shall be used in a fair, transparent, proportional, legitimate, and accountable manner while upholding data subjects’ rights and freedoms.

NPC wants to hear from you.

To create a responsive regulation, the NPC requests inputs on your experiences, issues, and concerns on the use of CCTV systems. The submission of concrete examples and use cases detailing these issues will be greatly appreciated. Your contributions will truly help in the creation of sound policies in the furtherance of the right to data privacy in the country.

You may submit your comments, recommendations, and papers to [email protected] until 2 June 2023 with the following subject: “Call for Public Input – CCTV”.

We look forward to your responses. Thank you.

***

REMINDER ON THE SUBMISSION OF THE 2022 ANNUAL SECURITY INCIDENT REPORT

The deadline to submit 2022 Annual Security Incident Reports is until 31 March 2023. Submission shall be done only through the Data Breach Notification Management System (DBNMS). Any other mode of submission is not allowed.

For a step-by-step instruction on how to submit an ASIR in the DBNMS, please follow the video tutorials on this link: Click here

ANNOUNCEMENT ON DPS REGISTRATION

With the launch of the National Privacy Commission Registration System (“NPCRS”) and the effectivity of NPC Circular No. 2022-04 on 11 January 2023, the Commission will no longer accept new registration, amendments, and renewal of registration except through the NPCRS portal. Submission through email, personal filing, ordinary mail, licensed courier service and other mode of physical submission shall not be considered valid.

Personal Information Controllers (PICs), Personal Information Processors (PIPs), and Individual Professionals processing personal data who are covered by mandatory registration (Sec. 5 NPC Cir. 22-04) have 180 days or until 10 July 2023 to comply.

NPC Circular No. 2022-04 can be accessed through this Link

All PICs/PIPs are directed to create an account, through its Data Protection Officer, and register Data Processing Systems at Link

For registration related inquiries, you may reach the us through email at [email protected]

For system [NPCRS] related inquiries, please email us at [email protected]

For PICs/PIPs who do not fall under Section 5 on Mandatory Registration of NPC Circular No. 2022-04, You are required to submit a notarized document of Annex 1 - Sworn Declaration and Undertaking for Exemption from Registration of Data Processing Systems at [email protected]

All Certificates of Registration with effectivity dates until the 8th of March 2023 are EXTENDED to 10 July 2023.

PICs, PIPs, and Individual Professionals holding OLD Certificates of Registration bearing a different effectivity date shall be considered not-registered.

Compliance and Monitoring Division

ACCEPTANCE OF THE PRINTED EPHILID AS VALID PROOF OF IDENTITY AND AGE IN ALL SERVICES OF THE NATIONAL PRIVACY COMMISSION

The National Privacy Commission accepts the various formats of the PhilSys digital ID, including the printed ePhilID, as a valid and sufficient proof of identity and age subject to authentication through the PhilSys Check. Please refer to the Philippine Statistics Authority Public Advisory dated 30 September 2022 and a sample of the official format of the printed ePhilID for reference.

Announcement regarding the submission of Personal Data Breach Notifications (PDBN) and Annual Security Incident Reports (ASIR)

With the launch of the DBNMS, the NPC will no longer accept Breach Notification and Annual Security Incident Report submissions except through the DBNMS online platform. Thus, submissions through email, personal filing, ordinary mail, licensed courier service, and any other mode of physical submission shall not be considered as valid.

All Personal Data Breach Notifications and Annual Security Incident Reports shall be submitted through https://dbnms.privacy.gov.ph .

See the Guidelines on the Issuance of Certificate of Pending/No Pending Case here and the Request for Certificate of Pending/No Pending Case Form here.

Send your requests to [email protected] with the subject "CPNPC Request_<name of entity/individual>"

Announcement regarding validity of existing Certificate of Registration, revised process on new application, renewal, and amendment of registration, and guidelines on common Data Protection Officers. For more information click here.

Advisory on modified in-person or face-to-face hearing of cases for all parties with pending hearings with the NPC download here

There is an easier and safer way to file your complaints before the National Privacy Commission through the improved COMPLAINTS-ASSISTED FORM (CAF). Download the new version of the form here. Do not forget to attach a copy of your supporting documents.

For inquiries, email us at [email protected]

For complaints, send your complaints-assisted form to [email protected]