NPC to collaborate with CICC to strengthen its Digital Forensic Laboratory

PASAY CITY --- On June 23, 2021, the National Privacy Commission (NPC) signed a Memorandum of Agreement (MOA) with the Cybercrime Investigation and Coordinating Center (CICC). This collaboration aims to further enhance the capacity of NPC’s personnel in the conduct of digital investigation and forensics. This is in recognition of the significant synergies and complementarity on the respective duties and functions of both agencies in the protection of data privacy and cybersecurity.

Under the MOA, the CICC will provide capacity building to NPC personnel in the operation of its Digital Forensic Laboratory. Furthermore, they will provide the NPC resource persons, training programs, modules, and materials for the following topics:

  • Techniques, methodology, applications, and best practices in digital
    investigations and forensics;
  • Admissibility, chain of custody and preservation of digital evidence; and
  • Operation, maintenance, and full utilization of the digital forensic

“The Memorandum of Agreement is a manifestation of the NPC and CICC’s common interest and obligation to protect stakeholders’ right to data privacy and cybersecurity. With professional and ethical competence and integrity as our touchstones, both agencies will utilize and maximize the resources of the government for the utmost benefit of the people we serve,” Privacy Commissioner Raymund Enriquez Liboro said.

In return, the NPC will conduct data privacy briefings, seminars, and workshops such as the DPO ACE Program for CICC personnel. In furtherance of the cooperation between the two agencies, the NPC and CICC may conduct joint data security and privacy investigations.

In this undertaking between the NPC and CICC, any data received by one from the other shall be treated as confidential information, which may not be disclosed to any person without written authority from the other party.

Similarly, both NPC and CICC shall observe and comply with the provisions of the Data Privacy Act of 2012, its Implementing Rules and Regulations (IRR), and other applicable rules and issuances of the NPC on matters concerning privacy and data protection, as well as the provisions of the Cybercrime Prevention Act of 2012, its IRR, and other applicable rules and issuances of CICC on matters concerning cybersecurity and cybercrime prevention.