Foundation for Media Alternatives Revisits Comelec Breach of 2016
With two years already having elapsed since the Philippines’ biggest government data breach grabbed hold of global headlines, non-government organization, Foundation for Media Alternatives (FMA),has released a briefing paper providing a summarized account of the events surrounding the infamous hacking incident.The document proposes some major takeaways and action points, both on the part of government and the private sector.
When news of the so-called “Comeleak” first broke out, the ensuing public panic was exacerbated by wildly conflicting accounts from the Commission on Elections (Comelec), the hacker groups claiming responsibility for the incident (i.e., Anonymous Philippines and LulzSec Pilipinas), and law enforcement authorities. It would take a months-long investigation carried out by the then newly-minted National Privacy Commission (NPC) before some degree of clarity was achieved, through the agency’s December 2016 Decision, and the brief Preliminary Report it issued a few months prior.
If one recalls, the NPC found the Comelec and its then-Chairman, Andres Bautista, both liable for violating a number of provisions of the country’s Data Privacy Act (DPA). It went so far as to recommend to the Department of Justice the filing of criminal charges against Bautista, whilemaking no other findings of liability on the part of the other respondents initially named in the case.
With the case now pending before the appellate court, the world has since bore witness to a number of other election- or voter-related data crises. Mexico and the U.S., for instance, suffered even bigger information leaks just weeks after the incident. Then just these past month, this Facebook-Cambridge Analytica controversy has highlighted anew the extent by which misuse of data—even as innocuous as that shared via online quizzes—can threaten the very foundations of a democratic society.
In its paper, FMA looks back at that historic moment before suggesting to the various stakeholders some steps it deems necessary to prevent similar privacy breaches in the future, namely:
- All Filipinos need to take data privacy seriously.
The NPC must be competent (from the Commission proper down to its operations staff), well-resourced, and independent.
Additional data protection policies must be developed to help government agencies and the private sector comply with the DPA.
State capacity in other areas (e.g., cybersecurity, cybercrime investigations, etc.) should also improve.
Extreme caution should be observed when dealing with data-intensive systems.
Civil society must continue advocating for privacy and data protection measures in government and the private sector.
These measures become even more relevant today as the Philippines prepares for another set of elections.
Contact Person: Jess Pacis at firstname.lastname@example.org or 435-6684
About FMA: The Foundation for Media Alternatives (FMA) is a non-profit NGO in the Philippines whose mission is to assist citizens and communities – especially civil society organizations (CSOs) and other development stakeholders – in their strategic and appropriate use of the various information and communications media for democratization and popular empowerment.
Foundation for Media Alternatives
Tel.No.: +63 2 435-6684 / +63 2 903 5930
Submit your contribution online through HRonlinePH@
Include your full name, e-mail address and contact number.
All submissions are republished and redistributed in the same way that it was originally published online and sent to us. We may edit submission in a way that does not alter or change the original material.
Human Rights Online Philippines does not hold copyright over these materials. Author/s and original source/s of information are retained including the URL contained within the tagline and byline of the articles, news information, photos etc.