Mayors need to Protect Citizen Data from Unauthorized Sharing
As I started working as a volunteer data privacy officer for a fitness movement, my sensitivity on data sharing has heightened. In a social media talk for a government agency lately, the speaker before me started talking about benefits local citizens can avail of. The audience is composed of leaders in the community representing the audience segment.
The LGU had a need to update its target segment database (around 500,000 records) to ensure who still live in the area, moved out, and passed away. This will help the LGU in planning how much resources need to be budgeted for this segment. (I am not disclosing the information in full as this article is meant to be informative rather than put anyone into any trouble.)
The speaker called on the leaders to help and will be giving a copy of the data that they can update. Upon opening the file onscreen, the worksheet contains name of persons, birthdate, address, and other contact info. Raised my hand to ask:
- Are they aware of the Data Privacy Law?
- Does he have authorization to share data from their office? (As the law prescribed government personnel having access to data offsite – can only carry a maximum of 1,000 records and must have a written authority consenting them to such sensitive responsibility.)
Negative was the answer given to me on the above and stopped the data sharing from happening.
The data privacy law prescribed heads of government units to take responsibility in making sure their citizen data is protected as they are liable under the law. Government personnel sharing citizen data in an unauthorized manner or in violation of the law can be prevented from occupying public office which is double the term of its criminal imprisonment term.