Malacañang has replaced the head of the Philippines’ data privacy watchdog, instituting a change of leadership even as authorities have yet to get to the bottom of a hack that saw depositors’ hard-earned money getting funneled away from BDO Unibank, the largest bank in the country.
In separate statements on Friday, acting presidential spokesperson Karlo Nograles and the National Privacy Commission (NPC) confirmed an online news report that its head, Commissioner Raymond Liboro, had been replaced by a deputy commissioner.
Newsbytes.PH broke the story earlier in the day, quoting a highly placed source.
John Henry Naga, who was brought in from the Department of Information and Communications Technology to replace a deputy commissioner in 2019, is the new head of the commission.
Naga’s appointment as Liboro’s replacement was made effective on Dec. 14.
Holdover capacity
Liboro was actually due to be replaced as he had been in a holdover capacity since ending his first three-year term in March 2019. He would have completed another three-year term—the maximum extension under the law—in March next year.
The change in leadership at the NPC was made weeks before the start of a ban on the appointment of new government positions during the election season.
But it came at a time when attacks on Filipinos’ data privacy rights are still fresh, ranging from phishing text messages intended to gain access to personal information to unauthorized bank transfers.
‘Business as usual’
Asked by phone on Friday how the transition would affect the NPC’s data privacy probes, Liboro told the Inquirer: “Definitely, there is a guaranteed follow-through. Nothing will stop the NPC from the conduct of its investigations. It’s business as usual.”
Liboro was the first to head the NPC since it was formed in 2016, or around four years after the Philippines’ Data Privacy Act (DPA) was passed. During his extended tenure, he had the difficult job of making awareness of data privacy rights a part of the public consciousness.
In a statement confirming his appointment, the NPC said Naga was also the head of the commission’s Data Security and Compliance Office, which is in charge of monitoring the government and the private sector’s compliance with the DPA.
A privacy expert says that even if the public may not be accustomed to the language of the data privacy law, it is now aware of the consequences of lapses in enforcement. He cites the case of policemen demanding sensitive information from organizers of community pantries—a breach of privacy about which the NPC appeared unconcerned.
The expert is watching what the new leadership at the NPC will bring to the table, and wondering whether the recent hack at BDO is not just a banking issue but a privacy concern as well.