Comelec high on vote security, zero on safeguarding voter info
National Privacy Commission Chair Raymond Liboro on Tuesday said that the “Comeleak” happened because while the Commission on Elections (Comelec) was so focused on protecting the votes, it failed to put safeguards in place to prevent hacking of the voters’ data base.
“Dahil sa gusto lang maprotektahan ang boto, ‘yung mga botante ata ang nakalimutan nila protektahan,” Liboro said in an interview with INQ&A.
He said that the issue should not be categorized as ordinary website hacking.“Hindi lang sila (Comelec) nagme-maintain ng website, (the Comelec does not conduct website maintenance.)”
“Comeleak” was coined following the hacking of the Comelec website in March last year or two months before the elections. Hackers bared personal information of over 55 million registered voters that triggered public uproar and harsh criticism against the poll body. It was described as one of the worst breaches of a government-controlled database globally.
Earlier this month, the NPC recommended the filing of criminal charges against Comelec chair Andres Bautista for allegedly committing “gross negligence” of his obligations under the Data Privacy Act of 2012, an act “protecting individual personal information in the information and communications systems in the government and the private sector.”
READ: Commission: Charge Comelec chair for ‘Comeleak’
Only Bautista was named as solely responsible for the data breach.
Liboro said that NPC has investigated the case and studied the laws needed to implement and possible violations. Five fact-finding meetings were held to discover the hacking’s causes.
Article continues after this advertisementHe said that the three grounds that applied to Bautista as the one liable for the Comeleak were the responsibility of the head of agencies, failure to execute a policy covering data privacy and failure of appointing an accountable officer or information officer that will protect the information of millions of people that are just basic data privacy principles.
Article continues after this advertisement“It all points to somebody responsible, kung tingin niya na hindi dapat siya, eh, ‘di sino?” Liboro asked.
He said that over the course of the hearings, NPC asked Comelec to show what its plans are, or if poll officials are planning to execute a policy related to the issue. The Comelec failed to show any.
“Walang malinaw na plano ang Comelec kung papaano po-protektahan ang milyon-milyong impormasyon ng mga mamamayan,” Liboro added.