PAW 2021: Valuing Privacy in the Time of Digital Transformation (Day 1)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

ensure that citizens personal data will be used lawfully and fairly in the coming 2022 national elections there are so much more that i wish to mention i can go on and on about the plans directions and projects of the npc that we will implement in the years to come at this juncture please allow me to express my sincerest thanks to all of you data protection officers privacy champions and advocates and fellow government servants present today your conviction in our privacy advocacies remains unwavering despite the challenges on a personal note i would like to thank the active corps of privacy leaders that the data privacy council executed to me internally our own organization is our stakeholder too i wish to thank my deputies deputy commissioner john naga and deputy commissioner leandra aguirre and our executive director ivy nelson the gains of the commission would not have been possible without them i would also thank the financing administrative office of the of the fao as you can see they are really the support of this entire responsive regulatory framework they stayed on their posts during the enhanced community clients quarantine period they provide critical frontline services for the commission's operation financial and administrative needs they even delivered desktops laptops and other needed materials to the residences of npc employees to support a remote work arrangement the fao to this day oversees the disinfection of npc premises and shuttle services to ensure a fully virus free workplace thank you to you fao and to all the npc directors chiefs and staff i know how much every time you had to take last year the many dinners with family you had to forgo to attend to the public and i know this goes to a lot of data protection officers here too serving your company to the fullest amidst again this very trying pandemic we are a critical juncture that is likely to have permanent implications and privacy and so we have to be steady vanguards let me end by retelling a short point i did when i was in college the university of the philippines in dilemma it was in 1987 and that was in my senior year at the ut school of economics it was a year after people power those times following eza were one of the most difficult to those of you who are too young during that period ask your parents about it the economy was down and the air was filled with uncertainty and fear it was a time when values character and resilience of the filipino were tested as a young activist during that time i wrote a short reminder to my fellow youth to give hope to those who were wavering amidst the confusion brought by the unfamiliar crisis this very brief poem was later published by the national youth commission as a magazine cover and printed on t-shirts in the diliman mall and it goes let us not appear silly in our youth and grow old realizing everything was playing illusion but let us age slowly with the knowledge that our commitment was right and all is not lost the events that unfold today will echo in the years to come and the decisions we make today will define the privacy ecosystem of tomorrow age slowly and never waver because your commitment is right as we talk about this privacy awareness week our pivot to digitalization and recovery we look forward to the fruitful discussion on how we can best help data subjects our people navigate this time with renewed hope and commitment thank you very much thank you commissioner liboro and i hope you are all as excited as i am for future events and activities equally i hope you're also very proud of the journey of the philippines data privacy and protection regulation we have really come a long way but before we begin today's very exciting panel we we would like to look back at our past celebrations and events let us all watch this video [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] so [Music] [Music] so [Music] [Music] [Music] [Music] [Music] [Applause] [Music] so [Music] [Music] [Music] so [Music] [Music] so [Music] [Music] [Music] [Music] do [Music] ladies and gentlemen and those are the new and upcoming projects and activities of the national privacy commission from its humble beginnings in 2016 the npc evolved to be a results-driven and responsive regulatory authority with a high performing team working with utmost integrity all with a shared goal of being an enabler and protector of the data privacy rights for the benefit of all data subjects in the country ladies and gentlemen prior to the pandemic the npc also hosts of various events one of the one of one of those is the asia private pacific privacy authorities let us all watch this video and look back on the previous events of the npc [Music] so [Music] so [Music] [Music] you're handsome [Music] you're beautiful [Music] [Music] with the 52nd alpha i'd like to congratulate everyone let's give each other a big round of applause we're really working hard [Music] [Music] um good morning ladies and gentlemen on behalf of the entire national privacy commission we thank you for being here today your being here is no accident it is destiny but one that is mandated by law specifically the data privacy act of 2012. you should always consider maximizing the benefits minimizing harm [Music] if you want to go fast you go alone but if you want to go far you go together describes the functions of a dpo don't worry it's a lot of responsibility but you are not alone in this work [Music] we're doing our best to reach out to all [Music] [Music] [Music] all right so i hope everyone you're also ready because at this point in our program we will hear from our esteemed government leaders as we tackle the various privacy issues amidst the government's pandemic response as we have navigated the peculiarities of the various community quarantines and the limitations posed by these necessary restrictions for containing the spread of the disease we have seen how the government has responded by prescribing and implementing various health protocols providing monetary aid and other assistance and now the deployment of vaccines the npcs likewise provided guidance to both the government and the private sector since the pandemic started our mandate has always been clear data privacy rights are never suspended even in the time of the pandemic the npc and the data privacy act has never been a hindrance to the pandemic response now our first panel is composed of our officials from various government agencies as well as a local government unit we will be hearing their take on how the government's pandemic response has upheld data privacy rights and necessitated a whole of patient approach to those watching via our ms teams live platform you may type in your questions via the chat box and we will let the speakers know about them joining us here today is first dr eric tayag director for knowledge management and information technology service of the department of health you set jonathan malaya of the department of interior and local government and chairperson of the task group on governance national task force against covet 19 and mayor vico soto of pasig city recognized as the standard bearer for a new generation of elected officials who prioritize anti-corruption and transparency initiatives and a recipient of the international anti-corruption champions award without further ado may i first call our first panelist for this morning dr eric tayag to share his brief assessment on the health department's targets on surveillance contact tracing quarantine isolation and testing as part of the pandemic response dr eric diet you have the floor good morning everyone i'm dr eric taylor of the department of health first of all i'd like to congratulate the privacy commissioner payment liboro for having this fourth national day priory privacy conference thank you for the support as we are also supporting this endeavor i'm going to talk about upholding data privacy rights in the pandemic response the department of health's imperatives next slide please you know the drill if you get infected you should first know the sentence there's fever there's cough or this may be accompanied by shortness of breath then what do you do we have to confirm if this is called 19 infection and this requires testing and while we wait for the test results we go into quarantine that's 14 days we monitor our signs and symptoms or somebody else's will monitor our signs and symptoms and if we suspect because of the symptoms that happen in this period we now should be isolated and seek treatment and hopefully we the coven 19 infection we have over 1 million cases more than 20 000 deaths already reported by the department of health and easily while we have learned through these months in the pandemic we still have to get grip of the fact that there are interventions that we have just to implement we must contain and all of us have been aware of the restrictions brought about by community quarantine and now we're trying to achieve herd immunity through vaccination the combination of containment herd immunity hopefully will bring us a safe return to normal but wait all these activities required digital health interventions and so digital health interventions have the complications of breaching data privacy next slide please the department of health has anticipated data privacy concerns from these digital health interventions and so we on your screen we bring you the legal basis for the processing of personal data for example 12 e the processing of personal information is necessary to fulfill the functions of public authority which necessarily includes the processing of personal data for the fulfillment of its mandate certain b and f is shown there that the processing of the same sensitive personal information is provided for by existing laws and regulations for example the laws on notifiable diseases can i have the next lightings how do we measure up to the basic data privacy principles that include transparency legitimate purpose proportionality accountability transparency when we launched the telemedicine platform in march last year we made sure that the first thing a caller listens to is the privacy notice for the legitimate purpose we only make sure that this is aligned with the requirements of the universal health care act and what i mentioned earlier the mandatory reporting of notifiable diseases act of course the department of health would only get information from our citizens of what we need and not what we want and that's proportionality we have to make sure that for every indicator data elements that we have to collect that we need them rather than something we only wish for or what we wanted but we would not need anyway accountability we make sure that designing these digital health applications so that they will promote the digital health interventions required to support the coveted 19 response in the country is already privacy by design next slide please now let's look at the policies that supported the coveted 19 response we have guidelines on the use of talent medicine for example privacy guidelines and the processing and disclosure of covered 19 related data guidelines on the monitoring evaluation of the use of telemedicine guidelines under processing of ict solutions provider endorsements a template for data sharing agreements and processes for its accomplishments the dissemination of the national privacy commission's covenanting bulletin compilation you're watching this conference as we broadcast and the department of health made sure that these foundational policies are in place so there will be no room for confusion disagreements or misunderstanding next slide please but what about the data privacy policies for universal healthcare because we should also be aligned to it so we issued guidelines on the implementation and maintenance of an integrated health information system we never dreamt of any silos in our health information system we just have to integrate them what's the use of having silos when we cannot even make sure that we're working together on this then there are the guidelines and the implementation of telemedicine we want to make sure that proper practice of telling medicine is something that is enshrined to all practitioners that's why in the department of health when we embarked on the italian medicine we had several briefings for volunteers and making sure that even if this is a relatively new technology addressing the disruption of health services in the country the telemedicine will not suffer those from other technologies as well that have been introduced during this pandemic and there are implementing guidelines for section 31 of the universal care act under processing and submission of health and health related data next slide please now we have been working closely with the national privacy commission sometimes we have privacy commissioner raymond diboro working in detail with our team and with myself so that we make sure that we thread the platforms on data privacy here in this screen we provide you with our current accomplishments 73 out of 144 third-party proposals and ict solutions were evil weighted yes ladies and gentlemen almost every day the department of health continuously gets these proposals and we have to evaluate them before this is vetted by the national privacy commission and we have 52 moa csas outsourcing agreements that we were able to review and finalize the privacy impact assessments have been reviewed for six donated ict technologies for our government 19 response and we had to make sure that the volunteer physicians under our telemedicine program were provided the orientation on the data privacy act next slide please more than that telemedicine establishes what data privacy act is all about aside from the privacy notice at the start we at the department of health are committed that even third party telemedicine providers will follow the rules so that we had to do a sandbox implementation to make sure there are no breaches with personal information that is shared through this technology next slide please yes we have accomplished so much and we feel that we are getting the support the full support from the national privacy commission that what that is why it encourages us to do more on policy and strategy in ritualing ourselves and for compliance monitoring i end with this slide next please our secretary of health secretary francisco duke iii and if i have to quote him trust is always earned in public service and there are no shortcuts on how to earn it when collecting personal data it is paramount to design systems that protect individuals from harm while at the same time ensuring data starters are complied with us not to compry compromise data privacy good morning and thank you everyone thank you as well dot tayag for sharing doh ict initiatives and the digital health interventions of the doh in the time of the pandemic we already see a few questions from the floor and we will be reading them during the open forum later now at this point in our program let us welcome our next panelist under secretary jonathan malaya to provide in highlights on the dilg's key role in contact tracing and aid distribution enforcement of community quality restrictions through the use of digital solutions keeping in mind data privacy rights of our citizens yusek malaya you have the floor yeah can you hear me now yeah thank you very much um thank you in on behalf of the department of interior and local government i'd like to thank the national privacy commission uh privacy commissioner raymond liboro and the entire agency for inviting the ilg in today's conference i have a presentation okay so the invitation that i received from the commission talked about giving updates on the stay safe philippines application but i'd be happy to answer also questions about other matters within the jurisdiction of the department but i will limit my presentation now to the invitation that was sent to me which is about contact racing in particular the use of a digital contact tracing stay safe app which was already donated to the to government through the dilg so next slide please so going back um the department of interior and local government is part of the national task force covid19 in fact uh secretary eduardo ano is the vice chair of ntfco vid19 and we are chair of several task groups and one of those task groups under the response cluster is task group contact racing and the contact racing is led by under secretary florese of the dilg now when we talk about contact racing there are two aspects to it number one is the manual contact tracing which is done through volunteers which is done through the philippine national police this is essentially an effort done by individuals making calls visiting close contacts of go with positives so that's why it's called manual contact racing it's a local effort nationally supported i mentioned local effort because contact racing is essentially run by the local contact racing task force which is usually headed by the municipal or city health officer and what the ilg does is to deploy additional personnel to augment the contact racing efforts of our local government units now on the site of digital contact racing in april of 2020 the national task force kovit 19 signed a moa with mortises adopting stacey philippines as the country's official contact tracing health conditioning reporting and social distancing system next slide and there has been numerous um iatf resolutions adopting stay safe as the official contact racing app of the government and because of these numerous resolutions issued by the iatf finally last month on march 29 2021 stay safe was relaunched and finally turned over to the department to unify our digital contact tracing efforts in the country let me emphasize that prior to the turnover of the app to the philippine government it was multisys who was running the system but now that it's been turned over to the department uh we are that multisyste is now slowly turning over the system and we are learning about it every day as we uh move forward so we have on march 29 the formal turnover of stay safe to the philippine government through the dilg and as you can see in that photo we have representatives from the department of health the department of information communications technology and of course the dild next slide so stay safe even though it was just turned over to the philippine government on march of this year it's been uh in use already since last year so we now have more than 3 million almost four million individuals who are using the system and one thousand three hundred fifty eight lg us have also you is utilizing the system but some are using it more than others the app users mostly come of course from the national capital region next slide and among the lgu's that are using the stay safe system in metro manila is uh munti lupa and other local government units while many companies including sm mcdonald's and jollibee and most of the members of task force d3 also utilize stacey next slide but notwithstanding the fact that stay safe is there we recognize and also acknowledge the different local contact racing apps that includes passing pass and i saw mayor vico today as one of the panelists so i'm sure he will discuss how passive pass is also being utilized in passing we also recognize of course val trace qc pass the and the one in antipolo the one in mandaluyong and all of these systems continue to operate because uh they are complementary so stay safe meaning uh though stay safe is the national contact racing app in places where they have a local contact racing app like in pasig they can continue to utilize the passing pass and the intent is to integrate the data going into passive pass and forward it to stay safe meaning we will have a interoperable system and that um integration is now being worked at by the dilg and multisys the developer of stay safe so therefore those residents of pasig and venezuela can continue to use their local content tracing apps because they will also be integrated to stay safe next slide so one of the big issues that came about when stay safe was launched last year when it was not yet turned over to government what was about the issue of uh data privacy and is that that is precisely the reason why we have this conference to discuss the national data privacy policies of government and how we can further improve them i'm happy to note that the national privacy commission was with us every step of the way in making changes and improvements in the system as recommended by the national privacy commission the stasif application protects users privacy its privacy feature is that users do not have to disclose sensitive information when registering to the system in fact issues so uh multisys has devised a system where in the cell number of the individual becomes the controlling uh information utilized because uh positives they also have cell phone numbers so young cell phone numbers numerical with positives are integrated and utilized by the stay safe app and whenever that cell phone number uh is flagged by the department of health then uh the system recognizes that person as positive next slide one of the features of stay safe is that users are asked if they are feeling any of the kovid 19 symptoms and angmaganda dito is that the system will prompt you and the the system will also prompt the establishment that if for example linagaimo once you enter an establishment and you are required to scan the stay safe qr code and you yourself um registered yourself as uh feeling a severe condition building agustin so again there's also an element of honesty here on the part of the individual that if you are not feeling well it would be best now and there's also the element of honesty because the system only that the system will operate flawlessly if we put in the honest response next slide the data that will be sent uh that that is generated by stay safe is sent to a heat map and the heat map is reflected in the platform's administrative dashboard as we can see here next slide so all of these uh features that we see here is in compliance with the recommendations of the national privacy commission uh as provided in ra10173 or the data privacy act next slide the spacing application utilizes the terms of use of electronic lag book and privacy notice where it is stated that the information that the application collects and the rights to your information in short the individual has to give consent to the collection and processing of information but the terms of use is just for record purposes to keep track of the people coming in and out of the premises and for a quick contact casing program the information collected is stored in a secured database repository which is used for a limited time only users data are deleted every 30 days moreover users can choose to delete their own records or personal information the implementation of reasonable and appropriate physical technical and organizational measures to prevent the loss destruction misuse or alteration of information will take place to reduce the risk of security threat next slide merundinpung issues before national contact racing up meaning stay safe for surveillance purposes because at that time the system was still using gps so uh as a result of those concerns stay safe now cannot be used for some surveillance because it no longer uses uh gps technology instead is it uses bluetooth technology through the ga end or the google apple exposure notification system so and how this works is if your ga and feature is turned on and then well sorry if the guide feature is turned on by multisys and the ilg and your phone's bluetooth is on whenever you are close to a suspect or co confirmed positive covid patient there will be an alert that is sent to you stay safe also has a digital logbook that is contactless and paperless to eliminate the manual health check forms being accomplished by visitors in an establishment next slide the lg use can also utilize the stay safe app for them to generate heat maps showing kovid 19 hot spots in their areas next slide stay safe is also useful for measuring social distancing to lessen the chances of contracting covid19 next slide and private and public organizations companies and as i said government agencies can easily get their stay safe qr code through the application and right now we already rolled out the safety sales certification program the safety seal certification program is a program to determine if public establishments and private establishments restaurants different types of commercial establishments if they are compliant with minimum health standards as provided in iatf regulations in various regulations issued by the doh the ilg dole dot and the dti so again and we check and inspect if they are compliant with minimum health standards is the use of the stay safe app or a local contact tracing app and stay safe or wall on contact racing app safety next slide so we feel that by utilizing the stay safe system you will have a seamless fast and efficient contact racing in our country next slide our target is to reach 50 million users of the system and we also target to connect all 1664 cities and municipalities across the country to utilize uh the said system so uh we are a long way to go from there uh downloading last month no march uh 29 and uh we have a long way to go and right now the technology transfer is still happening between multisys and the dilg in fact right now on association certified the fully functional elements of stay safe is the establishment module paramagametrangmanigosho at public offices new health system and monitoring module the other modules are still being improved by the dilg and i hope that once all of the aspects of stay safe are improved and fully utilized we will be able to promote it and have it utilized by a majority of our countrymen next slide on the part of the stay safe philippines utilization by the department of interior and local government thank you thank you as well yusuk malaya for discussing the features and goals of the seistep application i'm sure some of the questions of our viewers were already answered by usex presentation now at this point in our program let us welcome mayor vico soto to provide highlights on how the passing lgu handled vaccine deployment aid distribution passive pass contact tracing application which has also been mentioned by yusek malaya while harmonizing transparency to the public and data privacy rights of individuals maker vico you have the floor first of all thank you for inviting me here thank you to the national privacy commission uh to commissioner raymond liboro um who had a very informative presentation uh earlier and as well as uh youssec jonathan malaya we we've been uh working very closely with the dlg and yusek malaya and they've been really uh instrumental to our success as well they've been very helpful and now as he mentioned our passing pass has actually been integrated with the stay safe and so we're looking forward uh to the smooth implementation of that as well so um i'm here to discuss our digital contact uh tracing uh solution uh pasigbas some of you might be from pasig and if you are then you probably have passive pass if you're like me you have it in your lock screen and your phone uh other people like to print it out and then have it in their uh ids and everything else um but uh i'm not going to discuss the technical details so much uh my presentation here is uh how do we control numerous sliders um so i i'd like to discuss more of the challenges and the situation that led to the implementation or the development of passing pass um you know obviously when it comes to contact racing number one we know how important contact racing is for for an effective covid response or anti-covet response we know how important contact tracing is in order to have all of your other healthcare interventions in place that's you know that's one of the first things that we need to get in place but initially as we are very familiar with initially all of the contact racing being done in our city and you know probably the entire country was uh primarily manuel you go to a mall if you go to a grocery you have to wait in line outside you fill out the form you fill up a form and then you put the form inside the box now the problem so that number one [Music] you know it causes a longer line and there's a hygiene concern if you borrow each other's ball pens you put it inside the box you might touch the box but number two and probably more importantly where does this information actually go in all likelihood it will just stay inside that box uh will be stored in some room and then we will never hear from uh you know we'll never see those contact racing forms again so it's not a very efficient system and number three in with regard to privacy we noticed that or we quickly saw there were many reports that there were actually a number of privacy breaches uh some of the forms were sold to private marketing firms or wherever uh some of the data was stolen people started reporting that you know marketers were texting them scammers were texting them uh and the only place they gave their number was uh in that after you know they filled up a contact racing form in a grocery or in a mall or in some other establishment where contact raising was done manually so we we started researching we started studying different contact racing solutions and we we saw that we heard that valenzuela was developing a contact racing app uh now it's called valtteri's at the time it was still being developed and so we looked at what they were doing and we talked to the developer as well we valenzuela the lgu also helped us with this uh and and so we started developing our contact racing app and really the advantage of this number one it's a you know often when we talk about digital solutions when we talk about technology there's always a fear with regard to privacy that there might be a breach in privacy that data might be stolen there might be a hacking but in reality uh given that the security features of the app is good given that we are uh fully compliant with the provisions of the data privacy app it's actually more secure than having it done manually where the forms can physically be stolen and second if those forms are stolen if there's a breach in privacy with the manual forms more likely than not you will never even hear about it or if you hear about it there's no way to catch the perpetrators there's no way to find out where the information has gone who has um who who breached the system who stole the information who stole the forms uh and so it's very difficult in management [Music] but with a digital solution we're able to safeguard against these things you know we're able to have the proper grade of encryption we're able to comply with the data privacy act we're able to limit who has access to the data uh we make sure that we only look at the data and when it's absolutely necessary for contact racing and so in october 2020 we launched the pasik pass as a module of the passing health monitor i think that's a very important point to make here that the passing pass isn't just for contact racing it's actually part of a larger uh healthcare iit system that we have called the passing health monitor and we're able to use this not just with contact racing but in service delivery um until vaccination deployment until monitoring of who has been vaccination but not just for health care actually we're also able to use spasik pass for until december 2020 we used it uh for a faster distribution of pamas it enabled us to go down and one one good thing is that the koa actually accepted uh the use of passing pass for delivery receipts so that was very good and it really helped us a lot in january we integrated pasig pass to our vaccination plan and we're using it right now so if you've been vaccinated in pasig you know that in order to be vaccinated you need the passive pass you use passive pass all uh all of the steps in the vaccination process and uh the the good thing also is that it will be uh the the the records the vaccination records are actually integrated into your qr code into your passing pass which means you know it that opens up a lot of possibilities for the future for instance uh let's say an establishment would require let's say the iatf requires that for a certain activity you need to be vaccinated you don't need to download any other software you don't need to develop any other app or program just using passive pass alone once you uh scan your passive pass qr code the establishment could see if you're actually vaccinated or not uh so this is just a possibility that it hasn't been used yet but it's already integrated it's already in the program that we have it's already in passive pass and the potential is already there more recently just this month we have been working with neda i think secretary ricard will be a speaker also later on today and i just want to thank secretary carl for reaching out to us and for initiating with the asian institute of management and the avoidance foundation has also been helping us to pilot test a automated contact racing uh via sms notification you know this is uh really good because um you know it it allows us to do contact tracing faster and more efficiently but even beyond that it allows us to um do so many things with the data it allows us to explore data analytics it allows us to expl you know present the data in different ways such as heat maps extracting potential super spreaders uh so on and and so forth this has actually been mentioned by the iatf in uh resolution one one six i think it should be one one six not sixteen uh i8f resolution uh one one six uh if you read the resolution um our uh this this pilot project with ned is actually mentioned there if we could go to the next slide please okay so right now we have uh two million six hundred and twelve thousand citizens who are registered with passive pass and have their qr codes this includes non-passing residents obviously the official population of pasig is only around eight to nine hundred thousand but we know a real population including uh including renters and sharers and people who are might be considered as migrants who work in passing temporarily uh transients and everyone we we're probably well above one million people in pasig but obviously not everyone who shops in pasig is from pasik not everyone who works from pasig lives in passing so we have around 2.61 million unique registrations in our system for the merchants or the establishment the business establishments and other establishments we have almost 4 thousand unique logins so these are the active merchants or active users for the establishment side we don't actually require every single establishment to use passive pass because for example [Music] uh of establishments for example if it's a financial institution it's a medical institution it's a mall it's a restaurant if it's a and etc you do need passive pass and if you don't have passing pass we will suspend you and your business permit for at least one week or until you're able to fully comply with passing pass one important thing to point out uh here with our passive pass is that it's we wanted to make sure that it is not just good in terms of contact racing or it's not just technically good or good in terms of the technology but we wanted to make sure that the technology was accessible and is accessible to all citizens it should be accessible to people with smartphones but it should be also equally accessible to people without smartphones and so we don't require that you have your smartphone when you go around you just need the qr code and this can be printed on a piece of band paper it can be you know examinated into an id you can be as creative as you want as long as you have that qr code also i forgot to mention when it comes to vaccination when we print your vaccination card and the qr code is there and it's actually the same qr code as your passing pass it is your passing pass qr code so you could actually use your vaccination card already when you go to different establishments and again to make sure that it's not counterfeited to make sure that it's legitimate that it was actually issued by the city and it's incorporated into the system as well and it can be seen through the passing pass scanner okay so next slide please okay so um just to wrap up uh the key insights that we've had or the key takeaways that we've had from uh the pasig dash and our implementation since last year that number one we need our contact racing and not just contact racing but all our systems all our technologies uh if we really want them to be used at a wider scale they have to be inclusive safe secure compliant to the data privacy app and again we limit who gets access to data uh we're very uh you know close to paranoid in terms of protecting the data making making sure that it's safe and secure so that we don't have any uh data breaches and again we comply with all privacy requirements recognizing that privacy is a fundamental right it's in real time that means we're able to work faster and more efficiently contact racing has been very difficult for lg use we don't have the best ratio you know if you talk about one is to 37 as being the ideal ratio definitely we are not able to reach that but if not for passing pass we would have even a more difficult time you know again the passing pass and and we're working on an algorithm right now to speed things up a little bit and to make contact racing more efficient the pilot test that i mentioned earlier we were actually able to look at 1000 potential close contacts that were automatically generated using the algorithm develop developed by neda and asian institute of management's data analytics team so those are just some uh my insights and takeaways from our implementation of passing pass uh thank you again for inviting me uh let's all continue to work together to fight covid19 but of course we have to make sure that everything we do and the technologies that we introduce and implement across the city should be compliant with the data privacy afghan should be safe and secure for everyone to use as well good morning again to everyone thank you mayor mayor in this panel because we have a lot of questions from the floor unfortunately we do not have enough time left so i will just have one question addressed to all our panelists we are talking about digital transformation government ic ict solutions in the previous year as well as a whole of nation approach so how do we ensure that these solutions stay safe telemedicine and the the passing pass will reach the vulnerable groups as well as technologically challenged groups you can answer first you sec malaya or mayor vico um just like uh i mentioned we want to make sure that the technologies that we introduce uh you know to help combat kovi 19 and really any technology that we're using for service delivery and any government service we want to make sure that it is accessible to everyone so we made sure that for instance for passing pass that you don't actually need a smartphone uh to use this internet access and you don't have a smartphone you can go to the barangay they'll help you print your qr code and you just need to keep a printed piece of paper and that's good okay so that's okay as well but the bottom line is you don't need to have any money you don't need any specific gadget or anything again a piece of paper will suffice all right thank you mayor you said malaya or doctyag what's your answer to that question okay thank you um it's really a challenge no really a challenge to government when we utilize technology um when we have vulnerable sectors so we do not have access to that technology no to be honest about it but as mentioned by mayor vico uh we try to make adjustments so uh that's right even in venezuela what people do is they just print out the print out the qr code and the system being utilized must adjust to that as well so the systems like the local contact racing apps international contact racing apps must have a scanning feature kasich union technology can uh be a problem because for example in the ayuda distribution on paper mass magandana technology because mobile is no electronic distribution it sounds so good no unfortunately in real life for example okay that's the that's the fastest way for them to receive ayuda if you utilize gcash unfortunately vulnerable sectors depressed areas okay so they they filled up the sub form and they put in a number there so on expectation when in fact i don't know indeed you will have to make adjustments again and go through the traditional route [Music] okay that's the that's the that's the fastest way and that's the most efficient way now within the given time no i'm not in the use of technology is good for the middle class it's good for the upper middle and the maya man for example my data privacy officers and all of us in government motherless orders so it's very efficient it's very effective but once you start a dealing with the vulnerable sectors then the limitations of technology uh start to limit what you can do and you will have uh to make adjustments silver lining we are now rolling out the national id system in fact during the height of the pandemic last year we first identified 32 provinces ecq and gcq so we're very worried about massage rings so uh we were able to launch it in 32 provinces and here in metro manila so i there's we're doing it in manila city in venezuela i'm sure we're also running it out in passing perro supposedly registration and national id okay there are there's not much open space in metro manila for us to hold simultaneously ayuda distribution vaccination and now national id registration kasich is biometrics but just the same catapults in opinion hopefully very soon uh and then pagmeron uh national id that national id comes with financial exclusive inclusivity majority of our countrymen have that already we can utilize the financial inclusivity feature of the national id system for ayuda distribution [Music] [Music] [Music] foreign [Music] um and it is good that yusek malaya also mentioned the national id system because that is our next panel after this one so you may stay and um and watch the presentations as well for the filthies so we still have a number of questions from the floor but that is all the time that we have we will collate the questions and try to respond them to them accordingly to our panelists mayor vicod the national privacy commission thanks you and you're very very grateful to have with you um in this panel and sorry we don't have enough time so we welcome any future collaborations with you towards our road to recovery thank you hi mayor i hope to visit pasig and use the passing pass thank you [Music] thank you sir thank you thank you in our program we will proceed with our next panel [Music] joining us here today are under secretary dennis villone of the department of information and communications technology and mr jonathan marxell senior program officer identification for the development initiative of the world bank and to moderate this session we welcome attorney maria josefina e mendoza oic chief of the legal division of the npc an alternate member of the psp cciac on legal affairs attorney jose thank you attorney jones for the introduction the npc has worked hand-in-hand with all the involved agencies for the successful realization the national identification or the philippine identification system the integration of privacy and security measures in both the law its irr and its issuances is taken into consideration in the implementation of the strategies in the formulation of policies in enactment of the filthies most importantly keeping in mind the registered person's right to privacy as you may know this is a foundational id that has been designed with data privacy in mind the npc considers the faces and all related matters as a key privacy theme for 2021 and hence we have this very timely panel discussion a month after the start of the online registration for the filthies without further ado may i call our first speaker the under secretary of the department of information and communications technology under secretary denis villarente to provide insights in the psn tokenizations and principles for seeding to relying parties music dennis you have the floor uh you're you're on youtube sorry for that okay um once again uh good morning to everyone and thank you for inviting the philippine statistics authority to give this update congratulations to the privacy commission for organizing this very timely event to raise awareness and privacy and of course the privacy commission is a key partner of the field sys our national id project being led by the philippine statistics authority so i was requested to provide an update on our national id we call it the philippine id system and i will talk about the role of the filthies in our national development and pandemic response in particular and how we have put in place the use of tokenization specifically to protect the digital identity of our citizens next slide please all right so um field sys is not just another valid id we already have a lot of them here in the philippines um it's a platform that will provide secure digital and interoperability uh interoperable facility to allow service providers both from government and the private sector to securely and instantly verify their clients identity with high assurance and to build um of course applications on top of this so that they can provide easier more efficient services to citizens it uses application programming interfaces and technology to do this so as a platform you can build a lot of things on top of this without with the following objectives one to increase access to as i mentioned services including digital services by providing the ability for service providers to identify their clients using a universally available id so the ids available and will be issued to all filipinos whether here in the philippines or abroad as well as resident foreigners second with this uh we will be able to reduce fraud by cleaning up databases of persons both in government agencies held by government agencies as well as private companies such as banks our telcos and so on to be able to reduce or eliminate duplicate entries as well as uh fictitious records and then third by using this id we promote ease of doing business reducing paperwork so it allows uh um delivery of fully digital services identity being of course one of the first [Music] parent steps before a service provider is able to determine uh who you are of course and then based on who you are then he can provide you specific services next slide um so the national id basically provides two types of services so just two types one is registration of um people and with that registration um we issue a unique and permanent uh credential and then the second one is using that credential um we authenticate the identity holder okay so just registration and then authentication services so let me go to registration as an update the national id or the psa specifically is targeting to register by end of this year 50 to 70 million filipinos and uh by june of next year um the aim is to register 100 million filipinos so including overseas filipinos already the registration process itself has been broken down into three steps step one is uh we collect only demographic data and during that collection we also issue an appointment for the next step um step one uh started last october 2020 using a house to house strategy so psa deployed enumerators which went house to house we started with 32 provinces last year and then earlier this year we covered all places in the philippines using the strategy of going house to house and collecting demographic details of household residents now to date we have collected uh under step one 35 million registrants and then we started with a second strategy for step one only uh i think april 30 this year and this is using an online facility for people to uh using the internet go to a website and register themselves and declare their demographic details and also through this site we we will allow them to book an appointment also similar to like how the fa does it for their passport application now the second step is on your appointed date um issue during step one you go to a registration center that will be in your municipality or city of residence and um bring your document identity document and in step 2 we collect your biometric details so we collect 10 fingerprints we collect [Music] your iris and then we also capture your face photo and uh we also validate using or based on the identity document that you present the details that you declared during step one the demographic details that you declared during step one so to date under step two we have completed the registration of 10 million filipinos so over the 35 million which completed step one we have already completed the capture of biometrics of 10 million of this 35 and then the final step or step 3 is uh where we generate the permanent unique um [Music] and the secure identifier the what we call the physicist number and uh we print the fill id card and then we deliver it to the residents of the ident of the registrant node so um we only started this recently and to date we have completed um the printing um [Music] of one hundred thousand uh field id cards and fill post has started the distribution of this uh to the um registrants um so so step three is being done in collaboration with our bank central so that's where the id card is uh being printed in bsp's security plant in quezon city and then we've partnered with phil post who is responsible for the delivery of the id card so ito this is all paid for using our tax money this is paid for through out of a budget by the national government and registrant for registering for the national id and getting their id card and psn next slide please all right uh as i mentioned for you pinaka credential that is issued is what we call the field sys number um it's a permanent 12 digit number um and it's permanently associated with that you know identity holder and because of this it's a very sensitive information you can compare it to a fingerprint for example now if it's exposed you can change your fingerprint in the same manner yes and once it's issued to you it's permanently associated to you um so it must be kept private and it is not intended to be collected or used for transactions um when you receive your card it's actually the psn is actually printed at the back but it's uh not very prominent so it's microprinted at the back of the fill id card so that holders uh may retrieve it when needed at the same time id card comes with a letter and the letter contains the psn um printed on that letter as well now um we've adapted the use of tokens uh to be able to protect this fieldsys number uh so there are various types [Music] in general we have two types what we call the front-end token and a back-end token so saffront and tokenpo um this would be the fieldsies card number so the card itself when you receive it at the front face melron pudding 16 digit very prominently printed the number that is the field syscard number and it is meant to facilitate authentication so you use this during authentication okay and um it's similar to atm card or young bank account number for your credit card number and then um identity holders can also go later on to a site using a mobile app also to be able to generate what we call an alias psn which is meant again for authentication it can be a limited time use or very specific use for authentication for specific transactions and then there's a second type a backend token and this is meant to be given to service providers or what we call relying parties and that is uh what they can record in their registry samantha to be able to associate people that they have records of to be able to associate this identity holders in their own registries with the filthiest record next ladies so um that's as i mentioned the fields has just two types of services registration and then authentication and i'll focus now on the authentication services so according to the law um uh phyllis's identification system act ra 11055 all government and private sector service providers should adopt filthies for identifying and verifying their clients and um we just use of the psn or the field id uh uh together with uh authentication they should deliver or provide services so second id or a third id and so forth so just with use of the psn or the fill id services should be provided to our citizens now we need to work with relying parties to be able for them to do this and we plan that this will happen gradually over the next 12 up to 24 months so what are the different types of authentication services one is a very basic yes no no verification so the identity holder provides his pcn files this card number together with maybe a fingerprint or any any biometric iris or a face photo um or a one-time password that he receives on his registered mobile number or uh let's say some demographic detail like date of birth and so on okay and this is submitted to felsis by the relying party and what filthy does is just checks based on the identifier that's provided and um the the additional details it's provided whether it matches with what um we know about the person and we reply back with a simple yes that's him or no that is not uh him right um for um other relying parties um with um you can also use uh just uh the id for offline verification by simply checking the validity of the qr code at the back of the card so the qr code itself has is signed by psa and anybody can validate using a scanner that the qr code that's on the card um is properly signed by psa and um then you can look at the details that's on the qr code whether it corresponds with other details on the card the second type of authentication is what we call electronic know your customer here you authenticate first and then based on successful authentication and um if the specific reliant party is uh so authorized he can uh get some specific data attributes from filses so this may be used for example for a citizen who wants to open a bank account he goes to a bank the bank is upon agreement with fields is authorized to do ekyc with filses then he can receive upon successful authentication of the client uh some uh data demographic attributes of the client coming from field seas so this may be used to pre-fill bank forms for example or to comply with some regulatory requirements and then of course here we follow data minimization and proportionality principles we look at the specific use cases for the delaying parties and faces will only share the bare minimum demographic details that are required for transactions or services provided by the distribution parties and then there's a third authentication service this is seeding so the number um that comes from filthy's um to go to the registry of relying parties so that they can identify um using the credential from filthy's uh the members or um the individuals that are on their databases next slide please uh this is just some more details on the verification mechanism i already mentioned this that you can do an online verification using the pcn for example uh plus some other factor like a face photo or a fingerprint or a successful validation of a one-time password sent by sms to the mobile number of the identity holder or some demographic detail like date of birth of the identity holder and we match that against what we know or what we have what the identity holder has declared and is available in the field sys registry and then offline using the qr code and the successful verification of that qr code then the reliant party can can be assured that you know of the identity of the client and can provide services based on that identity next slide please um for this here we have we have identified pilot priority use cases that we intend to work on together with partners so number one is the psa civil registry system for the issuance of birth death and marriage certificates or documents we intend to use faces to verify the identity of people who request for these certificates before they are issued a second one was mentioned by yusek malaya earlier that we're now working with dswd on how they can use field sys to be able to facilitate um probation of subsidies to indigents or other people who are qualified for the dswd social amelioration program so we intend to work with the swd to clean up their databases uh or to clean up the list of their beneficiaries identify uh maybe duplicates or ghost entries in the in those lists and then also to unify uh the beneficiary databases so that uh government will know like uh specific individuals how they benefit from various programs of government and then a third emerging use case we hope to work with the doh on the vaccine management for the general population other use cases being explored so enabling gsis registration and member services sss registration and member services field health with the implementation of the universal healthcare dfa for online passport application perhaps even or maybe um in fact uh first the passport training one and so on next slide please um just maybe one slide to talk about tokenization and how um we use it to secure identity so um we've looked at the experience of other countries who have implemented national id and based on those experiences um the filthy's policy and coordination council has adopted the use of tokenization to protect the permanent identifier that is issued by failsies so the psn we need to protect that so with tokenization we can do that and also to prevent um [Music] other um like challenges with implementing um a national id like how do we prevent unauthorized profiling of citizens for example so i already mentioned that we have two types front end and back end and basically with tokens we've heard about large scale exposures for instance of identifiers not necessarily coming from the national identity authority but rather from organizations which collect this identifier so for example the health insurer i think recently in indonesia they have they had that that reported breach of personal data coming reportedly from their national health insurer with with use of a token we we do not need to put the permanent identifier in this external registries so it is the token that goes into this registries and if there is such an exposure um a simple remedy would be to replace all of the these tokens without necessarily reissuing identity cards or ident uh issuing the permanent identifier to people to our citizens [Music] next like this i think this is the final slide so um with the current state of field seas um as i said we just uh opened up online registration for step one um it's available on register.fieldsys.gov.ph and um i uh what i can also add is uh in all of the three steps step one step two and step three um the registrant actually gets a unique number and a qr code in step one we call it an appointment reference number and it's associated with that registrant in step two we call we issue a tracking reference number and again that's associated with the registrant and in step three with the issuance of the fill id card uh the the qr code is printed at the back of the card and that is associated with the registrant so from the very start step one there is actually a qr code and the unique identifier already issued to registrants so we intend to scale up our step two and step three operations to be able to meet our target of registering 50 to 70 million of our citizens by end of this year um you know working around the challenges of lockdowns because of the still ongoing pandemic we intend to set up in all municipalities and cities step two registration centers so that we'll have local presence for continuous registration and then as i mentioned by towards the end of this year we intend to pilot evaluate and improve faces enabled authentication services and use cases to test performance [Music] and then we continue to engage both public and private sector organizations uh so that they can begin to plan for adoption of plcs uh for their own you know improve um service delivery all right so thank you very much i hope um this update um you find it useful and um i hope we can have you know some questions later on thank you thank you dennis for your explanation on the benefits of tokenization and updates on the registration in the fields we will see you again later for our open forum for our next speaker mr jonathan marskell is a senior program officer in singapore with the world bank's group's identification for development initiative he has been involved with the physicist since the first twg was formed in the end of 2017. to discuss the idea for the study and commentary on how the filthiest progresses and other comparable national ideas let's welcome mr jonathan marskell very good um can you hear me do you very good i'm going to share my screen um but first let me say uh good morning still to everybody and a big thank you to the national privacy commission for the invitation to speak um and in particular um chairman laboro and the team that has been involved with the field sis for as long as uh i can remember uh and the tremendous the active and constructive role that the privacy commission is playing with the project so um yusek dennis just gave a very good overview of the field system and particularly about tokenization and use cases i'm going to contextualize that in terms of how does this compare with other projects of a similar nature so you may wonder why is the world bank talking about id um i am as mentioned earlier i'm part of the identification for development initiative or id for d for short and we really work on this agenda because as we've seen in many countries and i'll show some examples id systems particularly digital id systems can be a very powerful proponent of national development and inclusion and some of the challenges that were referenced in the previous session for example by yousek jonathan malaya um are very good examples of that id5 works across three pillars we have research which is available on our website um we support countries both through technical advice such as in the philippines but we also finance implementation in about 40 countries and we we do global convening and advocacy which i'm going to go through in a few moments now some of the examples that we've seen across the world are in the financial sector in the in the health sector and the social protection sector in india you may have heard of their aadhaar visual id which was introduced around 2009 to 2010 between 2011 and 2017 the combination of the aadhaar digital id system and its integration in cash transfer delivery and growing use of mobile devices increased financial inclusion bank account ownership from 35 percent to 80 this is literally hundreds of millions of people who got their first bank accounts um as a result with the largest gains experienced amongst women the poor and people living in remote areas thailand in the health sector is very much hailed as a leading light when it comes to universal health coverage when they introduced their famous scheme in the early 2000s they already had a national id system that had very close to universal coverage and so rather than going out and registering everyone they simply used that system to uh identify who was already in the existing health insurance programs and then provided a public program with high subsidies for those who who weren't part of any existing scheme and this allowed the government to plan properly about the resource requirements and how to really deliver it at the local level finally uh in social protection in pakistan in 2010 the famous floods the government was able to use their national id system to validate who were the genuine beneficiaries to prevent duplicates etc and this saved quite a large sum at least 250 million dollars now i mentioned digital id systems so digital id systems are much more than a physical card right it's a lot of the features that you said dennis has just mentioned and how we see this at the world bank and how we the government also is seeing this is that digital id is part of a stack now those who are technically minded will know that a stack is when different systems are layers that work together as layers right so once you have the foundations of connectivity um digital skills and electricity and you introduce a digital id that allows you to authenticate and uniquely identify individuals whether face-to-face or as we've seen in the times of covert the need to do this online without a face-to-face interaction that allows you to implement what's called trusted data sharing now um the in india they have developed something called the india stack and this data empowerment and protection architecture that allows a citizen to um execute their consent over sharing of data from various sources in fight in the financial sector thailand uses the the national digital id um as a proxy or the bank accounts or mobile money accounts to direct payments and this has really shot up um the the level of digital payments in uh in thailand from seven from five percent a few years ago to 35 percent this year so far now um the example here of estonia is a very famous one and i recognize that it's not entirely relevant to a country like philippines but it shows what is really possible once you have these these elements in place more than 99 of government transactions can be done completely online and without any paper whatsoever and i know for filipinos that you know something like this will be very powerful that you don't have to go to your lgu and this government department to get this license etc and this is very much what the field system is about so whilst i've spoken about these benefits there are the risks and of course those risks come in the form of privacy breaches for technology lock-in and in the form of exclusion not just exclusion from registering in the id system but um using the id system so how can this how can this be navigated well the world bank and 29 other organizations have developed 10 principles on id for sustainable development i invite you to scan the qr code to go to the website um and and look at the latest version these were first developed in 2017 and the version 2 was published at the beginning of this year so the 10 principles cut across three pillars the first is inclusion the second is design and the third is governance i'm not going to read these through because i'm now going to measure the fill cis at least what we've seen of the field system far in terms of intentions and implementation up until now against these principles but first i just wanted to contextualize this against where um our study that was referenced earlier in 2018 we do these diagnostics in in most of the countries where we work on id and in the case of the philippines the philippines is actually one of around 20 countries that doesn't have a foundational id system and as a result of this we we found that that the existing landscape of ids as you say dennis mentioned there's no shortage of ids in the philippines it's exclusionary it's fragmented and it's with risks including for privacy so whilst um whilst there are a lot of id systems that have uh on aggregate a relatively high coverage um these are the the most valuable ones the ones that you can use alone by themselves those are actually out of um reach for many filipinos a driving license you need to pass a driving exam a humid you need to be an sss or gsis member a passport you need to pay fees for so so really there is no universally available id likewise there's no digital authentication mechanisms what does this mean that there is an ability to not just have to depend on the physical document i myself have visited recto and i've seen the plethora of ids that you can get of various degrees of quality but because it is there's so many forged documents and and insecure documents that's why filipinos when they have to transact with government or the private sector they have to provide two three four five documents um in order to verify their identity and a digital mechanism like what you said dennis explained earlier is going to completely break this and make services much easier much cheaper and much more accessible for filipinos and that comes with the next bullet about lots of manual and paper-based processes now in terms of financial inclusion which we've mentioned earlier in 2017 um the findex survey and we'll get the new numbers later this year for 2021 but only around a third of philippine adults filipino animals have a bank account this is really low when you compare to indonesia which is at about 50 um and all lower middle income economies which are closer to 60 so the philippines is very far behind now there's a variety of reasons why filipinos may not have a bank account but what's very important is 45 of those who do not have a bank account said that it was the lack of that they lack the necessary documentation this is a huge number in fact it's the third highest globally behind madagascar and zimbabwe so this is a very clear barrier for financial access and then what we found also on the right hand side is that one one fifth of of the poorest forty percent of filipinos have been denied a government service because they lack a necessary id likewise government financial support sixteen percent of the of the poorest forty percent um have been denied financial support from government in both cases government service and government financial support these figures for the poorest 40 percent are double the the the richer 60 percent so this means that the lack of a universal idea is really a fundamental structural cons cause of inequality and disparities so coming back to measuring the field sis against the pillar of inclusion um i'm very happy to say that the field is designed by law and by technical design to be very inclusive and i've noticed some questions in the chat for example can some kind of foreigner who lived in the philippines for 10 years register for the philosophies yes they can in fact any any person who's been residing in the philippines for six months for the last one year can actually uh register for the field sis so this is a very important thing likewise there is going to be a lot of effort made to register overseas filipinos there are very flexible documentary requirements it's very interesting following some of the social media commentary about the philosophy people are saying uh you know they're going to require us to get a birth certificate in order to get a national id you know this awful circle this vicious cycle that to get a valid id you need a valid id actually the pilses is breaking that there's a very long list of accepted ids and if someone does not have an id there is this concept of introducers this includes tribal chiefs barangay captains who can vouch for the identity of an individual right so finally these people can get a valid id in terms of design um there are a lot of very good things about this music dentist talked about tokenization i think in many respects what the philippines is doing in this regard is world leading and can become a reference for many other countries in fact some other countries where i work they're very interested to learn about how this goes in the case of the philippines but also importantly the the field system is adopting open standards which will reduce the risks of vendor and technology lock-in it's adopting open source software pioneering this in in fact and open apis to allow the agencies to not have to purchase a specific software or specific equipment in order to use the field system it can be integrated into what these agencies already have or what a plan what they're planning to have there are some issues so for example the the collection of blood type and marital status is perhaps unnecessary but that is in the law so perhaps one day that can be amended there is a need also in terms of the sustainability of the phylsis to have a continuous local presence because there will always be people who will be need to be registered and who will need to update data one of the key lessons we've seen from other countries is the need for a continuous and accessible local presence for the very services after registration and likewise the the financial sustainability of the field system everything that we that has been presented is actually happening free and at the cost of the government um the government's budget whether this is sustainable or not that is still to be determined but there may be a need to somehow find other ways to finance some of the ongoing operations in terms of governance there is a very strong field this law and the data privacy law as well has been a very common aspect of all of the um the the implementation moving forward um in fact these are you know the core legal frameworks for it um there have been privacy impact assessments conducted of various aspects of the philosophy so far and as i mentioned at the start i want to really highlight the great collaboration amongst psa amongst the dict amongst the npc neda dswd doh etc it's really been a great whole of government effort and and i i can say sometimes this can be difficult to do but the philippines has done well in this regard and i also want to acknowledge that um before the launch of the online registration a few weeks ago that there was some white hat um reports that the government responded very quickly to and this is exactly how um you know cyber threats can be reduced when the community whether it's civil society or technology professionals etc support the government by identifying threats or gaps or flaws and work with the government to address them so in conclusion um the philosophies really can be a game changer for the philippines um particularly for its digital transformation i think filipinos can be proud that the philippines stacks the philosophy stacks up well against uh the principles and various other normative frameworks but this is on paper so there's a long way to go in terms of implementation and so in terms of what this means with regards to registering everyone how this is going to be done in the remote rural areas etc is we'll have to see how that goes so this idea of leaving no one behind and frankly getting the government agencies and businesses to adopt the pilces is not going to be easy because there's always going to be inertia for change but i want to acknowledge dswd through the beneficiary first project is expressing leadership gsis sss dbm and doh recently as well so dpos data protection officers can really play a role here to support their organizations to adopt the philosophies um to in a privacy preserving way but of course it's it's crucial that um that the government and all users of the pulses build their capacity further around cyber security and data protection and stay vigilant against the emerging threats thank you so much sorry you're mute thank you thank you mr marskell for sharing your insights especially on how countries like the philippines maximize the impact of digital system may invite our speakers for open forum to answer some questions from our stakeholders this one question is a question to use dennis one of the main issues we see today is the difficulty in verifying the identities of beneficiaries for social amelioration programs how can the physicists address this issue and how can the physicist help to address to accelerate the financial um giving for the social administration yeah thank you for the question so um as i mentioned uh um the the field uh is for all filipinos uh both here as well as abroad as well as for resident foreigners no and it's accessible um filipinos can um we've done step one uh by doing house two house uh starting with house two house casa um we started with um in locations that uh did not have a high incidence of kobe and this would be the more isolated remote locations uh also that um have difficulty connecting to the internet and then more recently um we opened online registration so in terms of accessibility for step one you have both modes and uh um soon we hope to work with our lgu so that even those that do not have or have difficulty getting access to the internet because they don't have a device or a computer um they can go hopefully to their lgu so that their registration on step one can be facilitated so so the identifier will be issued to all filipinos and with that they they get an identity and dswd can validate or authenticate them and that means it will be easier for dswd to provide them the [Music] the subsidy um also with that uh identity um people can apply for a bank account and um the bank account can be linked or the identity can be linked with their bank account so hopefully with that the swd will no longer need to do this very tedious process of face-to-face payouts they can directly deposit you on benefit financial or cash benefit to to the bank account of the identity voter thank you thank you denis to mr marskell um with your expertise on digital identity what are the key global practices in initiating digital identification systems that the philippines that the physicists are able to manifest and how will it how will it open opportunities in the country so um i hope i addressed a lot of that question um in in my presentation but uh really the the those three pillars i mentioned inclusion design and governance they give you a good framework so universal access um having a design of the field system as a platform and and not as a database right so traditional national id systems um have been designed not for not as a platform for service delivery but as a database to know who lives where and what their name is right which is really you know for the government to have this information whereas the field is different right so the field is the way it's designed is is it allows the citizens to to exercise their control it allows the service providers to link connecting with it and and really improve their business processes and systems and then the governance i think it's it's very crucial to have independent um oversight mechanisms such as the npc to give public the public confidence um in in you know that it's being used for what is intended um and there's no function creep etc oh we still have some questions and comments here but that is all the time we have we will try to compile all the questions we will try to answer them to use dennis villarente and mr marskell thank you for taking time to join us this morning and we express our appreciation to both of you for sharing your insights and expertise on this topic the npc remains committed to provide assistance to the physicist thank you thank you and um yeah have a good day to all participants thank you marvin salman to our expert panelists we thank you again for sharing your thoughts and insights on the filthies we really do have timely topics for today's session and we hope that you will stay tuned grab a bite and enjoy your lunch while you listen to our next panel which is also on a very interesting topic on the disruption of face-to-face learning and teaching amid the pandemic and issues encountered regarding the processing of children's data joining us here today is yusek tonicito umali data protection officer and undersecretary for legislative affairs of the department of education mr ramil anton villafranca child protection officer of the safer kids ph program of unicef philippines and mr danny cheng data protection officer and information technology department chair college of computer studies of the dalasal university we welcome the chief of our public information and assistance division miss roran chin introduction okay according to a study children start their online presence even before they turn two years old and due to their vulnerability they they can become easy targets of online threats sadly parents are the common violators of their kids privacy by sharing their photos and personal data publicly in social media and this behavior is putting their children at risk for identity theft discrimination and various privacy violations so last year the national privacy commission launched the habatang digital program with a goal to promote safe online environment for the children and youth the campaign aims to spread awareness not only to our children and youth but also parents guardians and teachers by providing information about safer use of internet and technology and with the kovit 19 pandemic that led to the sudden shift to online teaching and learning we have been a witness to the challenges faced by the learners and teachers as well as the parents and guardians in using technology for continuous education and now our parent list will provide us with a more in-depth discussion on the disruption of face-to-face teaching and learning as well as issues encountered on the processing of children's data without further ado may we call on our first panelist you sectonisito umali to provide this input to provide this insight as a data protection officer and also a regulator you say komali you may have the floor [Music] yes sir if i may request if we could present our power point please can we do that please so i'll provide some legal basis first with respect to the context on how we are uh operationalizing the data privacy act uh in the department of education we could always start with the constitutional provision under section 11 article 2 in the state it provides their values the dignity of every human person and guarantees full respect for human rights and in relation to that is uh section 17 and 24. section 17 talks about the state being mandated to give priority to education to foster patriotism nationalism accelerate social progress promote total human liberation and development and also recognizing the vital role when we say that we have the right to privacy we are also recognizing at the same time the vital role of communication and information in nation building article bill of rights section 2 the right of the people to be secure in their persons houses papers and effects against unreasonable searches and seizures and that's why in section 3 immediately after section 2 it is provided under the bill of rights that the privacy of communication and correspondence shall be invaluable uh and that they accept upon a lawful order of the court or when public safety or order requires it [Music] [Music] is privacy of communication and correspondence the right of the people again to balance it with our right to privacy we have section 7 to information on matters of public uh information rules and regulations should always apply article 14 section 1 of the constitution that the state should protect and promote the right of every citizen to quality education at all levels and data privacy and that the state should take appropriate steps to make such quality education accessible to all kailangan universal declaration of human rights rights to privacy 1948 declaration article 12 no one shall be subjected to arbitrary inter interference with his privacy family home or correspondence nor to attacks upon his honor and reputation everyone has the right to the protection of law against such interference for attacks and we go by the basic principles of transparency legitimate purpose and proportionality we are also very much aware of the law the provision under the data privacy act about the right to be to privacy of our children not only of our children all our teaching and non-teaching personnel on their personal and sensitive personal information on the criteria for the lawful processing of personal and what instances when sensitive personal and privileged information may be processed applying the data privacy act to our uh adapted our organization we have bp 232 although this is uh substantially amended by republic act 9155 governance of bc education act of 2001 bp 232 not entirely repealed still under section 9 we recognize that the law that the that we recognize is that the the schools have the obligation to maintain and preserve the confidentiality even before the enactment of the data privacy act of school records of students therefore students have a reasonable expectation of privacy with regard to their school records data privacy act is definitely integrated in all of our laws rules and regulations when we talk about uh information being collected information being processed and be in use central office regional office division district and even schools and we have our way of also disseminating national privacy commission circulars and issuances relevant to education next slide please [Music] an enrollment campaign we strictly observe the rights of our children to privacy as protected under the data privacy act under the law uh education information on top of the regular information conducting personal information under existing laws rules and regulations issuances of our national privacy commission this are considered sensitive personal information early registration enrollment because we are not only collating basic information about our children we are also asking them information about their personal circumstances learning modality and the the uh the basic education information system learner information system systems records school records uh are all contained uh in this beis lis system of the department of education and undoubtedly the data privacy act applies uh to adapt with respect to the management of all this information system where we exert conscious effort that we are compliant with the rules regulation on data privacy is when we do assessment and standardized examination when we start also assessing analyzing the results because again the the the performance of our children in the uh elna early language literacy and numeracy assessment to assess young competencies iii national achievement test elementary and junior high school national career assessment exam grade 11 senior high school i to assess the performance of our children philippine informal reading inventory to to for example uh check on the uh capability of our children with respect to uh measuring the competency to lead an ability to comprehend what they're eating mindset on protecting the information of our children again consistent with our data privacy laws rules and regulations on young nutrition and health status status of our children in relation for example for the to the school-based the some school or alumni associations they approach our office they would like to look at the information of some children particular track in the senior high school they would like to choose who may be qualified in their uh scholarship programs we respect the right of our children to privacy uh again we always apply national privacy cognition issuances circulars on the matter on data sharing on uh on outsourcing agreement with respect to if there's some private organization which would like to get some of our information of the information that they may be requesting so when i talk like this again i just would like to emphasize at the risk of being repetitive in all these instances that is very much aware of its obligation as a controller as a processor as somebody or as an organization of this information application for example very recently for subsidies and allowances in relation to the bayanihan law to provision helping our children requests for example of information in connection with our school feeding pantawin familia data sharing agreement with dswd department of national defense uh sharing of information conduct and processing of self-assessment exam tools is the way we are now uh implementing our distance learning education we are very sensitive to reports of cyber bullying our children should be managed to which uh a website that they will access online scammers [Music] we also recognize the importance of allowing the school to require our children for example to turn on their video because it's just like the same in face-to-face learning or and based on studies the next best thing to face to face learning is online real time are seeing we have some form of interaction type of online delivery but we recognize uh the the request of some parents violate your right to privacy solution you could put a background sally so what we're trying to say is we are studying very carefully requests like this and we are all considering issues like this uh as we implement our online base learning no no i think i have already consumed my time during the uh i know we will tell you actions taken by the department of education recommendations and the way we are moving forward in relation to data privacy law and our distance learning modalities as we implement our basic education learning continuity plan but at this point again i would like to thank the organizers of this event particularly our national privacy commission chair liboro marami pon salamat chairpu foreign for that presentation and also of course we are looking forward to be working with you again and rolling out poyo i think okay now we go on to our next panelist may i call on mr danny chang to provide his insight as the rate of protection officer of de la salle university dancer danny okay good afternoon everyone let me just share my slides okay so i can you see my slides yes okay so good afternoon everyone so i'll be presenting a short set of slides uh regarding uh how a dpo from an education sector would probably look at online learning and uh children's privacy okay so just a short background um we've been suspended from face to face for around 14 months already remember correctly it was march mid march when we had our suspension okay and face to face when we will resume face to face is still unclear there are different suggestions and different reactions from different sectors uh and there are also suggestions that um the online learning will actually continue even if you go back to face-to-face okay and also given that this is already a long period of um lockdowns and precautions the level of anxiety and stress is actually mounting given that also we do experience that some of our stakeholders are actually uh being affected severely by the pandemic so as of today uh i think there was a reference earlier by uh you segment the bulletin of the national privacy commission on online learning so there has been a bulletin issued and there's also an advisory issued by the dp council of the education sector and they also contain details on how we can handle things like using a learning management system having webcams in your sessions uh posting social media how about online proctoring so there are already a lot of um guidances issued from these two documents which you can actually look for and read about them okay so like everything else uh trying to comply and protect the privacy of all our stakeholders given this time of pandemic and given our current situation online learning is always a balancing act okay so the dpo has the difficult job of trying to balance um the needs of the stakeholders and also the need to comply and protect the rights of our stakeholders okay so what are these things so uh on one end we need to consider the need to push forward obviously we cannot stop education for a lot of reasons and since we cannot have face to face uh the need to push forward basically um made everybody go online and we cannot say no to this we cannot use privacy to say no to this so we have to look at it and work with it and put it as part of our balancing requirements and within the education sector what's unique about the education sector compared to other industries is the the concept of things like academic freedom the academic culture and the academic background okay so the way we we work in the school is very different from how we work let's say from a bank or let's say a bpo uh where in the the rules are and regulations are fairly strict in the other industries and there's a lot of misconception on the potential harm that can be done with data so some of our stakeholders are not clear or are not aware on what can actually go wrong with the piece of data that is being shared or disclosed publicly or maybe within their peers so um some might think that it's not going to be harmful but effectively you can actually do a lot of harm okay so we had a lot of examples of this already uh which uh we also discussed with our stakeholders and um given our current situation um we went into online learning not as a planned activity but as a way to address the pandemic uh difficulties that we're encountering although we are already more than a year into this um it's really difficult to actually put in place um or institutionalize uh formal mechanisms given the fact that i would assume a lot of people are still doing firefighting without with regards to this situation and of course we all know that there are constraints in terms of resources that we can have that we can use um there's a lot of um strain in the terms of let's say financial resources right now because of the pandemic and it's kind of difficult um to to request for a lot of spending um to actually implement certain things that will help us better protect uh the data and the rights of our stakeholders okay so we have to balance this now with of course that the the compliance requirements on our data privacy act and the data protection requirements as well so this is where um the dpo is uh basically going to step in the middle and try to balance all of these things and normally it's actually not a straightforward job it's actually quite difficult on a day-to-day basis so again what makes schools different student data and teacher data are attracted to hackers for different reasons okay um we had sessions earlier on let's say uh the national id okay um the imagine if it's the national id or the identifier of um a student let's say a minor who is compromised um compared to let's say an adult what makes it different okay the the reason they're different is the younger people the younger stakeholders their data are normally clean uh there's no record of any um problem like fraud or crime or credit issues or violations of certain things there's no um record of that normally because they're still young okay which means when a hacker or someone gets hold of these data and they try to do identity fraud or phishing for example normally it's easier for them to pass through all the checks because the data is clean harm is also not limited to fraud of course uh this was mentioned earlier we have cyber bullying we have trolling we have harassment okay and this is not just for students yeah of course teachers and even some of the other stakeholders as well okay as mentioned student data mean and more favorable to identity fraud schools tend to use or experiment on unvetted and untested technologies to support their name okay basically we we want to find the best way to deliver our uh lecture our program our degree uh and we try to look for uh better ways to do things and we try to test things out okay and we want to do this as soon as possible because we want to give the best kind of education to our stakeholders the flip side of this is um vetting and testing and checking uh either normally cannot keep up or is seen as a roadblock um to them finding the best uh solution for delivering their content or their uh academic program uh investment in cyber security information security are usually not on top of mind they are at the same level as investments in teaching and research uh requirements okay so as opposed to for example financial institutions the the investments in security would probably be higher and or probably even at the same level as other um operations in the business and within a university or even a typical school there's a mix of academic and administrative environment so administrative environment would work more like your typical office environment but the mix of the administrative and the academic environment makes it a little bit complicated because data is being shared between the two entities okay so that's why it's a little bit different and challenging compared to a typical um office environment okay so what has changed when we went online as mentioned earlier there's a need to see each other and in some cases recording obsessions becomes the norm everybody starts recording now we do acknowledge that there's a need to see who we are talking to but we have to also understand that if you put this in context of a physical face-to-face education imagine if suddenly all your 45 students suddenly took up their phone and started recording you okay so how would that feel in the real world now so we have to balance it and we find ways to communicate and share online and it becomes paramount so we use a lot of these tools now so these are subtotals that we use so whatsapp viber messenger and what used to be only available in school is now available everywhere or basically at home so for example if you have administrative personnel who are working from home the documents that they process would actually normally be not available outside before but now we have to give them access because they're working from home okay so let's try to go through each of this and see um how we can actually work with them so we're not saying that you cannot use a webcam if you look at camera what we need is actually to have a policy in place okay on how the camera should and should not be used okay but a policy is not prevented it's compensatory okay you can for example go after someone or penalize someone if they posted the video okay but um it's not prevented you cannot stop someone from taking a video or a recording and posting it somewhere so you have to be mindful of your actions as if you are in public okay when your camera is on okay consider the proportionality principle as well so although we may want to all turn on the webcam we can also determine when we may really need to turn on the webcam it may not need to be on all the time depending on the requirements and the interaction okay in terms of communication medium okay uh wanting to adapt and communicate is good so we try to find ways to make it possible and more convenient for us to communicate for example with our students and that is good however same with the camera a policy should be defined for example do we mix personal and official uh contact information for example do i use my personal phone number to talk to my students for example okay that can have issues on both ends okay so it may not always happen but it can happen okay so the policy defining for example a clear divide between personal and official use might be uh important okay be careful what you message uh it might be reposted somewhere okay uh take note that although there are certain regulations that will uh basically penalize such actions uh but again these are compensatory not prevented so sensitive personal information should be sent on an individual basis never as a group so if you have a group chat for example don't send sensitive personal information um over the group it should always be beginning on an individual basis okay so again if someone's captures or reposts the data again you cannot really stop them from doing it that's why you have to make sure that you are mindful of what you actually put or say in those particular applications okay now in terms of um working from home were you able to define a work from home policy okay this is important because we have to be able to make sure that uh everybody is guided in terms of what they can and cannot do the challenge here now is um since this is an abrupt situation um not everybody is actually issued for example a company uh laptop for use okay so implementing policies uh should be mindful also of other rights of the data subject that may actually go beyond privacy okay uh so that we we have to define our work from home policy accordingly okay when you provide access to internal documents is it secure how did you secure the access from their homes going to your internal uh repository of information it could be a server it could be some other system okay how do you manage devices without infringing on their rights again as i mentioned um this there's the data privacy right and there's there are also possibly other rights uh that we need to consider okay so can we actually monitor their devices for example so those things that are uh those things should be properly defined in your policy okay so how do you protect the data from being installed or misused um do you include for example in your workflow policy the need to encrypt the data and you encrypt your hard drive for example or encrypt the flash drive if it's on paper how do you make sure that it's not lost for example when you're moving it from point a to point b okay so again administrative versus academic the rules can be different again academic personnel uh are will have a different background and different uh circumstance and environment and you can actually define different policies for your administrative office site versus the academic side okay so going back to the balancing act okay we always have to look at it from the perspective of risk again we cannot um say no to everyone we should not say no to everyone so we treat it in terms of risk okay but we have to make sure we look at the frugality of our measures okay again the resources are currently fairly constrained in terms of what we have to work with and obviously the a lot of schools are probably in the stage of trying to survive the pandemic so we have to make sure that when we provide recommendations um it's considering their situation and what they can actually provide so for example one way to treat arrays is to avoid the risk for example we tend to use a lot of online tools that are free and may not have been vetted uh so the question now is can we use them should we use them and if we use them are there guidances that we can give out that may not really cost a lot or cost much but can actually help us protect our privacy and our rights okay also can we just create different accounts for work for example use gmail can we just different have different gmail accounts for work and for personal and we not mix them that again will not probably cost a lot okay uh can we put a password to reduce the risk and we put the password on things like spreadsheets that we share so that um we try not to uh provide opportunities that they can be disclosed unnecessarily or processed and necessarily so again these are already existing features in um the tools that we have so again it will not cost us a lot to implement such solutions or controls and in terms of transfer although this one will cost uh us in terms of implementing it but maybe we can consider the concept of insurance uh just in case something bad really happens and um of course the last way to manage the risk is to or to treat the races to accept if there's nothing else we can do but we have to make sure that at the very least before you accept you understand what it is you're accepting we don't just accept because we want to quickly move forward we have to make sure that we understand what it is we are accepting so that we can balance it out and all of these are actually easier said than done as the education sector is not really um adept not or built with risk-based approaches as compared to other industries but this is something that we can look into and consider so that we don't um push for uh solutions or practices or controls that may not be practical also for the schools to implement okay so given that um your solution your policies your controls cannot be a one-size-fits-all okay so you have to make sure that we consider what is the minimum even all the constraints all the way to the other spectrum wherein we consider what is ideal given compliance and ethics requirements so again i'm i'm a firm believer that we have to be we have to provide calibrated um controls and measures because um we cannot expect the same level of capability from all schools for whatever reasons uh so we have we in order for us to make sure that they can actually comply we have to define what is needed at their level that they can actually strive for and achieve okay so that ends my presentation thank you very much again thank you thank you sir danny chang for that presentation so we understand that this um this pandemic has gave us a very big challenge when it comes to online learning so the the thing that the schools has to do is that to have a very good policy especially when using online platforms and video conferencing applications again maraming salamat poster danny chang now we will welcome our last speaker for this session let's uh have mr ramil anton villafranca of the safer kids ph program unicep philippines to provide a discussion from a child's rights perspective sir ramir hi hello magandang can you hear me hello hello yes we can hear you nepal hi waitland let me just quickly fix my camera protection officer from unicef philippines so i think me being the last to present today is actually a good um thing to do because um the the first two presentations um set the context of the disruptions in face-to-face learning and um because of the the the that because of the implication being that the disruptions led students to utilize to utilize virtual platforms for for learning now we want to further protect um children online and specifically in the context of the pandemic so today my perspective is to to really provide uh measures and mechanisms on how we can further provide protection to our children in light of the um assumed increase in the use of children and learners of virtual platforms to continue their learning so just to further contextualize and combine data that we have right now according to the us-based national center for missing and exploited children which transmits its data to the philippines through the department of justice office of cyber crime we have received a 209 percent increase in the cyber type reports for the philippines although not to just to contextualize konapu ebisubin and data nato it's not necessarily um cases of abuse per se it's not necessarily cases of child sexual abuse materials but it refers to the number of times that reports were received regarding a possible case of abuse a possible child sexual abuse material circulating online and the increase in the in the percentage that was received by the philippines um pertains to the increase of the incidence or the of or the prevalence of these materials possibly circulating online so just the same what we want to underscore here is that we have an increase in the number of cyber tip reports received and this may mean or this could be an implication of the increased use of the internet um due to the povid19 pandemic so unicef we have two researchers although we have to contextualize again that these two researches were done before the pandemic anyhow um uh provide us information on the risks and vulnerabilities of children online so ito boy national study on online sexual abuse and exploitation of children and the philippine kids online survey so on data and that we have before the pandemi um ninety percent first is that ninety percent of filipino children can access the internet whenever they want so that is actually a very high um percentage nine out of ten children can access the internet whenever they want and um in the in that percentage 59 percent connected the internet without supervision so [Music] they just access the internet on their own and what is the tool or the gadget that is currently being utilized by children interpol smartphones 71 percent and um second to that i am desktop computers and we also want to underscore that because of the enactment of the of the free internet and public spaces act we are and this we have anticipated before the pandemic that the use of the internet will be more accessible for children because of the readily accessible piece of net wi-fi around the communities that was because of the free wi-fi we have also anticipated that students will be using the internet in schools in coffee shops and in most but we all know because of the pandemic although this will will still go on as planned [Music] number one way for children to access the internet because um children are not allowed to go out yet because of the lockdown measures um and then um regarding the data on how much time children spend um in the internet philippine kids online survey 116 minutes so as mentioned before the pandemic but as the depth deped has prescribed um students and learners to to subscribe to a primarily to a virtual modality of learning aside from the other blended learning approaches we are really anticipating that children would have an increased use of of the internet um during this period so just to also quickly bring you through the the behaviors of children online um they download stuff in the internet they know how to change their facebook privacy settings and this is good because they can they they would have some measures on how they can protect their data or their private information online some of the respondents also say that they use the internet to make videos and upload they also use the internet to blog and to share their experiences they also of course use the internet to navigate and search online so they use the internet to to study to research they also use the internet to do facebook and to also emphasize this one facebook is actually the number one according to our philippine kids online survey facebook is the most used social media site of children uh followed by other sites like youtube instagram and other social media websites and then um children have also admitted to some sort of online hacking although we were not able to probe this as much as we wanted to um this is still an interesting fact that children are engaging in some sort of hacking online and the last one is that um through the internet children also socialize make friends socialize with their with their peers especially now during the pandemic this is the one of the very few platforms wherein they can talk to their peers so so as mentioned earlier the perspective that we wanted to bring and to touch the surface for you is what is child online protection and given the data privacy issues given that the um learning has shifted mostly and primarily to online learning how will we be able to protect um children online and when we talk about child online protection it's not only response but it is the prevention and responding to online violence abuse and exploitation against children as part of upholding children's rights so um for the case of the philippines we have a lot of laws that are respond to to online violence but we want to also underscore that we need to protect and provide measures to prevent these cases of abuse violence happening online so i think you know prevention and response so as mentioned earlier because of the increased risk and increased use of children um of the internet there are risks and vulnerabilities that we have established even before the pandemic that um because there is uh uh there is an increased use of of internet um we are also anticipating that these um risks and vulnerabilities will also become more of a concern during this period so the number one concern i know online sexual abuse and exploitation of children and we define this as any act of exploitative nature carried out against any child that has at some stage of the abuse a connection to the online environment so um let me proceed by by discussing why does online sexual abuse and exploitation of children thrive in the philippines the reasons um here with our number one high incidence of poverty so um it's a very lucrative business for some traffickers and perpetrators because pedophiles would really pay a high amount of money just to conduct these cases of online sexual abuse and exploitation so it helps those um impoverished families who want to earn a living without careful consideration and the best interests of their children shift in parenting dynamics migration and internal so sometimes we see and we found that if children lack parental care halimbawa if their parents would be going abroad to to to tend to their living means and not to generalize but there are some instances that children would um be more at risk because of lack of parental guidance and concern that was cheap and easy access to mobile devices internet connectivity as mentioned candidates so wi-fi etc high proficiency of english um being the philippines as a very proficient population in speaking in english we are very um we are very um the the perpetrators who are from the foreign countries would want to talk and would easily connect with our children because they can easily understand the opposing pervading social norms my child my property for my child there is no physical contact physical manifestation of the abuse it's private family matters of course we know that that is not true and online abuse still has effects in the psychological and physical uh well-being of our children if not the psychosocial and the overall well-being of our children so the other reasons they're here with are the weak enforcement of existing laws for example the anti-child pornography app and um and other laws alibaba data privacy law that um sometimes there are were in there are reports of weak implementation of of these legislations double sim barriers and wiretapping and privacy laws because we are not allowed to use us we are not legally allowed to to record um children or any type of of uh wiretapping um legally so [Music] against the perpetrators and lack of facilities not all lgos have child protection centers or reporting systems and of course the the known fact uh about the lack of health and social service um stakeholders so just to quickly bring it through and bio technology of buddhism before the tech based child pornography record um access among children perpetrators poor children to become abused and trafficked online that was now it has become a cyber crime um by the easy use of the mobile devices because of the free wi-fi because of the very accessible e-payment channels simaji cash paymaya bitcoins and the darknet we consider assay greedy now as a cyber crime so the next one that uh the next threat that we see in cyber bullying um and according to the national baseline study on violence against children which was done by the council for the welfare of children with support from the national network to end violence against children and even unisa philippines we've seen bullying is happening happening online and we want to protect our children from all these cases of peer violence and cyber violence and um instances wherein children receive mean comments i mean messages and posts which affect their online are the other psychosocial well-being that was because of the um this pandemics we see that the increased use of the internet can also um lead for children to become more at risk of taking risk-taking online behavior the help of non-physical distance because of the physical distancing and the lack of face-to-face interaction we saw and our evidences which support the the finding the children are now becoming more risky in their behavior online so they talk with strangers they talk with people who do not who they do not know beforehand and they trust because they are fooled and they are groomed to trust um these people tap was potentially harmful content and this not this does not only applies to children but for everyone um sexual messages harmful content we see these um posts in the internet for example in facebook and in twitter so must accessible poem organic which could be potentially harmful for our children privacy at risk um for zoom for google meat all of these that are currently being used now for for the online learning of our children may pose privacy risks to its users so including learners so um we have to be very worried and careful about what information we share online and the personal details that we also because these personal details could become very accessible and they could become exploited as mentioned earlier by our previous um uh resource person and the last um vulnerability and stranger danger as mentioned we uh our children um are more at risk now of of engaging in risky behavior and one of that is to really engage in our talk with strangers whom they they do not know beforehand but because um some pretend that they are peers some pretend with the fake personalities behind the that they are talking to persons whom they can trust and this is the danger of talking with strangers online so before i end um just some tips that we recommend on how children can stay safe online during the pandemic first is to always check the privacy settings for example in facebook we have parental controls we can also lock our accounts we can encourage our children and our parents to tell their children to to to take advantage of this parental controls not just in facebook but in other um sites as well so youtube valentine youtube kids say instagram we also have parental controls even in tech talk so we are really recommending for children to take use of these privacy safeguards make sure that your location is unidentifiable so um if you would not use a virtual background make sure na young background no it would not say anything about your private information so we have to um safeguard um on that front that was covered the camera but not in news kanina it was underscored that we have to open our cameras to establish rapport but we also have to remember that um um [Music] because there are unverified reports of sabotage of zoom bombing and unverified reports that we have received lately let us block and filter out unwanted messages and block persons who make it uncomfortable because um and these are specific for children because if you think that um that the person you are talking with makes you feel uncomfortable then drop that person stop the conversation and end anything that um links you links you to that person because um that will also protect you for possible grooming for possible risks and vulnerabilities online tapos itapo is an important thing to identify an adult that you trust for personal concerns because we want to establish the children should be protected in the environment that they are in so while they can be incapacitated on different risks and vulnerabilities online we all we also have to engage our parents our guardians and the and the persons that are within the community and environment of children so that they would also know how to protect children in cases of possible risks and vulnerabilities online and the last one is to know where to seek help and assistance government hotlines for example the council for the welfare of children is supporting bantay bhatta 163 department social welfare and development merunding so we just have to know when to report and where to report so that um cases of abuse and violence online could become could be resolved and responded as we wanted to be and before i end i think i i just want to underscore that despite all these risks and vulnerabilities the internet is not a bad place it's not a a place that only poses risks and vulnerabilities but and we can learn we can know um information in the internet but the things that we have to do is to protect ourselves give our personal information to us ensure that data privacy is always practiced and implemented and always remember that [Music] we should always recognize the best interests of our children so you know and salamat and thank you to the national privacy commission for extending the invitation to unicef into the safer kids ph program so because we were able to present um child online protection for this afternoon for that and we need to understand that as an adult it is our responsibility to protect the rights of our children and of course the youth and now i understand that there are so many questions in our chat box and our team are already answering most of them and we are still trying to answer some of the remaining questions for but right now due to limited time we need to um we need to finish our session no to our distinguished speakers this morning yusek umali mr danny chang and of course mr ramil villafranca we thank you for your knowledge sharing and providing invaluable insights indeed we have learned so much in such a short period of time and we hope that we can have future collaboration with you especially programmer and digital maraming salamat to everyone attorney john thank you miss roran and at this point in our program we would like to remind you that we will be starting the breakout sessions immediately for easier reference you may kindly check the featured message on the chat box for the breakout links we have four simultaneous sessions happening these this afternoon on the following very interesting topics use of ai for work from home monitoring a balancing act icu facial recognition technology for online transactions trams 2 in a nutshell and lastly regulatory sandboxing shaping better policies and technologies for consumers we thank our participants and our speakers for this morning's plenary and we will see you shortly you

Info

Channel: National Privacy Commission

Views: 14,301

Rating: 4.7669902 out of 5

Keywords:

Id: FIBoeIFJkZI

Channel Id: undefined

Length: 202min 9sec (12129 seconds)

Published: Wed May 26 2021