Supreme Court E-Library
Information At Your Fingertips


  View printer friendly version

(NAR) VOL. 29 NO. 2/ APRIL - JUNE 18

[ MEMORANDUM CIRCULAR NO. 2018-36, May 22, 2018 ]

DESIGNATION OF DATA PROTECTION OFFICERS PURSUANT TO REPUBLIC ACT NO. 10173, TITLED, DATA PRIVACY ACT OF 2012



Adopted: 19 March 2018
Date Filed: 22 May 2018

1.0 Background

1.1 The National Privacy Commission (NPC) is a government agency mandated to administer and implement the Data Privacy Act of 2012 (R.A. No. 10173), to monitor and ensure compliance of entities that process personal data with the standards set for data protection in government and the private sector.

1.2 The NPC has previously issued NPC Advisory No. 2017-01 dated March 14, 2017 relative on the designation of Data Protection Officers (DPO).

2.0 Purpose
2.1 The purpose of this Circular is to ensure compliance with the provisions of the Data Privacy Act of 2012 including its Implementing Rules and Regulations (IRR) and Section 4 of NPC Circular 2016-01, which provides that a government agency engaged in the processing of personal data shall, through its head of agency, designate a DPO.
3.0 Legal Compliance
3.1 Pursuant to Section 7 of Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA), the National Privacy Commission (NPC) is charged with the administration and implementation of the provision of the law, which includes ensuring compliance with the provisions of the DPA and with international standards for data protection, and carrying out efforts to formulate and implement plans and policies that strengthen the protection of personal information in the country, in coordination with other government agencies and the private sector.

3.2 Under Section 26(a) of the IRR of the same law, any natural or juridical person or other body involved in the processing of personal data shall designate an individual or individuals who shall function as data protection officer (DPO), compliance officer, or shall otherwise be accountable for ensuring compliance with applicable laws and regulations for the protection of data privacy and security.
4.0 Scope/Coverage

All Provincial Governors, City and Municipal Mayors, Punong Barangays, DILG Regional Directors, ARMM Regional Governor, and all others concerned.

5.0 Policy Content and Guidelines
5.1 Local Chief Executives are hereby reminded to ensure compliance to the provisions of laws and issuances relative to privacy and data protection:
5.1.1 Each LGU shall designate a DPO. A component city, municipality, or barangay is allowed to designate a Compliance Officer for Privacy (COP),  which  shall  be  under  the  supervision  of  the  DPO  of  the province of such component city, municipality or barangay.

5.1.2 Local Chief Executives are advised to download a copy of NPC Advisory 17-01 through their website, privacy.gov.ph, for guidance on the designation of a DPO as well as the qualifications necessary to be an effective DPO/COP for the LGU.
5.2 All DILG Regional Directors and the ARMM Regional Governor are hereby directed to:
5.2.1 Download more information about the DPA and NPC as well as the form for the Data Protection Officer through their website, www.privacy.gov.ph; and

5.2.2 Cause the immediate and widest dissemination of this Memorandum Circular to all local government units within their respective regional jurisdictions.
6.0 Sanctions
6.1 Non-compliance to this Memorandum Circular may be a ground for the erring official/s of the local government unit to disciplinary actions:
6.1.1 By the President, in case of elective official of a province, a highly urbanized or an independent component city;
6.1.2 By  the  governor,  if  the  respondent  is  an  elective  official  of  a component city or municipality; or
6.1.3 By the mayor, if the respondent is an elective official of the barangay.
7.0 References
7.1 Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA)
7.2 IRR of RA No. 10173
7.3 NPC Advisory No. 2017-01 dated March 14, 2017
8.0 Repealing Clause

hereby modified, revoked, or repealed accordingly.

9.0 Effectivity

This Memorandum Circular shall take effect immediately.

10.0   Approving Authority

(SGD) USEC. EDUARDO M. AÑO
Officer-in-Charge

11.0   Feedback

For related queries, kindly contact Atty. Vida Zora Bocar of the National Privacy Commission at Tel Nos. (02) 517-7810 or (02) 920-0101 loc. 7041 or at email address at vida.bocar@privacy.gov.ph
© Supreme Court E-Library 2019
This website was designed and developed, and is maintained, by the E-Library Technical Staff in collaboration with the Management Information Systems Office.