The National Privacy Commission recently issued Circular No. 2023-03, which provides guidelines to all personal information controllers that issue identification cards to data subjects.

In brief

The National Privacy Commission (NPC) recently issued NPC Circular No. 2023-03 (“Circular“), which sets out guidelines on the issuance of identification (ID) cards to data subjects.

The Circular took effect on 30 November 2023.

In more detail

The Circular applies to all personal information controllers (PICs) that issue ID cards to data subjects, excluding government-issued ID cards. For this purpose, ID cards shall refer to any physical or digital ID card that identifies a data subject, including, without limit, company IDs, school IDs, insurance cards, membership cards, and rewards or loyalty cards.

ID cards shall only indicate necessary personal data in relation to the primary purpose of identifying the data subject.

For ID cards with additional functionalities, PICs shall ensure that all other personal data included are reasonable and necessary for the specified and declared purposes of the specific ID card. In all cases, PICs shall bear the burden of demonstrating that the inclusion of a particular category of personal data is proportionate to the legitimate purpose.

PICs shall implement reasonable and appropriate safeguards to protect personal data on ID cards, and ensure that such security features are at par with technological advances, best practices, and industry standards. PICs shall also educate data subjects on appropriate physical security measures for issued ID cards.

Affected PICs shall be given 120 calendar days from the effectivity of the Circular, or until 29 March 2024, to comply with the foregoing requirements. Noncompliance with the Circular may result in the imposition of criminal, civil and administrative liability.

Recommended action

Clients are advised to take note of the requirements in issuing ID cards. Existing ID cards must be revised to comply with the Circular ahead of the deadline on 29 March 2024.

Please feel free to reach out to Quisumbing Torres’ Intellectual Property, Data and Technology Practice Group for assistance in these data privacy compliance matters.

* * * * *

Please contact QTInfoDesk@quisumbingtorres.com for inquiries.

VISIT QUISUMBING TORRES SITE

Author Bienvenido A. Marquez III

Bienvenido Marquez III is a partner in Quisumbing Torres' Intellectual Property, Data and Technology Practice Group. He also co-heads the Consumer Goods & Retail Industry Group and is a member of the Technology, Media & Telecommunications Group. He participates in initiatives of Baker & McKenzie International of which Quisumbing Torres is a member firm. He is a member of Baker McKenzie's Asia Pacific Intellectual Property Business Unit for Brand Enforcement. He is immediate Past President of the Philippine Chapter of the Licensing Executives Society International (2019-2021), and is currently co-chair of the LESI Asia Pacific. He is also a member of the Anti-Counterfeiting Committee of the International Trademarks Association (INTA). He has been appointed as member of the INTA Asia Global Advisory Council (GAC) for 2022 to 2023, making him the only Philippine representative on the council.

Bien has vast experience in handling IP enforcement litigation, trademark and patent prosecution and maintenance, copyright, data privacy, information security, IT, telecommunications, e-commerce, electronic transactions, cyber security and cybercrime. He has been consistently ranked as a leading individual for Intellectual Property and TMT in Legal 500 Asia Pacific, Chambers Asia Pacific, asialaw Leading Lawyers, Managing IP Stars, Asia IP, and World Trademark Review. He was also recognized as a Volunteer Service Awardee by INTA in 2018.

Author Divina Pastora V. Ilas-Panganiban

Divina Ilas-Panganiban, CIPM is a partner and the head of Quisumbing Torres’ Intellectual Property, Data and Technology Practice Group and co-heads the Technology, Media & Telecommunications (TMT) Industry Group. She participates in initiatives of Baker & McKenzie International of which Quisumbing Torres is a member firm. She is a member of Baker & McKenzie International's Asia Pacific TMT, and the Asia Pacific Intellectual Property Steering Committees.
Divina is a Certified Information Privacy Manager by the International Association of Privacy Professionals (IAPP). She currently serves as the Vice-President and Director of the Philippine Chapter of the Licensing Executives Society International, the Regional Vice-chair of the LESI's Education Committee, the Co-chairperson of the Committee on Intellectual Property Rights of The American Chamber of Commerce of the Philippines, and the Chairperson of the IAPP KnowledgeNet Chapter for the Philippines.
Divina was recently appointed to be a member of the Advisory Council for Intellectual Property (ACIP) of the Intellectual Property Office of the Philippines (IPOPHL). The ACIP is an advisory board composed of a select group of people from different sector to which IP is of great value. She was recently recognized in the Hall of Fame for Best External Lecturers by the IP Academy of the IPOPHL.
Divina just finished her stint as the chair the Unreal Campaign of the International Trademarks Association (INTA) for East Asia and the Pacific and continues to organize anti-counterfeiting activities in schools and universities around the country, educating the youth about the importance of intellectual property protection.
Divina is a multi-awarded lawyer with a stellar track record in the IP, data and technology fields. She has garnered numerous awards and accolades, including the Woman Lawyer of the Year by the ALB Philippine Law Awards 2023. She has been cited as leading lawyer for intellectual Property and TMT by The Legal 500 Asia Pacific, Chambers Asia Pacific, Managing IP, World Trademark, Asialaw and IAM Patent 1000, among others. Known for her exceptional legal expertise and unwavering commitment to her clients, Divina has established herself as a leader in her profession.

Author Berenice Joanna G. Dela Cruz

Berenice Joanna G. Dela Cruz is an associate in Quisumbing Torres. She works with various practice groups in the firm, including Corporate & Commercia/M&A, Dispute Resolution, Intellectual Property, Data and Technology, and Employment. Prior to joining the firm, she was a legal intern in the Office of the Solicitor General where she assisted in research, preparation of pleadings, meetings with clients and court hearings. Berenice graduated cum laude from the University of the Philippines College of Law in 2022, and ranked 5th in her batch. She also received the Dean's Medal for Academic Excellence and commendations for her participation in several international moot court competitions. She was newly admitted to the Philippine bar in 2023.

Write A Comment Cancel Reply

You must be logged in to post a comment.

Philippines: Guidelines on identification cards issued by the National Privacy Commission

The National Privacy Commission recently issued Circular No. 2023-03, which provides guidelines to all personal information controllers that issue identification cards to data subjects.

In brief

In more detail

Recommended action

Related Posts

Vietnam: Draft decree on medical data management

Singapore: Guidelines on fair dealing – Board and senior management responsibilities for delivering fair dealing outcomes to customers

Vietnam: Balancing AI benefits and risks – Vietnam’s approach to responsible AI development through voluntary principles

Write A Comment Cancel Reply