In an announcement made on 4 March 2022, the Philippine National Privacy Commission officially extended the validity of all existing Certificates of Registration issued in 2021 from 8 March 2022 to 8 March 2023. For Certificates of Registration issued in 2020 or earlier, which are expiring this 8 March 2022, the NPC is directing all affected personal information controllers and personal information processors to renew their registration with the Commission.

The Philippine National Privacy Commission (NPC) highlighted in its official Facebook page the main distinctions between the current registration process and the upcoming eRehistro system, specifically with regard to (1) the registration form, (2) the registration of data processing systems (DPS), (3) the certificate of registration, and (4) addressing deficiencies and concerns.

The Philippine National Privacy Commission (NPC) released on its official Facebook page two announcements regarding the soon-to-be launched eRehistro system. The NPC announced: (1) the system’s process and requirements for account creation, data processing systems (DPS) inventory; and (2) the amendment of registration information for covered personal information controllers (PIC) and personal information processors (PIP).

On 20 March 2021, the Philippine National Privacy Commission (NPC) answered a new batch of frequently asked questions regarding eRehistro, specifically with regard to the commission’s validation process, user credentials and the certificate of registration.

For previous responses from the NPC on this topic, check out our earlier client alert here.

On 6 March 2021, the Philippine National Privacy Commission (NPC) posted on its official Facebook page its answers to some frequently asked questions involving eRehistro — NPC’s newly announced online registration and renewal platform for both Phase 1: Data Protection Officer (DPO) and Phase 2: Data Processing System (DPS) registrations. Learn more about the eRehistro system from our earlier client alert here.

On 1 March 2021, the Philippine National Privacy Commission (NPC) announced its new online registration and renewal platform called “eRehistro,” which can be used by Personal Information Controllers (PICs) and Personal Information Processors (PIPs) to register, amend or renew their Data Protection Officer (DPO) and Data Processing Systems (DPS) registrations.1

In addition, the NPC extended the validity of existing DPO registrations, from 7 March 2021 to 30 June 2021, in order to give way to the launch of the eRehistro platform. According to the NPC, this extension is also meant to give PICs and PIPs ample time to prepare for the creation of their eRehistro accounts as it will now include both Phase 1: DPO and Phase 2: DPS of the registration process.

On 1 March 2021, the Philippine National Privacy Commission (NPC) announced its new online registration and renewal platform called “eRehistro,” which can be used by Personal Information Controllers (PICs) and Personal Information Processors (PIPs) to register, amend or renew their Data Protection Officer (DPO) and Data Processing Systems (DPS) registrations.1

In addition, the NPC extended the validity of existing DPO registrations, from 7 March 2021 to 30 June 2021, in order to give way to the launch of the eRehistro platform. According to the NPC, this extension is also meant to give PICs and PIPs ample time to prepare for the creation of their eRehistro accounts as it will now include both Phase 1: DPO and Phase 2: DPS of the registration process.

The Philippine National Privacy Commission (NPC) recently issued NPC Circular No. 2020-03 on Data Sharing Agreements (Circular). The Circular applies to the disclosure of personal data from a personal information controller (PIC) to another PIC. It likewise applies to personal data that is consolidated by several PICs and shared or made available to each other and/or to one or more PICs. It excludes outsourcing or subcontracting arrangements between a PIC and a personal information processor (PIP).

The Philippine National Privacy Commission (NPC) recently issued NPC Circular No. 2020-02 on the Rules on the Issuance of Cease and Desist Orders (Circular). The Circular applies to all applications for a Cease-and- Desist Order (CDO) on the processing of personal data and other matters cognizable by the NPC.

To ensure the lawful processing of personal data in the use of closed-circuit television (CCTV)1 systems, the Philippine National Privacy Commission (NPC) released on 16 November 2020, Advisory No. 2020-04 on the “Guidelines on the Use of Closed-Circuit Television (CCTV) Systems” (Advisory). The Advisory guides personal information controllers (PICs) and personal information processors (PIPs) in the processing of personal data via CCTV systems used in public or semi-public places, as well as in responding to requests by the data subject or by third parties for disclosure of CCTV footage. The Advisory applies to CCTV systems with either video and audio capabilities or those which only record videos. Lawful surveillance conducted by law enforcement agencies and other government agencies, however, are not covered by the Advisory.