Ex-DFA contractor 'took off' with passport data, says Locsin
MANILA, Philippines – (UPDATED) Foreign Secretary Teodoro "Teddyboy" Locsin Jr said that a former contractor for Philippine passports "took off" with personal data after the end of its contract with the Department of Foreign Affairs (DFA).
Locsin bared this in a tweet on Tuesday, January 8, in reaction to a Twitter thread about passport renewal where some foreign embassies require a birth certificate instead of just accepting the expired passport.
He retweeted a Twitter user from that thread and commented that the old passport "is 1,000% ID better than [the] birth certificate."
"But we are rebuilding our files from scratch because previous outsourced passport maker took all the data when contract terminated," said Locsin.
Everybody agrees with me that old passport is 1000% ID better than birth certificate: the holder applied for it and not someone else for a baby. But we are rebuilding our files from scratch because previous outsourced passport maker took all the data when contract terminated. https://t.co/cPjC3w7kAt— Teddy Locsin Jr. (@teddyboylocsin) January 8, 2019
He further explained that the previous contractor "got pissed when [the contract was] terminated" and "it made off with [the] data. We did nothing about it or couldn't because we were in the wrong."
Locsin has yet to mention the name of the contractor.
"It won't happen again. Passports pose national security issues and cannot be kept back by private entities. Data belongs to the state," he added.
Netizens expressed concern about this incident, but Locsin said that it is "not a question of data privacy."
"The data is useless to the old contractor. It is a question of official stupidity or more likely cupidity," said Locsin in a tweet on Saturday, January 12.
Assistant Secretary Elmer Cato reminded the public that applicants renewing brown or green or maroon machine-readable passports "are required to submit birth certificates because we need to capture and store the document in our database as we no longer have the physical copy of the document submitted when they first applied."
Meanwhile, for e-passport holders, "you don’t need to bring your birth certificate," added Cato.
The e-Passport is the one on the right. You don’t need to bring your birth certificate if you have that passport. If not, please make sure you bring your birth certificate with you. pic.twitter.com/8UMJOfX5zL— Elmer G Cato (@elmer_cato) January 12, 2019
Cato also said the DFA plans to "continue to find ways to make it simpler, easier and faster for passport applicants in the future to include renewals via mobile phones, among others."
Hontiveros: DFA should explain
Opposition Senator Risa Hontiveros said DFA should give a full explanation to the public on how the incident happened and the extent of the data loss.
“The Department of Foreign Affairs (DFA) owes the entire country an explanation,” she said in a statement.
“The recent admission that a privately contracted firm took the entire physical database of all of the country's passport holders indicates a serious national security risk, and is evidence of the Duterte government’s gross incompetence in protecting the people's private data,” Hontiveros added.
She said ultimately, “the people responsible for such a gross display of incompetence should be held fully responsible.”
“Exactly what data were lost? When, how, and under whose watch did this happen? Where did the breakdown occur? Who exactly is the responsible firm? And why aren't they being sued for running away with such vital information?” Hontiveros asked.
She said the public needs reassurance that the data would be “retrieved completely and with the highest sense of urgency and priority.”
“They say, ‘go out and see the world.’ But how can our people do that if our government can't even provide efficient passport application and renewal services to the public? Worse, it can't be trusted to protect the citizens' sensitive data,” the senator said. – Rappler.com