In two recent meetings, the national government task force decided to require the use of the StaySafe app and system devised by private firm Multisys Technologies Corp.
Yet questions remain on whether or not the company has actually fulfilled the government's requirements. On June 10, in its 45th resolution, the task force required Multisys to enter into a Memorandum of Agreement with the Department of Health (DOH) “regarding the donation and the use of StaySafe.PH application which shall include the source code, all data, data ownership, and intellectual property."
Multisys was given 30 days from then to comply or else the task force would withdraw its endorsement. Given the date of resolution, the MOA-signing and data turnover should have been done on July 10 at the latest.
But government officials and private parties supporting StaySafe have given only vague or contradictory responses when asked by Rappler about the status of the data turnover.
Information communications technology experts had flagged StaySafe for weaknesses in its data privacy measures and lack of clarity on how the data of users would be used.
One of the concerns was who would have control and access to the data, given that a private firm, Multisys, is involved. This is what led the government to order a transfer of users' data in the first place.
When asked about the status of the users' data turnover, Presidential Spokesperson Harry Roque said on December 1: "Let’s look for that signed MOA. What I know is, the last time we launched it, it could not have been launched without an agreement with the DOH that they will have ownership of all the data to be gathered by StaySafe."
Later on during his press briefing, he read out what he said was an agreement on the data transfer. But he appeared to have been reading merely from the task force Resolution No. 45, which only stipulated that a MOA was to be signed. It was not the MOA itself.
"This is IATF Resolution 45 – for the benefit of Pia – IATF Resolution No. 45, dated June 10, 2020, Memorandum of Agreement between MultiSys Technology Corporation and the Department of Health is forged regarding the donation and use of StaySafe.ph which shall include the source code, all data, data ownership and intellectual property of MultiSys to DOH," Roque read out.
But last September 3, after the launch of StaySafe, Roque said all data and intellectual property were already "assigned" to the DOH.
Multisys CEO David Almirol Jr also seemed to think that Resolution No. 45 was enough to signify the transfer of users' data.
"I think that's IATF Resolution No. 85," he told Rappler when he was asked to confirm if Multisys and the DOH had signed the MOA.
But he said StaySafe is being "co-managed" by the private sector and government "so that there is balance in protecting the data of citizens."
Health Undersecretary and spokesperson Maria Rosario Vergeire did not respond to Rappler's queries.
The National Privacy Commission (NPC) could not confirm details about the MOA.
"We are not a party to the MOA. May we recommend asking the DOH for the details," said Roren Chin, the NPC's Public Information and Assistance Division chief.
She, however, said that NPC commissioner Raymund Liboro helped in "ensuring that privacy is considered in the implementation of StaySafe."
Despite the lack of transparency, the government has gone ahead and made StaySafe mandatory for entry in government offices and even private establishments.
In IATF Resolution No. 85, dated November 26, the task force made the use of StaySafe required for anyone who wishes to enter national and local government offices.
A week later, it made StaySafe mandatory for even private companies, hotels, and business establishments, as well as public transportation.
Under IATF Resolution No. 87, these establishments are now required to implement the "Safety Seal Certification Program" which entails "the adoption of the StaySafe application and generation of its QR Code to be displayed in all entrances."
Even this Safety Seal program is hazy. The resolution does not explain its use nor what establishments must do to comply with it. The departments of trade, health, tourism, transportation, and interior and local government were ordered to craft guidelines on it.
Chief of StaySafe's critics is former ICT underecretary Eliseo Rio Jr. He accused National Security Adviser Hermogenes Esperon Jr of being the "sponsor" of StaySafe, given his ties with Multisys CEO Almirol.
Esperon neither confirmed nor denied the claim from a tech insider that Multisys has developed technology either for the National Intelligence Coordinating Agency (NICA) or National Security Council (NSC). Esperon is director general of the NSC Secretariat.
The National Bureau of Investigation (NBI), an agency involved in surveillance, has also said it would use StaySafe for contact-tracing.
Meanwhile, the national coronavirus task force has included the military and police in a team that will deploy and monitor IT apps and systems used for the pandemic response.
To quell worries about the use of users' data for non-pandemic-related surveillance, Roque said the team will "not be involved in any data collection activities."
But these latest policies on expanding the use of StaySafe come at a time when President Rodrigo Duterte and the rest of government are engaged in fierce red-tagging.
Observers and activists worry that red-tagging could only be fueled by surveillance, especially with the effectivity of the new Anti-Terrorism Law which allows surveillance of suspected terrorists, defined as persons who "create a serious risk to public safety."
Just last Monday, November 30, Duterte launched a tirade accusing progressive groups in the House of Representatives of being members of the Communisty Party of the Philippines.
The persistent red-tagging of journalists, lawmakers, human rights activists, and government critics led to a Senate hearing probing the actions of officials like Esperon, Defense Secretary Delfin Lorenzana, and Interior Secretary Eduardo Año.
Pia Ranada covers the Office of the President and Bangsamoro regional issues for Rappler. While helping out with desk duties, she also watches the environment sector and the local government of Quezon City. For tips or story suggestions, you can reach her at firstname.lastname@example.org.