• About Us
  • Advertise
  • Archives
  • Contact Us
  • Internet Speed Test
  • Smartphone Prices
Saturday, July 2, 2022
Tech Pilipinas
  • Home
  • Telecoms
  • Government
  • Fintech
  • Gadgets
  • Mobile
  • Social Media
  • E-commerce
  • Internet
  • Tutorials
  • Deals
  • More
    • Apps
    • Blogging
    • Business
    • Emerging Tech
    • Giveaways
    • News
    • Security
    • WordPress
No Result
View All Result
  • Home
  • Telecoms
  • Government
  • Fintech
  • Gadgets
  • Mobile
  • Social Media
  • E-commerce
  • Internet
  • Tutorials
  • Deals
  • More
    • Apps
    • Blogging
    • Business
    • Emerging Tech
    • Giveaways
    • News
    • Security
    • WordPress
No Result
View All Result
Tech Pilipinas
No Result
View All Result

DFA Contractor Runs Off With Passport Data – Should You Be Worried?

A former passport maker allegedly took off with passport applicants' data. Here's what you need to know about the incident.

Luis Reginaldo Medilo by Luis Reginaldo Medilo
January 15, 2019
in News, Security
0
Philippine passport
1
SHARES
Share on FacebookShare on Twitter

Many Filipinos were alarmed when they learned that a former contractor of the Department of Foreign Affairs (DFA) has “ran away” with the data of passport applicants. Foreign Affairs Secretary Teodoro Locsin, Jr. said that the passport maker was “pissed off” after its contract with the DFA was terminated.

“We are rebuilding our files from scratch because previous outsourced passport maker took all the data when contract (was) terminated,” Locsin said on Twitter.

“Because previous contractor got pissed when terminated it made off with data. We did nothing about it or couldn’t because we were in the wrong. It won’t happen again. Passports pose national security issues and cannot be kept back by private entities. Data belongs to the state,” Locsin added in another tweet.

Due to the private contractor’s actions, applicants who are renewing brown, green, or maroon machine-readable passports are now required to submit their PSA-issued birth certificates. Holders of e-passports issued after 2009 are not required to submit birth certificates during renewal.

DFA Assistant Secretary Albert Cato said that the department needs to capture and store the documents since it no longer has the physical copies. Before the introduction of the e-passport, the DFA required applicants to submit physical copies of birth certificates and marriage certificates.

Secretary Locsin, however, questioned the necessity of submitting birth certificates when renewing passports. “Isn’t the expired passport sufficient ID? How many times do you have to prove you are what the State declared you are in the expired passports?” Locsin asked.

In an interview with the ANC’s Hot Copy, former Foreign Affairs Secretary Perfecto Yasay, Jr. said that he doesn’t believe that the contractor stole passport data, and that Secretary Locsin may be misinformed about the supposed data breach.

Locsin later tweeted that there is “no leak so far” of the passport data that the contractor allegedly ran off with, but added that the data “is possibly hopelessly corrupted and at any rate inaccessible now or we are being lied to as usual.”

What Happened Before

The mess started in 2015 when the DFA hired APO Production Unit Incorporated to develop an e-passport system, on the condition that the company doesn’t get a private subcontractor. The company, however, hired a subcontractor, United Graphic Expression Corporation (UGEC), to produce the new passports.

Yasay said that the DFA hired APO despite the department’s existing contract with French company Francois-Charles Oberthur Fiduciare for the production of passports compliant with the International Civil Aviation Organization.

Locsin theorized that there is no data breach but that the French firm (Oberthur) deposited the passport data in a warehouse in Lipa “out of irritation” and refused to give the access codes, so the data could now be corrupted or inaccessible although it is already under APO.

Locsin vowed to identify the people behind the passport mess, claiming that the culprits are planning to launch a social media campaign against him.

The National Privacy Commission announced that it will conduct an investigation of the alleged passport data breach. “Any form of non-availability of personal data, infringement of the rights of data subjects, and harms from processing that include inconveniencing the public, must be adequately explained to the satisfaction of the law,” the NPC said. “We will summon the DFA and concerned agencies including the alleged contractor to determine the facts surrounding the case.”

The Commission on Human Rights, on the other hand, urged the government to identify and prosecute those accountable for the alleged data breach, saying that the passport mess “poses grave national security issues, especially since the said data contain sensitive, personal information of Filipino passport holders.”

Should Passport Holders Be Worried?

An IT expert warned that the reported passport data breach could lead to cases of identity theft. Jerry Liao said that the incident should be a cause for concern. He said that data could possibly be sold to the highest bidder or used for fraud and identity theft.

He said that the DFA committed a mistake when it provided access to the actual information of passport applicants to the private contractor. He explained that government agencies normally give dummy data to contractors.

Atty. Cecilia Soria, a data privacy lawyer, said that the impact of the incident depends on how much data that the contractor took.

“Think about it: They have your complete name, complete birth date, complete address, signature pa yata. Also passport number, assuming that passport has not expired yet,” Soria said, adding that the problem will worsen if the former contractor has the copies of birth certificates, since the documents contain sensitive information such as the names of the applicants’ parents.

So should passport holders and applicants have anything to be worried about?

Not according to Senate President Vicente Sotto III. Sotto said that while the incident is “annoying,” there’s nothing to be alarmed about. He expressed confidence that the DFA is on top of the situation, and also urged the contractor to return the data it allegedly ran off with.

Nevertheless, the supposed data breach is no laughing matter, and should be dealt with appropriately by the National Privacy Commission, the National Bureau of Investigation, the Commission on Human Rights, and other relevant authorities.

Even if the former passport maker has no intention to sell the data or use it for nefarious activities, there’s still a significant risk of a data leak. Numerous hackers and cybercriminals are waiting to pounce on any opportunity to steal data from unsecured and vulnerable sources. We can only hope that the former contractor and the DFA are taking the necessary steps to secure the data and prevent it from falling in the hands of people with bad intentions.

Based on the information provided by the DFA, it seems that most passport holders are not affected by the supposed data breach. The ones who are affected by the incident are holders of older Machine Readable Ready (MRRP) and Machine Readable Passports (MRP) issued before the introduction of electronic passports or e-passports in 2009.

DFA Assistant Secretary Elmer Cato explained that only e-passports are currently in circulation, and that the older MRRPs and MRPs have already expired by now. The only people who are still in possession of MRRPs and MRPs are those who have used their passports in the past but have never traveled since their passports expired.

Passport holders who have not traveled since 2014 (the year when passports issued in 2009 expired) are also affected by the incident, and are thus required to submit birth certificates when they renew their passports.

So if you already have an e-passport issued after 2009, then you have nothing to worry about.

Tags: birth certificateDFApassport
Don't Miss An Article!
Sign up for our free newsletter and get updated every time we publish a new article. We work very hard to bring you the latest in the Philippine and global tech scene.
We will not share your email address. We really hate spam!
Previous Post

Where to Buy Realme Phones: List of Realme Stores and Service Centers

Next Post

Huawei Nova 3i Price to Be Reduced Starting January 19

Luis Reginaldo Medilo

Luis Reginaldo Medilo

Luis is the founder and editor of Tech Pilipinas. A former DOST scholar, he is passionate about technology and how it can change the world for the better.

You May Also Like

News

SSS Announces Short-Term Member Loan Condonation Program

November 29, 2021
Fintech

How to Lock Your BDO Credit Card to Prevent Unauthorized Transactions

August 24, 2021
News

SSS Launches ExpreSSS e-Learning Portal for Members and Employers

May 14, 2021
Security

Beware of Scammers Illegally Using My Name

May 5, 2021

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Articles

What is the A3 Paper Size in Microsoft Word?

July 1, 2022

How to Contact Globe Hotline and Customer Service

June 30, 2022

How to Fill Out BIR Form 1905 to Change or Update Your Taxpayer Information

June 22, 2022

How to Setup and Connect the TP-Link Wi-Fi Range Extender and Repeater

June 17, 2022

BIR RDO Codes: Complete List of BIR Revenue District Offices

June 9, 2022

Recommended

Facebook upvote and downvote

Facebook to Roll Out a Comment Upvote and Downvote Feature

June 20, 2018

Get a Free ESET Internet Security License for 3 Months

April 22, 2020

How to Change Your Profile Picture in Zoom

October 25, 2021
BDO Nomura

How to Open a BDO Nomura Account

May 25, 2019

How to Change Your Globe WiFi Password

May 18, 2022
Facebook Twitter Instagram Youtube Pinterest

About Us

Tech Pilipinas is the Philippines’ digital lifestyle and technology magazine, helping millions of Filipinos keep up with the challenges of the fast-paced, ever-changing world of technology.

For any inquiries or business proposals, e-mail [email protected].

Get it on Google Play

Browse by Category

  • Apps
  • Blogging
  • Business
  • Computers
  • Deals
  • E-commerce
  • Emerging Tech
  • Entertainment
  • Events
  • Fintech
  • Gadgets
  • Gaming
  • Giveaways
  • Government
  • Internet
  • Interviews
  • Mobile
  • News
  • Reviews
  • Security
  • Social Media
  • Software
  • Startups
  • Telecoms
  • Tutorials
  • WordPress
  • ZIP Codes

Popular Tags

Android Facebook GCash Globe Huawei Lazada mobile wallet online banking online payments online shopping PayMaya PLDT Samsung Shopee Smart smartphone Social Security System SSS WiFi Xiaomi

Copyright © 2017-2022, Tech Pilipinas and Luis Reginaldo Medilo. All Rights Reserved.
No part of this site may be copied, reproduced, modified or distributed without the prior written consent of Luis Reginaldo Medilo.
Contact Us | Copyright Notice | Disclosure Policy | Disclaimer | Privacy Policy
DMCA Protection Status

  • Home
  • Categories
    • Apps
    • Blogging
    • Business
    • Computers
    • Deals
    • E-commerce
    • Emerging Tech
    • Gadgets
    • Gaming
    • Giveaways
    • Government
    • Internet
    • Interviews
    • News
    • Reviews
    • Security
    • Social Media
    • Software
    • Startups
    • Telecoms
    • Tutorials
    • WordPress
  • About Us
  • Archives
  • Advertise
  • Contact Us
  • Internet Speed Test
  • Smartphone Prices