Philippines: Adopted NPC Advisory No. 2017-01 on the Designation of DPOs

On 14 March 2017, the Philippine National Privacy Commission (NPC) adopted Advisory No. 2017-01 on the Designation of Data Protection Officers (DPOs). The Advisory is applicable to any person processing personal data, which is subject to the Data Privacy Act of 2012 (Republic Act No. 10173). The Advisory states that the designation of the DPO is mandatory and specifies the tasks of the DPO, most importantly to ensure compliance with any data protection laws. The Advisory highlights the necessity of the DPO being independent of the data processor as well as being bound by confidentiality in the performance of his tasks. Furthermore, the Advisory states that the contact details of the DPO must be available on the website and privacy policy in order to ensure that any interested party can contact the DPO. Beyond that, the Advisory specifies the role of the DPO within the organisation and its role therein.