On 1 July 2022, was introduced amendments to the Data Privacy Act of 2012 (HB No. 898) into the Philippine Parliament. The amendments introduce new definitions, including those of biometric and genetic data. The amendments clarify key terms, including "data subject," "personal information," "sensitive personal information," and "personal information controller." The retention of data is permitted only to the extent that it is necessary, with exceptions permitted for archiving, historical, or research purposes, provided that appropriate security measures are in place. The legislation delineates the permissible grounds for the processing of personal data, including the acquisition of consent, the fulfilment of contractual obligations, and the addressing of public safety concerns. Specific provisions have been established for the processing of children's data, stipulating that parental consent is required for those under the age of 15. Furthermore, the amendments expand the rights of data subjects, enabling them to access, correct, and request the deletion of inaccurate or unlawfully obtained data. In certain circumstances, limitations are imposed on the rights set out above, particularly in the context of research or public health emergencies, provided that the requisite legal safeguards are in place.
Original source