Philippines: Passed Amendments to the Data Privacy Act of 2012 (HB No. 9651) including cybersecurity regulation

On 26 August 2021, the amendments to the Data Privacy Act of 2012 (HB No. 9651) passed the House of Representatives. The amendments introduce several provisions, including the requirement for data controllers to notify the National Privacy Commission and affected individuals within 72 hours of discovering a data breach. Additionally, the amendments increase penalties for unauthorised processing and improper disposal of personal data, and strengthen accountability for corporate officers and public officials in cases of data privacy breaches. Moreover, the amendment requires the appointment of Data Protection Officers (DPOs).