SENATOR Leila De Lima filed Monday a resolution asking the Senate to look into the data leak in the Commission on Elections (Comelec) which reportedly affected 55 million registered voters in the May 2016 polls.
In her Senate Resolution (SR) 260, de Lima noted that the Comelec data heist is unacceptable, and that those responsible should be fully prosecuted and punished, “whether they are foreign or domestic actors.”
Under SR 206, the senator wants the Senate committee on electoral reforms and people’s participation to carry out the investigation with an end-view of instituting remedial legislative measures, which will ensure that the government accomplishes its constitutional duty of preserving the sanctity and integrity of the entire electoral process.
De Lima said in an interview that the investigation is also aimed at finding out the extent of the damage brought about by the data leak on Comelec’s voters’ database, and also the integrity of the ordinary people’s personal information.
Hackers claiming to be affiliated with the group Anonymous Philippines managed to access illegally the Comelec website on March 27, 2016, several weeks before the May 9 local and national elections.
On the same day, a separate group of hackers, LulzSec Pilipinas, posted an online link to what it claimed to be the entire Comelec database containing the names and personal information of some 55 million registered voters.
“We want to know if the breach on Comelec database really did not affect the voters’ registration data because the National Privacy Commission (NPC) has been saying that this is a very serious matter,” she added.
The NPC, in its decision last December 28, recommended the criminal prosecution of Comelec Chairman Andres Bautista for allegedly failing to ensure the privacy of the voters’ database last March.
NPC said Bautista’s alleged “lack of appreciation” of the principle that data protection is more than just the implementation of security measures, thus violating Republic Act 10173, also known as the 2012 Data Privacy Act.
De Lima insisted that personal information should be guarded at all times against unlawful access and manipulation, fraudulent use, unauthorized usage, unlawful destruction, alteration, interference, and contamination.
She also stated in her resolution that the searchable website, known as “wehaveyourdata,” which contains sensitive data on Filipino registered voters, was found to have been bought from a US-based web-hosting firm and was allegedly hosted in Russia.
“We need to preserve the sanctity and integrity of the entire electoral process starting with the protection of the voters’ registration procedure and all pertinent information,” she added.