DATA PROTECTION

According to Techopedia, it is the process of protecting data and

involves the relationship between the collection and dissemination of data
and technology, the public perception and expectation of privacy and the
political and legal underpinnings surrounding that data. It aims to strike a
balance between individual privacy rights while still allowing data to be used
for business purposes.
Data - also known as data privacy or information privacy
Protection
 is a part of data security (and information security), and a legal
measure that relates to the proper handling of data – how data is
collected and used - and maintaining compliance.

The National Privacy Commission defines as the right of an individual

not to have private information about himself disclosed, and to live freely
from surveillance and intrusion

Data protection or data privacy

-defines who can have access to the data from a legal perspective. This
means that an organization dealing with personal data (collects, processes,
Data stores, transmits) provides the owners of the data (and the public as a
Privacy whole) an assurance that the personal data is received according to
expectations and with the consent of their owners.
-is primarily a legal issue

The term “data protection” is sometimes taken to be synonymous with,

because these terms prevent unauthorized access, use, disclosure,
modification, and inspection of information
Data protection is NOT the same as data security, and they cannot be the
substitute of each other.
Data
Security  about access and protecting data from unauthorized users through
technical measures

There was unauthorized access and misuse. Hackers stole AND

publicized personal data – names, student numbers and passwords -
which could be used in other online services where the names and same
passwords are used (could be bank accounts), or sold to third parties for
marketing purposes
 - requires businesses to protect the personal data and privacy of European
Union (EU) citizens for transactions that occur within EU member
states, AS WELL AS the exportation of personal data outside the EU.
GENERAL DATA -xtends its application to a data controller or processor who carries out
PROTECTION processing outside of the European Economic Area (EEA) if that
REGULATION processing is carried out in order to offer goods or services to, or monitor the
(GDPR) behavior of individuals within the EEA.

-Companies that collect data on citizens in EU countries must have complied

with strict new rules around protecting customer data by May 25, 2018.
Fully titled, “An Act Protecting Individual Personal Information
in Information and Communications Systems in the Government
 and the Private Sector, Creating for this Purpose a National Privacy
Commission, and for Other Purposes” the DPA aims to protect the
fundamental human right of privacy, of communication while ensuring the
free flow of information to promote innovation and growth

DATA PRIVACY
ACT OF 2012
(DPA)

refers to any information from which the identity of an individual is

apparent or can be reasonably and directly ascertained, or when put
together with other information would directly and certainly identify an
individual

Personal
information
(PI)
 are only allowed to the minimum extent needed to achieve purpose,
Exemptions with consideration to requirements of other regulations.

DATA PRIVACY (RA 10173)

-enacted on August 15, 2012, and came into effect on Sept 8, 2012.
History -was established to address the growing concerns over privacy in the digital age.

Main
Objectives
 Importance
for the Youth

refers to any information, whether recorded in a material form or not, from

which the identity of an individual is apparent or can be reasonably and directly
ascertained by the entity holding the information.

Personal
Data
 is a subset of personal data that requires higher levels of protection due to
its sensitive nature.

Sensitive
Personal
Information

- is the individual whose personal or sensitive personal information is

Data processed.
Subject

-an organization or person who determines the purposes and means of

processing personal data.
Data
Controller

- organization or person who processes personal data on behalf of the data

controller.
Data
Processor
 - Any operation or set of operations performed upon personal
data, including but not limited to collection, recording, organization,
storage, updating, retrieval, consultation, use, consolidation,
blocking, erasure, or destruction of data.

Processing

- Any freely given, specific, informed indication of will, whereby

the data subject agrees to the collection and processing of
personal data about and/or relating to them.

Consent

Organizations must be open and clear about how they process

personal data.
The
Principle of
Transparen
cy

Your Rights Under the Data Privacy Act

You have the right to be informed whether personal data

 Right to Be pertaining to you shall be, are being, or have been processed.
Informed

Right to Access You have the right to reasonable access to your personal data upon
request.

Right to Object
You can refuse or withdraw consent to the processing of your personal
data.
You are entitled to be indemnified for any damages sustained due to
inaccurate, incomplete, outdated, false, unlawfully obtained, or
unauthorized use of personal data.
Right to Damages
actual damages - compensation for proven dinancial loss
moral damages - compensation for psychologocal impact

Right to You have the right to correct any inaccuracies or errors in your
Rectification personal data.

You have the right to obtain and reuse your personal data across
Right to Data different services.
Portability data transfer - receive your data in a structured
direct transfer - request that your data be transmitted from
one organization to another

Right to File a If you believe your data privacy rights have been violated, you can file
Complaint a complaint with the NPC.

Protecting Your Personal Data

 Online Privacy Adjusting your online privacy settings is a fundamental step in
Settings controlling who has access to your personal information.

Strong Passwords Strong passwords and additional authentication methods protect

and Authentication your accounts from unauthorized access.

Be Cautious with
Personal Think carefully before sharing personal details online or with others.
Information

Recognize and Phishing is a method used by cybercriminals to trick individuals

Avoid Phishing into revealing personal information.
Attempts

Secure Your Protecting your devices helps safeguard the personal data stored
Devices on them.

Be Mindful of Social engineering involves manipulating people into divulging

Social confidential information.
Engineering

Regularly Keeping an eye on your accounts can help you detect

Monitor Your unauthorized activities early.
Accounts

Educate Staying informed empowers you to protect your personal data

Yourself and effectively.
Others