SENATE President Aquilino Pimentel III stressed the need for a “tight, effective and comprehensive cyber security policy” amid the upper house’s passage on second reading of the bill seeking to establish a national ID system.
“It’s crucial for the effective implementation of a national ID system that we formulate a comprehensive cyber security policy that’s spread among the various state agencies tasked with defending and ensuring the integrity of government online information and our citizen’s private online data. If that data is compromised, then we will have problems with the ID system because sensitive information is stored online.”
Pimentel called on the PNP, DND, DoJ, DICT, DoST and other relevant agencies to assess “first, what would be the national policy on cyber security, and second, do we have the tools and technology to ensure that such policy is carried out.”
In his sponsorship speech, Senator Panfilo Lacson said by not instituting a robust national identification system, we deny Filipinos access to their rights.
“We deny them services from the government; we deny them the opportunity to realize their full potential; we deny them their rightful share in progress,” he said.
“What we allow are multiple identification systems in government which create unnecessary and costly redundancies, resulting in the exclusion of those who do not have the means and capacity to access the IDs,” he said.
Furthermore, Lacson said “we make it inconvenient for individuals to transact with government agencies and private sector entities.”
At present, the senator said we have the Unified Multi-Purpose ID or UMID, which is issued to the members of the Social Security System, Government Service Insurance System, Philippine Health Insurance Corp. (PhilHealth), and the Home Development Mutual Fund (Pag-IBIG Fund).
However, while it provides a good chance at harmonizing the government ID systems, he said the UMID only covered less than 20 percent of the population since the start of its enrollment process in 2010.
He said several government-issued ID numbers were also in use, resulting in duplication of efforts, wastage of resources, and uncoordinated identity approaches.
In fact, he said “a perusal of the list of valid IDs in the Philippines enumerates 33—I repeat, 33—different forms of identification issued by various government agencies.”
Lacson, chairman of the Senate public order committee, said the national ID bill aimed to harmonize, integrate, and interconnect these countless and redundant government IDs by establishing a single national identification system to be known as the Philippine Identification System or PhilSys.
The PhilSys will eliminate the need to present other forms of identification in a wide variety of public and private transactions, services, and derivative identity credentials.
Meanwhile, Department of Budget and Management Secretary Benjamin Diokno expressed hope the ID system would be passed into law before the Easter break or before this month ends.
“I’m hopeful that the bill will be passed into law as early as next week,” Diokno told a press conference.
Pimentel stressed that beyond the national ID scheme, there was an urgent need to have a national cyber security plan in place.
“We’re also just not talking about protecting sensitive government data like our GSIS, SSS and Philheath databases or securing election results from domestic or foreign hackers. Let’s not forget that in March 2016, there was reported hacking of the COMELEC’s voter database which prompted the agency to seek the assistance of the DOST and the National Privacy Commission.”
“In addition to sensitive state data, an equally-important aspect of the cyber policy is government having the capability to assist the private sector in cyber concerns when asked to.”
Pimentel noted that electronic commerce or e-commerce reached US$1.491 billion in revenues last 2018.
An estimated 30 million Filipinos engaged in at least one commercial transaction over the internet last year.
“In short, if a private citizen approaches the NBI or PNP and seeks some form of cyber assistance, whether it’s cyber stalking, posting inappropriate photos or failed personal commercial transactions online, these agencies should be able to provide it.”
Pimentel noted that apart from the NBI, which has its Cyber Crime Unit, the DICT has a similar unit which in fact released its Cyber Security Plan in 2017.
“Capability-building and cooperation among government agencies should ensure that we have a stable and reliable cyber policy on hand. A national ID system or a robust e-commerce sector, for that matter, would be useless if we do not have the means to protect sensitive data,” Pimentel stressed.