What a difference one month makes. In December, Commission on Elections (Comelec) Chair Andres Bautista basked in the glow of an agency that was hailed globally as the Electoral Commission of the Year for the successful May 9, 2016, polls. A month later, he was facing potential criminal prosecution over the March 2016 hacking of the Comelec website that has since been described as one of the worst breaches of a government-controlled database. The National Privacy Commission said on Thursday that Bautista had committed “gross negligence” under the Data Privacy Act of 2012, or Republic Act No. 10173. This came to light following an investigation of a “data breach” from March 20 to 27 last year. The breach exposed almost 77 million voter registration records. Sensitive information, such as voters’ full names, addresses, passport details and birthdays were posted on online platforms and a website that has since been taken down. So notorious was the event that it even has its own name: Comeleak.
At a press briefing on Thursday, privacy commission officials, led by Commissioner Raymond Liboro and Deputy Commissioner Dondi Mapa, announced that evidence to aid in the criminal prosecution of Bautista had been turned over to the Department of Justice (DOJ), which was expected to pursue the case.
The officials were quick to note that the breach did not compromise, in any way, the May 9 elections.
“The Comelec, in fact, protected the vote. The question is, in its zeal to protect the vote, did it fail to protect the voter?” Mapa said.
Full Article: Poll chief liable for ‘Comeleak’ | Inquirer News.