WHAT COULD HAVE BEEN DONE?
Plenty. And certainly none of it includes falling silent in the face of hackers, or saying things like: O sige, magaling na kayo, tama na ‘yan! – a paraphrase of what Comelec Commissioner Rowena Guanzon said on April 21. (GMANetwork.com, 21 April)
From a friend who worked for government in a past life: “We passed the Data Privacy Law in 2012. The Privacy Commissioner was appointed last March. There is no IRR yet. In the four years in between, we’ve suffered without this law: from the stupid credit card calls we get, the unwanted texts from NTC, the lack of opt-outs for various spam and other stupid promos. With the Comelec data leak, we should demand that the newly appointed Privacy Commissioner (Raymond Liboro, formerly of DOST) make this a priority. There are penal provisions for the keepers of sensitive personal info that do not exert the best effort to safeguard these data. I hope someone goes to jail for this. Otherwise, well, we get the usual treatment of being fucked over and over and over again.”
And then from my tech guy: “Is there a way to keep that data safe? No. There ARE a fucking MULTITUDE of ways to keep it safe. Of varying degrees of tediousness and – with equivalent levels of security.
“Can something like that ever be totally secured? Probably not. I’ve seen too many Hollywood heist movies. But if it’s valuable enough, it can be secured so that it would take the resources of a country and a legion of hackers to get to it. And it should take so much time that the information would be useless by the time they get it. That’s totally possible.”