DFA Passport ‘Data Breach’: Here’s What We Know So Far

4 min read By eCompareMo on January 14, 2019

Over the weekend, news spread that the Department of Foreign Affairs (DFA) “lost” passport data after a former contractor allegedly “took off” with them following the termination of its contract.

The data breach at the DFA came to light last Tuesday, January 8, 2019, when DFA Secretary Teodoro “Teddyboy” Locsin Jr. responded to a Twitter thread of an OFW asking about why some foreign embassies require a birth certificate instead of just accepting their old and expired passports.

According to Locsin, though the old passport is “1,000% ID better than birth certificate,” the agency is currently rebuilding their database “from scratch” as the agency’s former outsourced provider responsible for the safekeeping and printing of Philippine passports allegedly “took off” after the contract was terminated and took the data with them.

How does this affect my passport application/renewal?

The biggest difference between applying for a new passport and passport renewal hinges on the need for another identity document: a birth certificate from the National Statistics Office (NSO).Previously, those who were just renewing their passport didn’t have to bring a copy of their birth certificate, now certain passport holders who are up for renewal will need to procure and bring their birth certificate with them.

According to the DFA, applicants who will be renewing with their Machine Readable-Ready Passports (green) and their Machine Ready Passports (maroon) are required to present their birth certificates so that the agency can restore their information on the new database.

However, those with e-Passports (dark brown/maroon, issued 2009 onwards) are excluded from bringing their birth certificates and presenting their expiring passports should be enough.

Also affected are those people who left the country as businessmen, students, and tourists and have not traveled since 2014, the year from which passports issued in 2009 expired. Such individuals are also required to submit their birth certificates with them upon renewal of their old passports.

Who are the ones responsible for this mess?

Secretary Locsin has promised that this data loss won’t happen again as this controversy will spark national security issues and that passport information should not be kept back by any private entity.

“It won’t happen again. Passports pose national security issues and cannot be kept back by private entities. Data belongs to the state,” he further said.

A lot of netizens have quickly expressed their concern towards the issue, but Foreign Secretary Locsin declared that it is not a question of privacy.

“The data is useless to the old contractor. It is a question of official stupidity or more likely cupidity,” he said in another tweet dated January 12.

Secretary Locsin is putting the blame on past administrations and has held them responsible for the fraud.

Other government officials have been pointing fingers on who to hold responsible for the issue. As per opposition Senator Risa Hontiveros, the DFA should at least give their full explanation to the public on how and why the incident took place and to the extent of the data loss.

“The Department of Foreign Affairs (DFA) owes the entire country an explanation,” she said in a statement in Rappler.

“The recent admission that a privately contracted firm took the entire physical database of all of the country’s passport holders indicates a serious national security risk and is evidence of the Duterte government’s gross incompetence in protecting the people’s private data,” said Hontiveros.

Senator Risa Hontiveros even emphasized that the people behind the issue should be held fully responsible on the matter and that the whole Filipino community should be reassured that the data, their personal information, will be recovered ASAP.

(Read: Your Philippine Passport Can Now Take You To 66 Countries Without A Visa)

Vice President Leni Robredo also called out to the government and said that they should investigate and act on the passport data mess the DFA is currently facing right now.

“Nakakagimbal iyon at saka nakakatakot. Parang lumalabas, iyong contractor, iyong naatasan na – iyong may kontrata na gumawa ng ating mga passports, parang itinakas iyong buong data… iyong buong data system. Parang gustong sabihin, mayroon siyang access sa lahat na datos natin,” said the vice president on her radio show.

Agreeing that it is against the law, she expressed her support to Senate Minority Leader Franklin Drilon’s appeal to file charges against the outsourced passport maker.

Senators Franklin Drilon and Panfilo Lacson said that the government should start investigating the fraud. Senator Drilon even said that various government agencies such as the Department of Justice (DOJ), The Commission on Audit (COA), and the National Privacy Commission (NPC), who all have vowed to do so, could investigate the matter.

“An in-depth investigation should immediately be conducted and those responsible must be made to face and suffer the consequences. Those databases in the hands of private contractors will definitely compromise vital information of individuals who have dealt with those agencies, and the number runs into millions of people,” Senator Lacson said.

Senator Aquilino Pimintel III also called out to the agency and said that he will be filing a resolution towards the matter.

“And I am filing a resolution to find out more. We need to know what other data-gathering government agencies have entered into such a contract which is disadvantageous to the government and the people,” he said.

Just today, the palace has expressed their side towards the issue and has stated that the process, in response to the data breach issue, should not in any way be a burden to the applicants.

“Applicants should not be burdened by submitting original copies of their certificates of live birth, which requires another application process before the Philippine Statistics Authority, to renew their passports just because the producer lost their relevant data,” said Presidential Spokesperson Salvador Panelo.