A failure of governance
"What really happened in the passport snafu?"
The tangled web of the passport data mess continues to unravel, showing that government has not learned its lessons from past mistakes. Recently installed Foreign Affairs Secretary Teodoro Locsin Jr. claimed on Twitter last week that a “former contractor” had run off with passport applicant’s personal data. He blamed persons on the other side of the political fence, adding that he would “autopsy alive” the “Yellows who did the passport deal.” Others with knowledge of the issue weighed in. Former foreign secretary Perfecto Yasay Jr. said former contractor Oberthur did not steal any data. Current passport printer APO Production Unit, Inc. (APUI) chairman Michael Dalumpines agreed, saying “Passport data are with us,” and “all data were all in those [Oberthur] equipment turned over to us by Bangko Sentral.” Sundry politicians called for an investigation. Philippine National Police Director General Oscar Albayalde called the snafu a “national security threat,” and rightly so. Among the data that passport applicants give DFA are name and address, date and place of birth, marriage certificates, birth certificates, and signature. The personal details on these documents can be used to answer security questions on bank apps, commit credit card or other fraud, harass, bully, or doxx someone, and whatever else evildoers can think up. This is not the first time that government has lost data through its own fault. Remember ‘Comeleak’? On March 27, 2016, two months before the national elections, Anonymous Philippines hacked the Comelec website to post a message about the security of the vote-counting machines. The next day, LulzSec Pilipinas leaked online the Comelec database of over 70 million registered voter records. “It is considered the biggest leak of personal data in Philippine history, and among the biggest breaches of a government-held database in the world,” wrote Rappler’s Michael Bueza. This infernal incident was followed on Jan. 11, 2017, by another potential data breach when burglars made off with the computer of the Wao, Lanao del Sur election officer. The machine contained a copy of the national list of registered voters (NLRV) of about 55 million voters.