Businesses failing to register with the National Privacy Commission (NPC) face show cause orders (SCOs) for non-compliance with the Data Privacy Act of 2012 (DPA) and other issuances, the NPC said Wednesday.
The warning came after the NPC conducted a privacy sweep at a mall on May 15, 2024 and identified 65 unregistered tenants. The NPC emphasized the importance of data privacy protection, saying it is committed to enforcing the law throughout the year.
It said that under NPC Circular No. 2022-04, mandatory registration applies to businesses processing data of 250 or more employees, those servicing 1,000 or more customers and those who process any volume of data posing a potential risk to data subjects’ rights.
Businesses below these thresholds should still submit a declaration for exemption, it said.
The NPC said its data security and compliance office (DASCO) would conduct nationwide inspections to ensure businesses comply with registration requirements.
Unregistered businesses receiving an SCO risk administrative fines as outlined in NPC Circular 2022-01.
The NPC also urged businesses to register their data processing systems and appoint data protection officers (DPOs) to ensure compliance and protect personal information.
