Public Record — National Privacy Commission
Court decisions, regulator orders, and major news-documented incidents involving National Privacy Commission. Every entry cites a primary government source or independent news coverage. LabanPH does not editorialize — we aggregate public records.
National Privacy Commission — file-a-complaint portal
The National Privacy Commission operates a public portal for filing complaints under the Data Privacy Act of 2012 (RA 10173). The portal accepts sworn complaints accompanied by supporting documentation, and routes matters through investigation, mediation, and adjudication. It is the primary channel for borrower complaints against online lending apps that access contact lists without consent or shame borrowers using personal data.
View full entry →
NPC Circular 2021-01: 2021 NPC Rules of Procedure
NPC Circular No. 2021-01 promulgates the 2021 Rules of Procedure of the National Privacy Commission. It governs the filing of complaints, sua sponte investigations, mediation, fact-finding, formal investigation, decision-making, and appeals before the NPC. It is the procedural backbone for any data-privacy complaint against a financial-services counterparty and is the standard reference in NPC adjudications since its effectivity.
View full entry →
NPC Advisory 17-01: Designation of Data Protection Officers
NPC Advisory No. 17-01 sets the rules on the designation, qualifications and functions of the Data Protection Officer (DPO) that personal information controllers and processors must appoint under RA 10173. It defines the DPO's role in monitoring compliance, advising data subjects, and serving as the point of contact for the National Privacy Commission. Complaint guides cite this advisory to identify the correct counterparty when sending data-subject requests or breach notifications.
View full entry →
NPC Circular 16-03: Personal Data Breach Management and Data Subject Rights
NPC Circular No. 16-03 covers personal-data breach management, including breach notification timelines, mandatory contents of breach reports, and the rights of affected data subjects. It is paired in complaint practice with NPC Circular 16-01 (security measures) and NPC Advisory 17-01 (DPO designation) as the operational core of personal-information-controller obligations under RA 10173.
View full entry →
NPC Circular 16-01: Security of Personal Data in Government Agencies
NPC Circular No. 16-01, issued by the National Privacy Commission, prescribes the security of personal data processed by government agencies and, by reference, sets the baseline expectations for organisational, physical and technical security measures applicable to personal information controllers and processors. It is regularly cited in NPC adjudications and in complaint guides covering data-handling failures by lenders and other private entities.
View full entry →
RA 10173: Data Privacy Act of 2012 — NPC overview page
The Data Privacy Act of 2012 (Republic Act No. 10173, signed 15 August 2012) protects the fundamental right to privacy and regulates the collection, processing, storage and disclosure of personal information by both public and private entities. The National Privacy Commission's overview page summarises the Act's principles — transparency, legitimate purpose, proportionality — and the rights of data subjects, including the right to be informed, to access, to rectification, to erasure or blocking, and to damages for unauthorized processing. It is the statutory basis for NPC complaints against online lending apps that scrape contact lists, shame borrowers, or otherwise mishandle personal data.
View full entry →
Affected by something not on this list?
Document your case. We help build the public record.