EPILOGUE: Privacy in the Philippines
As of November 5, 2007, drivebyshooter.net will no longer be updated. For posts on photography, you can now go to LightChasers Photography. For the author's personal site, head over to the Dark Corner.
I posted something last Thursday on an invasion of our privacy only to backtrack and remove the link. Here’s why I took the post down - and why I’m writing about it again.
Quite simply, I took my post down to avoid making the problem worse. It was bad enough that our information was* posted online for the whole world to see, but the problem wasn’t tat big yet. Why not? Not a lot of people knew about the lists being up.
* the lists have been removed, reportedly as of 7:30 p.m., Friday, 16 March 2007
By blogging about the problem, we raise awareness. However, by posting the link to the said lists, we were giving everybody access to the same information that should have been kept private. Basically, we were holding up big signs pointing to the security hole.
We can talk about it all we want now - the lists have been taken down. While the lists were still up though, it wasn’t a good idea.
Now why am I posting about it again?
I’m writing about the issue because I want to make sure that certain things are cleared up.
First of all, before you start flaming the COMELEC (or burning it down again), take note that the URL of the offending site (http://comelecncr.com/) is a .com address. If this were an official COMELEC project, it would be posted on the Official Website of the Commission on Elections and as such, would have a .gov.ph suffix. Though it’s likely that some COMELEC officials were involved in this project, this was not an official COMELEC project.
note 2007.03.17 1756h: Whether the publication of the voters’ list an official COMELEC project is disputed. Either way, I’m tempering my outrage - my other reasons are below.
My second point - and I’m going out on a limb here - is that the people responsible for this were idiots. I’m asking you to keep that in mind. What I’m about to say may irritate some of you - and that’s probably putting it mildly: they were not acting maliciously.
No, it doesn’t change the fact that they impinged on our rights to privacy - their intention, however, mitigates that. They were doing this “in pursuit of transparency to the end that the stakeholders in our election will trust COMELEC more.” They way in which they tried to achieve transparency was pure idiocy, but they were simply trying to do good.
Whether you agree with me or not, this is what I would like to believe.
My third point is that the people behind this project need to be held responsible for their actions. Despite their best intentions, they ended up violating our rights as citizens. Ignorance of the law, or lack of common sense, for that matter, is not an excuse for breaking it. Their complete lack of brain cells may make their actions slightly easier to forgive, but their complete disregard for our rights makes them, despite their best intentions, unforgivable.
I’m saying it again: what were they thinking?
I’m tired now. Why don’t you all the posts I’ve found on the topic so far:
- A Privacy Nightmare @ [rebelpixel productions]
- COMELEC Posts Voter Info Online, Invades Privacy @ Stellify
- Your Privacy May Have Just Been Violated @ *Jozzua
- Privacy in the Philippines @ drivebyshooter.net
- Comelec privacy blunder @ Timog Forum | Filipinos in Japan
- Make The Rain Of Stupid Stop @ Public Static
- COMELEC and the right to privacy @ Grace by which I stand (v. 7)
- Thank God I’m Not A Registered Voter @ The J Spot
- List of Registered Philippine Voters @ Brian’s Site added 2007.03.17 1750h
- What Price, Privacy? @ Bayanihan Blog Network added 2007.03.17 1750h
- COMELEC Puts List of Voters Online @ LloydLopez.com added 2007.03.18 2306h
- Are you a registered NCR voter? Your name & address have been online @ Philippine Elections 2007 added 2007.03.18 2306h
- The road to hell is paved with good intentions @ Mal’akh added 2007.03.18 2306h
- COMELEC Privacy Blunder @ ISAW added 2007.03.18 2306h
- Will Comelec publish voter information? @ Techno Pinoy added 2007.03.18 2306h
additional links (2007.03.18) lifted from the Bayanihan Blog Network.
Press link:
Do you know of any more posts not listed here? Drop me a comment. Thanks!
Tags: Philippines, Commission on Elections, COMELEC, WTF, politics, stupid, idiot
DBS posted this entry at 10:43 AM on Saturday, the 17th of March 2007. He may have also posted related entries in the following categories: blogging; this beautiful country.
March 17th, 2007 at 1:03 pm
COMELECNCR is in fact a division with in COMELEC - as a matter of fact, the Chairman of Comelec was the one who commissioned the blunderous project.
As for further spreading the problem through blogging, I told myself by having massive reaction against it (which happened) the site will go down faster than when a mere handful will send the authorities notifications. The faster the site goes down, the lower the chances are of having the data cached by Google (unfortunately it still got cached anyway).
So I guess it was a futile act in the end anyway.
March 17th, 2007 at 7:23 pm
My reasons for opting to keep quiet are listed above - and I went through other avenues to try and take the site down. I simply saw more risks in the publicity. In any case, the site is down.
As for Google caches, I’m still wracking my brain for something. Unfortunately, I’m not as hopeful.
March 18th, 2007 at 2:52 am
I truly understand your reasons for wanting to limit the exposure of this horrendous blunder. But I have to agree with redkinoko: it was better to raise awareness as quickly as possible, so that the urgency to find a solution (in this case taking the list down) increases.
Most IT security experts agree that when a vulnerability in a system is discovered, the whole world should know it ASAP. Even if it lets people know how to exploit the opening, it also makes users take the necessary steps to avoid getting affected until a solution is found.
If Google did cache this data (it takes longer for a low-profile site to get indexed), perhaps we could ask them to delete their copy, in the interest of protecting privacy?
March 18th, 2007 at 12:28 pm
I get the IT analogy, but in this case, knowledge of the link doesn’t give users any additional information to help them, as you mentioned, avoid getting affected.
In this case, IMO, the solution (i.e. shutting the site down) had to happen before more people learned about the hole. Yes, the increase in the number of people knowing about the problem made finding a solution more urgent. However, I don’t believe it did as much to speed up the process.
March 18th, 2007 at 12:41 pm
I disagree. Without the outrage (or whatever) generated by the increase knowledge of the problem, I don’t think the COMELEC would’ve done anything to rectify it.
And hopefully, they’ve learned why providing such detailed data is wrong. I totally agree that this was probably an “innocent” mistake. That someone did this to promote transparency over the whole process.
I just wish they tried to find out what was the best way to go about this. We’ve got so much local IT expertise, and they didn’t bother tapping it.
March 18th, 2007 at 2:03 pm
[…] to Elber for some of the links. Filed: Philippine Blogosphere « Second BBN Theme […]
March 20th, 2007 at 5:12 am
Did you guys check the list?
I checked my friends and most of the reg dates were absolutely wrong - it preceded their actual date of birth. Some of the addresses were also wrong.
We should take responsibility for being among the first few bloggers who blogged about it!! lol. Alex Maximo gave me a shout out in his inquirer email as “another blogger”. My two seconds/words of fame thanks to the erring COMELECNCR! haha.