The National Privacy Commission (NPC) said it welcomes the Department of Interior and Local Government’s ‘s Memorandum Circular No. 2024-135, which strengthens data privacy compliance across all local government units (LGUs) in the country.
The circular updates LGU obligations to align with the Data Privacy Act of 2012 and recent NPC guidelines.
Key provisions of the circular include the mandatory registration of data processing systems with the NPC for LGUs handling personal or sensitive information, the appointment of data protection officers (DPOs) at the provincial, city and municipal levels, with cities or municipalities having the option to assign compliance officers for privacy to each barangay.
It also emphasizes the prominent display of the NPC seal of registration on LGU websites and offices and highlights potential administrative sanctions for non-compliance.
“LGUs collect and process vast amount of personal data from their constituents and this directive from DILG marks a vital step toward enforcing responsible data management at every level. By setting clear standards, we are not just ensuring compliance—we are safeguarding the privacy rights of millions of Filipinos,” said NPC commissioner Henry Naga.
He said the NPC would continue to guide LGUs for effective implementation of these data protection measures.
Failure to comply with the provisions of M.C. No. 2024-135 may subject LGUs to administrative sanctions as provided under the DPA.
The DILG M.C. No. 2024-135, approved on Sept. 12, 2024, takes effect immediately, underscoring the urgency and importance of prioritizing data privacy within LGUs.
