Upgrade Magazine


Bank’s CISO emphasizes importance of consent in data privacy

In a time where everyone’s personal data is at risk in many different ways, individuals must exercise great caution in the consent they give in apps and services processing their information, says EastWest Bank Chief Information Security Officer Joey Regala.

Regala, who is also the president of the Information Security Officers Group (ISOG), identified mobile phones and smartphone apps as the biggest areas where threats to users’ safety are increasing at a conference during this year’s National Privacy Week last May 24.

“There are some applications that don’t explicitly get your consent, but you end up allowing them to manipulate your phone’s camera, microphone, contacts, and so on,” says Regala. “That is a big threat for a data privacy officer because without us knowing, our clients might be exposing too much of their data if these apps are left unattended or not managed properly.”

Regala claims that any smartphone operating system and manufacturer may carry these apps, and suggests that users—especially in the banking sector—review all application consent prompts thoroughly in order to safeguard their data.

“They should know in detail what the app will use,” says Regala. “Let’s say, if the app is asking for the use of your camera, then what will be the specific use of that feature?”

EastWest has complied with the pillars established in the Data Privacy Act of 2012.

“We at EastWest are proud to say that our data privacy controls are safe and secure,” shares Regala. “We are compliant with and up-to-date when it comes to the Data Privacy Act, as well as the standards established in the EU General Data Protection Regulation.”

Commissioner Raymund Liboro of the National Privacy Commission cites the banking sector as an important field for data privacy due to its effects on the economy.

“As the people continue to trust the banks, they will trust the economy. When you trust the economy, everyone benefits,” says Liboro.

To Top