February 9, 2023

RED FLAGS IN THE CITY’S BIMP APP

The city government’s decision to enlist every resident in the Baguio in my Pocket (BIMP) application to have a database which it can tap for various uses may have the best intentions but the way delicate information is being gathered raised more doubts and complaints, rather than acceptance.
Foremost, barring people from entering City Hall unless they are issued a quick response (QR) code by enlisting in the BIMP sends the wrong signal that the seat of government is hard to access.
A few years ago, concerned groups protested the fencing of City Hall claiming the fences destroy the historical value of the building and was a sign that City Hall was inaccessible. Fast forward to 2021 and it is not the physical fences that prevented the public from entering City Hall, but the technology that City Hall insists we should welcome as the BIMP is part of city’s transitioning into a “smart city.”
Second are security and privacy concerns. To enlist in the BIMP, an individual is required to submit information similar to those asked in a census.
To dispel public fear, Mayor Benjamin Magalong and his technical team have argued that the benefits of signing up in the BIMP outweigh the issues raised by those who first enlisted in the app, as they also assured the information stored in the Cloud have firewalls to protect secure data.
But the issue is not just about promises of easier transactions and assurances that our data are protected from phishing. The issue is about the process by which the city government is implementing the program.
City Hall’s Public Information Office consistently harps about the increasing number of people signing up in the BIMP. Do these numbers mean that all those who signed up are interested or did they sign up because they had to? Because they were made to?
These are different issues and reporting about the “increasing” numbers does not mean the public is interested or appreciate this move of the city government.
In the city government’s website, it cited several laws, including the Data Privacy Act of 2012, as basis in obtaining personal information from the public.
City Hall says the information gathered is no different from those we submit when we are made to sign documents in the bank, when we get credit cards, or even when we sign up in our social media accounts.
But the Data Privacy Act is clear – before obtaining personal information, the public should first be informed about why personal information is needed. Likewise, to be gathered should not be excessive in relation to the purposes for which they are collected and processed.
Those who signed up with the BIMP have reported that some information being asked might not be necessary.
If the data gathered is for contact tracing or processing of business permits, why then are other information being asked? For what purpose? Why is a market-to-home service included?
All these and more have to be explained.
The BIMP was first rolled out in Barangay Irisan. When the city government decided to expand enlistment to the app to those transacting at City Hall, there should have been a disclosure first of the feedback from the barangay.
If an individual decides not enlist, will it mean he or she will not enjoy privileges afforded to citizens who do not have smartphones and who are technologically challenged? Why wasn’t a public consultation called so that the public will be guided properly? We believe that the questions and issues raised by the public are valid and deserve to be answered.
We support City Hall’s program of making full use of technology to hasten government transactions and to integrate these technologies in our day-to-day routine but in the process, there should be no shortcuts.
We suggest for City Hall to accommodate clients regardless of whether they have signed up with the BIMP or not. At the same time, it should call for a public consultation and expand the information and education campaign so that the public may be properly informed about the local government’s plan of coming up with a database of residents.
The city council should also step in and hammer out an ordinance spelling out the specifics of what information is needed, what it will be used for, penalties for the unauthorized use of private information, and if possible, create a grievance committee where the public may lodge their complaints or issues should there be a breach of private information.
Opinion of the National Privacy Commission should also be obtained so that it could give inputs with how the city government and the public could roll out the program with few issues especially on privacy and security issues.
When the national government decided to implement the national ID system, it called for a series of public hearings and it involved stakeholders such as Congress, lawyers, and experts on cybersecurity. There were no shortcuts and we expect the city government to do the same.