MANILA, Philippines — The National Bureau of Investigation (NBI) must immediately take the initiative to conduct a thorough investigation over the Land Transportation Office’s (LTO) driver's license system, which is allegedly being run remotely outside the country by a German information technology (IT) firm.
In a May 19, 2026 letter to NBI director Melvin Matibag, a copy of which was obtained by The Manila Times, Salvador Piamonte, head of the community affairs of Flag Maharlika - an advocacy organization - raised major sovereignty and national security alarms over the alleged foreign-operated access to the country's public identity infrastructure.
Piamonte, interviewed by the members of the Quezon City Press Club, said that his group’s request was based on an Ombudsman resolution which cited an internal LTO Management Information Division (MID) report.
The LTO’s own technical experts explicitly warned that IT contractor Dermalog, a German-based company, has full "access and control" over the five-year Driver’s License Inventory and Printing Application Modules.
According to the LTO-MID report quoted by the anti-graft office, the system poses a "national security threat" because the foreign contractor can secretly print Philippine driver's license cards outside the country at any given time without LTO’s knowledge.
The group also cited a “ridiculous system flaw” where local LTO employees could not even transfer physical card inventory from one district to another within the Philippines without begging a Dermalog employee based in Malaysia to do it remotely.
“Our national identity system is compromised. Why are we allowing a foreign-based entity to hold the keys to the data and licenses of millions of Filipino drivers?” Piamonte said.
“This is a direct slap to our national sovereignty,” the group’s director said.
Piamonte said his group wants NBI’s Cybercrime and Counter-Intelligence divisions to look into potential violations of Republic Act 10175 (Cybercrime Prevention Act), specifically Illegal Access and System Interference, and check if public officials’ administrative failures facilitated this mess under the Anti-Graft law (R.A. 3019).
The civic group, according to Piamonte, also revealed that a parallel complaint is being sent to the National Privacy Commission regarding data privacy violations.
The issue is currently heating up as the Office of the Solicitor General has petitioned the Supreme Court to nullify the multi-billion LTO-Dermalog IT contract, renewing its push for a temporary restraining order, it added.
This newspaper tried to reach the IT company for comment, in vain while an unnamed LTO official initially denied such a practice but he let the leadership address the matter.
