^

Freeman Cebu Business

RP Data protection and control must not be in Chinese hands

INTEGRITY BEAT - Henry Schumacher - The Freeman
June 25, 2021 | 12:00am

1. It is important to note that the uncertainties created by the pandemic have benefited the local information technology and business process management (IT-BPM) sector as it was able to secure additional accounts and clients. Last year, the employment in the industry grew by 1.8% to 1.32 million while revenues rose by 1.4% to US$ 26.7 billion. In other words, the Philippine economic future to quite an extent rests on this industry.

2. Data security is therefore a top issue. Consequently, the cross-border data flows and data privacy protection are super important. We have to comply with the EU, UK, US, APEC rules so that international data owners have no issues in sharing data with the effective service industry in the Philippines. We are working on processes of having the companies certified. However, the national security implication of data protection and control must also be treated as a priority, at a time when ransomware can paralyze critical enterprises.

3. Data storage on the ground and in the cloud is part of the issue and needs to be addressed by organization handling data. This clearly means that data access must be regulated by government. It is good to see that the Philippine National Privacy Commission (NPC) is rolling out a voluntary certification scheme to monitor companies’ compliance with international privacy standards. The certification program, including a ‘privacy mark’, is aimed at helping companies build up their reputations for protecting privacy. The incentive is recognition for excellence for achieving a higher level of accountability. The NPC said certifications for compliance with APEC cross border privacy rules would also give firms a pathway to global markets. NPC is partnering with bilateral, regional and international organizations for global data transfer mechanisms to ensure the free and secure flow of data from and into the Philippines.

How do other countries protect the sovereignty, protection and localization of data?

Data security must be approached from three major perspectives:

* Data Protection is the idea that individual’s private data must be protected, and shared or disclosed strictly according to certain protocols defined under GDPR, of which the Philippines has enforced a local version.

* Data Sovereignty, on the other hand is the fact that access to data is regulated by the laws of the country where it is stored. For instance the data of a Philippine company, if hosted in the USA would be subjected to US law enforcement agencies. Which brings us to data localization. Many countries, and for a variety of reasons, require the data of their citizens and enterprises to be stored exclusively in country. Russia and China are prime examples; but also Indonesia, Vietnam, Malaysia and Brunei.

* Data localization, in the absence of strong data protection laws would raise the risk of government access and intrusion in our private lives.

The concerns surrounding data privacy and data protection cannot be underestimated: the far-reaching consequences of the Cambridge Analytica scandal is a stark reminder.

4. Around the world, governments and potentially affected individuals and companies are watching the data dominance of Google, Apple, Facebook, Amazon and some others with concern and are definitely of the opinion that they need to be regulated regarding personal and sensitive data. While there is concern about the fact that these large organizations are using our data for business interests, not for political interests.

In contrast, here comes China with new government rules that allows the Chinese government to access such stored data and use it potentially politically. The new Data Security Law, which will take effect on Sept. 1, 2021, includes a goal of classifying private-sector data according to its importance to state interests. The vaguely worded clause, analysts and legal experts say, gives authorities considerably more leeway to control data deemed essential to the state, while making it harder for business, both Chinese and foreign, to say no.

The law will ‘clearly implement a more stringent management system for data related to national security, the lifeline of the national economy, people’s livelihood and major public interests’, said a spokesman for the National People’s Congress, the legislature.

The proposed Personal Information Protection Law, modeled on the European Union’s data-protection regulation, seeks to limit types of data that private-sector firms can collect. Unlike the EU rules, the Chinese version lacks restrictions on government entities when it comes to gathering information on people’s call logs, contact lists, location and other data.

And here comes ALIBABA also: Alibaba Group’s digital technology and intelligence backbone Alibaba Cloud is set to build its first data center in the Philippines by the end of 2021. The company intends to support 50,000 local information technology professionals and help 5,000 Philippines businesses in their digital transformation journey by 2023.

Given the new Data Security Law of China which allows government to get access to the data of Chinese firms and use them politically, ALIBABA should not be allowed to enter the Philippines as a major data center, unless it can effectively demonstrate that the Chinese government will have no access to Philippine data.

Ideally, the company would not be subject to Chinese government requests to allow access. We have previous examples which show the limits of government outreach: the US government demanded access to the data hosted by Microsoft in its Irish datacenter. Microsoft refused, and the US government demand was blocked.

Can we seriously expect the same outcome from a Chinese government demand?

Chinese  access and misuse of data will also potentially affect DITO clients, but this is to be addressed separately; ALIBABA as data center in the Philippines is definitely out as long as the Chinese government has potentially access to the information and can use the data.

5. Given the importance of the local information technology and business process management (IT-BPM) sector for the Philippines will have to follow international rules tightly.

In conclusion:

It is time for the Philippines to measure the extent of the risk that this places on the country, and require those key cloud providers to establish their infrastructure in the country, while ensuring that the data remains fully and exclusively under the control of Philippines laws, with maximum protection from cyber security risks.

Your feedback is most welcome; contact me at [email protected]

vuukle comment

IT
Philstar
x
  • Latest
Latest
Latest
abtest

Cebu City partners with PLDT Enterprise to push digital goals

By Ehda M. Dagooc | 5 days ago
The Cebu City government and PLDT Enterprise have strengthened their partnership to push for the city’s digital transformation goals.
5 days ago
Freeman Cebu Business
fbtw

Trust issues hinder Charter change?

By Fidel Abalos | 5 days ago
“Change is inevitable. Change is constant.”
5 days ago
Freeman Cebu Business
fbtw

48 MSMEs to join DTI-7’s online training

By Ehda M. Dagooc | 5 days ago
The Department of Trade and Industry has introduced 48 micro-small and medium entrepreneurs to join the roster of participants for the 2024 Kapatid Mentor Me - Money Market Encounter Online program in Central...
5 days ago
Freeman Cebu Business
fbtw

Alliance Global expects policy rate cuts to boost economy

By Ehda M. Dagooc | 6 days ago
Alliance Global Group, Inc. (AGI), the holding company of tycoon Dr. Andrew L. Tan, anticipates policy rate cuts, as inflation decreases. This is expected to boost the economy and consumer spending, particularly...
6 days ago
Freeman Cebu Business
fbtw

Contact center and business process sector gathering set

By Ehda M. Dagooc | 6 days ago
The Philippines’ contact center and business process sector is set to hold its 18th Contact Island Conference in Cebu City on July 24-26, 2024. The conference will spotlight the opportunities presented by Artificial...
6 days ago
Freeman Cebu Business
fbtw

The Reading Mind

By Henry Schumacher | 6 days ago
I’ve always loved reading. Novels, history books, magazines, and newspapers.
6 days ago
Freeman Cebu Business
fbtw
Recommended
Are you sure you want to log out?
X
Login

Philstar.com is one of the most vibrant, opinionated, discerning communities of readers on cyberspace. With your meaningful insights, help shape the stories that can shape the country. Sign up now!

Get Updated:

Signup for the News Round now

FORGOT PASSWORD?
SIGN IN
or sign in with