JUST as economic integration continues to be a global trend that promotes borderless trade, the emergence of digitalization creates a virtual community with advantages and risks—speedy, transparent and spontaneous transactions resulting to higher growth trajectory on one hand, and a phenomenon of security nightmare due to online vulnerabilities and risks, such as phishing scams, data thefts, malwares and Trojan horses that can devastate large volumes of systems and data on the other hand.
The endless virtual connectivity has proven to be beneficial to the Philippines, for instance, as evidenced by the contribution to GDP share of the information technology-
business-process outsourcing sector and its employment-generation capacity or as terrifying as those experienced by Sony, where hackers caused the leakage of data estimated to be $35 million in foregone revenues, as well as the hacking of eBay’s 145 million records and Home Depot’s 56 million records in 2014. Hence, it is incumbent for us to be digitally protected and virtually secured in an abyss of online transactions and the Internet domain.
State of cybersecurity in the Philippines
IN the third quarter of this year, the Department of Science and Technology-Information and Communications Technology Office briefed the members of the visiting delegation from the Finnish Information Security Cluster (FISC) and provided an overview of the state of cyber-security in the Philippines. Four priority areas have been identified to promote strategic information and communications technology (ICT)systems in the country. These include the infusion of ICT into all areas and levels of society to drive socio-economic development (E-Society); utilize ICT to improve government services, operation and capabilities (E-Government); ensure growth of industries through public-private partnerships (E-Innovation); and ensure cyberspace security (Cybersecurity). These priority areas are carried by eight major programs for 2015, notably the steeping up of value chain, e-Filipino, ICT-enabled start-ups, national connectivity, ICT ecosystem, e-civil servants, e-government and next wave cities. All of which are integrated in the Philippine Digital Strategy and the E-Government Master Plan.
Thus, it can be surmised that the Philippines is on track toward a digital economy. Even its more than 100 million population are becoming more sophisticated to ICT-enabled products and services. As of 2014, there are at least 39 million Internet users accounting to 1.35-percent share in world Internet usage and more than 50 million mobile-data subscribers. Business megatrends utilized ICT in almost all facets of operation, as well as academe and the government. In short, security and data protection are of paramount consideration for a rising tiger economy.
This was the same message articulated by FISC, where Finland strategized a national approach to cybersecurity and invested a hefty premium to their IT infrastructure frameworks. The Finnish government has implemented cybersecurity strategy, which is an element of the overall security strategy for society in keeping the management of government affairs, defense capability, internal security, infrastructure and economy, and population safe from any form of cyber attacks. They have institutionalized a decree that mandates every ministry to deal with cybersecurity issues. Iceland has another version; they had created a special cybersecurity council and a regular cybersecurity forum made up of private and public entities to look over telecommunication, financial systems, utilities, transportation, health and universities. Almost all sectors are integrated to their national security plans, which are reviewed annually. Of course, strengthening legislation and tackling cyber crime go hand in hand with their strategy on capacity building and increasing resilience.
Passage of DICT
The legal framework of ICT in the Philippines emanates from two executive issuances (Executive Order 810 and Administrative Order 39) and two statutory enactments, which include the Data Privacy Act of 2012 (Republic Act [RA] 10173) and the Cybercrime Prevention Act of 2012 (RA 10175). As of this time, RA 10173 remains to be unimplemented due to lack of implementing rules and regulations. If the four priority areas are to be aggressively pursued, then it is incumbent for the government to have a cabinet-level department solely devoted to ICT as various business associations, in many occasions, expressed support for its passage.
The Philippines needs to have a Department of Information and Communications Technology (DICT). We are the only country among the Asean-6 who does not have a ministry dedicated to developing ICT as a pivotal industry for national development, whereas 80 percent of countries around the world have a separate ministry. E-Government and E-Society can best be achieved with DICT. Look at the case of Estonia. The E-Estonia Council is even chaired by their prime minister with the ministers of economic affairs, education, trade, president of Estonian Association of IT and Telecommunication (counterpart of our Information Technology and Business Process Association of the Philippines), and representatives of private sectors. Estonia leads the world in e-government initiatives. Over the next decade, their population is projected to increase by 600 percent because of “e-residents”— people who sign up for digital cards and signatures who can make investments in Estonia, create jobs there, stimulates trade and commerce, and contribute to overall economic development. This is indeed a concrete example of public-private sector collaboration to ensure growth and security of businesses and people.
Clearly, the takeaway in all of these developments is for the Philippines to be decisive, firm and aggressive in undertaking efforts toward achieving inclusive growth. The creation of DICT is a road toward this direction. A forthcoming digital economy needs to have an agency that will ensure its security and protection against all kinds of risks and threats. Finally, if everyone so remembers, DICT is long overdue. It used to be the twin bill of Data Privacy Act, but look where it is today. If others have done it, why can’t we?
****
Kent Marjun Primor serves as the market research and communications specialist at the Nordic Business Council of the Philippines. For comments and inquiries, direct it to kent.primor@nbcp.com.ph.