KICIS joined Korea University’s Cyber Law Center in hosting a conference in Tokyo from May 29-31 on the implications for policy of two new and disruptive technologies: Cloud Computing and Big Data. The conference featured presentations from government officials, corporate executives and scholars from around the Asia Pacific region.
Key Takeaways and Topics for Future Research:
Traditional market structures and practices are giving way to the emergence of a new space between the public and the private, where information is shared under defined conditions. Delineating and defending this space needs to a new focus of our research. Success will require a 360 degree approach to the problem, i.e. the service provider and the consumer have a common interest with respect to privacy and security. We also need to understand how to use better the very technologies, e.g. big data, which are driving these changes, to help us manage and solve privacy and security challenges.
Japan is currently considering introduction of a data protection law and a key consideration is how it will be enforced. The US and the EU have significantly different approaches to data protection, but at the same time have a strong independent authority to both define and enforce privacy law in the EU and voluntary industry “codes of conduct” in the US. So far creating an independent enforcement mechanism has proven difficult in Japan. The lack of a central authority and an established dispute settlement mechanism also hinders international cooperation in this area.
A question that needs further research is whether privacy might be treated as a “trade” issue under the WTO or does it require a different institutional setting and process? These issues need to be addressed urgently in the light of the rapid growth of the technology and its penetration into all aspects of our lives, including the education of our children. Research is showing that consumers are increasingly concerned about the exploitation of their personal privacy for commercial reasons. Since “trust” is the clue that holds together the Internet, this concern is fundamental to its future.
Japan still has to do some significant institutional development to strengthen its regulatory framework in the ICT area and to develop strong central direction over its ICT policies. Korea has completed much of this reform, with the recent creation of the Ministry for Science, ICT and Future Planning (MSIP) and with the adoption of a strong privacy framework.
Korea’s focus is therefore appropriately on next tier issues, such as promotion of the software industry and developing a stronger voice on international Internet governance concerns. The government’s commitment to 90 percent penetration of 1 giga service by 2017 is symbolic of the determination by Korea’s government to nurture a strong Internet economy domestically. The investment in cyber security opens a potential area for collaboration with Japan and the US, which are strong security partners of Korea, as well as opening up export opportunities for Seoul.
The increasingly problematic environment with respect to cyber security and the mounting urgency of the threat are issues that will only grow in the new era of cloud computing and big data. Both governments appear to be taking the right steps from a technical and organizational standpoint and in promoting public education awareness. There also is recognition that international cooperation and harmonization is essential – no country can manage this threat alone.
One goal for this conference was to increase dialogue on security between professionals in the field and academic experts. Clearly, the exchange of information needs to be continued and deepened. One issue that requires follow up is where the appropriate points of contact are within and without the two governments on cyber security so that counterpart relationships can be identified and secure channels for the exchange of information created. US cooperation with its European allies through NATO may offer some instructive examples for Asia and should be a topic for future research and discussion.
There is no one path to dealing with the privacy issues associated with the cloud and big data, despite the recent spurt of legislation in a number of key Asian countries. Differing political cultures, political systems and histories are important intervening variables. Probably an important first step is for Asia to develop a set of indices that might present the start of a common vocabulary in talking about the cloud and its potential. Researchers need to develop a more detailed taxonomy of privacy regulations and laws in the region to discern areas of significant convergence and divergence among Asian nations. In this context, universities could play a potentially catalytic role in working with and between governments and the private sector to nurture a common framework for the cloud and its companion, big data, in the Asia region.