Time is Ripe for ASEAN’s Cloud-First Policy

By Desarack Teso | April 29, 2021, 1.30PM

Photo by Clint Patterson on unsplash

The time is ripe for Member States of the Association of Southeast Asian Nations (ASEAN) to take initiative to promote the adoption of cloud computing in the public sector. Just as the current unprecedented time requires more digital innovation, creative policymaking is required as well.

The Framework on Digital Data Governance that was agreed to in 2018 could be a potential platform. Under this framework, the Member States approved the Data Management Framework (DMF) and the Model Contractual Clauses for Cross Border Data Flows (MCCs)  in January 2021. This came on the heels of ASEAN’s signing of the Regional Comprehensive Economic Partnership Agreement (RCEP) with major economies – Australia, China, Japan, Korea and New Zealand – in November 2020.

These multilateral instruments will no doubt help to facilitate cross border data flow and promote data protection, but they do not apply to the public sector.

RCEP Agreement

Chapter 12 on Electronic Commerce commits the signatories not only to promote cross-border data flow, but also to refrain from requiring computing facilities (e.g., servers, data centers) to be located locally as a condition to conduct business in its territory. However, these commitments do not apply to a “financial institution” or a “public entity.”

Data Management Framework

The DMF, which was previously called the ASEAN Data Classification Framework, recognizes that companies need to develop data governance structure and appropriate data protection safeguards based on the purpose of data use throughout the data lifecycle (e.g., data in transit, data at rest). The DMF sets out voluntary and practical guidance for private sector businesses operating in ASEAN to enable them to build their own policies and procedures using a risk-based data management methodology.\

Model Contractual Clauses for Cross Border Data Flows

The MCCs are voluntary, baseline contractual terms and conditions that may be included in a binding commercial contract between businesses that are transferring personal data to each other across borders. Similar to the EU GDPR’s standard contractual clauses (SCCs) concept, the MCCs could potentially provide a legal basis for the cross-border transfer of data within ASEAN. The ASEAN MCCs provide two modules based upon the nature of the relationships (i.e., Controller-to-Processor Transfer, Controller-to-Controller).

Time is Now for Cloud-First Policy for Public Sector

RCEP, DMF and MCCs provide a great starting point to enhance trust and confidence for private sector companies to use cloud and digital technologies to ensure business and operation continuity amidst the current global pandemic, as well as to avail themselves of new innovation and business opportunities in the post-pandemic era.

As for the public sector, ASEAN Member States such as Malaysia, the Philippines and Singapore that adopted variations of a cloud-first policy and/or strategy before the pandemic should find themselves in a better position to ensure the continuity of government operations and service delivery to their citizens. The Philippines, which was the first Member State to adopt a cloud-first policy in 2017 (and later amended in 2020 in response to the pandemic), requires public sector organizations to adopt cloud computing as the preferred ICT deployment strategy unless they can present “adequate, reasonable and well-reasoned justifications” against the cloud option.

At the ASEAN Leaders’ Meeting held on 24 April 2021, the Member States expressed commitment to support the timely realization of the region’s 2021 deliverables around three strategic priorities of Recovery, Digitization and Sustainability. The time has never been more ripe for ASEAN leaders to initiate a meaningful discussion on a cloud-first policy as one deliverable to advance each of these priorities.

Posted in

Related Articles

Vietnam: Digitization is helping sustain tourism

By Nga Dao | September 20, 2021, 2.00pm Photo by Ammie Ngo on Unsplash With an annual average growth rate of 22.7% during 2015-2019, Vietnam was one of the ten countries in the world with the fastest-growing tourism industry. In 2019, the nation recorded an all-time high of 18 million of foreign tourists, ranking fourth in the ASEAN […]

COVID-19 accelerates digital transformation of agriculture in Vietnam

By Nga Dao | August 20, 2021, 11.00am Photo by Dan Meyers on Unsplash Bac Giang, Vietnam’s lychee growing hub, was one of the provinces worst hit by the fourth wave of the COVID-19 pandemic which broke out in Vietnam in late April this year. In late May, when around 1,500 cases of COVID-19 were […]

Cybersecurity in healthcare: The evolving landscape of threats and regulations in Asia and beyond

By Aarthi Raghavan | July 30, 2021, 11.00am Photo by National Cancer Institute on Unsplash The global healthcare sector is witnessing a rise in cyber threats. At a time when hospitals are stretched due to the COVID-19 pandemic, and resources – both human and financial – are running thin, many organizations are ill-prepared for cyberattacks […]