What were the main digital policy regional updates in Asia? This space brings you the main updates month by month, summarised by the observatory's curators.
Follow the GIP's April briefing on Internet governance, which will include updates from the Asian region during April. Register to attend.
5 Mar 2019 |
Facebook is bringing its new digital literacy programme to Singapore first. It aims to train 1 million people in Asia Pacific to think critically and share thoughtfully online by 2020.
According to Facebook, the We Think Digital initiative is an online education portal with interactive tutorials covering a number of topics such as: privacy, safety, security, digital discourse, and knowing your digital footprint.
There are four modules that have been developed by experts from the region, these include: What is the Internet?; Your digital footprint; Be a critical thinker; and, You as a digital citizen.
Singapore will be the first country in Asia Pacific to run the programme, before it is rolled out to other regional markets like the Philippines, Thailand, Indonesia, Vietnam and Taiwan.
14 Mar 2019 |
A few weeks before the first democratic election in five years, Thailand passed a cybersecurity law. The law, approved by National Legislative Assembly (NLA), grants the government the power to collect data on Internet users in the country and to monitor their behaviour. The law grants the government power to access citizen online data - if deemed necessary to ensure cybersecurity. Officials still need approval from a court in order to access user data, except in the case of ‘critical’ cyber-threats. In case of a critical threat, the government has the power to conduct real-time surveillance of all Internet users. Officials are permitted to seize computers and search the network.
This regulation has received negative feedback from private companies and civil society. The Asia Internet Coalition said that the Cybersecurity Act would give the regime sweeping powers to monitor online traffic in the name of ‘emergency’ or as a preventive measure, potentially compromising private and corporate data. Kanatahip Thongraweewong, Director of Digital Media Law Institute at Kasembandit Univertisty, said that the scope of the law is so broad, it is like ‘Big Brother’.
The Ministry of Digital Economy and Society replied by saying that they will make sure that they do not allow for any violation of individuals’ rights and or arbitrary use of power. ‘The law will not be used to regulate social media or computers or devices belonging to the people’ said Ajarin Pattanapanchai, from the Ministry.
16 Mar 2019 |
Vietnam’s new cybersecurity law that took effect on 1 January has started to be implemented. It has blocked access to a game from Google’s app store in which a player can battle characters named after the country’s political figures.
16 Mar 2019 |
Tran Duc Anh Son, a prominent Vietnamese historian who criticised the government for not doing more to challenge Beijing’s territorial claims in the South China Sea, has been ousted from Vietnam’s ruling Communist Party over comments he made on Facebook. Vietnam’s state run news media reported in early March that Son was expelled for posting false information and violating the code that governs party members’ behaviour. He closed his Facebook account this month, saying that he needed more time to work on book projects and transition to a new job as the director of a publishing house.
25 Mar 2019 |
The government of Indonesia released the draft of their personal data protection regulation in February. The Asia Internet Coalition and the Industry Association of Internet and Technology submitted feedback. The three main points in the feedback submitted on 18 March 2019 are: (1) The potential of an extra-territorial effect because this draft law applies to entities inside and outside Indonesia, (2) Unclear distribution of responsibilities between parties involved, and (3) Impractical data subject rights to implement.
Asia Internet Coalition (AIC) members in Asia Pacific are AirBnB, Amazon, Apple, Expedia Group, Facebook, Google, LinkedIn, Line, Rakuten, Twitter, Yahoo (Oath), and Booking.com.
25 Mar 2019 |
BukaLapak, one of the leading e-commerce platforms in Indonesia, has confirmed the rumours of a hacking attempt on the data of its 13 million customers. However, BukaLapak assured its customers that their data was safe, meaning that passwords, personal and financial information was safe. In their statement, Bukalapak said that it will continue to improve its security mechanisms, which have managed to safeguard the essential data, at least for the time being.
The identity of alleged Bukalapak hacker has not yet been revealed while linuxsec.org states that the hacking attempt originated from Pakistan under the code name: Gnosticplayers.
4 Feb 2019 |
The Bangladeshi government has filed a lawsuit in the US District Court in the Southern District of New York against Philippine bankers who conspired with North Korean hackers to steal US$81 million from Bangladesh’s central bank. In 2016, the Central Bank of Bangladesh held funds at the US Federal Reserve Bank in New York, which were fraudulently transferred to Rizal Commercial Banking Corp. (RCBC) in the Philippines by hackers. The cyber-heist included eight RCBC officers who conspired with casino operators, Chinese citizens, and the hackers who are believed to be North Korean. The court in this case will have to deal with multiple questions of jurisdiction since it is a multinational cybercrime.
12 Feb 2019 |
The Competition Commission of India has been reviewing a case over Google’s market dominance for the past six months. The case is similar to the case Google faced in the EU in 2018 over its Android platform. As reported by Reuters, Google executives have met Indian antitrust officials at least once in recent months to discuss the complaint filed by a group of individuals.
14 Feb 2019 |
The Indian government proposed to amend the rules governing intermediary liability protections, and invited comments on the draft ' Information Technology [Intermediary Guidelines (Amendment) Rules] 2018'. Some of the proposed changes in the draft rules include: traceability of originator of information; establishing an office or appointment of nodal officer in India; deployment of automated tools for proactively identifying and disabling unlawful content. Concerns have been raised that the proposed changes could erode the safe harbour protection for intermediaries, as per the Information Technology Act from 2000; affecting the fundamental rights of free speech and privacy of individuals, also breaking encryption.
18 Feb 2019 |
The Sri Lankan State Minister of Home Affairs J.C. Alawathuwala announced that under the universal identity card scheme, Sri Lanka will be introducing an electronic identity card (eID) and an electronic passport (ePassport) for citizens this year. He also mentioned that the eID will be combined with driving licenses, issued in collaboration with the Department of Registration of Persons.
19 Feb 2019 |
The Korea Communications Standards Commission (KCSC) has obligated all Internet service providers (ISPs) in Korea to filter all server name indication (SNI) requests, a process that provides access to an unencrypted list of all websites visited from within South Korea. Previously KCSC used the domain name system (DNS) filtering process to search the domains users were trying to visit, compare them to blacklisted sites, and redirect them to the warning site if needed. However, as this process of filtering did not work for HTTPS websites, KCSC introduced the SNI filtering process.
20 Feb 2019 |
A draft legislation by the Nepal government proposing to impose penalties for 'improper' social media posts has raised concerns regarding freedom of speech and stifling dissent. Any posts that are deemed defamatory or against the nation can be punished with up to five years in jail and a fine of 1.5 million Nepalese rupees. The government can also instruct social media sites to take down posts, failure to do so could attract a three-year jail sentence and a fine of 30 000 Nepalese rupees. The legislation will also give the government the power to block social media platforms unless they register in Nepal.
1 Jan 2019 |
The implementation of the Law on Cyber Security in Vietnam started on 1 January 2019. According to the online newspaper of the government, the Law on Cyber Security protects national security and ensures social order and safety in cyberspace, and the responsibility of agencies, organisations, and individuals.
The 7 chapters and 43 articles of the law oblige Internet companies to store their data locally and hand over the data to the government upon request, without a warrant.(link) The law also requires Internet companies to remove information that is deemed to be against the government.
In his New Year's Day speech, Vietnamese Prime Minister Nguyen Xuan Phuc said, that ‘Mass communication efforts must be stepped up to create “social consensus” and those abusing the freedom of information and free speech, causing harm to the interests of the state and citizens would receive appropriate punishments.’
Human Rights Watch (HRW) has called on the communist authorities to revise the law and postpone its implementation. Phil Robertson, Deputy Asia Director of HRW said that this law is designed to further enable the Ministry of Public Security's pervasive surveillance to spot critics, and to deepen the Communist Party's monopoly on power. The law comes into force a week after Vietnam's Association of Journalists announced a new code of conduct on the use of social media by its members, forbidding reporters to post news, picture and comments that ‘run counter to’ the state.
11 Jan 2019 |
The Fairness, Accountability, Transparency (FAT)/Asia conference was held at Digital Hub Asia, in partnership with the Ethics and Governance of Artificial Intelligence Initiative and Konrad Adenauer Stiftung. Digital Hub Asia itself is an organisation conceived by the Berkman Klein Centre at Harvard University based in Hong Kong.
The conference was held to address the lack of discussion on artificial intelligence (AI) and its implications in the region. Some of the main questions being considered were on biases in AI and how to ensure its transparency and accountability. The conference also discussed geopolitics and the political economy dimensions in AI development.
Among some developments in Asia, a paper by Vidushi Marda about the limitations of data driven technologies was mentioned as well as some of her recommended approaches.
21 Jan 2019 |
WhatsApp has limited the number of forwarded message in Indonesia, starting on 21 January 2019. This was announced right after a meeting between Rudiantara, the minister of communication and informatics and Victoria Grand, vice president public policy and communications at WhatsApp.
The main objective of this limitation is to curb the spreading of fake media and disinformation. Moreover, Indonesia will hold its national election in April this year, therefore political content is highly sensitive.
Facebook and its subsidiary WhatsApp have promised to get tougher on ‘fake news’ ahead of key elections in Asia. The new policies start in India, which goes to the polls in April and May – and is Facebook’s biggest national market outside the United States. The company announced that it is looking into doing the same in other Asian nations, such as Australia, India, Indonesia, the Philippines and Thailand and taking into account different threats and local laws.
22 Jan 2019 |
‘Thailand will become a full-fledged broadband nation by the end of 2019 by providing Internet access to an additional 50 000 villages this year,’ said Pichet Durongkaveroj, minister of digital economy and society, during the Asean Digital Infrastructure seminar.(link)
The seminar was organised by the Asean Business Advisory Council (Asean BAC) – Thailand, in co-operation with the Joint Standing Committee on Commerce, Industry and Banking (JSCCIB) and discussed the biggest hurdle in implementing industry 4.0 in the Asean. ‘For example, there is limited broadband access in the rural areas, especially in countries with a vast population such as Thailand, Indonesia and the Philippines, where Internet connectivity remains relatively poor’, said Arin Jira, chairman of Asean BAC.
Arin stressed the importance of having an adequate digital infrastructure so that business opportunities via e-commerce, international trade, and e-payments can be capitalised on throughout the region.
7 Dec 2018 |
Australia has passed the controversial Assistance and Access Bill, designed to compel technology companies to allow law enforcement agencies access to encrypted messages. According to the Guardian, the law intends to ‘co-opt technology companies, device manufacturers and service providers into building the functionality needed for police to do their spying’ and ‘give to Australian agencies the ability to install key logging software to enable them to see, keystroke by keystroke, what users type into a message’. The law was adopted despite strong criticism from civil society organisations and leading tech companies, such as Apple, Cisco, Mozilla, Google, and Facebook.
12 Dec 2018 |
The government of Australia has introduced the new Universal Service Guarantee (USG) which is an update of the long existing Universal Service Obligation (USO). The USG has the primary aim of ensuring that all Australians have access to broadband services. The USG assures all Australian homes and businesses of the government's commitment to provide them with access to broadband and voice services regardless of their locations. The USG will leverage Australia’s National Broadband Network and the expanded mobile coverage services under the Mobile Black Spot Programme to fulfil this objective.
18 Dec 2018 |
China has published a policy paper on possible measures to enhance the China-EU Comprehensive Strategic Partnership and promote greater development of China-EU relations. The paper addresses issues related to the co-operation in political, security and defence fields that include the 'good use of the China-EU Cyber Taskforce, jointly advocate a community with a shared future in cyberspace, promote norms for responsible state behaviour in cyberspace under the UN framework, and advance the reform of the global Internet governance system for a peaceful, secure, open, co-operative and orderly cyberspace.' Additionally, the paper tackles the co-operation in scientific research, innovation, emerging industries, and sustainable development through 'Digital China' and the EU Digital Single Market where exchanges and co-operation between China and the EU are further required. It also refers to the EU General Data Protection Regulation (GDPR) hoping that its implementation will not affect normal business interactions between the two sides. According to the paper, co-operation on data protection between China and the EU will continue to protect personal information and the legitimate rights of citizens.
21 Dec 2018 |
Officials from Australia, Canada, New Zealand, the United Kingdom, and the United States are blaming China for the cyber-attacks against organisations that were launched by a group called APT10. They have all issued statements condemning China, and specifically its Ministry of State Security (MSS), for sponsoring the APT10 attacks.
According to the authorities, the victims of this operation included a global financial institution, three companies involved in commercial or industrial manufacturing, three telecommunications and consumer electronics firms, a healthcare company, an automotive supplier, a drilling company, a biotechnology company and two consulting companies. While the Justice Department has not named any of the victims, Reuters reported that the list includes HPE and IBM.
21 Dec 2018 |
The Government Technology Agency of Singapore (GovTech) and the Cyber Security Agency of Singapore along with HackerOne, a hacker-powered security platform, will be organising the second Bug Bounty Initiative. This initiative will offer a select group of local bug bounty hackers a monetary reward for reporting valid vulnerabilities in public- facing government systems so that they can be safely resolved inorder to keep the systems secure.
22 Dec 2018 |
China launched their first communication satellite aimed to provide broadband Internet services worldwide, especially in under served regions. This is part of the Hongyun project planned by the China Aerospace Science and Industry Corp (CASIC). 'After a year long in-orbit technological demonstration by the satellite, CASIC plans to launch four mass-production Hongyun satellites before the end of 2020 to form a small network for Hongyun's trial run', the Daily quoted Xiang as saying.
10 Nov 2018 |
The report, Freedom on the Net 2018: The Rise of Digital Authoritarianism, published on 1 November 2018 shows that this year, Asia is leading the world in intentional Internet disruptions, egregious criminal penalties for online activities, and violence triggered by online disinformation. Score improvements in Asia were difficult to obtain as authorities in China actively propagated their techno-dystopian model both at home and abroad.
The Philippines went from the status ‘Free’ to ‘Partly Free’ as content manipulation and cyber-attacks threatened to distort online information, while Bangladesh and Thailand both saw some improvements.
During the ASEAN Summit in November 2018 in Singapore, Southeast Asian ministers signed a landmark pact, The ASEAN Agreement on Electronic Commerce, to create a conducive environment for e-commerce in the ASEAN region. This pact seeks to strengthen trust and confidence in online transactions and help state members seize opportunities to grow their economies.
(i) Facilitate cross-border e-commerce transactions;
(ii) Contribute to creating an environment of trust and confidence in the use of e-Commerce; and
(iii) Deepen co-operation among ASEAN Member States to further develop and intensify.
12 Nov 2018 |
A rising tide of nationalism in India is driving ordinary citizens to spread fake news, according to BBC research. The results of the research, published on 12 November 2018, are based on the BBC’s extensive access to the phones of the participants over a seven-day period, allowing the researchers to examine the kinds of material they shared, whom they shared it with and how often.
The research showed that facts were less important to some than the emotional desire to bolster national identity. Social media analysis suggested that right-wing networks are much more organised than on the left, pushing nationalistic fake stories further.
15 Nov 2018 |
An Asia-Pacific Regional Bureau initiative, the Internet Society Survey on Policy Issues in Asia-Pacific conducted from 1 June - 3 August 2018, answered by 951 Internet users across 22 Asia-Pacific economies, examines how consumers in the region perceive and deal with Internet of Things (IoT) security and privacy risks. The key findings are that many of the users already have IoT devices and plan to purchase more. Users are aware of the privacy and security risks that come with IoT devices, but at the same time, have limited capacity in protecting themselves. They want to be informed and have more control over their security and privacy, and believe that governments should ensure that necessary measures are in place.
19 Nov 2018 |
The annual Asia-Pacific Economic Cooperation (APEC), held in Papua New Guinea, ended without any statements being issued. This is the first time that APEC has issued no formal written statement since the leaders in Asia-Pacific started the meeting in 1993. The Prime Minister of Papua New Guinea, Peter O’Neill, blamed US and China for the discord. US Vice President, Mike Pence, warned nations against taking China’s massive Belt-and-Road infrastructure programme, which sees Beijing offer money to poorer countries for construction and development projects. While Chinese President Xi Jinping said that implementing tariffs and breaking US supply chains was ‘short-sighted’ and ‘doomed to failure’.