Preserving data sovereignty with cloud computing

by AUFA MARDHIAH / pic by TMR FILE

HUAWEI Technologies (M) Sdn Bhd collaborated with MyDigital Corp and the Institute of Strategic and International Studies Malaysia in organising a webinar involving panellists from various industries to raise awareness among government agencies and the public on preserving data sovereignty while using digital technology in this digital age.

Ministry of Communications and Multimedia Secretary General Datuk Seri Mohammad Mentek (picture) said that Malaysia is doing its best to protect the nation’s digital sovereignty by introducing various policies and frameworks in order to enact controls and ensure that organisations tighten their data security.

“As of 2021, about 100 countries have some forms of existing data sovereignty laws. In Malaysia, the notion of data sovereignty is reflected in some of the existing legal and policy frameworks,” he said.

He added that under the Malaysian Communications and Multimedia Commission (MCMC), this country has the National Policy Objectives of the Communications and Multimedia Act 1998; the National Cyber Security 2006 which was introduced by the Ministry of Science, Technology and Innovation; and also, the Personal Data Protection Act 2010.

“All the policies encompass a comprehensive cross sectoral framework to protect personal data in commercial transactions and play an important role in helping companies address data sovereignty issues, while at the same time ensuring information security, network reliability and integrity, as well as secure and resilient infrastructure,” he said during the webinar yesterday.

On the other hand, MyDigital CEO Fabian Bigar noted that the threats in data security can outpace traditional approaches — hence, the need for governments to proactively create and implement systems to overcome the threats moving forward.

“One of the thrusts in the Malaysian Digital Economy Blueprint is to build a trusted, secure and ethical digital environment. Today, there is a much greater urgency for our regulatory environment to be anchored on trust and digital-native policies which reflects the world we live in,” he said.

Meanwhile, MCMC chief technology and innovation officer Shamsul Izhan Abdul Majid highly encouraged youngsters to have more questions on data sovereignty.

“These are the building blocks of putting together a society and a community that will strive to have their own answers to those questions — everybody has their own angle due to localisation and our views of where the economy is going. Hence, this would then bring the topic of data sovereignty which is still nascent to many people. Having more questions will bring the topic to the next stage,” he said.

Telekom Malaysia Bhd (TM) chief information security officer Raja Azrina Raja Othman said that TM is committed in terms of data security, data privacy and data sovereignty which requires investment and enforceability.

“Moving forward, any legislation comes into play to consider future proofing legislation which provides a platform for check and balance of maturity level and enforceability level. Because any laws or regulations need to triple down into the guideline process of enforcement technology, otherwise it’s not effective,” she said.

She also believes that carving and reviewing the developments of any legislation in this nature, and highlighted that it is important to learn from others — good things to be learned from those who have embarked on this and had gone through several challenges.

“For example, the US with the Federal Risk and Authorisation Management Programme which governed the cloud policy on government data and how they have progressed towards the US cloud act — how it actually enforces jurisdiction across borders; as well as General Data Protection Regulation initiative by the European Union, how it actually protects data through their life cycle.

“These guidelines and requirements went through several tests and trials — something we should quickly learn from so we can come out with something that fits our needs and the context of our nation,” she added.

Furthermore, she also opined that technology should not be prescriptive due to how it evolves, saying, “We do want certain control but we should not be prescriptive in terms of the solutions.”

Moreover, National Cyber Security Agency CEO Rahamzan Hashim highlighted that retaining control over data and leading with a security-first mindset must always be a priority.

“Seamless cooperation between industries and public sectors must be strengthened and treasured in order to address challenges and opportunities which are present in this new journey towards embracing the new data-driven technology and digital transformation,” he concluded.

In Malaysia, Huawei is working with TM on one of the Malaysian-owned cloud and artificial intelligence infrastructures and services to enterprises and government institutions that ensures data locality and sovereignty.

Meanwhile, Huawei industry ecosystem engagements (Asia Pacific region) director Konesh Kochhal believes that it is important to have continuous dialogue on data sovereignty in order to have rightful digital infrastructure secured and to have skilful people to preserve digital economy, which is driven by regulations, legislation and policy support across nation for data exchange.