Over on The Register I’ve been following quite closely the carve up of Myamar (Burma) by international technology giants.
This deceptively massive country bordering China, Thailand, India and Laos, has of course only recently opened its doors to the global community after decades of self-imposed exile thanks to rule by a military junta.
So Myanmar not only offers tech firms a market of 60 million+ users to tap, but also offers rich business opportunities for infrastructure providers and could even serve as an outsourcing destination in the years to come.
An IDC report from last year, Myanmar ICT Market 2012–2016 Forecast and Analysis, predicts 15 per cent year-on-year growth in IT spending in 2012, with the market to reach $268.45m (£172.9m) by 2016.
One of the biggest opportunities lies in the telecoms space where global operators have been eyeing up the two licenses set to be awarded this month. However, the decision – due to take place today – was postponed at the last minute until lawmakers pass a new telecommunications law, still be being drafted.
It emerged that an emergency statement was submitted by a telecoms committee urging lawmakers to favour local joint ventures over global bids.
Whether this ends up scuppering the ambitions of France Telecom, Qatar Telecom, Singtel, Telenor and others remains to be seen, but it must be said that some operators are walking a fine line in getting stuck into the country before human rights concerns have been fully allayed.
Human Rights Watch, for example, has been lobbying telcos to boycott the country until legislation is passed which does better to outlaw things like mass surveillance and hardline censorship.
In fact, Vodafone and China Mobile withdrew their joint bid last month, in what some think was a decision influenced by Myanmar’s current failure to protect online freedoms.
John Morrison executive director of the Institute for Human Rights and Business (IHRB), told me that if nothing else, the recent NSA debacle has shown that even in western democracies, telcos are vulnerable to mass surveillance requests from governments.
“Given Myanmar’s human rights record it is all the more important that the companies that secure the license to operate in the country do so in a way that respects privacy and free expression,” he added.
“As Myanmar continues political and economic reforms, it should work towards making telecommunications technology a tool for advancing human rights, including guarding against hate speech that incites violence.”
Time will tell whether Myanmar can make a stable transition from repressive hermit state to 21st century Asian tiger, but if it does, technology will be a major driving force.
I don’t often cover India’s outsourcing market but an interesting piece of news emerged this week when local media reported that the EU has found some notable gaps in the country’s data protection legislation which could scupper a major trade agreement between the two.
Basically the two have been trying to thrash out the Broad-based Trade and Investment Agreement since 2006.
The idea is that India opens up more of its vast market for EU firms and vice versa, but with one of India’s biggest industries in Business Process Outsourcing, a key demand from that side was that the country be recognised as a “data secure destination” by Europe.
According to the Data Security Council of India (DSCI), this single accreditation could propel outsourcing revenues from European customers from $20bn to $50bn in no time at all.
Sadly for India, the EU Justice Department decided to launch a consultation on India’s data security credentials and now the mutterings are it doesn’t like what it sees.
Any further delays which require legislative amendments could take years – not exactly what IT services giants like Infosys, Mahindra and Unisys want.
However, Forrester security analyst Manatosh Das told me all may not be quite as bad as it seems.
For starters, he said, India is taking information security a lot more seriously nowadays since recent high profile cyber attacks.
With the proposed electronic surveillance Central Monitoring System, the country is apparently planning for stringent privacy laws, while the DSCI, set up by Nasscom, has a strict remit to monitor data security and privacy in the IT and BPO industries, he said.
“I really don’t think in the current scenario outsourcing will take a back seat,” Das added.
“Private organisations in India follow international security frameworks like ISO 27001, PCI DSS, SOX, HIPAA. They have strong contractual agreements with their clients. Clients have the right to audit the vendors as per the agreement.”
However, he did admit that the IT Amendment Act 2008 lacks enforcement and needs amending again to “remove ambiguity” and create specific exceptions.
As a side note, I’m sure the recent “landmark” agreement between the UK and India on data security will also help reassure European customers considering offloading some services to Indian firms.
As always though, rigorous planning and due diligence and early involvement from the IT department should be a given to prevent any unexpected outsourcing problems down the line.
Just a short post this week because it has quite frankly been a quiet week apart from one massive story that has dominated the headlines worldwide, except quite notably mainland China: PRISM and the IT whistle-blower Edward Snowden.
By far and away the most balanced most informative and least hyperventerlatingly hyperbolic piece was over at El Reg, where Duncan Campbell picked through the actual facts about PRISM so far to conclude that, actually, most of it is legal and definitely not tyrannical.
My key observations from his piece are as follows:
- Prism is nothing compared to the powers the UK government was asking for in its draft Communications Bill – now shelved for the time being. It is also pretty similar to what goes on in police offices and other agencies all over the country where officers act on RIPA requests to collect comms data.
- The NSA has numerous other similar schemes including direct Deep Packet Inspection, which have been going on in the background and arguably are more intrusive on personal freedoms.
- The scheme costs around $20m year and as such is definitely small fry in terms of the extent and type of surveillance involved. NSA’s overall budget is an estimated $10 BILLION.
- The number of requests disclosed by Microsoft, Google et al via PRISM are even far lower than the government requests they’ve disclosed not associated with the scheme
- Where Microsoft is concerned, at least, most requests (2%) were for non-content data – ie just account details but not the content of messages. I imagine the same is true of other web service providers.
- These providers may have said they didn’t known about PRISM because it is just an internal codename used by NSA.
What people should REALLY be worried about here is not PRISM per se but the other Guardian scoop – that Verizon was issued with a secret warrant “requiring wholesale delivery of all call data records from their entire system”. That and the doubtless other similar requests which other comms providers have been issued with are more insidious and certainly warrantless compared with PRISM.
It’ll be interesting to see whether the future “scoops” which The Guardian promises will focus on these. I for one would be interested to see whether UK operators have been subject to similar orders from GCHQ.