Presnet by Dr. Tek Bahadur Ghimire, Joint

Download Report

Transcript Presnet by Dr. Tek Bahadur Ghimire, Joint

Data Protection Law and Policy Factor
Impact on Public Trust in e-Government
System in Developing Countries
Dr. Ghimire, Tek
Joint Attorney
Office of Attorney General, Nepal
ICT is an effective tool for good governance
• Maintaining good governance in a country is not
possible without effective application and sustainable
management of information and communication
technologies (ICT) in public service sector (Hazlett &
Hill, 2003).
• ICT application helps to provide time and cost effective
service, ubiquitous monitoring process and omnipresent
public service for all. Because of these services ICT
provides e-Government system has gained popularity.
• e-Government is an efficient use of information and
communication technology (ICT) by the government for
the functioning and support of its operations (Ghimire,2011)
– Facilitates interconnection between the government and its
agencies (G2G), Government and citizen(G2C) and Government
and business (G2B), (Mousavi et. al. 2008)
– Helps to reform the management of public administration
(wescott, 2003), boosts up government ability to reach to the
downtrodden people(Al-adawi 2005), strengthens citizen
participation and trust of government (info Dev, 2008)
– Improves quality of service (Teicher et. al, 2002; Moon 2002)
– Increases government efficiency and effectiveness by
streamlining the process (Andersen, 2009)
– Reduces the layers of bureaucracy and fosters transparency
(Pina et al., 2007) and accountability
– Helps revenue growth (Basu,2004) and enhances the research
capability by strengthening the digital resource management.
– Reduces corruption in several ways: it takes away discretion,
thereby curbing opportunities for arbitrary action (Bhatnagar,
– After all e-Government is imperative to maintain trustful
relationship between the government and its constituencies
• e-Government is no longer option; it is inevitable
(Patterson &Honson,2001), the question for the
governments now is not whether they are going to
provide electronic service but how and when they are
providing ?
• E-Government infrastructure comprises good
infrastructure for network and adequate legal regulatory
management including the issues of information security,
digital privacy, and the management of private and public
e-Government in Developing Countries
• Most of developing countries do have “deficient eGovernment capacity” since they fall into the poorest
groups in the world. Many of them have geographical
adversity, socio-economic as well as socio legal matching
problems (Banerjee et al.,2004).
• Nepal is one of South Asian developing countries with
“minimal e-Government capacity.” Flawed by corruption
(CIAA, 2008) political instability, (Baral & Bhurtyal, 2010)
inefficient bureaucratic practices, (time insensitive and risk
avoiding culture (Shrestha, 2009) it has been a difficult
task for the government of Nepal to transform its
administration into digital form
e-Government in Developing Countries-2
• The NID project, once completed, will provide through a single
portal multiple services like quick retrieval of information of the
citizen and will facilitate public services such as health, education,
welfare benefits, passport control, tax, voting, criminal records,
utility bills, land records, government services with a unique NID
(Adhikari, 2009).
• Developing countries generally lag behind in a modern education
system that can build robust human capital (Salman, 2004).
Insufficient knowledge can lead to misuse of the electronic
processes hindering the potential benefits of ICT use. Heavilycentralized management approach is another problem which
usually forces organizations to accept limited information security
solutions (Atiyyah, 1999).
e-Government in Developing Countries-3
• Most of the developing countries have in “deficient eGovernment capacity” since they have differences with
respect to geographical adversity, infrastructure availability
throughout their territory, socio-economic standard and
technology application managerial capacity.
• The gap between haves and have not’s is wider in developing
countries in comparison to the developed society (Basu, 2004).
• Inadequate legal framework, complex legal regulatory
procedures and absence of proper competent legal
regulation executing agencies are also the common problems
in developing countries (Kiskis & patrauskas, 2003).
Critical Success factors of e-Government
• Public trust which enhances both stakeholder’s
participation and system adoption is one of the critical
success factors for e-Government system.
• System adoption and stakeholder’s participation foster
sustainability in e-Government system. Therefore, for
effective application and sustainable management of eGovernment in developing countries, it is essential to
investigate the factors impact on cultivating public trust
in e-Government system.
• Secured seamless communication and information flow
and data management are the fundamentals of an
effective application and sustainable management of eGovernment.
Critical Success factors …..
• According to info Dev (2002), the issue of trust in eGovernment involves two aspects: privacy and security.
• Privacy is about managing personal information
transaction that the government collects about
individuals, while security is about protecting internet
technology using in e-Government service from attack,
misuse and threat of loss of data.
• In the online environment, trust is one of the
fundamentals for establishing good relationship between
service providers and the recipients (Palvia, 2009) since
information transaction over the internet has a greater
chance of uncertainty and risk (Belanger & Carter, 2008).
Critical Success factors…………
• Security and privacy protection issues are identified as supply
side barriers for effective implementation of e-Government
system (Raab, 2004)
• Reasonable assurance of not being victimized by illegal
activities during information transaction between eGovernment constituents is needed. In this regard, it is
important to obtain sufficient safeguards in order to ensure
security, data and privacy protection.
• Citizens are not likely to use e-Government service if there is
no assurance that their personal data will not be misused and
no change of unwanted secondary use will be made to it
(Lau, 2003).
Critical Success factors……..
• Trust model literatures emphasize the importance of
secured e-Government services (Tassabehji et al., 2007;
Lee and Rao, 2007). Empirical studies have found the lack
of trust as a significant barrier to the adoption of eGovernment (Cremonini and valeri, 2003).
• Therefore, comprehensive legal and regulatory framework,
client friendly procedures and strongly motivated
administration to enforce law are important preconditions
for a country’s prosperity by means of effective application
of e-Government system (Caine, 2004).
Digital Privacy
• Informational privacy can be understood as “right to be let alone,”
the right of controlling information about oneself and, conversely,
the right to prevent nonconsensual access to information about
oneself (Al-Fedaghi, 2007).
• An individual has the right to control the conditions under which
information pertaining to him is collected, used, and disseminated
(US DOC., 1995). Governments must ensure that e-Government is
preceded by changes in the legal system to protect information and
privacy in the digital age.
• Right to privacy is internationally recognized human right according
to Article 12 of the Universal Declaration of Human Rights 1948
and Article 17 of the International Covenant on Civil and Political
Rights (ICCPR).
Digital Privacy-2
• The government as a system manager has a big challenge to
protect personal privacy by obtaining various preventive and
curative measures such as security threads and assurance of
compensation for the victims and so on.
• The loss of confidence in government’s ability to protect
individual’s confidentiality has a serious consequence for
citizen’s trust and participation in e-Government
system(Mullen, 2004).
• Data Privacy related laws and regulations shall be enacted and
implemented targeting both private and public sectors.
Furthermore, government websites that collect private
information from third parties shall adopt a data privacy
policy establishing the principles by which such data is
collected, stored and used (Mohammad, 2004).
OECD Recommended Principles for
Protection of Personal Data +
• Collection Limitation Principle
– There should be limits to the collection of personal data and
any such data should be obtained by lawful and fair means and,
where appropriate, with the knowledge or consent of the data
• Data Quality Principle
– Personal data should be relevant to the purposes for which they
are to be used, and, to the extent necessary for those purposes,
should be accurate, compete and kept up-to-date.
• Purpose Specification Principle
– The purposes for which personal data are collected should be
specified not later than at the time of collection and the
subsequent use limited to the fulfillment of those purposes or
such others as are not incompatible with those purposes and as
are specified on each occasion of change of purpose.
OECD Recommended Principles for
Protection of Personal Data-2
• Use Limitation Principle
– Personal data should not be disclosed, made available or otherwise used
for purposes other than those specified in accordance with the consent
of the data subject; or by the authority of law
• Security Safeguards Principle
– Personal data should be protected by reasonable security safeguards
against such risks as loss or unauthorized access, destruction, use,
modification or disclosure of data
• Openness Principle
– There should be a general policy of openness about developments,
practices and policies with respect to personal data. Means should be
readily available of establishing the existence and nature of personal
data, and the main purposes of their use, as well as the identity and
usual residence of the data controller.
OECD Recommended Eight Principles
for Protection of Personal Data-2
• Individual Participation Principle
– An individual should have the right:(a) to obtain from the a data controller, or otherwise, confirmation
of whether or not the data controller has data relating to him; (b)
to have communicated to him, data relating to him (c) within a
reasonable time;
(d) at a charge, if any, that is not excessive( e) in a reasonable
manner; and (f) in a form that is readily intelligible to him;( g) to
be given reasons if a request made under sub-paragraphs (a) and
(b) is denied, and to be able to challenge such denial; and(h) to
challenge data relating to him and, if the challenge is successful,
to have the data erased, rectified, completed or amended
• Accountability Principle
– A data controller should be accountable for complying with
measures which give effect to the principles stated above
Data protection issue in UN e-Government
Survey 2012
• One-stop government oft en requires the adaptation of
laws to make e-government solutions legally binding
• Among the legal issues to be investigated for a successful
one-stop government are: data protection, access to
sensitive data, networking of authorities and databases,
equal opportunities, electronic signature, etc.
• A central challenge of one-stop government is the need to strengthen
confidence in data privacy and security measures, for example by
allowing citizens to verify the accuracy of personal records
Data protection issue in UN e-Government
Survey, 2012
• A central challenge of one-stop government is how the
new technology can be used not only to increase efficiency
for public administration, but also to strengthen confidence
in privacy measures by creating mutual transparency
between public administration and citizens
• For example, while secure systems are needed to impede
unauthorized access to data, such personal data must be
made accessible to a citizen who wishes to verify the use,
authenticity and accuracy of his or her own personal data.
Data protection issue in UN e-Government
Survey, 2012
• Creating a trusted framework for digital authentication
is also a crucial factor in assuring the integrity of online
and mobile financial transactions. Digital signature is
only a beginning. Concrete applications have to be
developed, and they require a lot more legal changes.
• Individual laws, governing both the operation of public
administrations and policy-specific issues, have to
institute digital signatures as an accepted way of
identification and authentication.
Right to Information vs. Right to
Privacy: Case Study
• Juki Net or Residents’ Registry Network System
(Jyuminkihondaichou) is a national ID and information
system, based on a database in Tokyo, (Japan times, 2007)
intended to link personal information consisting of the
national 11-digit ID number assigned for all Japanese citizens.
• When Japan introduced Jukinet, no agency was established for
settling privacy and information security issues. The users
were not confident that their data would be secured; therefore,
they waged a movement against providing their personal data
to the system (UNDESA, 2003).
Right to Information vs. Right to
Privacy: Case Study-2
• Finally, when the bill related to right to privacy and information
security was passed by the Japanese parliament and the agencies
were also established to execute those legal regulatory provisions
by 2006, the Jukinet adoption has increased and the system has
become successful
• Different state courts also ruled in favor of people’s right to
privacy; they were not now bound to furnish their personal data to
the system until and unless the government would address privacy
and security issues with strong and confident provision (Japan
times, 2007).
Comprehensive ETA in Singapore
• Shrivastava & Teo, (2005) claim that Singapore is the first country to
enact comprehensive legal regulatory instruments for cultivating trust in
public information system.
• Singapore’s Electronic Transactions Act (ETA) of 1998, enacted by the
parliament on 29 June 1998, is one of the earliest enactments of a cyber
act in the world that covers not only digital and electronic signatures but
also electronic records, electronic contracts and is applicable to all kinds
of electronic communications (Basu, 2004)
• The ETA addresses some of the important issues necessary for
providing a conducive cyber-related environment like commercial code
for e-commerce transactions, use of electronic applications for public
sector, liability of network service providers and provision of Public
Key Infrastructure (PKI). Reviews and reports show that Singapore has
achieved the targeted goal of e- Government adoption by assuring
reliable and trustworthy public information system by strengthening
regulatory mechanism.
PIA system in CANADA
• Canadian Government Departments have conducted privacy
impact assessment policy (PIA) in order to determine
whether privacy issues are raised by proposals for new
programs and services or by a substantial redesign of a
program or the way it is delivered to the public. It is based
on privacy principles common to all data protection régimes
• These principles are enumerated in the "Code of Fair
Information Practices." PIA takes a close look at how
government departments or e- Government administrators
protect personal information as it is collected, stored, used,
disclosed and ultimately destroyed.
PIA system in CANADA-2
• PIA provides a framework to ensure that privacy is
considered throughout the design or re-design of
programs or services. Privacy implications and risks may
arise because of the intra-institutional, inter-institutional
or cross-jurisdictional flow of personal information.
Comprehensive e-application laws in
South Korea
• From the regulatory management perspective, public
information regulation system of South Korea can be taken
as public private partnership (PPP) based regulatory
• Korean Government has paid attention to establishing a
good legal system to form the initial stage of e-Government
application by enacting Framework Act on
• Informatization promotion 1998, Electronic Signature Act
1999, Framework Act on Electronic Commerce 2000, Act on
Promotion of information and Communications Network
Utilization and Information Act 2001, Protection of
communication secrets Act 2002 and so on.
Comprehensive e-application laws in
South Korea-2
• In June 1999, the Ministry of Government Administration and
Home Affairs and the Ministry of Information and
Communication jointly established the ‘comprehensive plan for eGovernment and a more systematic framework for Korean
government service system.
• A policy has been provisioned for cyber security management
through the (ADR) committee comprising both public and private
sector for dispute settlement and promoting user involvement
opportunity (Ryou, 2006).
• Alternative dispute resolution (ADR) system was introduced as a
remedy for personal information infringement (Changbeom,
2005). Such a provision gives opportunity to the victimized
person/organization to involve them and nominate a trusted
representative in the dispute settlement committee.
Data Protection provision in German
• Data protection Act in Germany is one of the best
enactments of legal regulation to enhance citizen’s
confidence to the digital public information system.
• Personal data can only be raised, stored and used in a
restricted manner by informing the concerned individual
about the purpose and prospective use of collected
personal data (Wittkemper, 2003).
• Adhikari, G. P. (2009), Issues in National Identification Database System of
Nepal,Proceedings of the 3rd International Conference on Theory and
Practice of Electronic Governance, ICEGOV '09, vol. 322
• Andersen, T.B. (2009), E-Government as an Anti- Corruption Strategy,
Information Economics and policy Vol. 21, Issue 3, pp.201-210
• Atiyyah, H. S. (1999), Public Organizations’ Effectiveness and Its
Determinants in a Developing Country, Cross Cultural Management: An
International Journal,Vol. 6 Number 2, pp. 8-21
• Banerjee, P. and Chau P.Y.K. (2004), An Evaluative Framework for Analyzing
e-Government Convergence Capability in Developing Countries, Electronic
Government, an International Journal, Volume 1, Number1, 29-48
• Baral, R., & Bhurtyal,D. M. (2010), Nepal ICT Policy, Challenges and
Opportunity,Presented Paper in Workshop on ICT Policy in Developing
countries, University of Manchester, 25th March, 2010
• Belanger, F., & Carter. L. (2006), The effects of the Digital Divide oneGovernment: an Empirical Evaluation, Proceedings of the 39th
AnnualHawaii International Conference on System Science.
• Belanger, F., Carter, L. (2008), Trust and Risk in e-Government Adoption,
Journal of Strategic Information System, Vol. 17, Issue, 2
• Bhatnagar, S. (2004), E-Government: from Vision to Implementation: A
practical Guide with Case Studies, E-Book, available at ref=sib _rdr_dp
accessed on 12 January 2009
• Chatzidimitriou, Marios and Adamantios Koumpis (2008), Marketing Onestop E-Government Solutions: the European OneStopGov Project. IAENG
International Journal of Computer Science, 35:1, IJCS_35_1_11.(Advance
online publication: 19 February).
• Commission for the Investigation of Abuse of Authority, (CIAA), 19th
Annual Report, (2008,) Available
port.pdf accessed on 12 April, 2010
• e-Government: an Empirical Evaluation, Proceedings of the 39th
AnnualHawaii International Conference on System Science
• Ghimire, Tek Bahadur, (2011), Ph. D. dissertation on Regulatory policy factor
impact on public trust in e-Government system in Nepal, submitted to Seoul
National University, Information technology policy program, South Korea.
• Hazlett ,S.-A and Hill, F. (2003), e-Government: the Realities of Using IT
toTransform the Public Sector, Managing Service Quality, Volume 13, No. 6,
• accessed on 12
April, 2010
• Info Dev E-Government Handbook for Developing Countries (2002),
available at,16 pdf, accessed on 12 July
• Info Dev.,E-Government Toolkit and Portal, (2008), available at;
htt://, accessed on 15 December 2012
• International Review of Law, Computers & Technology, Vol.18: Number 1,
pp. 109 — 132
• Kiskis & Petrauskas, (2003), E-Governance: Two Views on Legal
Environment, Lecture Note in Computer Science, Springer Berlin/Heidelberg
available at
• Kubicek, Herbert and Martin Hagen (2000), One-Stop Government in
Europe: An Overview, University of Bremen
• lnu9dgpph14ykahf/ accessed on12 January, 2008
• Palvia, P. (2009), The Role of Trust in E-Government Relational Exchange: A
• Patterson, D., & Hanson, W. (2001), 21st Century Government: Principles for
• Pina, V., Torres,L, & Acerete,B. (2007), Are ICTs Promoting Government
Accountability? A Comparative Analysis of e-Governance Developments in
19 OCED Countries, Critical Perspective on Accounting Vol.18, Issue 5,pp.
• Services: Key Questions and Solutions Analyzed through 40 Case Studies
Collected in Europe, École des Hautes Études Commerciales de Busson,
Alain and Alain Keravel (2005), Interoperable Government Providing Paris
• Sethi, Neerja and Vijay Sethi. E-Government Implementation: A Case Study
of Dubai E-Government, E-Government in Practice.
• Shrestha, H. P. (2009), The evils of the Nepalese Bureaucracy, American
Chronicle, News article published on 12 January, 2009, available at
• Moon, M.J. (2002), The Evolution of e-Government Among Municipality:
Rhetoric or Reality? Public administration review, 62, (4), 422-433
• Mousavi, S. A., Pimenidis,E., & Jahankhani,H., (2008), Cultivating Trust- an
Electronic –government Development Model for Addressing the Needs of
Developing Countries, International Journal of Electronic Security and
Digital Forensics, Vol,1,NO.3,ppSolms R. V. (1999), Information Security
Management: Why Standards are
• Teicher F., Hughes.O. and Dow N. (2002), E-Government: A New Route
toPublic Sector Managing Service Quality, Volume 12, No 6, pp. 384-393
• Transformation Government Technology, Available at
• Unified Model, Information and Management, Vol. 46, Issue 4, pp 213-220
• Wescott, C., Pizarro, M., & Schiavo-Campo, S. (2001), The Role of
Information and Communication Technology in Improving Public
Administration, Book chapter, available
.pdf accessed on 25 October 2009.
• Wescott, C.G. (2003), E-Government and the Applications of Technology to
Government Service, Working Paper of Pacific Basin Research Center,
available at
accessed on 26 Nov 2009
Thank You Very Much for Your
Kind Attention and Interactive
[email protected]