The DICT of the Philippines

Republic Act 10844 of 2015 established the Department of Information and Communications Technology under the Executive Branch of Government (RA 10844). It provided the necessary legal basis for the mandate, creation, structure, operations and scope of the Department. Public consultations for finalizing the Implementing Rules and Regulations (IRR) are being conducted (draft IRR).

The presence and enforcement of the DICT Law implies that the Philippines sees ICT as an important contributor to nation building (RA 10844 Sec 2a). The DICT is also tasked to harmonize the overall IT direction for the country, which has been fragmented and uncoordinated within the IT industry for both private and public sectors. The DICT is also tasked to reduce the “digital divide” where certain segments of the population must be given easier access to information and the internet.

Given the comprehensive scope of the DICT, I would argue that the immediate action steps for the newly created Department is to study the current ICT situation in the Philippines before planning any reform projects. It would need to have baseline data  on ICT literacy and access to basic communication infrastructure per barangay. The Department would need to consolidate all information, assets and human resources from absorbed agencies and ensure that the necessary competencies are filled. Furthermore, the Department must also ensure that it must have a good planning and research division that would be updated with new trends in the IT industry.

One important but unnoticed benefit of DICT is its role in reducing graft and corruption across the government. The DICT is now in the best position to recommend standards for platform, automation and process enhancements for government related transactions through the aid of ICT solutions. Per the IRR, the Department is also part of the Government Procurement Policy Board (GPPB) where it will have a say on ensuring that the technical specifications for ICT projects are indeed advantageous to the government.

Since the Department is still on its infancy stage, I am optimistic that the DICT will bring the needed ICT reforms within the government and in the Philippines as a whole.

Big Data Use Cases for Agriculture

The pervasiveness of data and information across businesses and industries can be used as leverage for overall competitive advantage. These data sets provide a wide array of insights on how businesses operate, reveal patterns and predict trends as input to decision making. Big data concepts, tools and techniques evolved in such a way that its applicability is no longer confined to the IT industry.

In the case of agriculture, Big Data is now acknowledged as one enabler of food security worldwide (article). Specifically, it can provide useful insights for farmers, corporations and governments on maximizing returns while at the same time minimizing the operating costs and inherent risks in the agriculture sector. Listed below are some of the broad use cases of Big Data Analytics in agriculture, specifically for farming:

Crop yield factors – Usually done with historical data, we can analyze and link the specific factors that contribute to the level of production for a given crop cycle. Analysis often include weather and temperature patterns, soil content, water availability, seed quality and resistance to weather changes and pests. Using these insights would help farmers to to redirect their resources and attention to factors that positively contribute to increases in crop yields.

High risk disaster areas and crop survivability – Big data tools and techniques can determine the survivability rate of crops in high risk disaster areas, like the Philippines. This type of analysis allows macro-level agriculture planners to assign appropriate crops to disaster areas. This would effectively minimize crop spoilage even after a significant disaster happens.

Land use and irrigation planning – Typically, water is sourced from an elevated area and flows downstream to low-lying flood plains and estuaries. Irrigation planning is often challenged with low volume water source or are often too far away from farms. GIS tools may be used to plan and contour the water flow into agricultural lands. These tools are also used to properly zone agricultural, industrial and residential lands and avoid cross contamination between these zones.

Farm produce logistics – Big data tools may also be used to find out the most cost efficient way of transporting farm produce to consumers. Typical inquiries on this problem focus on supply chain analysis and construction of path optimized road networks to link farms and markets.

Market prices and consumer profiling – Analyzing market prices and consumer behavior can be used to effectively plan the supply of produce based on historical demand data. This type of analysis allows farmers and corporations to arrive at a competitive market price while maximizing profits. Analysis of consumers may also give insights on which niche market segments can be specifically targeted for specific agricultural products.

Disrupting the Music Industry’s Distribution Channels

Although cassette tapes and compact discs ruled the music industry in the 1990’s, improvements in personal computing and digital storage in the latter part of that same decade resulted to the rise of the digital audio file. Compared to an analog audio file, digital audio files are better compressed with minimal and tolerable loss of audio quality. Because of this key characteristic, digital audio files gained mainstream popularity mostly due to its portability and its independence from physical music players.

Personal Computers at the end of the 1990’s started to connect to the internet. Because of the sudden increase of interconnected computers, FTP-based and Peer-to-Peer (P2P) File Sharing became the best alternative to physically sharing data through magnetic drives and CDs. Since the digital audio file is mostly stored in personal computers, these files were one of the most shared files through the internet (article).

One software that popularized the sharing of digital audio files in the late 90’s is Napster. The software allowed users to link a catalog of digital audio files and have it accessible and shared to other Napster users online. Unfortunately, the software also allowed the sharing of copyrighted content often resulting to copyright violations. This system of sharing files caught the attention of Metallica, a heavy metal band based in California, and the band found out that all of their music can be downloaded for free in Napster (article). The band took the issue to court and argued that the band did not give consent to have their music uploaded to Napster. In its defense, Napster argued that software does not contain any digital files, but instead just metadata referencing to the users who made the files available. Given the merits of the case, the court compelled Napster to remove all of Metallica’s music from the catalog together with fines for damages.

Although Napster lost the case, it proved that digital audio files is the new direction for the entire music industry. To an extent, the industry was able to adapt and revise its business model in order to remain profitable amidst the reality of widespread digital piracy brought by file sharing networks. The industry also benefited from the significant increase of internet speed where streaming of audio services became feasible today. The industry also greatly benefited from strategic partnerships with technology providers to develop new channels for consumers to access music regardless of platform or device.

Laws Governing E-Health in the Philippines

According to the World Health Organization (WHO), E-Health is the transfer of health resources and health care by electronic means (article). E-Health has three main areas: (i) delivery of health information for health professionals and heath consumers through the internet and telecommunications; (ii) using the power of IT and e-commerce to improve public health services and (iii) the use of e-commerce and e-business practices in health systems management (WHO). Furthermore, effective e-Health implementation is when the right health information is provided to the right person at the right place and time in a secure, electronic form to optimize the quality and efficiency of health care delivery, research, education and knowledge (Philippines E-Health Strategic Framework and Plan 2013-2017).

E-Health in the Philippines is on the uptrend. The current economic and technology climate provided the opportunity for massive healthcare reforms in the country. Touted as the texting capital of the world (article), the Philippines is a good case study of how to maximize mobile technologies for E-Health applications. Furthermore, the Philippines has enacted critical legislative measures such as the Electronic Commerce Act of 2000 (RA 8792), Data Privacy Act of 2012 (RA 10173), Cybercrime Prevention Act of 2012 (RA 10175) and recently the Department of Information and Communications Technology Act of 2015 (RA 10844). These laws must be considered to provide guidance, regulation and accountability when establishing systems under E-Health.

The Electronic Commerce Act of 2000 set the tone on the use of ICT solutions for overall economic development. The Cybercrime Prevention Act of 2012 and the Data Privacy Act of 2012 were established to provide mechanisms in ensuring that the data in such electronic systems are not misused outside of its original purpose. These two laws were framed to provide legal basis and regulatory oversight in the collection, management, treatment and disclosure of data. It is interesting to note that in the Data Privacy Act of 2012, certain sections of the law emphasized Electronic Health as one of its major points of concern on data privacy. Section 2h of the DICT Act recognizes that the DICT was created in response to the Philippine policy “To promote the use of ICT for the enhancement of key public services, such as education, public health and safety, revenue generation, and socio-civic purposes”. while the DICT is not yet in place, the law discusses the necessary aspects of overall ICT policy governance such as Policy and Planning, Improved Public Access (of ICT infrastructure), Resource Sharing and Capacity Building and Consumer Protection and Industry Development that will affect overall E-Health initiatives in the future.

Another significant and recent development is the proposed E-Health Bill. With the DOH functioning as the secretariat, the draft bill was presented during the recently concluded 5th E-Health Summit held last June 3, 2016. Although the law is far from in its final version, the bill focused more on the technology applications and standardized all technologies applied in E-Health. However, several reactors discussed that the bill in its current form lacks the substance in how it will incorporate regulations on the actual practice of E-Health, specifically on the practice of foreign medical practitioners in the country using E-health platforms like telemedicine. A more thorough multi-stakeholder review of the bill was recommended.

Loyalty Programs and Big Data

“A rewards program is simply a platform for promotions, giving no clue as to how these actually can and should be targeted more precisely. A loyalty program provides a sophisticated means of tracking every transaction between a customer and a brand so that the Big Data can then be analysed to better understand the buyer’s habits and needs.” – Andy Wood (GI Insight article)

Loyalty programs are just one of the many tools used by businesses to collect data from its customers. These programs give incentives to costumers when they share their data in exchange for points, discounts, credits or rebates (article) that can be claimed from participating businesses in the program. This way, customers are encouraged to share their data since they get something in return. While customers get rewarded, businesses also get a vast amount of data that can be analyzed for deeper insights.

MARKET RESEARCH

Traditional market researches are costly. Businesses employ research firms to conduct surveys on its customers, employees, suppliers, merchants and even competitors (although indirectly). Data collection using traditional survey methods are often riddled with inconsistent data, under reporting and declaration of false information, often contributing to wrong data analysis and conclusions. This problem of diminished value of information makes traditional market researches unappealing today.

Loyalty programs offer an alternative way of capturing customer data. Even though the upfront costs for the program may be relatively high (article), businesses still implement these programs on the promise of higher customer retention and potential use of data  in improving its products and services. Typical costs for such programs are mostly considered as a marketing expense.

TRANSACTION DATA INSIGHTS

Capturing data (often during point of sales) keeps track of multiple but interrelated data that represents different entities that made the transaction possible. Data quality is relatively high as the data capture happened during the actual transaction (unlike in traditional market research where respondents rely mostly on memory recall). It is also insulated from respondent bias as the data collection process is automated.

Typical analytic models focus on dimensions like customer, store, product, brand, supplier, and exact time when the transaction happened. Data granularity is extensive (since data can pinpoint specific transactions) and can be easily aggregated for a macro-level perspective (e.g. trends over wide time periods). Data can also be used to predict consumer behaviors by looking at purchasing patterns by different costumer demographic groups. Data can also be linked with data sets gathered outside of the retail industry to provide extensive and holistic view of the customer (e.g. service, pharmaceutical and banking industries). These type of analyses enable businesses to provide a more “personalized” approach of doing business and also provide better ways of how businesses recommend appropriate products and services specifically targeted to the customer’s projected needs.

DATA PRIVACY

One critical issue in these loyalty programs is the right to privacy of the customers. Since data can be captured and attributed to personally identifiable information, resulting analysis can be surprisingly accurate when developing customer models based on historic purchasing patterns. One good example is when a customer has been buying consistently a set of medicines for the past month, the assumption is that the customer or someone from the customer’s immediate family may have been suffering with a medical condition. This assumptive information can be detrimental when insurance firms get hold of these data and may be used against the customer’s application for insurance policies.

DATA PRIVACY LAW IN THE PHILIPPINES

Loyalty programs in the Philippines will have to be transparent on how they process the data in compliance to the Data Privacy Law in the Philippines (Republic Act 10173). The law states that “It is the policy of the State to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth. The State recognizes the vital role of information and communications technology in nation-building and its inherent obligation to ensure that personal information in information and communications systems in the government and in the private sector are secured and protected” (article). It also discusses that even if the customer is willing to impart data to the loyalty program, the organizations who will be handling the data must exert all effort in ensuring the right to privacy of its customer. The Personal Information Controller and Processor (in this case, the business organization implementing loyalty programs) are also tasked in assuring that the data will not be used outside of its original purpose and scope. Furthermore, the Law also provided sanctions and punishments for those who will violate the provisions, specifically due to negligence, malicious disclosure, unauthorized disclosure or intentional breach.

Comeleak

Photo by: JP Acuna, 2010 National Elections

Let me discuss some points from a technologist’s perspective, who’s simply trying to connect dots surrounding the events of the 2016 pre-elections data breach. This discussion is mainly based on information available in the public domain.  I do not have first hand information about this incident.

Point 1-The breach exposed/proved that the voter’s data was for the taking. It was reportedly done by an IT fresh graduate, what more for those who do these things professionally and covertly? Who knows if the data was already breached prior this incident. It may have been that this was the first time this kind of case was made public.

Point 2-The “ñ” incident in PPCRV revealed how weak the Comelec’s technical oversight is over Smartmatic (the vendor). Either this was done with Comelec’s consent (but Comelec issued a statement that the “alleged tampering” happened without Comelec’s prior consent) or Smartmatic was operating independently without Comelec’s consent (this is much worse, where’s the check and balance?) Either way, Comelec might be hiding something or might be technically inept. I hope I’m wrong on both counts. NAMFREL said it plain and simple – “The main and real issue here would be last minute changes in process and codes as well as lack of quality control by Smartmatic. The system is a multi-billion peso system and the error was so amateurish.”

Point 3-With the alleged tampering of the VCM (allegedly for “cosmetic” purposes only proves that the code can be easily changed), the alleged VCMs in a hotel in Cubao, and the alleged VCM related issues mostly in Mindanao (non transmission, low connectivity, hijacking of VCMs and ERs by armed groups), the alleged VCMs in Cubao can be used to masquerade as a legitimate VCM (in lieu of non transmitting VCMs) by using data from the leaked database (since it contained voter names, voter addresses and voting precincts). Basically, manipulators know the maximum voting population from an area/precinct and alter the results without getting too obvious. I hope there are mechanisms to prevent these masquerade attacks.

End Result: The possibility of digital vote padding and shaving (votes are tampered by replacing the original votes with fictitious ones from a compromised VCM) or declare a failure of elections (due to massive breach of trust in the electoral system).

I support the call for an independent audit for transparency’s sake without political mudslinging. While I take a neutral stance on politics, I am fully supportive of an efficient, transparent and accurate government information systems. If there’s doubt on the integrity of the Automated Election System, an objective audit can be commissioned to really check on the alleged irregularities. I also ask of the NBI cybercrime division can check the integrity of the COMELEC’s database since there is a presumption of a tampered database leading towards electoral sabotage?

I am hopeful that these questions will be answered before the next elections in 2019.