The lack of a well-defined, government-sponsored policy on Internet security may hold back the growth of the business process outsourcing (BPO) sector, information technology executives warned.
BPO firms that handle sensitive data for their clients overseas have been wary of signing long-term contracts in the Philippines due to the lack of laws that will allow the prosecution of cyber criminals, industry officials said.
“For BPOs like call centers, it has been a concern. Right now, most of them are on contractual basis in the Philippines. But if a stricter law is passed against cybercrime, it will be easier for companies to make the Philippines their permanent location,” IT consultant Lito Averia said at a recent forum on Internet security hosted by the IT Journalists Association of the Philippines. “We need a legal environment to secure information. If there’s a security breach, we want to prosecute and convict criminals.”
The local BPO sector is expected to grow to a $25-billion industry in the next five years, from about $10 billion last year. The industry is also seen to create as much as 700,000 new jobs during the period, in addition to the 600,000 people the sector employs today.
Averia said having a better security regime will help solidify the industry’s long-term growth prospects. Most companies have their own IT security programs, but the main worry is how to run after hackers in case these defenses are breached, he said.
At the moment, the only piece of legislation that criminalizes hacking into Internet sites and stealing data from companies is a provision in the e-Commerce Law, or Republic Act 8792.
Ivan Uy, head of the now-defunct Commission on ICT, said the law penalizes people guilty of hacking with up to six years in imprisonment and a fine of P100,000.
But this provision covers all forms of hacking, even the crime to defraud people using IT to steal from bank accounts, which should have stricter penalties. Uy said the data privacy bill, a measure still pending in Congress, would help since it provides for stricter penalties against hackers.
Macky Cruz of Trend Micro said cyber security should be part of every country’s national defense strategy.
“[Cyber security is] something that needs to be integrated into everything,” Cruz said.