MCRB provides initial comments to government on the draft cybersecurity framework, and discusses cybersecurity with MPs
MCRB and other business and civil society stakeholders with an interest in cybersecurity were invited to Naypyidaw on 25 January to participate in a consultation hosted by the Ministry of Transport and Communication (MoTC).
The meeting was attended by around eighty participants, most of them from government, but telecoms operators and other CSOs were also present. MoTC had sought input on the benchmarking studies prepared by MoTC, with support from the World Bank. The studies are being used to identify critical gaps in Myanmar’s existing policy and legal framework.
MCRB welcomed the studies as an evidence-based approach to policy and lawmaking in Myanmar, and MoTC’s stated intention to hold open consultations with a wide range of stakeholders on the forthcoming draft policy and legal framework. Several senior MoTC officials, including Permanent Secretary U Soe Thein, had referred to this in their remarks at the third Myanmar Digital Rights Forum (MDRF) on 18/19 January in Yangon, and the MDRF had concluded with a call for new policies and laws that safeguard digital rights in Myanmar, and a fully consultative process to achieve this. MCRB understands from MoTC that forthcoming consultations are tentatively scheduled for mid-February 2019.
At the 25 January consultation, MCRB and a number of other stakeholders including Ministries, expressed concerns about the scope and speed of the process of drafting such complex policies and laws. A longer and more structured consultation period with stakeholders – including legislators - is needed, to enable them and the Government to identify all the relevant issues and develop the necessary detailed draft laws in a coherent framework. On 23 January MCRB met with a group of Parliamentarians who have an interest in cybersecurity, who are aware that they need a solid understanding of the issues at stake, to pass effective legislation on these complex and evolving issues.
In addition, MCRB and many others expressed concerns that a single law was unwise, and that the three areas proposed to be covered in the forthcoming cyber law (E-Government, E-Commerce and Cybersecurity) should be addressed in separate, but complementary, laws. MCRB also encouraged the government to use this opportunity to clean up the existing legal framework for ICT and telecoms, and repeal contradictory and outdated existing laws relating to ICT.
These oral comments have been followed up with a written submission.
In its comments, MCRB drew on a series of policy briefs recently prepared for the MDRF and the recommendations from its ICT Sector Wide Impact Assessment: