(Delivered in Parliament on 16 August 2016)
Madam Speaker the creation of the Government Technology Agency or GOVTECH marks the turning of a page in the evolution of Singapore’s IT infrastructure.
The new GOVTECH will and I quote from the bill, “undertake the procurement of infocomm technology and related engineering goods for the public sector…” It will have powers and I quote “to issue directives, codes, standards and guidelines for the public sector in relation to the architecture or use of info-communications technology or related engineering systems or services in the public sector.”
This new agency recalls one of the core functions of the NCB, formed in 1981, which was to implement the computerization of the civil service. However the GOVTECH will do so in a very different context, one where ICT has become pervasive and is in many cases mission-critical in the civil service.
The GOVTECH looks set to take the lead in enabling the public sector to optimally use big data analytics, artificial intelligence, the internet of things and other disruptive technologies. It will probably take the lead in the procurement of IT systems for the public sector. It is also likely to play a leading role in setting and enforcing best practice standards as well as levelling up the standards of public sector agencies in terms of their use of ICT to fulfill their missions. As such the role of the GOVTECH is potentially very impactful.
Madam Speaker, I would like to make several points and pose several questions about the goals, functioning and processes of the GOVTECH.
SME development
My first point relates to the development of local SMEs in the ICT space. In other developed countries SMEs have the advantage of good access to their domestic market, an advantage that our SMEs and local enterprises lack due to the small size of the domestic market. This is compounded by the fact that many public sector agencies may tend to prefer established global brands in procuring ICT systems and services.
I would like to suggest the GOVTECH find ways to work with local enterprises and SMEs to enable them to benefit from its work. These local champions should be our economy’s strong third pillar of job creation and value creation, a pillar that will hopefully be more resilient and rooted to Singapore whichever way global economic winds blow, as compared to MNCs.
No doubt Singapore needs to observe its obligations under the Government Procurement Agreement (GPA), which requires non-discrimination against foreign firms. However there could be ways to work with local firms while remaining consistent with the GPA. For example, the GOVTECH could work with certain local firms with niche technologies on R&D partnerships which are not procurement tenders per se. Such local firms could also receive targeted SME incentives from economic promotion agencies like SPRING or ASTAR.
Another possibility is to issue certain procurement tenders that provide preferential consideration for SMEs, both local and foreign. This may, in certain contexts, be GPA compliant if the same preference is given to both local and foreign SMEs. Some global government agencies do implement SME preferences in their tender evaluation criteria to some degree. I hope that MCI and the iDA will consider such approaches.
Privacy Impact Assessments
Secondly on privacy protection. The new GOVTECH will have access to a great deal of personal and corporate data. As a best practice, will the GOVTECH conduct, and encourage other public sector agencies to conduct, privacy impact assessments? I would urge the GOVTECH to give serious thought to this because not only would it result in greater privacy protection. Such regular PIAs would also help strengthen public confidence in sharing information with government agencies. IPAs are conducted by first world government agencies such as the Pentagon and Department of Homeland Security in the USA and the ICO in the UK, for example.
Promoting ICT literacy among state employees
Thirdly, the civil service – including all statutory boards and agencies – is a vast organization. Across the ranks of all state employees, there could exist a digital divide, with some employees being much more IT-literate in their skills and habits than others, particularly including some of those who are older. I suggest the GOVTECH take the lead in identifying IT literacy gaps within the broader civil service and use its considerable procurement power to develop and push out ICT literacy training on a whole of government basis. This would enable those state employees who are lagging in ICT skills to level up and thus gain access to productivity-enhancing opportunities which would improve their career prospects.
Integration of the GOVTECH with the CSA
Lastly, I would like to ask why the Cyber Security Agency, formed in April 2015, is located in the Prime Minister’s Office. With the creation of the GOVTECH, wouldn’t the GOVTECH offer the best location for the lead agency for public sector cyber-security? Are there plans for the CSA to thus eventually be subsumed under the GOVTECH? This would facilitate cyber-security becoming better embedded in public sector ICT systems, process and cultures.
If the answer to that question is that the CSA is tasked with national level cyber-security going beyond just the public sector, shouldn’t it then be located under MINDEF, which would allow better integration with other modalities of Total Defence?