A few days ago, I had the opportunity to attend a government-organized public consultation meeting on a proposed certification scheme for digital signatures. The project is laudable, but I doubt that the timetable they've set will be met.
The topic on digital signatures is a complicated one, and I'll be the first to admit that it's sometimes difficult to comprehend. There are terms like certification authority (CA), registration authority (RA) and public key infrastructure (PKI), among other things.
But, basically, the main aim of an initiative like this is to put in place a mechanism that allows consumers and companies to accept electronic signatures as an equivalent signature of a person on a written document.
The program's lead proponent, the Department of Trade and Industry (DTI), said the "overarching goals" of the initiative is to boost e-commerce and improve e-government in the Philippines. Digital signatures, the DTI said, will solve the "lack of security that has been perceived as the main barrier for growth of e-commerce and wide use of e-government services in the country".
Under the plan, the government will take the lead in jumpstarting the program by implementing a national certification scheme for digital signatures in key government offices. This strategy, it is hoped, will spur the private sector to employ the technology and eventually take over in managing the certification program for the country.
The DTI will initially be designated as the Accreditation/Assessment Body, and issue the implementing guidelines, as well as the criteria for the accreditation of the Root CA (prime candidate is the National Computer Center or NCC), the Government CA (NCC), and the private CA.
The RAs, which are at the bottom of the hierarchy and the contact point for the consumers, will be represented by the government agencies that offer e-government service (examples include BIR, DBM, NSO, SSS, GSIS, PhilHealth, DTI, BOC, DFA, Comelec, SEC, and BSP).
The NCC, as the Root CA and Government CA, will be authorized to charge fees for the issuance of digital certificates. The government RAs, meanwhile, will also be allowed to charge fees for the services they will render to the public.
Maria Lourdes Yaptinchay, director for the office and policy research and alternate chairperson for the e-commerce team at the DTI, said the Korean government is assisting the Philippines in the project through a US$2.3 million-fund grant.
"The program is also patterned after the one they have in Korea because we want to learn from their experience," Yaptinchay said, adding that Korean technical experts have been helping the inter-agency group she's heading to set up the program.
Yaptinchay said their plan is to submit a recommendation wherein President Gloria Arroyo will issue an Executive Order requiring the application of digital signatures in government service by the first quarter of this year.
To give the government agencies, as well as the private sector, sufficient time to prepare, compliance to the order will be two years from the date of its issuance.
With the Arroyo administration currently saddled with so many problems (most of them by its own faults), especially with the upcoming national elections, I'm not sure if they'd bother to draft a directive for a technical subject matter.
That would be a wasted opportunity, considering a vibrant e-commerce sector, not to mention a robust e-government, could be a great way to stimulate an anemic economy.