Monday, February 4, 2013
Japanese Governmental CIO has no Legal Authority
It may be shocking but during a symposium on security on February 1, 2013, Japanese governmental CIO, Koichi Endo (former CIO and vice president of RICOH Company, Ltd.) disclosed that he has no authority explicitly backed up by laws and regulations.
Mr. Endo is the first governmental CIO who took its office on October 2012. Before that there were CIOs of each ministry and governmental agency but there was no governmental CIO supervising the total information strategy of the whole government. As the government is planning to introduce laws on national ID numbers, the necessity of an integrated and coherent IT strategy became more and more essential. This lead to the introduction of the governmental CIO under the Cabinet.
To play his role, the governmental CIO needs to obtain the planned information strategy of each ministry and agency and then, considering the harmonization with the governmental strategy and the coherency with the plans of other ministry/agency, order the amendments of the plan. However, currently, the governmental CIO has no legal authority to do this.
Now, he is doing his job based on an ambiguous "general coordination function" the Cabinet has based on the Cabinet Act. But the extent of his authority is unclear. Mr. Endo explained during the symposium that sometimes the coordination between the ministries does not work smoothly ("shocho kan no renkei ga sumuzu ni ikanai koto ga aru"). As a result, the government is trying to insert a clause into the law whereby the governmental CIO is given a clear authority, which will solve the problem.
Although the introduction of CIO is said to be future-oriented, another past-oriented function is also important. There have been many problems with respect to governmental systems such as the Patent Office's failure of re-constructing its backbone system, which has caused the loss of more than five billion yen (50 million dollars). Some people pointed out that the reason for the failure is ubiquitous in governmental IT procurement: low ability to manage the vendors, lack of comprehensive and written knowledge of their works, reluctance to BPR, and an immature level of process improvement.
If the problem is ubiquitous, then, it would be less effective to try to improve the problem by each ministry/agency's own initiative. It would be more effective for the governmental CIO to analyze the problem, show how to solve the problem, and supervise the improvement process in each governmental office/agency. I hope that the Diet will promptly amend the law so that the CIO would have full authority to effectively perform both of the functions.
DISCLAIMER: "IT Law issues in Japan" only provides general information about Japanese information technology law and does not, under any circumstances, constitute legal advice. You should first obtain the advice of professional legal counsel who is qualified in Japan before acting or refraining from acting based on this blog.