In our Asia Vision Series features we dive into key industry trends and issues with our subject matter experts and visionaries the region. In this final part to this interview, Koh Buck Song, author and editor of more than twenty books and former political supervisor for Singapore broadsheet The Straits Times, speaks with Jeff Bullwinkel, associate general counsel and director of Corporate, External and Legal Affairs (CELA), Microsoft Asia Pacific & Japan. Bullwinkel is a former federal prosecutor with the US Department of Justice, as well as Microsoft’s most senior legal counsel in Asia. He shares the reasons behind his passion for law and driving policies around trust in technology.
A service will not survive for long if it does not pay attention to user expectations.
Think about any piece of technology you’ve used today. It could an automated teller machine (ATM), a mobile payment service, or even an online shopping service. What all of these have in common is the user’s trust that they will work as they should and securely too.
“Data is the new currency, but as with other forms of currency it will have value only if the right protections are in place. That is why new opportunities will flow from data-driven innovation over the long term only if people can trust that their data is secure and being used in ways they understand and accept,” says Jeff Bullwinkel, associate general counsel and director of Corporate, External, Legal Affairs at Microsoft Asia Pacific and Japan.
Trust in the cloud will be a crucial factor for what Microsoft calls “Industry 4.0”, an era in which digital transformation is driven much more by ubiquitous computing powered by cloud technology.
“In my role as a legal counsel, I speak to many customers and find that more businesses are recognizing that ensuring security of their data is crucial to continue attracting and retaining customers,” says Bullwinkel. “A top priority for us is to put our customers’ minds at ease in adopting cloud technology, and in how they can trust us to offer them a more secure environment than they could ever create at home or in the workplace.”
In the current landscape, trust has become a critical competitive advantage for technology providers. This is where certifications and standards have become increasingly important in helping customers decide whom to trust.
Bullwinkel highlights how Microsoft was the first major cloud provider to adopt ISO/IEC 27018. This standard was developed by the International Organization for Standardization (ISO) to establish a uniform, international approach to protecting privacy for personal data stored in the cloud.
Over the last several years, questions regarding the privacy of personal data have often come up in the context of government access, and that’s addressed by ISO 27018, Bullwinkel notes: “When enforcement officials make a lawful request for customer data from Microsoft, we are committed to transparency and limit what we disclose. Because it is clear to us that our customers own, and therefore should control, their own data, we will not disclose data hosted in our cloud services to enforcement officials unless we receive a lawful governmental order,” he adds.
In line with Microsoft’s commitment to transparency, the company launched the Microsoft Transparency Hub, which publishes regular reports about requests for customer data made by law enforcement agencies. Bullwinkel notes that the company’s approach to government access to data is entirely in line with the global standard in ISO 27018.
More generally with regard to standards, he adds: “Cloud is increasingly seen as an enabler of an organization’s journey to digital transformation. Wider industry adoption of standards will bring even more companies to the cloud eventually, as these standards will affirm new levels of clarity, transparency and consistency,” he notes.
To drive the message of Microsoft’s cloud security across, Bullwinkel and his team in Asia have set their sights on demonstrating the advantages of the cloud in a sector which is typically seen as being heavily regulated: financial services, which includes banks and insurance companies. “We thought that if we could help our customers in that specific sector to embrace the cloud, then most of our customers in other sectors would feel comfortable doing so too, because regulation in this industry is quite strict.”
So far these efforts have been fruitful, as Bullwinkel notes that many banks and insurers across Asia – including in Australia, Hong Kong, Japan, the Philippines, Singapore and Thailand – have now embraced the cloud.
The work by Bullwinkel’s team has also been helped by the fact that many companies are now more aware of Microsoft’s longstanding efforts in enhancing security. This includes the company’s yearly investment of US$1 billion to enhance cybersecurity in myriad ways, ranging from the development and deployment of best-in-breed software and services to the creation of the highly secure infrastructure that makes up the company’s 100 data centers across some 40 countries.
As for offensive capabilities, Microsoft’s Digital Crimes Unit (DCU) has been taking the fight against cybercriminals seriously. It has established five Cybersecurity Centers in Asia (China, India, Japan, Korea, and Singapore), which serve as an extension of the company’s Cybercrime Center headquarters in Redmond, Washington, USA. The DCU is made up of a team of international legal and internet security experts employing the latest tools and technologies.
“A service will not survive for long if it has not been very attentive to the expectations of its users,” points out Bullwinkel. “Technology providers need to understand that trust has become a competitive edge and work towards being a trusted enabler of digital transformation.”
Associate General Counsel and Director of Corporate, External & Legal Affairs,
Microsoft Asia Pacific & Japan
Jeff Bullwinkel is based in Singapore and oversees Microsoft’s legal and corporate affairs teams across the region. This includes supporting commercial transactions and providing regulatory counsel to business groups on public policy issues such as intellectual property rights, privacy, Internet security and safety, competition, and international trade. Bullwinkel joined Microsoft in 2000 and was initially based in Hong Kong, where he managed the company’s public policy activities in the Asia Pacific region.
Koh Buck Song is an author who has written and edited over twenty books, and a consultant in branding, communications strategy and corporate social responsibility in Singapore. He drove the positioning of Singapore as a “global entrepolis” as former Head of Marketing, Corporate Communications and Strategic Planning at the Economic Development Board from 1999 to 2005. Buck Song was also a former a political supervisor for The Straits Times. He graduated from the University of Cambridge and the University of London in the United Kingdom, and from the John F. Kennedy School of Government at Harvard University in the US, where he was a Mason Fellow and earned a master’s degree in public administration.