The Philippine Bureau of Customs (BOC) has finally released its user policy on the access of its electronic-to-mobile (e2m) system, defining the bureau’s expectations of users who have been granted access to the system and its other applications.
Customs Memorandum Order (CMO) No. 15-2018, signed by Customs Commissioner Isidro Lapeña on September 28, notes that it is essential to properly secure and protect access to and use of BOC’s applications, systems, and data from threats and abuses related to information security.
“Protecting access to e2m customs systems and applications is critical to maintaining the integrity of its data and to prevent unauthorized access,” the order states.
BOC started to gradually implement e2m in 2008 in order to move from manual processing of imports and exports to online and electronic processing. However, from the start, no user policy has been issued.
CMO 15-2018 covers all persons with access to the e2m system, its related application and the data stored and processed in and through it. It includes BOC organic personnel, personnel under contract of service or consultancy agreement, accredited value-added service providers (VASPs) and their employees and agents, other government agencies and their employees given authorized access to e2m and its other applications, and all other persons that connect to or access the system and its related applications.
Importers, customs brokers, and exporters do not directly access e2m as they file through VASPs.
Under CMO 15-2018, granting of user’s access shall be limited to specific, defined, documented, and approved applications, and levels of access rights shall be based on the assigned role or function. Users shall only receive access to the minimum applications and privileges required to perform their job-related function. The order also provides rules on approval, restriction, deactivation, and reactivation of access to e2m.
Those found violating the terms of the user access or the provisions indicated in CMO 15-2018 shall be subject to administrative sanctions, including civil or criminal liability.
The right and prerogative of BOC to restrict, suspend, or revoke a user’s e2m access shall be independent of and shall not be contingent on the pendency or outcome of any administrative, civil or criminal proceeding, CMO 15-2018 notes.
Earlier, Management Information System and Technology Group (MISTG) deputy commissioner Jeffrey Ian Dy said BOC will eventually replace e2m, which is now outdated and is incapable of parallel computing, with a more updated system.
But while waiting for the new system, which will take years to arrive, Dy said BOC is bidding out four projects, which focus on updating of e2m, maintenance of e2m, upgrading of hardware, and upgrading of bandwidth. The projects are being pursued so that e2m will “survive in the next three years,” Dy explained. – Roumina Pablo