Maintaining the Information Security Environment Through Social Media and Disclosure Policies in Southeast Asia

The information security environment (ISE) in Southeast Asia remains a topic that remains mostly unexplored by researchers.  Accordingly, this gap represents a problem concerning the dearth of findings that emphasize the potential tradeoffs between social media and information disclosure policies and the protection of networked data architectures against data breaches, identity theft, or other forms of nefarious cyberattacks.  While technical solutions enacted in the developed world are illustrative of how governments work collaboratively with vendors and security agencies to mitigate threats or vulnerabilities in existing data networks, the research problem identified here is significant for determining the success of strict access control means and industrial self-regulation.  

Most importantly, however, the research problem evaluated here entails that policy leaders in Southeast Asian countries should consider emphasizing transparency in decision-making to foster the conditions for mutual trust and learning in the ISE.  Although some of the working solutions designed to maintain the ISE may incur issues relevant to copyright and intellectual property, an emphasis on professional ethics guideline development is also necessary to promote effective collaboration between governments, vendors, and security agencies.  Moreover, the future of social media and disclosure policies extends into healthcare and other professional environments based on a demonstrated need to achieve stronger compliance with legal and professional requirements established by international entities.  Closing this research gap requires, therefore, that lawmakers in Southeast Asia carefully distinguish between which working strategies will produce the most sustainable outcomes for online users who must disclose sensitive information across various institutional or professional contexts.  Although very few exceptions in Southeast Asia constitute an exception to standard practice, mutual trust and transparency are crucial for maintaining a strong ISE infrastructure. 

The Research Problem and Its Significance

The limited effects of policy mechanisms governing social media and information disclosure in Southeast Asia represent a significant problem for researchers who study the ISE extensively.  Based on these limitations, researchers focus their debates on the tradeoffs between information disclosure and the protection of networked data architectures against cyber attacks or other types of nefarious attacks (Mitra & Ransbotham, 2015).  Despite the availability of technical solutions in the developed world, the dearth of policy mechanisms governing social media and information disclosure policies in Southeast Asia prompts governments, vendors, and security agencies to design coordinated solutions for securing information transmitted by online users in networked data architectures.  In turn, the significance of this problem reflects the increased number of social media users over the last ten years.  

Commenting on the necessity of trust and transparency in the ISE, Zhang and Gupta (2018) noted how the linkages between social media and information disclosure policies should ground the establishment of consensus-based models for mitigating vulnerabilities in networked data architectures.  However, social media information disclosure policies ought to reflect personal beliefs that trust in network security will reduce uncertainty over which decision-making models will produce the most sustainable outcomes (Walster, 2018; Zhang & Gupta, 2018).  Uncertainty in decision-making by governments, vendors, and security agencies over social media and information disclosure policies will eliminate the possibility that trust may inform the implementation of regulatory mechanisms developed from hypothetical scenarios.

The significance of this research problem extends to the written authorization of protected health information used for treatment, payment, and operations governed by privacy rules, particularly in the United States.  Banerjee, Hemphill, and Longstreet (2017) accounted for how patients who receive medical treatment based on information stored in wearable devices have the option of disclosing personal data but must also receive sufficient legal protections under privacy rules.  However, the dearth of research information governing the written authorization of protected health information in Southeast Asia suggests that social media and information disclosure policies must have strong compliances requirements as defined by governments, vendors, and security agencies (Banerjee et al., 2017; Mitra & Ransbotham, 2015).  However, research from Indonesia demonstrated how policy mechanisms for the good governance of social media and information disclosure policies throughout Indonesia ought to serve larger purposes such as public service, citizen participation, and national development.  

Lubis, Kusumasari, and Hakim (2018) noted how the enactment of the Public Information Disclosure Act mandates transparency and accountability in budget and resource management.  Policy mechanisms included in this recently implemented Indonesian law are significant for mitigating corruption, eliminating monopolies, and resolving information disputes.  However, enforcement disparities across various regions of Indonesia reinforce the problem insofar as uncertainty over decision-making reduces public trust concerning information disclosure in social media and healthcare contexts (Banerjee et al., 2017; Walster, 2017, 2018; Zhang & Gupta, 2018).  The impact of reinforcement disparities on the research problem is, therefore, significant for ensuring that governments and international organizations throughout Southeast Asia may develop effective solutions for promoting conditions of mutual trust in the ISE and mitigating vulnerabilities to enhance public safety.    

Impact of the Research Problem

The impact of the research problem is significant for preventing identity theft and implementing real-time policy mechanisms governing specific targets in the ISE.  Especially as more citizens of Southeast Asian countries use social media to disclose personal information, the decision-making processes governing most ISEs indicate how important professional ethics and compliance frameworks are for considering which user behaviors will produce long-term benefits throughout Southeast Asia (Walster, 2017; Zhang & Gupta, 2018).  Moreover, the increased use of social media in Southeast Asia illustrates how professional ethics is important for identifying key tradeoffs between information disclosure and the mitigation of data breaches, identity theft, or other forms of cyber attacks.  

Walster (2017) noted how professional ethics usually reflect the individual preferences of legislators and policy experts who ground decision-making processes governing social media use and information disclosure as having long-term implications for reducing uncertainty in the ISE.  Guidelines set by the Association for Educational Communications and Technology (AECT) Code of Professional Ethics apply to social media and information disclosure policies when regulations enacted in Southeast Asian countries draw from complex hypothetical scenarios to contextualize how uncertainty in decision-making processes by governments, vendors, and security agencies effectively reduces trust.  However, individual commitments described in the AECT Code of Professional Ethics also indicate that fostering conditions of trust in the ISE entails a need for governments, vendors, and security agencies to maintain individual integrity while conducting business, following sound procedures for selecting and evaluating critical resource materials, and making reasonably concerted efforts to protect social media users from health and safety hazards.  

Some of the individual commitments to professional ethics are, nevertheless, valuable for achieving political ends to mitigate data breaches, identity theft, and other nefarious cyberattacks.  Zhang and Gupta (2018) accounted for how social media and information disclosure policies form the basis of maintaining cohesive relationships between users who transmit data between networks that may have vulnerabilities left undetected by vendors and security agencies.  In terms of maintaining commitments to professional ethics, social media and information disclosure policies enacted throughout Southeast Asia must also include effective mechanisms controlling activity schemes in online social networks (OSNs).  However, this strand of the research literature suggests that OSNs must reduce uncertainty in policy decision-making processes when governments, vendors, and security agencies consider which information disclosure strategies enhance public trust in social media (Walster, 2018; Zhang & Gupta, 2018).  While OSNs may encourage governments throughout Southeast Asian to manage information more effectively, collaboration in the policy environment is also necessary for promoting mutual trust between users in the ISE.  

Recalling the work by Banerjee et al. (2017), the impact of the research problem remains significant for ensuring that governments, vendors, and security agencies in Southeast Asia use professional ethics guidelines appropriately to accurately define the real-world applications of hypothetical scenarios.  Policies governing information disclosure in healthcare are also significant for patients who use social media platforms to inform personal preferences in decision-making processes for regulating user behaviors.  More specifically, the policies governing information disclosure through wearable devices establish a foundation for reducing uncertainty in decision-making for lawmakers throughout Southeast Asia.  

While federal laws in the United States such as the Health Insurance Portability and Accountability Act (HIPAA) of 1996 safeguard individual patients from crimes like identity theft and data breaches, the limited research on similar policies governing social media and information disclosure in Southeast Asia are more significant for defining which political agendas will provide more credibility as well as sustain ethical and professional commitments to mitigating vulnerabilities in networked data architectures (Banerjee et al., 2017; Lubis et al., 2018).  With consideration for the possible impacts of Indonesia’s Public Information Disclosure Act, the role of governments and international organizations to reduce uncertainty in decision-making is significant for reducing gaps between planning and enactment that may reinforce problems reflecting a lack of transparency in existing policy mechanisms.  

The Role of Governments and International Organizations

Governments and international organizations play critical roles in promoting ISE security by implementing policy mechanisms regulating social media use and information disclosure.  In this research context, Mitra and Ransbotham (2015) noted how the full disclosure of sensitive information on social media platforms provides cyberattackers with numerous opportunities to exploit vulnerabilities.  Notwithstanding the dearth of effective policy mechanisms governing social media use and information disclosure in Southeast Asian, the roles played by governments and international organizations provide a model for defining which strategies reduce uncertainty in decision-making processes.  Governments and international organizations in Southeast Asia may, for instance, decide to implement policy mechanisms regulating the effects of intrusion detection systems (IDS) when observing “black hat” behaviors demonstrated by hackers and other cyber attackers who exploit network vulnerabilities to achieve personal or political gains (p. 578).  However, international organizations such as the AECT may play a more definitive role in securing the ISE by defining black hat behaviors as likely to produce statistical noise that interferes with the process of explaining which variables influence the impact of solutions recommended to mitigate the problem.  

As mentioned in the previous section, the AECT Code of Professional Ethics informs decision-making processes in the ISE by defining which social media and information disclosure behaviors will mitigate damages caused by the exploitation of vulnerabilities by hackers or other cyber attackers.  Walster (2017) suggested that improvements to decision-making processes in the policy arena have valuable long-term implications for defining which strategies and tools will produce substantial knowledge for reducing gaps between planning and enactment.  However, tensions between the technology preferences of governments and professional organizations indicate that improvements to decision-making processes in the policy arena reflect strongly held beliefs about the interpersonal conflicts of social media use and information disclosure throughout most of Southeast Asia.  Placed in an Indonesian context, the political beliefs of all stakeholders involved in securing the ISE are vital to understanding if policy mechanisms governing social media use and information disclosure must confer long-term benefits.

Commenting on how Indonesian lawmakers enacted the Public Information Disclosure Act in 2008, Lubis et al (2018) remarked that several regulations governing the rights to information privacy held considerable importance for ensuring that citizens of this island nation could place trust in major institutions and public authorities responsible for mitigating data breaches caused by an exploitation of network vulnerabilities.  More specifically, Indonesian regulations governing consumer protection were also influential in mitigating corruption, promoting human rights, and safeguarding against environmental degradation (p. 95).  Amendments to the Indonesian constitution of 1945 also indicated that securing the ISE required strong collaboration between lawmakers and international organizations to manage public information disclosed in social media.  Accordingly, the roles played by governments and international organizations are significant for reducing uncertainty in decision-making as well as applying the appropriate ethical and professional standards considered valuable for sustaining public trust.  Applied to the rest of Southeast Asia, the potential solutions to mitigate the research problem illustrate how long-term success depends on which strategies will effectively reduce gaps between planning and enactment.  

Potential Solutions to Mitigate the Problem

Technical solutions have the potential to mitigate the problem of limitations to policy mechanisms governing social media and information disclosure policies in Southeast Asia when lawmakers, vendors, and security agencies define which tools and countermeasures maintain user security in various online formats.  Depending on the distribution and severity of cyber attacks throughout Southeast Asia, technical solutions increase the efficiency at which vendors and security agencies may detect vulnerabilities and potential threats in networked data architectures (Mitra & Ransbotham, 2015).  Technical solutions may also provide much-needed equilibrium to data architectures in networks located throughout Southeast Asia by expediting efforts to increase knowledge production between all stakeholders responsible for maintaining the ISE.  Examples of technical solutions include roadmaps containing proactive methods like encryption and decryption that act in conjunction with reactive methods such as forensics and copyright prosecution (Zhang & Gupta, 2018).  Technical solutions that include reactive methods are especially useful for tracking digital user content.  

However, the technical solutions that pertain to improving the information disclosure policy environment may have limited impacts on social media based on the problem known as digital rights management (DRM) in cloud-based computing environments and risk management frameworks.  Zhang and Gupta (2018) suggested that the DRM problem may complicate the marketability of technical solutions when lawmakers, vendors, and security agencies attempt to monopolize control over the production of encryption tools in the ISE.  Managing the DRM problem in Southeast Asia indicates that technical solutions designed to enhance the ISE must govern social media and information disclosure policies effectively through encryption as well as prevent barriers to accessing the tools necessary for preventing threats caused by the exploitation of network vulnerabilities in data architectures. 

Alternatives to technical solutions that may help mitigate the problem include strict access control means for protection that cover wide-ranging needs across networked data architectures throughout Southeast Asia.  Especially because social media platforms contain volumes of sensitive information, strict access control means may foster improvements to the ISE when governments, vendors, and security agencies profit from protecting individual users from data breaches, identity theft, or other forms of cyber attacks (Zhang & Gupta, 2018).  However, strict access control means ought to provide users with transparent information regarding which sensitive data will remain confidential.  Strict access control means that social media and information disclosure policies should also allow users in Southeast Asia to participate in the ongoing development of solutions for maintaining online privacy while also being able to effectively market their services.  For example, strict access control means read may allow online users in Southeast Asia to identify security credentials and rely exclusively on trusted websites overseen by vendors and security agencies who communicate to government agencies about the potential dangers that may ensue from not mitigating threats and vulnerabilities in networked data architectures.  

Regarding the written authorization of protected health information, industry self-regulation is another potential solution that may help mitigate the problem of limitations to policy mechanisms governing social media and information disclosure policies in Southeast Asia.  Industry self-regulation is different from what Banerjee et al. (2017) distinguished as “pure” self-regulation that involves no government oversight (p. 7).  Rather, industry self-regulation involves a combination of organizational decision-making and government oversight that, when placed in healthcare contexts, allows vendors and security agencies to design strategic recommendations for improving the security of sensitive information disclosed by users of wearable devices.  While industry self-regulation already exists in the United States, its extension to Southeast Asia should involve lawmakers, vendors, and security agencies working collaboratively to design identification protocols capable of detecting sensitive information and using encryption techniques to mitigate data breaches, identity theft, and other cyber attacks launched by hackers who exploit vulnerabilities for personal or political gain.  

Industry self-regulation is also important for alerting online users of potential breaches to online user privacy in social media.  Since industry self-regulation in healthcare often entails the implementation of encryption and decryption techniques, this potential solution to the problem may also encourage lawmakers in Southeast Asian countries to design policy frameworks and introduce enforceable mechanisms for overseeing which decision-making processes will reduce gaps between planning and enactment (Banerjee et al., 2017; Lubis et al., 2018).  Industry self-regulation may not only increase the efficiency at which governments draw from legal, professional, and ethical guidelines but may also ensure that vendors and security agencies may deliver real-time solutions applicable across multiple organizational and institutional contexts.

Prospects for Success

The success of each potential solution to mitigate the problem depends on how strongly policy leaders and lawmakers throughout Southeast Asia conform to working definitions of learning that govern social media use and disclosure in the ISE.  Following the research by Walster (2018), learning is relevant to determining which policies for protecting online users from data breaches and identity theft will improve decision-making processes as well as promote more effective collaboration between governments, vendors, and security agencies.  Learning is also relevant for understanding which social media and information disclosure policies will conform to existing regulations and professional standards that foster the conditions for industry self-regulation (Banerjee et al., 2017; Walster, 2018).  Social media and information disclosure policies in Southeast Asia may, nevertheless, present challenges referring to copyright and intellectual property issues controlling for what precisely constitutes fair use regardless of how strongly managers or leaders of professional organizations rely on strict access control to protect sensitive information transmitted within networked data architectures (Lubis et al., 2018; Mitra & Ransbotham, 2015; Zhang & Gupta, 2018).  Yet, the relevance of learning in the Southeast Asian ISE illustrates how the prospects for success of working solutions also depend on how strongly governments, vendors, and security agencies emphasize information storage, backup, and recovery for when data breaches and identity theft may occur.  

Insomuch as the Indonesian government enacted the Public Information Disclosure Act in 2008, the relevance of learning in the ISE indicates that countermeasures will diffuse innovation solutions to online users and protect them against data breaches, identify theft, or other forms of cyber attacks.  Mitra and Ransbotham (2015) observed that countermeasures, including security patches, encourage professional organizations to achieve performance benchmarks that align with ethical standards designed to have practical implications for mitigating vulnerabilities in networked data architectures.  In particular, countermeasures are important for ensuring that leaders and managers of professional organizations draw from appropriate decision-making models to compensate for a dearth of technical knowledge.  Governments, vendors, and security agencies throughout Southeast Asia may, in return, consider the legal impact of countermeasures on obtaining patent rights and preventing the monopolization of intellectual property (Lubis et al., 2018; Mitra & Ransbotham, 2015).  More specific to information disclosure and social media policies, however, the long-term success of recommended solutions depends primarily on how lawmakers, vendors, and security agencies emphasize collaboration in the ISE to resolve debates as well as close gaps in knowledge between policy planning and enactment to advance transparent decision-making.  

Conclusion

The limited effects of policy mechanisms governing social media and information disclosure policies in Southeast Asia indicate a need for consensus-based collaborative models between governments, vendors, and security agencies to mitigate vulnerabilities in networked data architectures.  Extended to healthcare organizations and other types of professional environments, the dearth of social media and information disclosure policies in Southeast Asia, with Indonesia as a clear exception, also indicates a demonstrated need for stronger compliance to legal and ethical requirements established by international entities.  Accordingly, mutual trust should ground future policy development in the ISE to protect online users from data breaches, identity theft, and other forms of cyber attacks.  Insofar as social media and information disclosure policies form the basis of sustaining collaborative relationships between governments, vendors, and security agencies, professional ethics guidelines are necessary to ensure that online users throughout Southeast Asia have the easy access to tools emphasizing transparency in decision-making. In contrast to the United States, most Southeast Asian countries lack a high degree of transparency in decision-making.  Notwithstanding any digital rights management (DRM) issues relevant to copyright and intellectual property, the potential solutions to mitigate problems caused by a dearth of effective policy mechanisms governing the ISE in Southeast Asia are successful when lawmakers, vendors, and security agencies distinguish between proactive and reactive methods controlling access to user content generated in networked data architectures.  Especially with regard to information sharing and social media, the success of technical solutions in conjunction with strict access control means and industry self-regulation depends on how strongly policy leaders in Southeast Asian countries emphasize transparency in decision-making to foster the conditions for mutual trust and learning in the ISE.

References

Banerjee, S. (S.), Hemphill, T., & Longstreet, P. (2017). Wearable devices and healthcare: Data sharing and privacy. The Information Society, 34(1), 1-9. doi: 10.1080/01972243.2017.1391912

Lubis, M., Kusumasari, T. F., & Hakim, L. (2018). The Indonesia Public Information Disclosure Act (UU-KIP): Its challenges and responses. International Journal of Electrical and Computer Engineering, 8(1), 94-103. doi: 10.11591/ijece.v8i1.pp94-103 

Mitra, S., & Ransbotham, S. (2015). The effects of vulnerability disclosure policy on the diffusion of security attacks. Systems Research, 26(3), 565-584. Retrieved from https://pdfs.semanticscholar.org/713f/325a1c7cdb9e3e0d5e81791ca1e3acxxx6f761e.pdf

Walster, D. (2017). Information policy and social media: Accept or decline. Tech Trends, 61(3), 301-307. doi: 10.1007/s11528-017-0179-z

Walster, D. (2018). Information policy and e-learning. In A. Piña, V. L. Lowell, & B. R. 

Harris (Eds.), Leading and managing e-learning: What the e-learning leader needs to know (pp. 141-154). Cham, Switzerland: Springer Nature. doi: 10.1007/978-3-319-61780-0_11

Zhang, Z., & Gupta, B. B. (2018). Social media security and trustworthiness: Overview and new direction. Future Generation Computer Systems, 86, 914-925. doi: 10.1016/j.future.2016.10.007