TOKYO -- Japan is moving to block companies seen at risk of data leaks from bidding for government contracts as the country migrates computer systems to the cloud.
The action comes as concern rises worldwide about the tech industry's relationship with foreign governments, particularly China's.
Chinese internet companies, for instance, are suspected of sharing data they glean on users with authorities in Beijing.
As Japan prepares to shift to internet-based computing for social security and other programs, such concerns have taken on new urgency in Tokyo. Officials at the Cabinet Secretariat; the Ministry of Economy, Trade and Industry; and the Internal Affairs Ministry will put forward proposals by this fall for a certification program meant to ensure that only information technology companies with high data security standards and independence can bid for government contracts.
"This program is without a doubt being built with China in mind," a government source familiar with the matter told Nikkei.
The criteria for certification have yet to be determined but may include ISO standards from the International Organization for Standardization. The new rule will be adopted on a trial basis in the fiscal year starting next April and take full effect the following year.
Cloud computing, in which users access software applications over the internet rather than on closed systems, can help governments provide services more efficiently but entails data being stored on servers outside their control -- sometimes in other countries.
Some are calling for the new cloud certification to be applied beyond government systems to cover critical infrastructure, such as electricity and medicine.
Revelations earlier this year that data processing on Japanese pensions was outsourced to a Chinese company heightened concerns in Prime Minister Shinzo Abe's government about the risk of personal data being mishandled. But Japan is not the only country worried about leaks involving Chinese industry. In 2012, Australia excluded Chinese telecommunications maker Huawei Technologies from bidding on a national broadband project, citing cybersecurity risk.
In the U.S., only companies that clear, tough security standards are allowed to bid to provide the government with cloud computing services, eliminating any with Chinese connections.
The European Union's Directive on Security of Network and Information Systems, which took effect in 2016, sets a similarly high bar for companies to clear in order to operate within the European single market. By contrast, Japan has lacked effective rules for managing government and vital industrial data.
According to research company Gartner, Japan's government spent about 860 billion yen ($7.78 billion) on IT investments in 2016, a figure that is expected rise to 900 billion yen in 2016. Vendors both in Japan and abroad, such as NTT Data, see it as a major market.