Serious Flaws of the Computer Professionals Bill,

Skip to first unread message

Boh Yap

Dec 10, 2011, 12:31:43 PM12/10/11

I am reposting this on its own separate thread, with changes to correct typos.
(Its the same as the one in the other thread...)

Feel free to comment and use its points...

Critique of the points in the Bill
After reading thru the contents of the bill, it seems to be thrown together without deep thought or sufficient discussion. The objective of setting up such a Board seems to be primarily to register parties so that they can be eligible to handle CNII Projects. The definition of CNII itself is very vague and dubious. For this to stand up to scrutiny of law, the definition has to be very clear, with precise definitions and exclusions, with such a definition amounting to pages, not just ONE SENTENCE! And since this bill hinges on the definition of NCII, and since this definition is not clear, then this bill has little relevance!

The justification for the Bill also display a lack of inputs from those actually practicing n the industry. The fact is that the technology changes so fast, and its adoption can be equally fast, and attempt to certify/regulate it via conventional bureaucratic means is impractical, either that or it will lead to stifling of knowledge and innovation, leaving Malaysia's behind in the globally competitive field of IT! IT is driven almost purely by its IP-based nature, where ideas and knowledge are the real capital, not goods, machinery and equipment. Having to be certified (to seek permission!) in order to learn, 'play with it' and use it will serious slow innovation, soemthing Malaysia can hardly afford in a globally competitive world! (re: Scenario below)

Lastly it is not quite clear what the role of the Board that is suppose to be setup IS! Is it (just) going to be a registry for parties wanting to bid for CNII jobs, or is it trying to be a professional body, like the MMA (for doctors), Bar Council (for lawyers) etc... It seems like it is trying to be a bit of both!

As a professional body, the professionals that are involved should have more say; ie: the Board should not be ALL APPOINTEES but rather IT Professionals voted in by their peers. Its should also play a more strategic and perhaps even operational role to improve the standards and business opportunities of its members through business development activities and interaction with other like professional bodies overseas.

If its just a registry, there there is no need to set up a board, just let a government department (MOSTI?) handle it, much like the registry for bumiputra companies bidding for government projects handled by the Treasury. Let the funds that would go towards supporting such a board be put to actual use in encouraging innovation in IT (see 7. below)

Scenario: fictitious but very possible 
(or why the Bill seriously hampers innovation)
Google invents a new programming language (and tools) that leverages off its cloud infrastructure, and this language makes it highly productive to develop new applications that utilises very large databases. And they release this as Open Source.

Overnight, a Malaysian programmer with the interest and underlying skills, can immediately download the software, access the documentation and start learning and experimenting with it. Within 2 weeks, he has gained sufficient proficiency with it and starts developing an application with it. Within 2-3 months he may have a prototype application running, demonstrating very viable and unique capabilities.

Suddenly a CNII Project puts up a tender, say for Public Health, where his project has relevance (a good example would be to develop a National Database for every citizen's Health Record, such a project has been suggested the 'Lifelong Health Record' but never actualised). This programmer CANNOT participate because:

    i  he personally may not be registered
    ii  the software that he uses and the skills he has developed 
        are not certifiable, its too NEW, and no one else in Malaysia has the capability to do so.

So he gives up in frustration, takes his application to Silicon Valley, where investors welcome him with open arms, within 32 months his company with 100 staff goes public...

Here, the programmer has taken a new technology, further innovated on it an created a new commercial product/service and it ended up overseas. Malaysia suffers another hit from self-inflicted "Brain Drain".

The above scenario is HIGHLY UNLIKELLY to happen in another industry, why? Lets use another story from the aspect of the mechanical engineering industry, suppose someone somewhere invents a new type of internal combustion engine, that is 3 times more economical than the standard engine, such that a engine the size of a 2 shoeboxes can drive a standard car! 

Firstly, no Malaysian can ever copy its design, it would be very secretive and protected by many patents. In contrast, software has the concept of OPEN SOURCE which is quite unique to the IT industry!
Even if one can obtain the rights to manufacture the engine, the cost of building a manufacturing plant is huge, legally unlikely to change/innovate on its design and you will still have to pay royalties to the owner of the patents!

Hence no local innovation or even benefit could be achieved.

Hence there is strong argument for the IT industry to be handled differently because the nature of skills, knowledge and ability changes so fast as to make certification or attempts to qualify them difficult, especially by those outside the industry! 

Specific cretique on parts of the Bill
(the numbers refer to sections of the Bill)

1. Part II, 4,2
   "...each member who shall be Malaysian citizens appointed by the Minister..."
   Board are appointees, NOT elected! They may not be peer reviewed.
   Who is the Board accountable to?
   How transparent is the appointment and operations of the board? 
   (especially with the Secrecy clause below)
2. Part 5, 1 & 2
    "Talks about the 'common seal' of the board, used to authenticate, authorize documents issued b the board."
    This is somewhat feudal, and although legalities may require such a seal, 
    why is a 'professional computing body' not using or promoting digital signatures? 
    How is our government and society to progress towards the digital age if the Board itself does not lead by example?
    This points to a glaring weakness of te whole exercise, and show up the deficiency in knowledge of the decision makers who are to guide/protect us in the digital age.
    This begs the question; if the formulators of the Bill and those practicing members of the Board are up to date with technology?!

3. Part 7, 1 Revocation of appointment
    ...the minister shall, at any time, revoke the appointment of any member of the Board.
    The Minister/Government has total power... the board is subject to the political wills of the Mister/Ministry/government. And registrees are subject 
to the Board!
4. Part 11, 1 Functions and Power of the Board
    "f) provide facilities for the promotion of learning and education and to hold or cause to be held professional development programmes..."
    The Board decides on training and hence the technology direction of the proffession? Will this be subjected to vested interests, ie: commercial Vendors who cultivate a strong relationship with the Board, vs less financially capable Open Source companies? 
    There is no mention of liaison, cooperation with other similar bodies in other countries; for the purpose of exchange of knowledge, ideas and business opportunity.
    Aside from f), all of the other functions are bureaucratic and not strategic or operational.
    There is no mention of how it can assist in business/economic development, such as by encouraging innovation to develop new markets. new ecomies; or even on how to promote adoption of IT by business or government sectors. In other words, the Board does nor seem very concerned about business development for the professional body, an aspect that would be important for other professional bodies.
    g) " appoint a council consisting of persons to be determined by the Board, to conduct examinations and/or assessments, or to cause examinations and/or assessments to be conducted by an institution or institutions recognized by the Board..."
    The Board conducts exams for the purpose of registration of potential Members. Unless members of the board are qualified in all fields of speciality, they may not be able to make decisions... e.g. which Open Source certification to recognize? Why restrict, accept any internationally recognized certification!  
    ** field of expertise in IT is too wide! e.g. as a Python programmer, who examines me, is he/she qualified to evaluate me, are there any certification for Python? Does that then mean I cannot practice professionally? or contribute on Government projects?
    i) "...persons as may be determined by the Board to advise the government and the public on matters relating to computing education, including the certification of such programmes."
    Again, is the experience of said members representative of the industry, and will it be swayed by commercial interests, slaes persons from vendors being appointed... 
5.  34 Restriction on employment of unregistered person to provide Computing Services.
    "No CNII entities or person shall employ a person, sole proprietorship, partnership or body corporate, other than a Registered Computing Practitioner or Registered Computing Professional or Registered Computing Services Provider practice, to perform Computing Services"

    This clause has very serious consequences! It allows the Board to then act as Gate Keepers as to who can participate on major CNII projects!
    Also, it creates the complexity of interpreting what consists of a CNNI Project, who has the authority to define/interprete it as such etc..
    Furthermore, the status of registration versus the actual skill-set and experience of an individual may have little correlation.

6. Obligation of Secrecy
    43, 1
    "no member of the Board or any of its committees or any employee or agent of the Board or any person attending any meeting of the Board or any of its committees, whether during or after his tenure of office or employment, shall disclose any information obtained by him in the course of his duties; and.."
    So where is the transparency and accountability of the Board? If I as a professional, whose future is being determined by the Board, then it  
7. Funds
    Goes on to explain the existence of the Fund, justifying its use: pay allowances of its members, purchase & hire of equipment, etc...
    No where does it mention spending to promote and improve the use of IT, to highlight, showcase and encourage the adoption of new technology, to provide liaison between Computing bodies in other (more advanced countries) to exchange ideas/knowledge and better improve standards of our IT professionals...
    It looks like a (possibly fat?) fund will be used to provide infrastructure and to maintain a bureaucrats, that would have little impact on improving the standards and well-being of IT  professionals. Those funds could be better spent on existing programs via MOSTI, Cradle etc... that would encourage innovation, creation of wealth/jobs and encourage adoption of IT by all Malaysians. 
    ICON-DAP, a program run by MDeC, to encourage innovation, software application development and create new businesses has a budget of RM 6m. The award package is up to RM 200k max, that means only about 30 applicants will succeed in their application.
    If it costs 6m (I think this is very conservative) to run this Board and its supporting entourage, would not that money be better spent in the above program?


Boh Heong, Yap

sweemeng ng

Dec 10, 2011, 4:58:13 PM12/10/11
That and
1) What type of certification? Is it ala CCNA? or MSCE? If so does it mean a lot of open source project are not allowed to be used
2) Even if CNII is just govt, so does it mean that individual cannot contribute to open source project it use? I.E it covers Info Comm. So hypothetically we as a malaysian cannot contribute to apache web server, and the Big G do have sites that uses apache, fyi
3) So as we register a skill, how granular is it? In python web development, we are usually need to handle multiple role. If we modify wsgi script? Do we tell them we know networking etc? If we are to work in CNII, and it depends on how granular it is. 

You received this message because you are subscribed to the Google Groups "" group.
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at

Just a random living organic computer code generator

Reply all
Reply to author
0 new messages