10 countries, 10 different policies for APIs: What Brazil can learn from these models

10 countries, 10 different policies for APIs: What Brazil can learn from these models

Hilmar Becker, Regional Director of F5 Brazil, examines API policies across 10 different countries and explores what Brazil can learn from these models.

Hilmar Becker, Regional Director of F5 Brazil

Around the world, government agencies digitize their processes, developing applications that serve citizens in an automated and remote way.

In this journey, the consumption and publication of APIs (Application Programming Interfaces) grows every day. The goal is to further accelerate data sharing between different companies – including mixed and private organizations.

Whoever succeeds in this endeavor will reap tangible results. This is what a study of IT leaders from U.S. public sector organizations with more than 1,500 employees reveals. In nearly three out of five organizations (59%), APIs have been able to improve citizen service and/or enhance developer productivity. It is worth noting that 99% are modernizing their applications.

One-third of respondents said they are extending the reach of monolithic applications through APIs. Nearly one-third (29%) of organizations plan to invest more in API training. The goal is to have a culture that facilitates the use of APIs in government.

The policies for adopting APIs by global governments are very varied. Each country emphasizes one aspect of the publication and consumption of these languages. Rather than this being a problem, it is an opportunity for model and policy sharing, which is critical to the evolution of digital government.

1. Privacy and Security Prioritization – Estonia

Estonia, one of the most digitally advanced nations in the world, prioritizes privacy and security in its use of APIs. The X-Road data exchange layer enables public and private sector organizations to securely share data. And in parallel, maintain citizens’ privacy by providing an example of balancing data accessibility and security considerations.

2. Leveraging APIs for real-time data – Singapore

Singaporedata.gov.sg , a repository of datasets from 70 public agencies, provides real-time data feeds through APIs. The goal is to improve decision-making processes and the provision of public services. The government has also implemented a national identity API that allows citizens to authenticate their online identity for access to various services.

3. API Standardization and Encryption – USA

The U.S. government is known for its data.gov initiative, in which it standardized APIs across all federal agencies. This initiative has led to greater consistency, security and interoperability, making it easier to share data and services. The U.S. applies strict encryption and access control measures to provide secure access to the vast amount of public data hosted by federal agencies.

4. Promoting innovation – Finland

Through its Open APIs initiative , Finland invites citizens, businesses, and other stakeholders to use government data to create innovative solutions to societal challenges. This approach, known as ‘open innovation’, dictates that APIs help foster creativity and entrepreneurship, driving social advancement and economic growth.

5. Development of a national API strategy – UK

The UK’s national API strategy points the way for public sector organizations to take advantage of APIs. It all revolves around a set of standardized principles and guidelines that ensure that the development and use of APIs is aligned with the country’s digital services framework. This approach aims to ensure consistency by encouraging interoperability between different government systems.

6. Building API Catalogs – Canada

The federal government of Canada has created an extensive Catalogue of its public APIs, giving developers a simple way to discover and use these interfaces. The searchable and categorized catalog accelerates the accessibility and usability of government APIs.

7. Facilitating public-private partnerships – Australia

Australia uses APIs effectively to establish public-private partnerships in the digital space. Notably, Consumer Data Law (CDR) allows consumers to share their data with trusted third parties, leading to the development of new services and opportunities. The API Guidelines propose a gateway to APIs so that all government departments and third-party partners can manage APIs through a common architecture.

8. Implementing API Governance – Germany

Germany’s firm API governance policy ensures that APIs are designed, implemented and managed according to best practices. This approach ensures the quality and interoperability of APIs, while facilitating effective lifecycle management of these languages.

9. API user education and engagement – France

France actively engages with API users through workshops, hackathons and challenges. These events promote the use of public APIs, allow the government to better understand the needs of users, and encourage the active use of digital resources for the betterment of society.

10. Encouraging citizen participation – New Zealand

New Zealand’s approach to APIs encourages active citizen participation. The government actively involves citizens in the process of designing and delivering digital services. The goal is to take a citizen-centric approach to API implementation.

11. API Catalog – Brazil

In 2022, the Central Data Governance Committee instituted the Public Services Portal Reference Registry, with data on the provision of public services in the form of APIs, with a view to sharing information within various government agencies. This is the API Catalog . Among the available languages are citizen registrations, company registrations, digital authentication registrations, etc.

Across geographies, the mature use of APIs requires a new mindset from CIOs and government CISOs. There are strategies that facilitate the task of discovering and securing API endpoints and performing behavioral analysis on the various logs collected from the endpoints. This is done using advanced Machine Learning, and is valid for the three main types of APIs:

– Inventory: These API endpoints are configured by the user’s API Definition and are known as API Inventory

– Discoveries: These API endpoints are discovered using AI/ML and are based on traffic directed to them

– Shadow: These API endpoints are discovered, but not documented in the inventory. Shadow API vulnerabilities can be exploited by cybercriminals

Brazil is a major hub for the use of APIs. In addition to analyzing what other countries’ policies for these languages can add to the local culture, it is essential to continue creating centralized and aggregated web portals for developers. Those who have this structure are clearly ahead of the agencies that work with APIs on an ad hoc basis.

Developer portals enable the aggregation of APIs and other resources, making it easier for consumers of public sector data to discover the language they need. Another action that accelerates digital government is to invest in the training of professionals who deal with APIs. This 360º approach promotes innovation and continuous improvement of the services provided by the government to the citizens of our country.

Browse our latest issue

LATAM English

View Magazine Archive