Category: Critical infrastructure

International Electrotechnical Commission

Post date March 1, 2022

Acronym: IEC

Established: 1906

Address: 3 rue de Varembé, 1211 Geneva 20 , Switzerland

Stakeholder group: International and regional organisations

The IEC is the world leader in preparing international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to over 170 countries, coordinating the work of more than 20,000 experts. We administer four IEC Conformity Assessment System s, representing the largest working multilateral agreement based on the one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.

IEC International Standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.

IEC Standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Every member country and all its stakeholders represented through the IEC National Committees has one vote and a say in what goes into an IEC International Standard.

Our work is used to verify the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digitisation, artificial intelligence (AI), or virtual reality applications, protects information technology (IT) and critical infrastructure systems from cyberattacks and increases the safety of people and the environment.

Digital activities

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues.

Digital policy issues

Artificial intelligence and the internet of things

AI applications are driving digital transformation across diverse industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.

For example, the digital transformation of the grid enables increased automation, making it more efficient and able to integrate fluctuating renewable energy sources seamlessly. IEC Standards pave the way for the use of a variety of digital technologies relating to intelligent energy. They deal with issues such as integrating renewable energies within the electrical network but also increased automatisation.

The IEC’s work in the area of AI takes a three-pronged approach. IEC experts focus on sector-specific needs (vertical standards) and conformity assessment, while the joint IEC and International Organization for Standardization (ISO) technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards).

In addition, IEC Safety Standards are an essential element of the framework for AI applications in power utilities and smart manufacturing. IEC Conformity Assessment Systems complete the process by ensuring the standards are properly implemented.

SC 42 addresses some concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.

Governance standards in AI and the business process framework for big data analytics address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.

The joint IEC and ISO technical committee also develop foundational standards for the IoT. Among other things, SC 41 standards promote interoperability, as well as architecture and a common vocabulary for the IoT.

Hardware

The IEC develops standards for many of the technologies that support digital transformation. Sensors, cloud, and edge computing are examples.

Advances in data acquisition systems are driving the growth of big data and AI use cases. The IEC prepares standards relating to semiconductor devices, including sensors.

Sensors can be certified under the IEC Quality Assessment System for Electronic Components (IECQ), one of the four IEC Conformity Assessment Systems.

Cloud computing and its technologies have also supported the increase of AI applications. The joint IEC and ISO technical committee prepares standards for cloud computing, including distributed platforms and edge devices, which are close to users and data collection points. The publications cover key requirements relating to data storage and recovery.

Building trust

International Standards play an important role in increasing trust in AI and help support public and private decision-making, not least because they are developed by a broad range of stakeholders. This helps to ensure that the IEC’s work strikes the right balance between the desire to deploy AI and other new technologies rapidly and the need to study their ethical implications.

The IEC has been working with a wide range of international, regional, and national organisations to develop new ways to bring stakeholders together to address the challenges of AI. These include the Swiss Federal Department of Foreign Affairs (FDFA) and the standards development organisations, ISO, and the International Telecommunication Union (ITU).

More than 500 participants followed the AI with Trust c onference, in-person and online, to hear different stakeholder perspectives on the interplay between legislation, standards and conformity assessment. They followed use-case sessions on healthcare, sensor technology, and collaborative robots, and heard distinguished experts exchange ideas on how they could interoperate more efficiently to build trust in AI. The conference in Geneva was the first milestone of the AI with Trust initiative.

The IEC is also a founding member of the Open Community for Ethics in Autonomous and Intelligent Systems (OCEANIS). OCEANIS brings together standardisation organisations from around the world to enhance awareness of the role of standards in facilitating innovation and addressing issues related to ethics and values.

– e-tech

IEC and ISO Work on Artificial Intelligence

AI for the Last Mile

Computational Approaches for AI Systems

– IEC Blog

Digital Transformation

– Video

Ian Oppermann (AI with Trust)

AI with Trust conference interviews AI Governance

Network security and critical infrastructure

The IEC develops cybersecurity standards and conformity assessments for IT and operational technology (O T). One of the biggest challenges today is that cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to cyberattacks.

Cyberattacks on IT and OT systems often have different consequences. The effects of cyberattacks on IT are generally economical, while cyberattacks on critical infrastructure can impact the environment, damage equipment, or even threaten public health and lives.

When implementing a cybersecurity strategy, it is essential to consider the different priorities of cyber-physical and IT systems. The IEC provides relevant and specific guidance via two of the world’s best-known cybersecurity standards: IEC 62443 for cyber-physical systems and ISO/IEC 27001 for IT systems.

Both take a risk-based approach to cybersecurity, which is based on the concept that it is neither efficient nor sustainable to try to protect all assets in equal measure. Instead, users must identify what is most valuable and requires the greatest protection and identify vulnerabilities.

Conformity assessment provides further security by ensuring that the standards are implemented correctly: IECEE certification for IEC 62443 and IECQ for ISO/IEC 27001.

ISO/IEC 27001 for IT

IT security focuses equally on protecting the confidentiality, integrity, and availability of data – the so-called CIA triad. Confidentiality is of paramount importance and information security management systems, such as the one described in ISO/IEC 27001, are designed to protect sensitive data, such as personally identifiable information (PII), intellectual property (IP), or credit card numbers, for example.

Implementing the information security management system (IS MS) described in ISO/IEC 27001 means embedding information security continuity in business continuity management systems. Organisations are shown how to plan and monitor the use of resources to identify attacks earlier and take steps more quickly to mitigate the initial impact.

IEC 62443 for OT

In cyber-physical systems, where IT and OT converge, the goal is to protect safety, integrity, availability, and confidentiality (SIAC). Industrial control and automation systems (ICAS) run in a loop to check continually that everything is functioning correctly.

The IEC 62443 series was developed because IT cybersecurity measures are not always appropriate for ICAS. ICAS are found in an ever-expanding range of domains and industries, including critical infrastructure, such as energy generation, water management, and the healthcare sector.

ICAS must run continuously to check that each component in an operational system is functioning correctly. Compared to IT systems, they have different performance and availability requirements and equipment lifetime.

Conformity assessment: IECEE

Many organisations are applying for the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE) conformity assessment certification to verify that the requirements of IEC 62443 have been met.

IECEE provides a framework for assessments in line with IEC 62443, which specifies requirements for security capabilities, whether technical (security mechanisms) or process (human procedures) related. Successful recipients receive the IECEE industrial cybersecurity capability certificate of conformity.

Conformity assessment: IECQ

While certification to ISO /IEC 27001 has existed since the standard was published in 2013, it is only in recent years that the IEC Quality Assessment System for Electronic Components (IECQ) has set up a true single standardised way of assessing and certifying an ISMS to ISO/IEC 27001.

International standards such as IEC 62443 and ISO/IEC 27001 are based on industry best practices and reached by consensus. Conformity assessment confirms that they have been implemented correctly to ensure a safe and secure digital society.

Video

Digital tools

IEC has developed a number of online tools and services designed to help everyone with their daily activities.

Social media channels

Facebook @InternationalElectrotechnicalCommission

LinkedIn @IECStandards

Pinterest @IECStandards

X @IECStandards

YouTube @IECstandards

UN International Computing Centre

Post date March 1, 2022

Acronym: UNICC

Address: Palais des Nations 1211 Geneva 10. Switzerland

Website: https://unicc.org/

Stakeholder group: International and regional organisations

UNICC has over 50 years of experience as the largest strategic partner for digital solutions and cybersecurity within the UN system. We design and deploy transformational digital tools and programmes to support over 90 partners in fulfilling their mandates.

UNICC is committed to delivering innovative, forward-looking, reliable system-wide solutions in line with the UN Secretary-General’s Strategy on New Technologies, the UN Secretary-General’s Roadmap for Digital Cooperation, and the UN’s Common Agenda. With our world-class Cybersecurity Centre of Excellence, data and analytics practice, and an array of platform, software, and infrastructure solutions, UNICC serves the entire UN family and other international organisations with similar missions and values for the benefit of the world.

As a part of the UN family, UNICC espouses the same values that the UN embraces. As a strategic partner, UNICC’s guiding values are unmatched and underlie our continued growth: respect, curiosity, pride, passion, flexibility, honesty, and transparency.

Digital activities

UNICC provides core digital business services to UN agencies and related international organisations, including client services; support for innovative technologies, cybersecurity, data, and analytics;software as a service and cloud integration services; and infrastructure and platform services including network services, enterprise backup, ERP, web hosting, and enterprise collaboration platforms. UNICC offers cost savings, business efficiencies, and volume discounts based on the scale of its engagements. These services are designed to protect organisational assets, intellectual property, sensitive data, and reputation, and leverage the shared expertise of the umbrella of UN organisation, with shared innovative solutions being adaptable to client needs.

Digital policy issues

Digital solutions, services, and tools

The need for digital and technological solutions is at an all-time high across businesses and sectors. With the onset of the COVID-19 pandemic, all areas of humanitarian development saw an increased call for advanced technology products and services to respond to the many challenges the world faced. Digital transformation allows for more productivity, streamlined operations, cost efficiencies, agility, and resilience in ever-changing scenarios and is a catalyst for economic growth.

UNICC is responding to this growing need for digital business solutions with innovation and state-of-the-art digital business solutions tailored to many of its more than 80 clients and partner organisations. With UNICC’s shared services business model, clients can benefit from affordable, accessible, flexible solutions to support their mission delivery. At the same time, member states benefit because more UN entities are harnessing smart technologies to fulfil their mandates, reaching further into the field to support country offices and their results. UNICC continues to fine-tune many of these new technologies, and through strategic partnerships, their impact is even greater. For more information, visit the UNICC website.

UN Digital ID

To provide the UN workforce with a universal, easy-to-use, system-wide identity.

UN Digital ID is a unique identity for each UN staff member, from onboarding to retirement. Having a unique identification across the UN system not only reduces data fragmentation and duplication, but also simplifies and streamlines processes and transactions across all business functions between staff and organisations, and among UN organisations themselves. As a data exchange platform, UN Digital ID will allow staff from participating organisations to share any of their HR and related information with complete visibility, consent, and security.

UN Digital ID is part of UN 2.0, the UN Secretary-General’s push to achieve an efficient and data-driven transformation. Read more here.

UNICC Cloud

The first secure private cloud environment for the UN system

UNICC is partnering with Canonical, the publisher of Ubuntu and provider of open-source security, support, and services, to build and deliver the first secure private cloud environment for the UN system, providing cutting-edge security and data sovereignty for the UN’s most sensitive data and software applications.

UNICC Cloud leverages the advantages of cloud computing and the legal protections offered by UN Privileges and Immunities, with the unique added benefit of direct and independent control over data through nodes operated exclusively at UNICC data centres and the guarantee of UNICC’s world-class cybersecurity capabilities. The first node will be located in UNICC’s data centre in Valencia, Spain, thanks to the generosity of the Spanish government. Discussions to create additional nodes are underway with various UN member states. Read more here.

UNHCR and Regional Call Centre

UNICC Supports UNHCR Regional Call Centre for Ukrainian Refugees

The UN Refugee Agency (UNHCR), with the support of UNICC, has partnered with industry experts ServiceNow, British Telecom (BT), and Thirdera to set up a regional contact centre (RCC) for refugees fleeing the ongoing war in Ukraine.

Bringing together the best of Service Now, BT, Thirdera, and UNICC’s digital expertise and solutions, the new UNHCR RCC solution offers refugees a user-friendly, multilingual platform to access vital information on emergency services, assistance, and psychosocial counselling services as well as identifying vulnerable refugees and referring them to specialists for follow up support. The RCC also provides information on education, employment, healthcare, housing, and legal support. Read more here.

Cybersecurity

A cybersecure digital environment for the UN family

UNICC’s cybersecurity services cover oversight, governance, and threat intelligence sharing, as well as advisory services and a spectrum of programmatic and operational components. UNICC Cybersecurity has grown its global programme to serve over 50 UN partners and international organisations since its inception in 2017.

Services range from the Common Secure Threat Intelligence Network of over 40 UN organisations, to maturity assessments, ISO certification support, SOC and SIEM support, as well as security incident response and forensics, business continuity management, and industry-standard operational processes.

UNICC is certified with ISO 27001 and was awarded a 2020 and 2017 CSO 50 Award for its Common Secure Information Security services, demonstrating outstanding business value and thought leadership. Read more here.

UNRWA and Digital Services Hub

Transformative eUNRWA digital services platform and mobile app

UNICC recently provided the advisory support and technical know-how to help the United Nations Relief and Works Agency for Palestine Refugees (UNRWA) build the eUNRWA digital services hub for refugees. Leveraging the technologies and framework built for the UNJSPF Digital Certificate app, UNICC streamlined a platform and mobile application for refugee online and mobile digital services.

The UNICC solution, scaled up to support potentially up to 5 million refugees, enables ‘life event‘ requests for services and documentation, including refugee birth and marriage certificates, work documentation, etc.

The solution went live successfully in all five fields of operations of UNRWA, namely, Jordan, Gaza, West Bank, Lebanon, and Syria, where more than 5.5 million refugees are registered with UNRWA. This solution is envisaged to provide a one-stop shop for Palestine refugees to profit from UNRWA’s digital services. Read more here,

UNDP’s AIDA portal

Artificial Intelligence powers UNDP’s Evaluation Office solutions

Independent evaluation offices play a major role in gleaning and sharing years of evaluation knowledge and experience for UN agency programme delivery. This is never an easy task. Finding valuable information is time-consuming, methodical, and often manual, with multiple sources and document types to process.

In partnership with UNICC and Amazon Web Services, the United Nations Development Programme (UNDP) launched AIDA 2.0 (Artificial Intelligence for Development Analytics), with new analytical capabilities in 2023. This cutting-edge solution streamlines the scanning of more than 6,000 evaluation reports to understand keywords, context, and intent using AI capabilities, returning meaningful answers to complex questions. New features include sentiment analysis, pattern detection, topic modelling and summarisation, and data visualisation.

With UNICC’s support, UNDP’s AIDA portal is accessible to Evaluation Office staff who want to learn from past evaluations to improve programme design and delivery, offering an innovative solution to search, find, and share lessons learned and build on successes from country programmes worldwide. Read more here.

Data Action Portfolio

Driving data for digital transformation across the UN family

The Data Strategy of the Secretary-General for Action by Everyone, Everywhere is a call to action for a data-driven transformation for building ecosystems that unlock the potential for global action on the SDGs. Data drives all aspects of the UN’s work and its power, harnessed responsibly, is critical to global agendas.

As the digital business and technology shared services hub for the UN, UNICC is uniquely positioned to heed the call, embrace, and implement the UN Secretary-General’s data strategy in every corner of the UN system.

UNICC is well-positioned with its Data Action Portfolio to assist UN agencies in implementing their alignments to the UN Secretary-General’s Data Strategy, taking their data programmes to the next level with humanitarian use cases across many UN agencies, in the areas of analytics, advanced analytics, data management, and data exchange as well as data governance. For more information, please visit the UNICC website.

International Criminal Investigations

Innovative technology and partnerships for international criminal investigations

The United Nations Investigative Team to Promote Accountability for Crimes Committed by Da’esh/ISIL (UNITAD) partnered with UNICC and Microsoft to support advanced data management for accountability in UNITAD criminal investigations, with UNICC offering Microsoft Azure hosting services, development, data and analytics, and cognitive services.

UNICC Data and Analytics, Application Development and Cloud Infrastructure teams supported the collection, preservation, and storing of evidence in the form of images, and audio, video, and digital text files that have been recovered from sources in the field. This solution streamlines evidence in independent criminal proceedings to hold members of ISIL accountable for the crimes they may have committed.

The partnership helps UNITAD fulfil its mandate in a more efficient and cost-effective manner by creating new business opportunities for UNICC clients and partner organisations to leverage for similar challenges with this innovative technology.Read more here.

Independent Evaluation Solutions

Artificial intelligence powers UNDP’s evaluation office solutions

In partnership with UNICC and Amazon Web Services, UNDP’s latest cutting-edge solution streamlines the scanning of thousands of evaluation documents to understand keywords, context, and intent using AI capabilities, returning meaningful answers to complex questions. This innovative solution, based on AI and machine learning (ML), is publicly available through UNDP’s portal, AIDA (Artificial Intelligence for Development Analytics).

With UNICC’s support, UNDP’s AIDA Portal is accessible to Evaluation Office staff who want to learn from past evaluations to improve programme design and delivery, offering an innovative solution to search, find, and share lessons learned and build on successes from country programmes worldwide. For more information, visit the UNICC website.

International Criminal Investigations

Innovative technology and partnerships for international criminal investigations

UNICC Data and Analytics, Application Development, and Cloud Infrastructure teams supported the collection, preservation, and storing of evidence in the form of images, audio, video, and digital text files that have been recovered from sources in the field. This solution streamlines evidence in independent criminal proceedings to hold members of ISIL accountable for the crimes they may have committed.

Social media channels

Facebook @unicc.ict

LinkedIn @UNICC

Twitter @unicc_ict

YouTube @UN International Computing Centre

International Organization for Standardization

Post date March 1, 2022

Acronym: ISO

Established: 1947

Address: Chemin de Blandonnet 8, 1214 Vernier, Geneva, Switzerland

Website: https://www.iso.org/iso/home.html

Stakeholder group: International and regional organisations

ISO is the International Organization for Standardization, the world’s largest developer of international standards. It consists of a global network of 170 national standards bodies – our members. Each member represents ISO in its country. The organisation brings together global experts to share knowledge and develop voluntary, consensus-based, market-relevant International Standards. It is best known for its catalogue of almost 25,000
standards spanning a wide range of sectors, including technology, food, and healthcare.

Digital activities

A large number of the international standards and related documents developed by ISO are related to information and communication technologies (ICTs), such as the Open Systems Interconnection (OSI) that was created in 1983 to establish a universal reference model for communication protocols. The organisation is also active in the field of emerging technologies including blockchain, the Internet of Things (IoT), and AI. The standards are developed by various technical committees dedicated to specific areas including information security, cybersecurity, privacy protection, AI, and intelligent transport systems.

Digital policy issues

Artificial intelligence

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) for AI is known as ISO/IEC JTC1/SC 42 Artificial intelligence and is responsible for the development of standards in this area. To date, it has published 20 standards specifically pertaining to AI with 35 others in development. ISO/IEC 42001 is the flagship AI Management System Standard, which provides requirements for establishing, implementing, maintaining, and continually improving an AI management system within the context of an organisation. ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks and addresses approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy. The standards under development include those that cover concepts and terminology for AI (ISO/IEC 22989); bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027); AI risk management (ISO/IEC 23894); a framework for AI systems using machine learning (ISO/IEC 23053); and the assessment of machine learning classification performance (ISO/IEC TS 4213). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Cloud computing

ISO and IEC also have a joint committee for standards related to cloud computing which currently has 27 published standards and a further 5 in development. Of those published, two standards of note include ISO/IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 22123-3, which specifies the cloud computing reference architecture.Standards under development include those on health informatics (ISO/TR 21332); the audit of cloud services (ISO/IEC 22123-2); and data flow, categories, and use (ISO/IEC 19944 series). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Internet of things

Recognising the ongoing developments in the field of IoT, ISO has a number of dedicated standards both published and in development, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181 series), unique identification for IoT (ISO/IEC 29161), Internet of Media Things (ISO/IEC 23093-3), the trustworthiness of IoT (ISO/IEC 30149), and industrial IoT systems (ISO/IEC 30162). IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security. In addition, there are 26 standards under development, some of which provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147); a trustworthiness framework (ISO/IEC 30149); the requirements of an IoT data exchange platform for various IoT services (ISO/IEC 30161); and a real-time IoT framework (ISO/IEC 30165). Up-to-date information on the ISO and IEC joint technical committee for IoT (e.g. scope, programme of work, contact details) can be found on the committee page.

Telecommunication infrastructure

ISO’s standardisation work in the field of telecommunications infrastructure covers areas such as planning and installation of networks (e.g. ISO/IEC 14763-2), corporate telecommunication networks (e.g. ISO/IEC 17343), local and metropolitan area networks (e.g. ISO/IEC/IEEE 8802-A), private integrated telecommunications networks (e.g. ISO/IEC TR 14475), and wireless networks. Next-generation networks – packet-based public networks able to provide telecommunications services and use multiple quality-of-service-enabled transport technologies – are equally covered (e.g. ISO/IEC TR 26905). ISO also has standards for the so-called future networks, which are intended to provide futuristic capabilities and services beyond the limitations of current networks, including the internet. Up-to-date information on the joint ISO and IEC technical committee that develops these standards (e.g. scope, programme of work, contact details ) can be found on the committee page.

Blockchain

ISO has published 11 standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; and ISO 22739 covers fundamental blockchain terminology respectively. ISO also has a further eight standards on blockchain in development. These include those related to: security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); and guidelines for governance (ISO/TS 23635). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Emerging technologies

ISO develops standards in the area of emerging technologies.

Dozens of standards in the area of emerging technologies are those related to robotics. ISO has more than 40 different standards either published or in development that cover issues such as collaborative robots (e.g. ISO/TS 15066); safety requirements for industrial robots (e.g. ISO 10218 series); and personal care robots (e.g. ISO 13482). Autonomous or so-called intelligent transport systems (ITS) standards are developed by ISO’s ITS Technical Committee and include those for forward vehicle collision warning systems (ISO 15623) and secure connections between trusted devices (ISO/TS 21185). Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/IEC 23843).

Network security

ISO and IEC standards also address information security and network security . The ISO and IEC 27000 family of standards covers information security management systems and are used by organisations to secure information assets such as financial data, intellectual property, and employee information. For example,ISO/IEC 27031 and ISO/IEC 27035 are specifically designed to help organisations respond, diffuse, and recover effectively from cyberattacks. ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002 for privacy information management, and details requirements and guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).Network security is also addressed by standards on technologies such as the IoT, smart community infrastructures, medical devices, localisation and tracking systems, and future networks. Up-to-date information on the joint ISO and IEC technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Encryption

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information becomes increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1, currently under development, addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772 which covers authenticated encryption, ISO/IEC 18033-3 which specifies encryption systems (ciphers) for the purpose of data confidentiality, and ISO 19092 which allows for encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons. ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and many more related areas.

Data governance

Big data is another area of ISO standardisation; around 80% of related standards are developed by the ISO/IEC AI committee. The terminology for big-data-related standards is outlined in ISO/IEC 20546, while ISO/IEC 20547-3 covers big data reference architecture. ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations and ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Digital identities

Digital signatures that validate digital identities help to ensure the integrity of data and authenticity of particulars in online transactions. This, therefore, contributes to the security of online applications and services. Standards to support this technology cover elements such as anonymous digital signatures (e.g. ISO/IEC 20008 series); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, which is where the content of the message to be signed is disguised, used in contexts where, for example, anonymity is required. Examples of such standards are ISO 18370-1 and ISO/IEC 18370-2.

Privacy and data protection

Privacy and data protection in the context of ICTs is another area covered by ISO’s standardisation activities. One example is ISO/IEC 29101 which describes a privacy architecture framework. Others include those for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

Digital tools

ISO has developed an online browsing platform that provides up-to-date information on ISO standards, graphical symbols, publications, and terms and definitions.

Future of meetings

Future ISO meetings can be found at ISO – meeting calendar.

World Economic Forum

Post date March 1, 2022

Acronym: WEF

Established: 1971

Address: Route de la Capite 91-93, 1223 Cologny/Geneva, Switzerland

Website: https://www.weforum.org/

Stakeholder group: NGOs and associations

WEF is a not-for-profit foundation whose membership is composed of large corporations from around the world. We engage political, business, academic, and other leaders of society in collaborative efforts to shape global, regional, and industry agendas. Together with other stakeholders, we work to define challenges, solutions, and actions in the spirit of global citizenship. The Forum also serves and builds sustained communities through an integrated concept of high-level meetings, research networks, task forces, and digital collaboration.

Digital activities

The Fourth Industrial Revolution is one of the Forum’s key areas of work. Under this focus, we carry out a wide range of activities covering digital policy issues, from telecom infrastructure and cybersecurity to the digital economy and the future of work. We have set up multiple platforms and global forums focused on bringing together various stakeholders and initiatives to advance debates and foster cooperation on the issues explored. We also publish reports, studies, and white papers on our focus areas, and feature discussions on the policy implications of digital technologies in the framework of the Forum’s annual meeting in Davos and other events organised around the world

Digital policy issues

Telecommunications infrastructure

The Forum’s work in the area of telecom/digital infrastructure is broadly dedicated to shedding light on the need to advance connectivity and evolve towards new network technologies as a way to support the transition to the fourth industrial revolution and support the growth of digital economies. For instance, the Global Future Council of New Network Technologies, active between 2018 and 2020, explored, among others, incentives for network development and the role of new network systems in driving value and innovation. The Forum also promotes the role of digital public infrastructures in enabling digital inclusion and advancing sustainable development.

A specific focus area for the Forum is 5G. We have identified 5G as an issue of global importance and work on analysing the impacts of 5G on industry and society. In our report titled The impact of 5G: Creating new value across industries and society, we note that 5G will be critical because it will enable unprecedented levels of connectivity, allowing for superfast broadband, ultra-reliable low latency communication, massive machine-type communications, and high reliability/availability and efficient energy usage, all of which will transform many sectors, such as manufacturing, transportation, public services, and health. In another example, the 5G Outlook Series: Enabling inclusive long-term opportunities looks at what can be done to ensure that 5G is a technology that benefits people, businesses, and society. The role of satellites in delivering connectivity and the challenges associated with growing competition in Earth orbit are other areas explored by the Forum. The Global Future Council on the Future of Space explores ways in which international cooperation and public-private partnerships can drive sustainable and inclusive use of space resources.

Artificial intelligence

The Forum is carrying out multiple activities in the field of artificial intelligence (AI). The AI Governance Alliance brings together industry leaders, governments, academic institutions, and civil society to shape the future of AI governance. In April 2023, the Forum hosted the Responsible AI Leadership: A Global Summit on Generative AI event, which resulted in the Presidio Recommendations on Responsible Generative AI – a set of recommendations for responsible AI development, open innovation, and social progress. In addition, the Global Future Council on the Future of AI focuses on exploring the opportunities and risks associated with strong forms of AI.

Examples of publications issued by the Forum with a focus on AI include a Blueprint for equity and inclusion in AI, a briefing paper on Data Equity: Foundational Concepts for Generative AI, and a guidebook on Harnessing the AI Revolution in Industrial Operations.

The Forum also explores issues related to AI safety, security, and standards; AI ethics and values; and machine learning and predictive systems in relation to global risks and international security. We publish articles on the need to build a new social contract to ensure that technological innovation, in particular AI, is deployed safely and aligned with the ethical needs of a globalising world. We are also assisting policymakers in devising appropriate AI-related policies. For instance, we published a Framework for Developing a National Artificial Intelligence Strategy to guide governments in their efforts to elaborate strategies for the development and deployment of AI.

In recent years, AI and its impact on national and international policy spaces have featured highly on the agenda of our annual meetings in Davos. AI is also the focus of dedicated events such as the AI Governance Summit organised in November 2023.

Blockchain and cryptocurrencies

The Forum works on governance issues related to the equity, interoperability, security, transparency, and trust of blockchain and distributed ledger technology (DLT). We also analyse the relationship between blockchain and cybersecurity and international security, as well as the future of computing. We publish papers on issues such as blockchain data storage, the challenges blockchain faces and its role in security, as well as guides such as the Blockchain Development Toolkit to guide organisations through the development and deployment of blockchain solutions.

Internet of things

The Forum’s Centre for Urban Transformation explores various issues related to the implications of connected devices and smart technologies. For example, the Council on the Connected World focuses on strengthening innovation and the global governance of connected technologies to maximise the positive benefits and minimise harm for all. One specific area of work for the Council is the security of IoT devices; in 2022, the Forum facilitated a joint Statement of Support on consumer IoT device security outlining key security requirements for consumer-facing devices. In 2023, the Council published the State of the Connected World report, which tracks governance gaps related to IoT.

The Global New Mobility Coalition explores issues related to sustainable mobility, including when it comes to the governance of shared, electric, and automated mobility.

Other IoT-related issues that the Forum has been exploring through various publications and initiatives include the industrial internet, the safety of smart home products, and challenges associated with the concept of the internet of bodies. In cooperation with the Massachusetts Institute of Technology (MIT), we published a report on Realizing the Internet of Things – a Framework for Collective Action outlining five pillars for the development of IoT: architecture and standards, security and privacy, shared value creation, organisational development, and ecosystem governance.
We also lead the G20 Global Smart Cities Alliance on Technology Governance, dedicated to promoting the responsible and ethical use of smart city technologies.

Emerging technologies

Virtual/augmented reality

The Forum’s Global Future Council on Virtual and Augmented Reality focuses on raising awareness of the positive and negative aspects of the widespread adoption of VR/AR technologies. We carry out policy research and analysis related to the impact of VR/AR on society and its security implications in publications on issues such as immersive media technologies, AR innovation in manufacturing, and privacy in the context of VR use.

The Forum also pays attention to developments related to the metaverse and issues various publications on this topic. For instance, Exploring the Industrial Metaverse: A Roadmap to the Future provides a framework for discussing steps towards a valuable ecosystem for the industrial metaverse, while the reports on Social Implications of the Metaverse and Privacy and Safety in the Metaverse explore the implications of metaverse adoptions for individuals and society at large. These and similar publications are issued in the context of the Defining and Building the Metaverse Initiative, whose focus is on ‘guiding the development of a safe, interoperable, and economically viable metaverse’.

Quantum computing

The Forum has created the Global Future Council on the Future of Quantum Economy, which looks into how various actors (governments, businesses, etc.) can take action to maximise the potential offered by quantum technologies. In addition, the Quantum Economy Network offers a platform for governments, businesses, and academia to shape the development of quantum technologies and prepare for their introduction into the economy. The Quantum Security initiative brings together stakeholders from governments, the private sector, academia, and non-profit organisations to exchange ideas and cooperate on issues related to promoting the secure adoption of quantum technologies.

The Forum publishes regularly on matters related to quantum computing and quantum technologies. A few examples include the State of Quantum Computing: Building a Quantum Economy, Quantum Computing Governance Principles, and Transitioning to a Quantum-Secure Economy.

Cybercrime

Under its Centre for Cybersecurity, the Forum runs the Partnership against Cybercrime project, focused on advancing public-private partnerships (e.g. between law enforcement agencies, international organisations, cybersecurity companies, and other actors) to combat cybercrime. Outputs of the partnership include, for instance, the Recommendations for Public-Private Partnership against Cybercrime and the Cybercrime Prevention Principles for Internet Service Providers.

We host a Cybercrime Atlas Initiative dedicated to strengthening coordination between the private sector and law enforcement in fighting cybercrime.

Cybercrime also constitutes the focus of various studies and articles we have published, which delve into issues such as emerging threats and ways to tackle them.

Network security/critical infrastructure/cybersecurity

The Forum has launched a Centre for Cybersecurity dedicated to ‘fostering international dialogues and collaboration between the global cybersecurity community both in the public and private sectors’. Multiple projects are run under this platform, such as the Cybersecurity Learning Hub and the Digital Trust initiative. The cyber resilience of critical sectors, such as electricity and the oil and gas industry, is also a focus area for us.

The Centre also issues reports and other publications covering various cybersecurity topics. Examples include the Global Cybersecurity Outlook; the insight report on Cybersecurity, Emerging Technology, and Systemic Risks; and the Principles for Board Governance of Cyber Risk.

The Forum hosts a Global Future Council on the Future of Cybersecurity, which explores modalities for strengthening cyber risk management across economies and societies. Quantum security and digital trust are among the Council’s focus areas.

Every year, we bring together actors from the public and private sectors to foster collaboration on making cyberspace safer and more resilient, in the framework of the Annual Meeting on Cybersecurity.

Data governance

The Forum has established a Data Policy Platform under our Centre for the Fourth Industrial Revolution, dedicated to developing innovative approaches to enable the responsible use of data. Within this platform, the Data for Common Purpose Initiative aims to support the creation of flexible data governance models, oriented around common purposes. Examples of white papers published by the initiative include Data for Common Purpose: Leveraging Consent to Build Trust and Towards a Data Economy: An Enabling Framework.

The Cross-Border Data Flows project under the Forum’s Digital Trade Initiative looks at how policymakers can advance data transfer governance arrangements while ensuring policy interoperability for data flows.

The Forum regularly publishes reports and papers on data governance issues such as restoring trust in data, cross-border data flows, data protection and security, among others.

E-commerce and trade and digital business models

Several activities and projects run by the Forum focus on e-commerce and broader digital economy-related issues. Under our Digital Trade initiative (part of the Centre for Regions, Trade and Geopolitics), we have been exploring opportunities and challenges associated with digital trade, while also engaging in the shaping of global, regional, and industry agendas on digital trade. Projects run within the initiative include, among others, the Digital Economy Agreement Leadership Group – which aims to contribute to the growth of inclusive and sustainable digital economies, and the TradeTech project – which facilitates dialogue on public policy and regulatory practices related to digital trade. The Digital Payments for Trade and Commerce Advisory Committee – also part of the Digital Trade initiative – is dedicated to fostering interoperability, inclusivity, and coherent regulatory reforms for digital payments.

E-commerce is also tackled in studies, white papers, and events we produce, which address issues such as e-commerce in emerging markets, the impact of e-commerce on prices, and digital currencies.

Under the Centre for the New Economy and Society, we bring together various stakeholders to promote new approaches to competitiveness in the digital economy, with a focus on issues such as education and skills, equality and inclusion, and improved economic opportunities for people.

Future of work

The future of work is a topic that spans multiple Forum activities. For instance, under the Centre for the New Economy and Society, several projects focus on issues such as education, skills, upskilling and reskilling, and equality and inclusion in the world of work. We have also launched a Reskilling Revolution Initiative, aimed at contributing to providing better jobs, education, and skills to one billion people by 2030. Projects under this platform include, among others, Education 4.0 (focused on mapping needed reforms to primary and secondary education systems), Education and Skills Country Accelerators (dedicated to advancing gender parity, promoting upskilling and reskilling, and improving education systems), and Skills-first (focused on transforming adult education and workforce skills). Also part of the Reskilling Revolution is the Future Skills Alliance, whose main objective is to facilitate the adoption of skills-first management practices and give workers a fair and equal opportunity to excel in the labour market.

The Forum publishes regular reports on the Future of Jobs, exploring the evolution of jobs and skills and how technology and socio-economic trends shape the workplace of the future. Other notable publications and tools developed by the Forum include the white paper on Putting Skills First: A Framework for Action and the Global Skills Taxonomy.

Digital access

The Forum’s EDISON Alliance brings together governments, businesses, academia, and civil society to advance equitable access to the digital economy and bridge digital divides. Part of the Forum’s Centre for the Fourth Industrial Revolution, the Alliance fosters collaboration to drive digital inclusion and accelerate the delivery of digital solutions to unserved and underserved communities, with a focus on health, education, and financial inclusion. It also provides policymakers with guidance to make informed decisions that drive financial inclusions. Tools developed by the Alliance include principles for digital health inclusion, a guidebook for digital inclusion bond financing, and a Digital Inclusion Navigator that provides access to case studies and best practices related to bridging digital divides.

Digital tools

The Forum is also active on issues related to digital currencies and their policy implications. For instance, its Digital Currency Governance Consortium focuses on exploring the macroeconomic impacts of digital currencies and informing approaches to regulating digital currencies. The Central Bank Digital Currency (CBDC) Policy-Makers Toolkit, published in 2020, is intended to serve as a possible framework to ensure that the deployment of CBDCs takes into account potential costs and benefits. Various publications have been issued that explore topics such as the

Cryptocurrencies

CyberPeace Institute

Post date March 1, 2022

Acronym: CyberPeace Institute

Established: 2019

Address: Campus Biotech Innovation Park, 15 avenue de Sécheron, 1202 Geneva, Switzerland

Website: https://cyberpeaceinstitute.org/

Stakeholder group: NGOs and associations

The CyberPeace Institute is an independent and neutral non-governmental organisation (NGO) that strives to reduce the frequency, impact, and scale of cyberattacks, to hold actors accountable for the harm they cause, and to assist vulnerable communities.

The institute is a Geneva-based NGO, also working in close collaboration with relevant partners to reduce the harm from cyberattacks on people’s lives worldwide and provide assistance. By analysing cyberattacks, we expose their societal impact and how international laws and norms are being violated, and advance responsible behaviour to enforce cyberpeace.

At the heart of the Institute’s efforts is the recognition that cyberspace is about people. We support providers of essential services to the most vulnerable members of society, ultimately benefitting us all, like NGOs and the healthcare sector. Attacking them can have a devastating impact on beneficiaries and patients, putting their rights and even lives at risk.

To deliver on this mission, we rely on donations and the generosity of individuals, foundations, companies, and other supporters. This support enables us to assist and support vulnerable communities, including NGOs, to enhance their resilience to cyberattacks.

The Institute also provides evidence-based knowledge and fosters awareness of the impact of cyberattacks on people, to give a voice to and empower victims to highlight the harm and impact of cyberattacks. We remind state and non-state actors of the international laws and norms governing responsible behaviour in cyberspace, and advance the rule of law to reduce harm and ensure the respect of the rights of people.

Digital activities

Created in 2019, the Institute assesses the impact of cyberattacks from a human perspective, focusing on the rights of people. We ground our analysis on evidence and the impact on human well-being, telling the story of people, linking it with the technical reality of cyberattacks, and assessing it against the violation of laws. The Institute advocates for an evidence-based, human-centric approach to the analysis of cyberattacks as essential to the process of redress, repair, and/or justice for victims. It works collaboratively in our research, analysis, assistance, mobilisation, and advocacy. We engage with vulnerable communities to understand their needs for cybersecurity support and provide free and trusted cybersecurity assistance to vulnerable communities.

The CyberPeace Institute

assists NGOs and other vulnerable communities to prepare for and recover from cyberattacks.
investigates cyberattacks targeting vulnerable communities, analysing these attacks to provide alerts and support and for accountability.
advocates to advance the rule of law and respect for the rights of people.
anticipates threats to people associated with emerging and disruptive technologies.
- Examples of operational activities
Assisting humanitarian and other NGOs with free and trusted cybersecurity support.
Analysing cyberattacks and highlighting their impact on people and how they violate the rule of law.
Documenting violations of international laws and norms and advocating for strengthened legal protection in cyberspace.
Offering expertise and support to states and civil society in relation to responsible behaviour in cyberspace.
Foreseeing and navigating future trends and threats in cyberspace.

Digital policy issues

Critical infrastructure

Cyberattacks against critical infrastructure have been on the rise, from attacks against hospitals and vaccine supply chains to attacks on the energy sector. When such disruptions occur, access to basic services is at risk. It is vital that there is an increase in the capacity and ability to improve resilience to cyberthreats in critical sectors, such as healthcare. The CyberPeace Institute urges stakeholders in diplomatic, policy, operational, and technical areas to increase their capacity and resilience to cyberthreats.

The Institute advocates for capacity building aimed at enabling states to identify and protect national critical infrastructure and to cooperatively safeguard its operation. This includes capacity building, implementation of norms of responsible behaviour, and confidence building measures. In strengthening efforts to protect critical infrastructure, the Institute calls for the sharing of lessons learned between countries to assist those with less capacity and fewer capabilities.

NGOs in civilian-critical sectors, for example water, food, healthcare, energy, finance, and information, need support and expertise to help them strengthen their cybersecurity capabilities. While these NGOs provide critical services to communities and bridge areas not covered by public and private actors, they lack the resources to protect themselves from cybersecurity threats.

Examples of the Institute’s work in this regard:

Calls to governments to take immediate and decisive action to stop all cyberattacks on hospitals and healthcare and medical research facilities, as well as on medical personnel and international public health organisations.
Capacity building is essential for achieving cyber preparedness and resilience across sectors and fields, and activities focus on providing assistance and capacity building to NGOs that might lack technical expertise and resources.
Publication of the strategic analysis report Playing with Lives: Cyberattacks on Healthcare are Attacks on People, and launch of the Cyber Incident Tracer (CIT) #Health platform that bridges the current information gap about cyberattacks on healthcare and their impact on people. This is a valuable source of information for evidence-led operational, policy, and legal decision-makers.
Analysis and evaluation of cyberattacks and operations targeting critical infrastructure and civilian objects in the armed conflict between Ukraine and the Russian Federation through the publicly accessible Cyber Attacks in Times of Conflict Platform #Ukraine and a two-part video series to offer visual representation of key findings further developed in our quarterly analytical reports.
An interactive platform named The CyberPeace Watch to expand the monitoring to other contexts including other situations of armed conflict and to the application of relevant laws and norms. This informs policy and legal processes and developments, the preparedness and protection of critical infrastructure, and cyber capacity building.
Participation in the INFINITY project to transform the traditional idea of criminal investigation and analysis. INFINITY has received funding from the European Union’s Horizon 2020. Its concept is based around four core research and technical innovations that together, will provide a revolutionary approach and convert data into actionable intelligence.
Participation in the UnderServed project, an EU- funded initiative to address the lack of adequate cybersecurity measures for vulnerable sectors, including humanitarian, development, and peace non-governmental organisations (NGO). The primary objective of the project is to establish a comprehensive platform for reporting and analysing cyber threats. This platform is tailor-made for NGOs vulnerable to cyberattacks, which often lack the resources to effectively mitigate such threats.

Network security

NGOs play a critical role in ensuring the delivery of critical services, such as the provision of healthcare, access to food, micro-loans, information, and the protection of human rights.

Malicious actors are already targeting NGOs in an effort to get ransoms and exfiltrate data. Often these NGOs do not have the budget, know-how, or time to effectively secure their infrastructures and develop a robust incident response to manage and overcome sophisticated attacks.

With this in mind, the Institute launched its CyberPeace Builders programme in 2021, a unique network of corporate volunteers providing free pre- and post-incident assistance to NGOs supporting vulnerable populations.

This initiative brings support to NGOs in critical sectors at a level that is unequalled in terms of staff, tools, and capabilities. It assists NGOs with cybersecurity whether they work locally or globally, and supports them in crisis-affected areas across the globe.

Capacity development

The Institute believes that meaningful change can occur when a diversity of perspectives, sectors, and industries work together. To address the complex challenges related to ensuring cyberpeace, it works with a wide range of actors at the global level including governments, the private sector, civil society, academia, philanthropies, policymaking institutions, and other organisations. The Institute contributes by providing evidence-led knowledge, emphasising the need to integrate a genuine human-centric approach in both technical and policy-related projects and processes, and by highlighting the civil society perspective to support and amplify existing initiatives.

Training

The CyberPeace Institute is providing comprehensive training for NGOs Boards and Staff, Foundations and Volunteers designed to empower organisations with vital tools for safeguarding their missions.

We recently launched a Cyber School, in partnership with Microsoft, to create a unique, free offer to
participate in an 8-week virtual course for everyone who is interested in taking their first step into a new career path.

Interdisciplinary approaches

To contribute to closing the accountability gap in cyberspace, the Institute seeks to advance the role of international law and norms.

It reminds state and non-state actors of the international law and norms governing responsible behaviour in cyberspace, and contributes to advancing the rule of law to reduce harm and ensure the respect of the rights of people.

Contribution to UN processes

In 2021–2022, the Institute contributed to and commented on various UN-led processes (notably the United Nations Group of Governmental Experts on Advancing responsible state behaviour in cyberspace in the context of international security (UN GGE) and the Working Group (WG) on the use of mercenaries as a means of violating human rights and impeding the exercise of the rights of peoples to self-determination).
Since its inception, the Institute has closely followed the work of the UN Open-Ended Working Group (UN OEWG) on developments in the field of information and telecommunications in the context of international security, advocating recognition of the healthcare sector as a critical infrastructure and raising concerns about the lack of commitment towards an actionable and genuine human-centric approach.
In the Open-Ended Working Group on security of and in the use of information and communications technologies 2021–2025 (OEWG II), the Institute set out three key action areas and related recommendations, and is contributing its expertise in relation to the protection of humanitarian and development organisations from cyberattacks.
– The Institute issued a Statement at the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes (Cybercrime Convention
Moreover, the Institute sought to advance the Cyber Programme of Action (PoA) by offering recommendations concerning the range, organisation, and approaches for stakeholder participation.
Also, the Institute welcomed the call for civil society organisations to contribute to the Global Digital Compact and provided a set of recommendations.

Participation in international initiatives: The Paris Call Working Groups

The Paris Call for Trust and Security in Cyberspace is a multistakeholder initiative launched by the French government at the Paris Peace Forum in November 2018. The Call itself sets out nine principles promoting and ensuring the security of cyberspace and the safer use of information and communications technology (ICT).

To operationalise these principles, in November 2020 six working groups were created to work on various issues that relate to them. The Institute co-led WG5 with colleagues from Geopolitics in the Datasphere [Géopolitique de la Datasphère] and The Hague Centre for Strategic Studies (HCSS).
The work of this group led to the Final Report published during the Paris Peace Forum 2021. It presents a methodology to facilitate understanding of how the implementation of normative, legal, operational, and technical measures, or the lack thereof, contribute to stability in cyberspace and ultimately to cyberpeace.
The Institute contributed to WG3: Advancing the UN negotiations with a strong multistakeholder approach, leading to the publication of the final report on Multistakeholder Participation at the UN: The Need for Greater Inclusivity in the UN Dialogues on Cybersecurity.
The Institute chaired the session “Unpacking the Cyber Mercenaries’ Phenomenon” at the 6th edition of the Paris Peace Forum.

At the World Economic Forum meeting in Davos, in May 2022, the CyberPeace Institute joined Access Now, the Office of the High Commissioner for Human Rights (OHCHR), Human Rights Watch (HRW), Amnesty International, the International Trade Union Confederation (ITUC), and Consumers International to call on decision-makers to take action and initiate a moratorium limiting the sale, transfer, and use of abusive spyware until people’s rights are safeguarded under international human rights law.

This is in addition to a call made in 2021, in which the Institute joined more than 100 civil society organisations calling for a global moratorium on the sale and transfer of surveillance technology until rigorous human rights safeguards are adopted to regulate such practices and guarantee that governments and non-state actors don’t abuse these capabilities.

EU Processes

At the Institute, we conduct an evaluation of best practices in implementing EU regulations, focusing on
their evolution and development to ensure effective execution. Simultaneously, we analyse EU mechanisms like the EU Cyber Diplomacy Toolbox, aimed at countering malicious cyber activities and bolstering resilience, while providing targeted observations and recommendations.

We contributed to the Joint Letter of Experts on Cyber Resilience Act to shed light on the vulnerability disclosure requirements, which are believed to be counterproductive.
We offered recommendations to the working group of the ITRE Committee (EU parliament).
We led the workshop for the European Parliament’s Subcommittee on Security and Defence (SEDE) on the role of cyber in the Russian war against Ukraine: Its impact and the consequences for the future of armed conflict, which was then published as a working paper.
We provided positions and recommendations on the EU AI Act (unpublished yet).

Digital technology plays an important role in conflict mediation and global peacebuilding. It can extend inclusion, allowing more women or people from marginalised groups to take part in or follow a mediation process. It can make mediation faster and more efficient and can allow mediators to draw on resources from around the world.

However, digital technology brings risks, too. It can increase polarisation, for example, and allow disinformation to spread to more people, more quickly. It can increase vulnerability to malicious actors, spying, and data breaches. These risks can undermine trust in the process.

Mediators work in low-trust, volatile contexts and don’t always have the knowledge to assess the risks posed by digital technology. A new online platform helps to raise awareness of those risks, as well as offering training on how to deal with them. The Digital Risk Management E-Learning Platform for Mediators was created in 2021 by the CyberPeace Institute, CMI – Martti Ahtisaari Peace Foundation, and the UN Department of Political and Peacebuilding Affairs (UNDPPA) Mediation Support Unit.

As part of the integration and engagement with the stakeholder ecosystem in Geneva, the Institute is a member of the Geneva Chamber of Commerce, Industry and Services (CCIG). Various academic collaborations are ongoing through participation in conferences, workshops, and lectures,
namely with the Ecole Polytechnique Fédérale de Lausanne Centre for digital trust EPFL (C4DT), the University of Geneva (UNIGE), and the Graduate Institute (IHEID). In 2020, the Institute formed a strategic partnership with the SwissTrust Valley for Digital Transformation and Cybersecurity.

The Institute and its staff have received several awards for innovative and continuous efforts promoting cyberpeace including the 2020 Geneva Centre for Security Policy (GCSP), second prize for Innovation in Global Security, and the Prix de l’Economie in 2021 from CCIG.

World Intellectual Property Organization

Post date March 1, 2022

Acronym: WIPO

Established: 1967

Address: Chemin des Colombettes 34, 1211 Geneva 20, Switzerland

Website: https://www.wipo.int/

Stakeholder group: International and regional organisations

WIPO is a UN agency functioning as the global forum for intellectual property (IP) related services (patents, copyright, trademarks, and designs), policy, information, and cooperation. The organisation was established in 1967. It currently has 193 member states and over 200 observers representing non-governmental organisations (NGOs) and intergovernmental organisations. WIPO leads the development of a balanced and effective global IP ecosystem to promote innovation and creativity for a better and more sustainable future.

Digital activities

WIPO runs several online registration systems for patents and trademarks. There are also numerous databases available for use by stakeholders on the same subjects.

Digital policy issues

Frontier technologies including artificial intelligence

WIPO pays particular attention to the interplay between frontier technologies including artificial intelligence (AI) and IP.

The WIPO Conversation on IP and Frontier Technologies provides an open, inclusive forum to engage with and facilitate discussion and knowledge-building among the widest possible set of stakeholders. It leads the global discourse on the impact of frontier technologies on IP, in this fast-moving, complex space. Each year, WIPO usually holds two sessions of the Conversation covering both the uses and applications of frontier technologies to assist IP Offices and IP owners as well as more conceptual policy-based discussions to ensure that the IP systems continue to foster innovation. The five sessions of the WIPO Conversation to date have focused on AI, data, and frontier technologies in IP administration.

WIPO has prepared a paper exploring the (potential) impact of AI on IP policies in areas such as copyright and related rights, patents, trademarks, designs, and overall IP administration. It also maintains an AI and IP strategy clearing house, which collates government instruments (strategies, regulations, etc.) that are relevant to AI, data, and IP.

WIPO is also developing and deploying AI solutions in the context of various activities; relevant examples are WIPO Translate and the WIPO Brand Image Search, which use AI for automated translation and image recognition. The WIPO Index of AI Initiatives in IP Offices seeks to foster information sharing and collaboration between national IP Offices working on similar projects.

Revised Issue Paper on Intellectual Property Policy and Artificial Intelligence (2020)
IP and Frontier Technologies
The WIPO Conversation on IP and Frontier Technologies
IP and AI
IP and Data
AI and IP Clearing House
Index of AI Initiatives
Frontier Technologies in IP Administration
UN Secretary-General’s High-level Panel on Digital Cooperation follow-up process | Contributing to the roundtables on AI and digital platforms.
Taking part in the Road to Bern via Geneva dialogues on digital and data cooperation.
Cooperating with the International Telecommunication Union (ITU) in the AI for Good initiative
Supporting UNESCO’s work on developing the first global normative instrument on the ethics of AI.
Participating in the work of the Geneva Science and Diplomacy Anticipator (GESDA), and an independent foundation to leverage the anticipative power of science with diplomacy organisations and citizens working in Geneva and around the world.

Alternative dispute resolution and critical internet resources

WIPO’sactivitiesregarding the Domain Name System(DNS) revolve around the protection of trademarks and related rights in the context of domain names. It developed the Uniform Domain-Name Dispute-Resolution Policy (UDRP) with the Internet Corporation for Assigned Names and Numbers (ICANN). Under this policy, WIPO’s Arbitration and Mediation Center provides dispute resolution services for second-level domain name registrations under generic top-level domains (gTLDs) to which the UDPR applies. The Center also administers disputes under specific policies adopted by some gTLD registries (e.g. .aero, .asia, .travel). In addition, it offers domain name dispute resolution services for over 70 country code top-level domains (ccTLDs). WIPO has developed a ccTLD Program to provide advice to many ccTLD registries on the establishment of dispute resolution procedures. It also contributes to the work carried out within the framework of ICANN in regard to the strengthening of existing trademark rights protection mechanisms or the development of new such mechanisms.

WIPO Guide to the Uniform Domain Name Dispute Resolution Policy
Guide to WIPO’s services for country code top-level domain registries
WIPO’s Arbitration and Mediation Center
WIPO Online Case Administration Tools, including WIPO eADR (allowing parties in a dispute, mediators, arbitrators, and experts in a WIPO case to securely submit communications electronically into an online docket) and online facilities for meetings and hearings as part of WIPO cases.

Intellectual property rights

Trademarks

WIPO has long been involved in issues related to the protection of trademarks in the context of the DNS. The first phase of the WIPO Internet Domain Name Process, carried out in 1991, explored trademark abuse in second-level domain names, and led to the adoption, by ICANN, of the UDRP. WIPO has also contributed to the development of several trademark rights protection mechanisms applicable to gTLDs (such as legal rights objections, the Trademark Clearinghouse, and the uniform rapid suspension system). The WIPO Arbitration and Mediation Center administers trademark-related dispute resolution cases for several gTLDs and ccTLDs.

Copyright

WIPO is actively contributing to international discussions on the opportunities offered by copyright in the digital environment, especially to developing economies, small and medium enterprises (SMEs) and women entrepreneurs. The organisation administers the Internet Treaties and the Beijing Treaty, which clarify that existing copyright and related rights apply on the internet, and introduce new online rights, while also establishing international norms aimed at preventing unauthorised access to and use of creative works on the internet or other digital networks. The WIPO Accessible Books Consortium furthers the practical implementation of the Marrakesh Treaty to increase the number of books available worldwide in accessible digital formats. WIPO member states are considering topics related to copyright in the digital environment at the multilateral level. WIPO also carries out research and organises seminars and other meetings on aspects concerning challenges and possible solutions for taking advantage of the opportunities offered by copyright and related rights in the digital era.

Liability of intermediaries

Given WIPO’s concerns regarding the protection of copyright and related rights on the internet, the organisation is exploring issues related to the roles and responsibilities of internet intermediaries when it comes to online copyright infringements. The organisation carries out or commissions research and publishes studies on the relationship between copyright and internet intermediaries (such as comparative analyses of national approaches to the liability of Internet intermediaries), and organises events (seminars, workshops, sessions at the World Summit on the Information Society (WSIS) Forum and Internet Governance Forum (IGF) meetings, etc.) aimed at facilitating multistakeholder discussions on the potential liability of internet intermediaries concerning copyright infringements.

Comparative analysis of national approaches of the liability of the internet intermediaries (I and II).

Sustainable development

WIPO is of the view that IP is a critical incentive for innovation and creativity, and, as such, a key to the success of the sustainable development goals (SDGs). The organisation works to enable member states to use the IP system to drive the innovation, competitiveness, and creativity needed to achieve the SDGs. It does so, for instance, through supporting countries in their efforts to build an innovative IP ecosystem, providing legislative advice on updating national IP laws, and supporting judiciary systems in keeping up with technological innovation. WIPO’s contribution to the implementation of the Agenda 2030 is guided by its Development Agenda.

WIPO and the Sustainable Development Goals – Innovation Driving Human Progress (brochure)
The Impact of Innovation – WIPO and the Sustainable Development Goals
WIPO GREEN – online marketplace for sustainable technologies
COVID-19 Technical Assistance Platform – a one-stop digital platform for technical assistance provided by WIPO, WHO, and WTO on IP, public health, and trade matters related to COVID-19.

Climate change

WIPO’s Global Challenges programme brings together various stakeholders to explore issues related to green technologies and the environment. It hosts WIPO GREEN, a multistakeholder platform aimed to promote innovation and diffusion of green technologies, and it provides analysis of relevant IP issues to facilitate international policy dialogue. The WIPO GREEN platform includes a digital database of green technologies in sectors such as energy, water and transportation. In 2022, WIPO launched the Green Technology Book, a major digital publication to showcase concrete solutions related to climate change adaptation. The report will be fully integrated with the WIPO GREEN database, allowing for continuous additions by technology providers.

WIPO GREEN – online marketplace for sustainable/ green technologies

Digital tools

Here are some examples of the digital tools WIPO uses in relation to its services:

WIPO Online Case Administration Tools, including WIPO eADR (allowing parties in a dispute, mediators, arbitrators, and experts in a WIPO case to securely submit communications electronically into an online docket) and online facilities for meetings and hearings as part of WIPO cases.
WIPO GREEN – online marketplace for sustainable technologies.
WIPO Match – platform that matches seekers of specific IP-related development needs with potential providers offering resources.
WIPO Alert – platform to upload information on entities that infringed copyright at national level.
Madrid e-services – online tools and resources.
Electronic Forum – enables the electronic distribution and submission by email of comments concerning preliminary draft working documents and draft reports.
WIPO Academy – also includes an eLearning Centre.
WIPO Connect – enables collective management of copyright and related rights at local and central levels.
ABC Global Book Service – on-line catalogue that allows participating libraries for the blind and organisations serving people who are print disabled to obtain accessible content.
WIPO Knowledge Centre – hosts virtual exhibitions. Recent subjects have included geographical indications, and AI.

United Nations Human Rights Council

Post date March 1, 2022

Acronym: UNHRC

Established: 2006

Address: Palais Wilson 52, rue des Pâquis, CH-1201 Geneva, Switzerland

Website: https://www.ohchr.org/EN/HRBodies/HRC/Pages/HRCIndex.aspx

Stakeholder group: International and regional organisations

The Human Rights Council is a United Nations intergovernmental body whose mandate is to strengthen the promotion and protection of human rights around the globe, and to make recommendations on cases of human rights violations. The Council is made up of 47 member states, as elected by the UN General Assembly.

The Council works closely with the Office of the High Commissioner for Human Rights (OHCHR), headed by the High Commissioner for Human Rights, who is the principal human rights official of the United Nation.

Freedom of expression and privacy in the online space are two of the issues covered by the Council in its activities. These have been discussed at UNHRC sessions, and covered in resolutions adopted by the Council, as well as in reports elaborated by the special rapporteurs appointed by the Council. The Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has issued reports on issues such as: the use of encryption and anonymity to exercise the rights to freedom of opinion and expression in the digital age; states’ surveillance of communications on the exercise of the human rights to privacy and to freedom of opinion and expression; the right to freedom of opinion and expression exercised through the Internet; etc. The Special Rapporteur on the righ to privacy has within its mandate the responsibility to make recommendations for the promotion and protection of the right to privacy, including in connection with challenges arising from new technologies.

Geneva Internet Platform

Post date March 1, 2022

Acronym: GIP

Established: 2014

Address: 7bis, Avenue de la Paix, CH-1202 Geneva

Website: https://www.giplatform.org/

Stakeholder group: NGOs and associations

The Geneva Internet Plaform (GIP) is a Swiss initiative operated by DiploFoundation that strives to engage digital actors, foster digital governance, and monitor digital policies.

It aims to provide a neutral and inclusive space for digital policy debates, strengthen the participation of small and developing countries in Geneva-based digital policy processes, support activities of Geneva-based Internet governance (IG) and ICT institutions and initiatives, facilitate research for an evidence-based, multidisciplinary digital policy, bridge various policy silos, and provide tools and methods for in situ and online engagement that could be used by other policy spaces in International Geneva and worldwide. The GIP’s activities are implemented based on three pillars: a physical platform in Geneva, an online platform and observatory, and a dialogue lab.