Trustworthy Data Spaces: A Dialogue Between North and South (WTO Public Forum 2022)

Event description

Date: Thursday, 29th September, 15:45–17:00 CEST

Location: Room D, World Trade Organization (WTO), Geneva

Although data is non-rivalrous, data controllers have the capacity to restrict access to data for a myriad of reasons, such as protecting privacy, intellectual property, or to maintain a competitive edge.

At present, there are insufficient incentives for data to be shared by data controllers, and insufficient obligations for them to fulfil the social value of data.

This session will address data sharing and data flows from national and international perspectives. It aims to establish a bridge between proposals advanced by actors in the Global North and in the Global South, such as Switzerland’s proposal of trustworthy data spaces, Japan’s proposal of data free flows with trust and India’s notion of community data.

Participants will discuss how these different proposals could contribute to promoting a more equal distribution of benefits in the data economy and to shed light on current negotiations on data flows taking place at the WTO.

This event, which is part of the WTO’s Public Forum 2022, is being organised by Diplo, the Swiss Federal Office of Communications (OFCOM), and the Geneva Internet Platform.

Moderator: Marilia Maciel (Head, Digital Commerce and Internet Policy, Diplo)

Panellists:

  • Andrin Eichin (Swiss Federal Office of Communications (OFCOM))
  • Torbjörn Fredriksson (Head, E-commerce and Digital Economy Branch, UN Conference on Trade and Development (UNCTAD))
  • Simon J. Evenett (Professor of International Trade and Economic Development, University of St. Gallen, Switzerland)
  • Parminder Jeet Singh (Executive Director, IT for Change)

For more information about the WTO Public Forum 2022, visit the official page.

International Electrotechnical Commission

Acronym: IEC

Address: Rue de Varembé 3, 1211 Geneva 20, Switzerland

Website: https://iec.ch

Stakeholder group: International and regional organisations

Founded in 1906, the International Electrotechnical Commission (IEC) is the world’s leading organisation for the development of international standards for all electrical and electronic technologies. The IEC’s standardisation work is advanced by nearly 20 000 experts from government, industry, commerce, research, academia, and other stakeholder groups.

The IEC is one of three global sister organisations (in addition to the ISO and ITU) that develop international standards.

Digital Activities

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues illustrated below.

Digital policy issues

Digital standards 

 The IEC carries out standardisation and conformity assessment activities covering a vast array of technologies. These range from smart cities, grids, automation, and energy to electromagnetic compatibility between devices, digital system interfaces and protocols, and fibre optics and cables. Other areas covered by the IEC include multimedia home systems and applications for end-user networks, multimedia e-publishing and e-book technologies, information and communication technologies (ICTs), wearable electronic devices and technologies, cards and personal identification, programming languages, cloud computing and distributed platforms, the Internet of Things, and information technology (IT) for learning, education, and training.

Over the past 30 years, the IEC and ISO Joint Technical Committee (JTC 1) have been developing IT standards for global markets, meeting business and user requirements. This work addresses various aspects including the design and development of IT systems and tools; interoperability, performance, and quality of IT products and systems; harmonised IT vocabulary; and security of IT systems and information. Some of the areas that JTC 1 covers include:

  • Cards and security devices for personal identification
  • Computer graphics, image processing, and environmental data representation
  • Coding of audio, picture, multimedia, and hypermedia information
  • Automatic identification and data capture techniques
  • Data management and interchange
  • IT for learning, education, and training
  • Biometrics
  • Trustworthiness
  • Digital twins
  • Quantum computing
  • 3D printing
  • Augmented reality and virtual reality-based ICT
  • Autonomous and data-rich vehicles
Internet of things 
The Internet of Things (IoT) is one of the main technology sectors covered by the IEC (International Electrotechnical Commission) in its standardisation activities. Several technical committees (some of which are joint groups with the ISO – International Organization for Standardization) focus on various aspects of the Internet of Things. Examples include: standardisation in the area of IoT and related technologies, including sensor networks and wearable technologies; smart cities; smart grid (which involve the use of technology for optimal electricity delivery); and smart energy. In addition to developing standards, the IEC also publishes white papers, roadmaps with recommendations, and other resources on IoT-related issues. IECEE and IECQ, two of the four IEC Systems for Conformity Assessment, verify that digital devices/systems perform as intended.
Artificial intelligence 
Another important technology sector tackled by the IEC is artificial intelligence (AI). Standardisation activities in the area of AI are mostly covered by a joint IEC and ISO technical committee (ISO/IEC JTC 1/SC 42). The committee has recently published a new technical report that aims, among others, to assist the standards community in identifying specific AI standardisation gaps. SC 42 has set up several groups that cover specific aspects of AI, such as computational approaches and characteristics of AI systems, trustworthiness, use cases and applications of AI systems, to name a few.

The IEC also publishes white papers, recommendations and other resources on AI-related topics.

Cloud computing 
 Cloud computing is an enabling technology, based on the principles of shared devices, network access and shared data storage.

ISO/IEC JTC 1/SC 38 has produced international standards with cloud computing terms and definitions and reference architecture. Other work includes a standard which establishes a set of common cloud service building blocks, including terms and offerings, that can be used to create service level agreements (SLAs), which also covers the requirements for the security and privacy aspects of cloud service level agreements.

SC 38 has produced a standard for data taxonomy, which identifies the categories of data that flow across the cloud service customer devices and cloud services and how the data should be handled.

Network security 
In the area of cybersecurity, IEC works with ISO in their joint technical committee to develop the ISO/IEC 27000 family of standards. In addition, the IEC operates globally standardized systems for testing and certification (conformity assessment) to ensure that standards are properly applied in real-world technical systems and that results from anywhere in the world can be compared. To this end, IECQ (IEC Quality Assessment System For Electronic Component) provides an approved process scheme for ISO/IEC 27001. The IECEE (IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components) Industrial Cybersecurity Programme focuses on cybersecurity in the industrial automation sector.
Critical infrastructure 
The IEC develops horizontal standards, such as the IEC 62443, for operational technology in industrial and critical infrastructure that includes power utilities, water management systems, healthcare and transport systems. These standards are technology independent and can be applied across many technical areas. On the other hand, several technical committees and subcommittees develop international standards to protect specific domains and critical infrastructure assets (vertical standards).

 

Sustainable development 
 The IEC international standards and conformity assessment systems contribute to the realisation of all 17 Sustainable Development Goals (SDGs). They provide the foundation allowing all countries and industries to adopt or build sustainable technologies, apply best practice, and form the basis for innovation as well as quality and risk management.

 

Capacity development 
The IEC Academy Platform aims to support IEC community members through formal learning and collaboration opportunities. The IEC offers a series of online courses and webinars that provide an in-depth understanding of IEC’s main activities.

Future of meetings

Any reference to online or remote meetings?

  • IEC technical committees have held online/remote meetings for many years, especially for focussed discussions on individual topics. In the context of the COVID-19 pandemic the breadth of technical online meetings has been further expanded to ensure optimal continuation of standardization and conformity assessment activities. Most face-to-face management board and governance meetings have been converted to online meetings during COVID-19. In support of the successful organization of online meetings, the IEC has published a virtual meeting guide.

Any reference to holding meetings outside HQ?

  • Many IEC meetings are held outside of IEC CO headquarters or online or in a hybrid format. The tools for that purpose include webinars, podcasts, online presentations and various teleconferencing facilities. In the future, augmented reality technology or digital twin approaches may also be considered to provide the benefits of face-to-face meetings. While face-to-face meetings have been the rule to date, some IEC Board meetings have also been held virtually to some extent already in the past, with documents being shared in advance on proprietary online platforms and collaboration taking place live online.

Any reference to deliberation or decision making online?

  • In the IEC, nearly all decision-making processes have been taking place virtually since many years, with voting/decisions being dispatched electronically, including collaboration and commenting via a dedicated electronic platform.

International Organization for Standardization

Acronym: ISO

Address: Chem. de Blandonnet 8, 1214 Vernier, Switzerland

Website: https://iso.org

Stakeholder group: International and regional organisations

The International Organization for Standardization (ISO) is a non-governmental international organisation composed of 165 national standard-setting bodies that are either part of governmental institutions or mandated by their respective governments. Each national standard-setting body therefore represents a member state.

After receiving a request from a consumer group or an industry association, ISO convenes an expert group tasked with the creation of a particular standard through a consensus process.

ISO develops international standards across a wide range of industries, including technology, food, and healthcare, in order to ensure that products and services are safe, reliable, of good quality, and ultimately, facilitate international trade. As such, it acts between the public and the private sector.

To date, ISO has published more than 22 000 standards.

Digital Activities

A large number of the international standards and related documents developed by ISO are related to information and communication technologies (ICTs), such as the Open Systems Interconnection (OSI) that was created in 1983 and established a universal reference model for communication protocols. The organisation is also active in the field of emerging technologies including blockchain, the Internet of Things (IoT), and artificial intelligence (AI).

The standards are developed by various technical committees dedicated to specific areas including information security, cybersecurity, privacy protection, AI, and intelligent transport systems.

Digital policy issues

Artificial intelligence 

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) for AI is known as ISO/IEC JTC1/SC 42 Artificial intelligence and is responsible for the development of standards in this area. To date, it has published one standard specifically pertaining to AI with 18 others in development.

ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks associated and addresses approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy.

The standards under development include those that cover: concepts and terminology for AI (ISO/IEC 22989); bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027); AI risk management (ISO/IEC 23894); a framework for AI systems using machine learning (ISO/IEC 23053); and the assessment of machine learning classification performance (ISO/IEC TS 4213).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Cloud computing 

ISO and IEC also have a joint committee for standards related to cloud computing which currently has 19 published standards and a further 7 in development.

Of those published, two standards of note include ISO/IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 17789, which specifies the cloud computing reference architecture.

Standards under development include those on health informatics (ISO/TR 21332.2); the audit of cloud services (ISO/IEC 22123-2.2); and data flow, categories, and use (ISO/IEC 19944-1).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Internet of things 

Recognising the ongoing developments in the field of IoT, ISO has a number of dedicated standards both published and in development, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181-9), unique identification for IoT (ISO/IEC 29161), Internet of Media Things (ISO/IEC 23093-3), trustworthiness of IoT (ISO/IEC 30149), and industrial IoT systems (ISO/IEC 30162).

 IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security.

 In addition, there are seven standards under development, some of which provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147); a trustworthiness framework (ISO/IEC 30149); the requirements of an IoT data exchange platform for various IoT services (ISO/IEC 30161); and a real-time IoT framework (ISO/IEC 30165).

 Up-to-date information on the ISO and IEC joint technical committee for IoT (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Telecommunications infrastructure 

ISO’s standardisation work in the field of telecommunications infrastructure covers areas such as planning and installation of networks (e.g. ISO/IEC 14763-2 and ISO/IEC TR 14763-2-1), corporate telecommunication networks (e.g. ISO/IEC 17343), local and metropolitan area networks (e.g. ISO/IEC/IEEE 8802-A), private integrated telecommunications networks (e.g. ISO/IEC TR 14475), and wireless networks. Next generation networks – packet-based public networks able to provide telecommunications services and make use of multiple quality of service enabled transport technology – are equally covered (e.g. ISO/IEC TR 26905).

ISO also has standards for the so-called future networks, which are intended to provide futuristic capabilities and services beyond the limitations of current networks, including the Internet.

Up-to-date information on the joint ISO and IEC technical committee that develops these standards (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Blockchain 

ISO has published three standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; and ISO 22739 covers fundamental blockchain terminology respectively.

ISO also has a further ten standards on blockchain in development. These include those related to: security risks, threats and vulnerabilities (ISO/TR 23245.2); security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); legally-binding smart contracts (ISO/TS 23259); and guidelines for governance (ISO/TS 23635).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Emerging technologies 

ISO develops standards in the area of emerging technologies. Perhaps the largest number of standards in this area are those related to robotics. ISO has more than 40 different standards either published or in development that cover issues such as: collaborative robots (e.g. ISO/TS 15066); safety requirements for industrial robots (e.g. ISO 10218-2); and personal care robots (e.g. ISO 13482).

Autonomous or so-called intelligent transport systems (ITS) standards are developed by ISO’s ITS Technical Committee and include those for forward vehicle collision warning systems (ISO 15623) and secure connections between trusted devices (ISO/TS 21185).

Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/IEC 23843) and the display device interface for augmented reality (ISO/IEC 23763).

Network security 

Information security and network security is also addressed by ISO and IEC standards. The ISO and IEC 27000 family of standards covers information security management systems and are used by organisations to secure information assets such as financial data, intellectual property, and employee information.

For example, ISO/IEC 27031 and ISO/IEC 27035 are specifically designed to help organisations respond, diffuse, and recover effectively from cyberattacks. ISO/IEC 27701 is an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management, and details requirements and guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).

Network security is also addressed by standards on technologies such as the IoT, smart community infrastructures, medical devices, localisation and tracking systems, and future networks.

Up-to-date information on the joint ISO and IEC technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Encryption 

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information becomes increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1, currently under development, addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772 that covers authenticated encryption, ISO/IEC 18033-3 that specifies encryption systems (ciphers) for the purpose of data confidentiality, and ISO 19092 that allows for encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons.

ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and many more related areas.

Data governance 

Big data is another area of ISO standardization, and around 80% of related standards are developed by the ISO/IEC AI committee. The terminology for big data-related standards is outlined in ISO/IEC 20546, while ISO/IEC 20547-3 covers big data reference architecture.

ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations and ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. A further eight standards are in development and include those for big data security and privacy (ISO/IEC 27045), terminology used in big data within the scope of predictive analytics (ISO 3534-5), and data science life cycle (ISO/TR 23347).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Privacy and data protection 

Privacy and data protection in the context of ICTs is another area covered by ISO’s standardisation activities. One example is ISO/IEC 29101 which describes a privacy architecture framework.

Others include those for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

Digital identities 

Digital signatures that validate digital identities help to ensure the integrity of data and authenticity of particulars in online transactions. This, therefore, contributes to the security of online applications and services. Standards to support this technology cover elements such as: anonymous digital signatures (e.g. ISO/IEC 20008-1 and ISO/IEC 20008-2); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, which is where the content of the message to be signed is disguised, used in contexts where, for example, anonymity is required. Examples of such standards are ISO 18370-1 and ISO/IEC 18370-2.

Digital tools

ISO has developed an online browsing platform that provides up to date information on ISO standards, graphical symbols, publications, and terms and definitions.

Future of Meetings

Any reference to online or remote meetings?

Any reference to holding meetings outside HQ?

Any reference to deliberation or decision making online?

  • Yes, ISO governance groups are also meeting virtually.

Office of the United Nations High Commissioner for Human Rights

Acronym: OHCHR

Address: Palais Wilson, Rue des Pâquis 52, 1202 Geneva, Switzerland

Website: https://ohchr.org

Stakeholder group: International and regional organisations

The Office of the United Nations High Commissioner for Human Rights and other related UN human rights entities, namely the United Nations Human Rights Council, the Special Procedures, and the Treaty Bodies are considered together under this actor page*. 

The UN Human Rights Office is headed by the UN High Commissioner for Human Rights and is the principal UN entity on human rights. Also known as UN Human Rights, it is part of the UN Secretariat. UN Human Rights has been mandated by the UN General Assembly to promote and protect all human rights. As such, it plays a crucial role in supporting the three fundamental pillars of the UN: peace and security, human rights, and development. UN Human Rights provides technical expertise and capacity development in regard to the implementation of human rights, and in this capacity assists governments in fulfilling their obligations.

UN Human Rights is associated with a number of other UN human rights entities. To illustrate, it serves as the secretariat for the United Nations Human Rights Council (UNHRC) and the Treaty Bodies. The UNHRC is a body of the UN that aims to promote the respect of human rights worldwide. It discusses thematic issues and in addition to its ordinary session, it has the ability to hold special sessions on serious human rights violations and emergencies. The ten Treaty Bodies are committees of independent experts that monitor implementation of the core international human rights treaties.

The UNHRC established the Special Procedures, which are made up of UN Special Rapporteurs (i.e. independent experts or working groups) working on a variety of human rights thematic issues and country situations in order to assist the efforts of the UNHRC through regular reporting and advice. The Universal Periodic Review (UPR), under the auspices of the UNHRC, is a unique process which involves a review of the human rights records of all UN member states, providing the opportunity for each state to declare what actions they have taken to improve the human rights situations in their countries.  UN Human Rights also serves as the secretariat to the UPR process.

Certain non-governmental organisations and national human rights institutions have the ability to participate as observers in UNHRC sessions after receiving the necessary accreditation.

Digital Activities

Digital issues are increasingly gaining in prominence in the work of UN Human Rights, the UNHRC, the Special Procedures, the UPR, and the Treaty Bodies. The range of topics covered is constantly growing, encompassing for example: Privacy and data protection-related questions; freedom of opinion and expression; freedom of peaceful assembly and association; racial discrimination; gender-related issues; the enjoyment of economic, social, and cultural rights; the rights of older persons; and the safety of journalists online.

A landmark document which provides a blueprint for digital human rights is the UNHRC resolution (A/HRC/32/L.20) on the promotion, protection, and enjoyment of human rights on the Internet, which was first adopted in 2016. A second resolution with the same name (A/HRC/38/L.10) was adopted in July 2018. Both resolutions affirm that the same rights that people have offline must also be protected online. Numerous other resolutions and reports from UN human rights entities and experts considered in this overview tackle an ever-growing range of other digital issues including the right to privacy in the digital age, freedom of expression and opinion, freedom of association and peaceful assembly, the rights of older persons, racial discrimination, the rights of women and girls, human rights in the context of violent extremism online, and economic, social, and cultural rights.

Digital policy issues

Privacy and data protection 

Challenges to the right to privacy in the digital age, such as surveillance, communications interception, and the increased use of data-intensive technologies, are among some of the issues covered by the activities of UN Human Rights. At the request of the UN General Assembly and the UNHRC, the High Commissioner prepared two reports on the right to privacy in the digital age, which were presented to the General Assembly in December 2014 and to the UNHRC in September 2018.

The UNHRC also tackles online privacy and data protection. Resolutions on the promotion and protection of human rights on the Internet have underlined the need to address security concerns on the Internet in accordance with international human rights obligations to ensure the protection of all human rights online, including the right to privacy. The UNHRC has also adopted specific resolutions on the right to privacy in the digital age including the latest version from 2019, which put a particular emphasis on the impacts of artificial intelligence (AI) on the enjoyment of the right to privacy. Resolutions on the safety of journalists have emphasised the importance of encryption and anonymity tools for journalists to freely exercise their work.

The UNHRC has also mandated the Special Rapporteur on the right to privacy to address the issue of online privacy in its resolution on the right to privacy in the digital age from 2015 (A/HRC/RES/28/16). To illustrate, the Special Rapporteur has addressed the question of privacy from the stance of surveillance in the digital age (A/HRC/34/60), which becomes particularly challenging in the context of cross-border data flows.

More recently, specific attention has been given to privacy of health data that is being produced more and more in the day and age of digitalisation and that requires the ‘highest legal and ethical standards’ (A/HRC/40/63).

The 2020 report (A/HRC/43/52) published by the Special Rapporteur provides a set of recommendations on privacy in the online space calling for, among other things,  ‘comprehensive protection for secure digital communications, including by promoting strong encryption and anonymity-enhancing tools, products, and services, and resisting requests for “backdoors” to digital communications’ and recommends that ‘government digital identity programs are not used to monitor and enforce societal gender norms, or for purposes that are not lawful, necessary, and proportionate in a democratic society.’

Freedom of expression 

The High Commissioner and her office advocate for the promotion and protection of freedom of expression, including in the online space. Key topics in this advocacy are: The protection of the civic space and the safety of journalists online; various forms information control, including internet shutdowns and censorship; addressing incitement to violence, discrimination, or hostility; disinformation; and the role of social media platforms in the space of online expression.

In response to the rise of the ‘fake news’ phenomenon, the High Commissioner has joined other organisations in urging stakeholders to ensure that any measures aimed to tackle this phenomenon do not lead to illegitimate restrictions of freedom of expression.

Freedom of expression in the digital space also features highly on the agenda of the UNHRC. It has often underlined that states have a responsibility to ensure an adequate protection of freedom of expression online, including when they adopt and implement measures aimed to deal with issues such cybersecurity, incitement to violence, and the promotion and distribution of extremist content online. The UNHRC has also been firm in condemning measures to intentionally prevent or disrupt access to or dissemination of information online, and has called upon states to refrain from and cease such measures.

The Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has been mandated by the UNHRC to also explore issues related to freedom of expression online.

In 2018, the Special Rapporteur published a thematic report on ‘online content regulation’ that tackles governments’ regulation of user-generated online content and that recommends states to ensure an enabling environment for online freedom of expression. The same year, he also presented to the General Assembly a report addressing freedom of expression issues linked to the use of AI by companies and states. A year later, the Special Rapporteur presented a report to the UN General Assembly on online hate speech that discusses the regulation of hate speech in international human rights law and how it provides a basis for governmental actors considering regulatory options and for companies determining how to respect human rights online.

More recently, in 2020, the Special Rapporteur issued a report titled ‘Disease pandemics and the freedom of opinion and expression’ that specifically tackles issues such as access to the Internet, which is highlighted to be ‘a critical element of healthcare policy and practice, public information, and even the right to life.’ The report calls for greater international co-ordination on digital connectivity given the importance of digital access to healthcare information. Other reports addressed the vital importance of encryption and anonymity for the exercise of freedom of opinion and the threats to freedom of expression emanating from widespread digital surveillance.

Online hate speech and discrimination has also been addressed by the Special Rapporteur on freedom of religion and belief. For instance, in a document published in 2019, the online manifestation of antisemitism (including antisemtic hate speech) was underscored and best practices from the Netherlands and Poland were shared. The report highlights that governments ‘have an affirmative responsibility to address online antisemitism, as the digital sphere is now the primary public forum and marketplace for ideas.’ In another document published that same year, the Special Rapporteur assesses the impact of online platforms on discrimination and on the perpetuation of hostile and violent acts in the name of religion, as well as how restrictive measures such as blocking and filtering of websites negatively impact the freedom of expression.

The issue of online blasphemy has also been addressed on a number of occasions, including in reports from 2018 and 2017.

Gender rights online 

UN Human Rights and the UNHRC have reiterated on several occasions the need for countries to bridge the gender digital divide and enhance the use of information and communications technologies (ICTs), including the Internet, to promote the empowerment of all women and girls. It has also condemned gender-based violence committed on the Internet. In a 2016 resolution on the promotion, protection, and enjoyment of human rights on the Internet, the UNHRC requested the High Commissioner on Human Rights to prepare a report on ways to bridge the gender digital divide from a human rights perspective, in consultation with states and other stakeholders.

Rights of persons with disabilities 

The promotion and protection of the rights of persons with disabilities in the online space has been addressed on several occasions by the UN Special Rapporteur on the rights of persons with disabilities. A report from 2016 underscored that ICTs including the Internet can increase the participation of persons with disabilities in public decision-making processes and that states should work towards reducing the access gap between those who can use ICTs and those who cannot.

Nevertheless, a more recent report from 2019 stressed that the shift to e-governance and service delivery in a digital manner can hamper access for older persons with disabilities who may lack the necessary skills or equipment.

Freedom of peaceful assembly and of association 

The exercise of the rights to freedom of peaceful assembly and of association in the digital environment in recent years have attracted increased attention. For example, the Special Rapporteur on the rights to freedom of peaceful assembly and of association in 2019 published a report for the UNHRC focusing on the opportunities and challenges facing the rights to freedom of peaceful assembly and of association in the digital age.

The High Commissioner presented to the 44th session of the UNHRC a report on new technologies such as ICTs and their impact on the promotion and protection of human rights in the context of assemblies, including peaceful protests. The report highlighted many of the great opportunities for the exercise of human rights that digital technologies offer and analysed key issues linked to online content takedowns and called on states to stop the practice of network disruptions in the context of protests. It also developed guidance concerning the use of surveillance tools, in particular facial recognition technology.

The Human Rights Committee published in July 2020 its General Comment No. 37 on Article 21 of the ICCPR (right of peaceful assembly), which addresses manifold aspects arising in the digital context.

For her 2020 thematic report to the General Assembly, the UN Special Rapporteur on contemporary forms of racism, racial discrimination, xenophobia, and related intolerance examined how digital technologies deployed in the context of border enforcement and administration reproduce, reinforce, and compound racial discrimination.

The Committee on the Elimination of Racial Discrimination is currently in the process of drafting its ‘General recommendation No. 36 on Preventing and Combating Racial Profiling: A call for contribution’, which among other things addresses forms of AI-based profiling.

Economic, social and cultural rights 

In March 2020, the UN Secretary-General presented to the UNHRC a report on the role of new technologies for the realization of economic, social, and cultural rights. He identifies the opportunities and challenges held by new technologies for the realisation of economic, social, and cultural rights and other related human rights, and for the human rights-based implementation of the 2030 Agenda for Sustainable Development. The report concludes with recommendations for related action by member states, private companies, and other stakeholders.

Child safety online 

The issue of child safety online has been in the attention of UN human rights entities for some time. A 2016 resolution on Rights of the child: information and communications technologies and child sexual exploitation adopted by the UNHRC calls on states to ensure ‘full, equal, inclusive, and safe access […] to information and communications technologies by all children and safeguard the protection of children online and offline’, as well as the legal protection of children from sexual abuse and exploitation online. The Special Rapporteur on the sale of children, child prostitution and child pornography, mandated by the UNHRC to analyse the root causes of sale and sexual exploitation and promote measures to prevent it, also looks at issues related to child abuse such as sexual exploitation of children online which has been addressed in a report (A/HRC/43/40) published in 2020, but also in earlier reports.

The Committee on the Rights of the Child is currently drafting a General Comment on children’s rights in relation to the digital environment.

Content policy 

Geneva-based human rights organisations and mechanisms also address issues linked to the use of digital technologies in the context of terrorism and violent extremism.

For example, UN Human Rights, at the request of the UNHRC, prepared a compilation report in 2016, which explores, among other issues, aspects related to the preventing and countering of violent extremism online, and underscores that responses to violent extremism that are robustly built on human rights are more effective and sustainable.

Additional efforts were made in 2019 when the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism published a report where she examined the multifaceted impacts of counter-terrorism measures on civic space and the rights of civil society actors and human rights defenders, including measures taken to address vaguely defined terrorist and violent extremist content. In July 2020, she published a report discussing the human rights implications of the use of biometric data to identify terrorists and recommended safeguards that should be taken.

Artificial intelligence 

In 2018, the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression presented a report to the UN General Assembly on artificial intelligence technologies and implications for the information environment. Among other things, the document addresses the role of AI on the enjoyment of freedom of opinion and expression including ‘access to the rules of the game when it comes to AI-driven platforms and websites’ and therefore urges for a human rights-based approach to AI.

Data governance 

UN Human Rights maintians an online platform consisting of a number of databases on anti-discrimination and jurisprudence, as well as the Universal Human Rights Index (UHRI) which provide access to recommendations issued to countries by Treaty Bodies, Special Procedures, and the UPR of the UNHCR.

UN Human Rights has also published a report titled ‘A human rights-based approach to data – Leaving no one behind in the 2030 Agenda for Sustainable Development’ that specifically focuses on issues of data collection and disaggregation in the context of sustainable development.

UN Human Rights has worked closely with partners across the UN system in contributing to the Secretary-General’s 2020 Data Strategy, and co-leads, with the Office of Legal Affairs and UN Global Pulse, work on the subsequent Data Protection and Privacy Program.

Capacity development 

UN Human Rights has also launched the UN Human Rights Business and Human Rights in Technology Project (B-Tech Project) that aims to provide guidance and resources to companies operating in the technology space with regard to the implementation of the UN Guiding Principles on Business and Human Rights. In November 2019, a B-Tech scoping paper was published by the Office of the High Commissioner that outlines the scope and objectives of the project. In July 2020, UN Human Rights published a foundational paper on business model-related human rights risks.

Extreme poverty 

The Special rapporteur on extreme poverty and human rights has in recent years increased his analysis of human rights issues arising in the context of increased digitisation and automation. His 2017 report to the General Assembly tackled the socio-economic challenges in an emerging world where automation and AI threaten traditional sources of income and analysed the promises and possible pitfalls of introducing a universal basic income. His General Assembly report in 2019 addressed worrying trends in connection with the digitisation of the welfare state.

Interdisciplinary approaches 
Collaboration within the UN system

UN Human Rights is a member of the Secretary-General’s Reference Group and contributed to the development of his Strategy on New Technologies in 2018.  The OHCHR was co-champion of the follow-up on two human rights-related recommendations of the Secretary-General’s High-Level Panel on Digital Cooperation. The outcomes of this process were the basis of the Secretary-General’s Roadmap on Digital Cooperation, presented in June 2020.  

UN Human Rights also participates in the UNESCO-led process to develop ethical standards for AI.

In addition, the OHCHR is a member of the Legal Identity Agenda Task Force, which promotes solutions for the implementation of SDG target 16.9 (i.e. by 2030, provide legal identity for all, including birth registration). The OHCHR co-leads their work on biometrics.

Digital tools

The UNHRC has developed an e-learning tool to assist government officials from least developed countries and Small Islands Developing States as per the mandate of the Trust Fund to develop competencies on the UNHRC and its mechanisms.

Internet Governance Forum

Acronym: IGF

Address: Villa Bocage Palais des Nations, CH-1211 Geneva 10 Switzerland

Website: https://intgovforum.org

Stakeholder group: International and regional organisations

The Internet Governance Forum (IGF) was established in Paragraph 72 of the Tunis Agenda of the World Summit on the Information Society (WSIS) as a forum for multistakeholder policy dialogue. The mandate of the Forum is to discuss public policy issues related to key elements of Internet governance, in order to foster the sustainability, robustness, security, stability, and development of the Internet. Even though the IGF is not a decision-making body, its great potential lies in open discussions among all stakeholders on challenges and best practices related to the use and evolution of the Internet.

Starting 2006, the IGF holds annual meetings: Athens (2006), Rio de Janeiro (2007), Hyderabad (2008), Sharm El Sheikh (2009), Vilnius (2010), Nairobi (2011), Baku (2012), Bali (2013), Istanbul (2014), João Pessoa (2015), Guadalajara (2016). The programme of the annual meeting and the general direction of the IGF work are deliberated by the Multistakeholder Advisory Group (MAG) to the UN Secretary General.

The IGF Secretariat, currently based at the United Nations Office at Geneva, conducts the preparations for the annual IGF meetings, coordinates the IGF intersessional activities (between two annual meetings), and assists the MAG in its work.

United Nations Conference on Trade and Development

Acronym: UNCTAD

Address: Palais des Nations, Av. de la Paix 8-14, 1211 Genève, Switzerland

Website: https://unctad.org

Stakeholder group: International and regional organisations

The United Nations Conference on Trade and Development (UNCTAD) is a UN body dedicated to supporting developing countries in accessing the benefits of a globalised economy more fairly and effectively. It provides analysis, facilitates consensus-building, and offers technical assistance, thus helping countries use trade, investment, finance, and technology to support inclusive and sustainable development.

UNCTAD also works to facilitate and measure progress towards achieving the sustainable development goals (SDGs), through a wide range of activities in areas such as technology and innovation, trade, investment, environment, transport and logistics, and the digital economy.

UNCTAD’s work often results in analyses and recommendations that can inform national and international policy-making processes, and contribute to promoting economic policies aimed at ending global economic inequalities and generating human-centric sustainable development.

Digital Activities

UNCTAD is particularly active in the field of e-commerce, trade, and the digital economy, carrying out a wide range of activities from research and analysis to providing assistance to member states in developing adequate legislative frameworks and facilitating international dialogue on the development opportunities and challenges associated with the digital economy. UNCTAD also works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of science, technology, and innovation (STI) for development. Consumer protection, gender equality, and privacy and data protection are other digital policy areas where UNCTAD is active.

Digital policy issues

E-commerce and trade 

UNCTAD’s work programme on e-commerce and the digital economy (ECDE Programme), encompasses several research and analysis, consensus building and technical assistance activities, as follows:

Research and analysis

UNCTAD conducts research and analysis on e-commerce and the digital economy and their implications for trade and development. These are mainly presented in its flagship publication, the Digital Economy Report (known as Information Economy Report until 2017), and in its Technical Notes on ICT for Development.

Consensus building on e-commerce and digital economy policies

UNCTAD’s Intergovernmental Group of Experts on E-commerce and the Digital Economy meets regularly to discuss ways to strengthen the development dimension of e-commerce and the digital economy. The group’s meetings are usually held in conjunction with the eCommerce Week, an annual event hosted by UNCTAD and featuring discussions on development opportunities and challenges associated with the digital economy.

E-Commerce assessments and strategy formulation

The eTrade Readiness Assessments (eT Readies) assist least developed countries (LDCs) and other developing countries in understanding their e-commerce readiness in key policy areas in order to better engage in and benefit from e-commerce. The assessments provide recommendations to overcome identified barriers and bottlenecks to growth and enjoying the benefits of digital trade.

UNCTAD’s work on information and communication technology (ICT) policy reviews and national e-commerce strategies involves technical assistance, advisory services, diagnostics, and strategy development on e-commerce, and national ICT planning at the request of governments. Through an analysis of the infrastructural, policy, regulatory, institutional, operational, and socioeconomic landscape, the reviews help governments to overcome weaknesses and bureaucratic barriers, leverage strengths and opportunities, and put in place relevant strategies.

Legal frameworks for e-commerce

UNCTAD’s E-commerce and Law Reform work helps to develop an understanding of the legal issues underpinning e-commerce through a series of capacity-building workshops for policymakers at the national and regional levels. Concrete actions include: Assistance in establishing domestic and regional legal regimes to enhance trust in online transactions, regional studies on cyber laws harmonisation, and the global mapping of e-commerce legislation through its ‘Global Cyberlaw Tracker’.

Measuring the information economy

UNCTAD’s work on measuring the information economy includes statistical data collection and the development of methodology, as well as linking statistics and policy through the Working Group on Measuring E-commerce and the Digital Economy, established by the Intergovernmental Group of Experts on E-Commerce and the Digital Economy. Figures are published in the biennial Digital Economy Report and the statistics portal UNCTADstat. Technical co-operation here aims to strengthen the capacity of national statistical systems to produce better, more reliable, and internationally comparable statistics on the following issues: ICT use by enterprises, size and composition of the ICT sector, and e-commerce and international trade in ICT-enabled services. UNCTAD also produces the B2C E-commerce Index which measures an economy’s preparedness to support online shopping.

Smart Partnerships through eTrade for all

The eTrade for all initiative (eT4a) is a global collaborative effort of 32 partners to scale up co-operation, transparency, and aid efficiency towards more inclusive e-commerce. Its main tool is an online platform (etradeforall.org), a knowledge-sharing and information hub that facilitates access to a wide range of information and resources on e-commerce and the digital economy. It offers a gateway for matching the suppliers of technical assistance with those in need. Beneficiaries can connect with potential partners, learn about trends, best practices, up-to-date e-commerce indicators, and upcoming events all in one place. The initiative also acts as catalyst of partnership among its members for increased synergies. This collaboration has concretely translated into the participation of several eT4a partners as key contributors to the various eCommerce Weeks organised by UNCTAD and in the conduct and review of eTrade Readiness Assessments.

Consumer protection 

Through its Competition and Consumer Policies Programme, UNCTAD works to assist countries in improving their competition and consumer protection policies. It provides a forum for intergovernmental deliberations on these issues, undertakes research, policy analysis and data collection, and provides technical assistance to developing countries. The Intergovernmental Group of Experts on Consumer Protection Law and Policy monitors the implementation of the UN Guidelines for Consumer Protection and carries out research and provides technical assistance on consumer protection issues (including in the context of e-commerce and the digital economy).

UNCTAD’s work programme on consumer protection is guided, among others, by the UN Conference of Competition and Consumer Protection (held every five years). In 2020, the conference will hold high-level consultations on strengthening consumer protection and competition in the digital economy, and international enforcement co-operation among consumer protection authorities in electronic commerce.

Given the significant imbalances in market power in the digital economy, competition policy is becoming increasingly relevant for developing countries. UNCTAD addresses this issue in the Intergovernmental Group of Experts on Competition Law and Policy.

UNCTAD also runs the Research Partnership Platform, aimed at contributing to the development of best practices in the formulation and implementation of competition and consumer protection laws and policies.

Sustainable development 

UNCTAD works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of STI for development. The organisation supports countries in their efforts to integrate STI in national development strategies, through initiatives such as Science, Technology and Innovation Policy Reviews and capacity building programmes (such as the Innovation Policy Learning Programme). The eT4a initiative is also intended to contribute to several SDGs, especially in relation to decent work and economic growth, innovation and infrastructure, global partnerships, and gender equality. Moreover, UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development.

UNCTAD’s Investment Policy Framework for Sustainable Development provides guidance for policymakers in formulating national investment policies and in negotiating investment agreements. The organisation is also part of the Toolbox for Financing for SDGs – a platform launched in 2018 at the initiative of the President of the UN General Assembly to assist countries and financial actors in exploring solutions to the challenges of financing the SDGs.

UNCTAD carries out research and analysis work covering various development-related issues, examples being its Digital Economy Report and the Technical notes on ICT for development. As the body responsible for servicing the UN Commission on Science and Technology for Development (CTSD), UNCTAD also assists the CSTD in its sustainable development-related work, for instance by preparing studies and reports on issues such as the impact of advanced technologies on sustainable development.

Other UNCTAD activities designed to contribute to sustainable development cover issues such as climate change, the circular economy, and intellectual property.

Capacity development 

Many activities undertaken by UNCTAD have a capacity development dimension. For instance, its work on e-commerce and trade includes supporting developing countries in establishing adequate legal frameworks in these areas (e.g. its eCommerce and Law Reform work) and in producing statistics that can guide effective policy-making (e.g. the Measuring E-commerce and the Digital Economy activities and the ICT Policy Reviews ). UNCTAD’s E-Learning on Trade platform provides courses and training on issues such as trade, gender and development and non-tariff measures in trade.

UNCTAD also works to build capacity in STI policy-making in developing countries, through initiatives such as the Innovation Policy Learning programme and STI training provided in the context of the P166 programme.

Additionally, UNCTAD’s Virtual Institute – run in co-operation with universities worldwide – is dedicated to building knowledge for trade and development. Another area where UNCTAD provides capacity building for developing countries is that of statistics: The organisation and its partners assist national statistics organisations in the collection, compilation and dissemination of their statistics in domains such as trade, sustainable development, and investments.

Gender rights online 

UNCTAD runs a Trade, Gender and Development Programme dedicated to assisting countries in developing and implementing gender-sensitive trade policies, conducting gender impact analyses of trade policies and agreements, and strengthening the links between trade and gender. One notable initiative is the eTrade for Women initiative, dedicated to advancing the empowerment of women through ICTs.

Other initiatives undertaken in this area include capacity building on trade and gender, the Women in STEM: Changing the narrative dialogues, and the  Data and statistics for more gender-responsive trade policies in Africa, the Caucasus and Central Asia project.

Data governance? 

As data has become a key resource in the digital economy, data governance is a fundamental part of the work of UNCTAD. This is illustrated, for example, in the research and analysis work of the Digital Economy Report 2019, which focused on the role of data as the source of value in the digital economy and how it is created and captured. Moreover, some of UNCTAD’s work on e-commerce and digital trade touches specifically on privacy and data protection issues. For instance, the eCommerce and Law Reform work dedicated to supporting developing countries in their efforts to establish adequate legal frameworks for e-commerce also covers data protection and privacy among the key issues addressed. The Global Cyberlaw Trackers offers information on data protection laws in UNCTAD member states.

Also relevant for data governance discussions is UNCTAD’s work on statistics, as the organisation collects and analyses a wide range of data on issues such as economic trends, international trade, population, and the digital economy. Moreover, UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development.

UNCTAD is also running several projects focused on improving the efficiency of data management in the context of activities such as maritime trade (e.g. the Digitising Global Maritime Trade project) and customs operations (e.g. the Automated System for Customs Data).

Digital tools

 UNCTAD has developed several digital tools and online platforms in recent years. Examples include:

Future of meetings

Any reference to online or remote meetings?

Any reference to deliberation or decision making online?

United Nations Human Rights Council

Acronym: UNHRC

Address: Palais Wilson 52, rue des Pâquis, CH-1201 Geneva, Switzerland

Website: https://www.ohchr.org/EN/HRBodies/HRC/Pages/HRCIndex.aspx

Stakeholder group: International and regional organisations

The Human Rights Council is a United Nations intergovernmental body whose mandate is to strengthen the promotion and protection of human rights around the globe, and to make recommendations on cases of human rights violations. The Council is made up of 47 member states, as elected by the UN General Assembly.

The Council works closely with the Office of the High Commissioner for Human Rights (OHCHR), headed by the High Commissioner for Human Rights, who is the principal human rights official of the United Nation.

Freedom of expression and privacy in the online space are two of the issues covered by the Council in its activities. These have been discussed at UNHRC sessions, and covered in resolutions adopted by the Council, as well as in reports elaborated by the special rapporteurs appointed by the Council. The Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has issued reports on issues such as: the use of encryption and anonymity to exercise the rights to freedom of opinion and expression in the digital age; states’ surveillance of communications on the exercise of the human rights to privacy and to freedom of opinion and expression; the right to freedom of opinion and expression exercised through the Internet; etc. The Special Rapporteur on the righ to privacy has within its mandate the responsibility to make recommendations for the promotion and protection of the right to privacy, including in connection with challenges arising from new technologies.

International Committee of the Red Cross

Acronym: ICRC

Address: Av. de la Paix 19, 1202 Genève, Switzerland

Website: https://icrc.org

Stakeholder group: International and regional organisations

Established in 1863, the International Committee of the Red Cross (ICRC) is an independent international humanitarian organisation headquartered in Geneva. The ICRC defends and promotes the respect of international humanitarian law (IHL) and is dedicated to protecting the lives and dignity of victims of war and to the provision of assistance. Along these lines, it co-operates with governments, the private sector, and other entities affected by international and internal armed conflict and violence.

Together with the International Federation of Red Cross and Red Crescent Societies and 190 individual national societies, the ICRC makes up the so-called International Red Cross and Red Crescent Movement.

Digital Activities

Digitalisation is increasingly present in the context of armed conflict and violence: States use cyber operations and artificial intelligence (AI) as part of warfare and humans are affected by the consequences of such operations and other digital risks. To this end, humanitarian organisations also use digital tools to improve their operations. The ICRC addresses the implications of technology which are multifold and range from data protection for humanitarian actions to the application of IHL to cyber operations in armed conflict. It hosts expert and intergovernmental discussions and has developed a number of (digital) tools to help improve awareness and understanding of IHL and relevant standards.

The ICRC co-operates with other organisations on digital policy issues.

Digital policy issues

Artificial intelligence 
The ICRC has also explored the role of AI tools in armed conflict. In a document titled ‘Artificial intelligence and machine learning in armed conflict: A human-centred approach’ published in 2019, it argues that ‘any new technology of warfare must be used, and must be capable of being used, in compliance with existing rules of international humanitarian law.’ It also touches upon the use of AI and machine learning technologies capable of controlling physical military hardware. It argues that from a humanitarian perspective, autonomous weapon systems (AWS) are of particular concern given that humans may not be able to exert control over such weapons or the resulting use of force. While the ICRC recognises that not all weapon systems incorporate AI or machine learning, it emphasises that such software components could eventually give way to future AWS. It also emphasises the potential misuse of AI and machine learning in the development of cyber weapons and capabilities. The ICRC calls for a human control-based approach to the application of AI and machine learning in AWS.

The question of AI has been further explored in other reports such as its ‘Autonomy, artificial intelligence, robotics: Technical aspects of human control’.

Cyberoperations during armed conflict 

The use of cyber operations during armed conflicts is a reality in today’s armed conflicts and their use is likely to increase in future. Through expert discussions, participation in intergovernmental processes, and bilateral confidential dialogue, the ICRC is raising awareness of the potential human cost of cyber operations and the application of IHL to cyber operations during armed conflict. Its efforts on this matter data back to over two decades ago. Ever since, the ICRC holds the view that IHL limits cyber operations ‘during armed conflict just as it limits the use of any other weapon, means and methods of warfare in an armed conflict, whether new or old.’

Over the years, the ICRC has been actively involved in global policy discussions on cyber-related issues, including those held within the UN (various GGEs and the OEWG). The ICRC has also been an observer in the expert processes that developed the Tallinn Manuals. More recently, the ICRC has organised expert meetings and developed reports on ‘The Potential Human Cost of Cyber Operations’ and on ‘Avoiding Civilian Harm from Military Cyber Operations during Armed Conflicts’ (forthcoming). Its legal views on how IHL applies to cyber operations during armed conflict are found in a 2019 position paper that was sent to all UN member states in the context of the different UN-mandated processes on information and communication technology security. The ICRC’s Law and Policy blog maintains an ongoing blog series on the potential human cost of cyber operations, featuring tech expert, legal, and policy perspectives.

Privacy and data protection 

The ICRC plays an active role in regard to privacy and data protection in the context of humanitarian action. The ICRC has a data protection framework compliant with international data protection standards that aims to protect individuals from a humanitarian standpoint. The framework consists of ICRC Rules on Data Protection, which were revised in 2020 in response to the rapid development of digital technologies, while supervisory and control mechanisms are overseen by an independent data protection commission and a data protection officer.

Despite the wide range of data sources employed and dealt with by the ICRC, specific attention is dedicated to biometric data which is often used in forensics and the restoration of family links. In order to manage this highly sensitive information and to ensure the responsible deployment of new technologies (including new biometric identification techniques), the ICRC has adopted a Biometrics Policy, which sets out the roles and responsibilities of the ICRC and defines the legitimate bases and specified purposes for the processing of biometric data.

Data protection is also addressed by the ICRC Handbook on Data Protection in Humanitarian Action. The Handbook provides suggestions how existing data protection principles apply to humanitarian organisations and builds on existing regulations, working procedures, and practices. The second edition of the document specifically provides guidance on the technical aspects of data protection by design and by default and covers technological security measures. In addition, it also addresses through dedicated chapters the potential and risks of digital technology such as blockchain, AI, digital identity, and connectivity for data protection in humanitarian action. The ICRC recently hosted a digital launch event for the second edition of the handbook focusing on data protection and COVID-19.

The ICRC further explored the issue of data and privacy in a joint report that it published with Privacy International titled ‘The humanitarian metadata problem: ‘Doing no harm in the digital era.’ The report looks into how different types of metadata are derived from internal and external humanitarian exchanges (i.e. exchanges between humanitarian organisations and individuals affected by armed conflict and violence or communication within humanitarian organisations) through telecommunications and messaging, cash transfer programmes, and how social media can be accessed and misused for profiling of individuals, surveillance, repression, or commercial exploitation. In line with the humanitarian ‘do no harm’ principle, the report underscores that the humanitarian community has to consider that there is a risk that it can hinder the safety and the rights of persons needing protection when using digital technologies. The ICRC also hosted an event on this topic, the Digital Risk Symposium, which was hosted in London in December 2018. The event explored what organisations can do to ensure they do not create additional vulnerabilities for people already at risk, as well as the potential for collaboration in the sector.

More recently, the ICRC has been involved in the Road to Bern via Geneva dialogues ahead of the 2020 World Data Forum. As part of its contribution, the ICRC collaborated with the World Intellectual Property Organization in the second dialogue dedicated to data collection entitled ‘Protecting data against vulnerabilities: Questions of trust security and privacy of data’. Specific attention was paid to three challenges: data anonymisation, loss of data through cloud processing, and limited use of biometric data.

Digital tools

The ICRC has argued in favour of digitalisation of the Geneva Conventions and on the occasion of the 70th anniversary of these very treaties and additional protocols, released an IHL digital app. The app provides access to over 75 treaties including the Geneva Conventions, and allows users to read through the content and therefore familiarise themselves with the text. The ICRC has a number of databases on IHL including its customary IHL database and the ICRC national implementation database.

Online learning is also used by the ICRC to promote the implementation of IHL. In 2019, it launched an e-learning course entitled ‘Introduction to International Humanitarian Law’ that is aimed at non-legal practitioners, policymakers, and other professionals who are interested in the basics of IHL. Other online courses are available through the ICRC training centre as well as e-briefings which are available on its e-briefing library.

The ICRC also maintains a digital library and an app with all ICRC publications in English and French.