International Electrotechnical Commission

Acronym: IEC

Address: Rue de Varembé 3, 1211 Geneva 20, Switzerland

Website: https://iec.ch

Stakeholder group: International and regional organisations

Founded in 1906, the International Electrotechnical Commission (IEC) is the world’s leading organisation for the development of international standards for all electrical and electronic technologies. The IEC’s standardisation work is advanced by nearly 20 000 experts from government, industry, commerce, research, academia, and other stakeholder groups.

The IEC is one of three global sister organisations (in addition to the ISO and ITU) that develop international standards.

Digital Activities

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues illustrated below.

Digital policy issues

Digital standards 

 The IEC carries out standardisation and conformity assessment activities covering a vast array of technologies. These range from smart cities, grids, automation, and energy to electromagnetic compatibility between devices, digital system interfaces and protocols, and fibre optics and cables. Other areas covered by the IEC include multimedia home systems and applications for end-user networks, multimedia e-publishing and e-book technologies, information and communication technologies (ICTs), wearable electronic devices and technologies, cards and personal identification, programming languages, cloud computing and distributed platforms, the Internet of Things, and information technology (IT) for learning, education, and training.

Over the past 30 years, the IEC and ISO Joint Technical Committee (JTC 1) have been developing IT standards for global markets, meeting business and user requirements. This work addresses various aspects including the design and development of IT systems and tools; interoperability, performance, and quality of IT products and systems; harmonised IT vocabulary; and security of IT systems and information. Some of the areas that JTC 1 covers include:

  • Cards and security devices for personal identification
  • Computer graphics, image processing, and environmental data representation
  • Coding of audio, picture, multimedia, and hypermedia information
  • Automatic identification and data capture techniques
  • Data management and interchange
  • IT for learning, education, and training
  • Biometrics
  • Trustworthiness
  • Digital twins
  • Quantum computing
  • 3D printing
  • Augmented reality and virtual reality-based ICT
  • Autonomous and data-rich vehicles
Internet of things 
The Internet of Things (IoT) is one of the main technology sectors covered by the IEC (International Electrotechnical Commission) in its standardisation activities. Several technical committees (some of which are joint groups with the ISO – International Organization for Standardization) focus on various aspects of the Internet of Things. Examples include: standardisation in the area of IoT and related technologies, including sensor networks and wearable technologies; smart cities; smart grid (which involve the use of technology for optimal electricity delivery); and smart energy. In addition to developing standards, the IEC also publishes white papers, roadmaps with recommendations, and other resources on IoT-related issues. IECEE and IECQ, two of the four IEC Systems for Conformity Assessment, verify that digital devices/systems perform as intended.
Artificial intelligence 
Another important technology sector tackled by the IEC is artificial intelligence (AI). Standardisation activities in the area of AI are mostly covered by a joint IEC and ISO technical committee (ISO/IEC JTC 1/SC 42). The committee has recently published a new technical report that aims, among others, to assist the standards community in identifying specific AI standardisation gaps. SC 42 has set up several groups that cover specific aspects of AI, such as computational approaches and characteristics of AI systems, trustworthiness, use cases and applications of AI systems, to name a few.

The IEC also publishes white papers, recommendations and other resources on AI-related topics.

Cloud computing 
 Cloud computing is an enabling technology, based on the principles of shared devices, network access and shared data storage.

ISO/IEC JTC 1/SC 38 has produced international standards with cloud computing terms and definitions and reference architecture. Other work includes a standard which establishes a set of common cloud service building blocks, including terms and offerings, that can be used to create service level agreements (SLAs), which also covers the requirements for the security and privacy aspects of cloud service level agreements.

SC 38 has produced a standard for data taxonomy, which identifies the categories of data that flow across the cloud service customer devices and cloud services and how the data should be handled.

Network security 
In the area of cybersecurity, IEC works with ISO in their joint technical committee to develop the ISO/IEC 27000 family of standards. In addition, the IEC operates globally standardized systems for testing and certification (conformity assessment) to ensure that standards are properly applied in real-world technical systems and that results from anywhere in the world can be compared. To this end, IECQ (IEC Quality Assessment System For Electronic Component) provides an approved process scheme for ISO/IEC 27001. The IECEE (IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components) Industrial Cybersecurity Programme focuses on cybersecurity in the industrial automation sector.
Critical infrastructure 
The IEC develops horizontal standards, such as the IEC 62443, for operational technology in industrial and critical infrastructure that includes power utilities, water management systems, healthcare and transport systems. These standards are technology independent and can be applied across many technical areas. On the other hand, several technical committees and subcommittees develop international standards to protect specific domains and critical infrastructure assets (vertical standards).

 

Sustainable development 
 The IEC international standards and conformity assessment systems contribute to the realisation of all 17 Sustainable Development Goals (SDGs). They provide the foundation allowing all countries and industries to adopt or build sustainable technologies, apply best practice, and form the basis for innovation as well as quality and risk management.

 

Capacity development 
The IEC Academy Platform aims to support IEC community members through formal learning and collaboration opportunities. The IEC offers a series of online courses and webinars that provide an in-depth understanding of IEC’s main activities.

Future of meetings

Any reference to online or remote meetings?

  • IEC technical committees have held online/remote meetings for many years, especially for focussed discussions on individual topics. In the context of the COVID-19 pandemic the breadth of technical online meetings has been further expanded to ensure optimal continuation of standardization and conformity assessment activities. Most face-to-face management board and governance meetings have been converted to online meetings during COVID-19. In support of the successful organization of online meetings, the IEC has published a virtual meeting guide.

Any reference to holding meetings outside HQ?

  • Many IEC meetings are held outside of IEC CO headquarters or online or in a hybrid format. The tools for that purpose include webinars, podcasts, online presentations and various teleconferencing facilities. In the future, augmented reality technology or digital twin approaches may also be considered to provide the benefits of face-to-face meetings. While face-to-face meetings have been the rule to date, some IEC Board meetings have also been held virtually to some extent already in the past, with documents being shared in advance on proprietary online platforms and collaboration taking place live online.

Any reference to deliberation or decision making online?

  • In the IEC, nearly all decision-making processes have been taking place virtually since many years, with voting/decisions being dispatched electronically, including collaboration and commenting via a dedicated electronic platform.

World Intellectual Property Organization

Acronym: WIPO

Address: 34, chemin des Colombettes, CH-1211 Geneva 20, Switzerland

Website: https://wipo.int

Stakeholder group: International and regional organisations

The World Intellectual Property Organization (WIPO) is a UN agency functioning as a global forum for intellectual property (IP) related services (patents, copyright, trademarks, and designs), policy, information, and co-operation. The organisation was established in 1967 and it currently has 188 member states, in addition to over 200 observers representing non-governmental organisations and intergovernmental organisations.

WIPO’s activities are focused on: Contributing to the development of a balanced and effective international IP system; providing global services to protect IP at a global level and to resolve disputes; sharing of knowledge and information on IP-related issues; and encouraging co-operation and offering capacity building programmes ​aimed to enable countries to use IP for economic, social, and cultural development.

Digital Activities

WIPO provides domain name dispute resolution services, through its Arbitration and Mediation Center. In this regard, the organisation has developed (in collaboration with the Internet Corporation for Assigned Names and Numbers (ICANN)) the Uniform Domain Name Dispute Resolution Policy (UDRP) – the main domain name dispute resolution mechanism for conflicts on the right to register and use domain names under certain generic top level domains (gTLDs). The Center also administers disputes under a number of specific policies adopted by individual gTLD registries and provides domain name dispute resolution services for over 70 country code top level domains (ccTLDs).

The organisation administers the WIPO Copyright Treaty and the WIPO Performances and Phonogram Treaty (known as the ‘Internet Treaties’), which contain international norms aimed at preventing unauthorised access to and use of creative works on the Internet or other digital networks. It also carries out research and provides recommendations on issues related to the protection of intellectual property rights in the digital environment (especially with regards to copyright and trademarks).

Digital policy issues

Artificial intelligence 

WIPO is paying particular attention to the interplay between artificial intelligence (AI) and IP. In December 2019, it published a draft issue paper on AI and IP, which was later revised based on public comments and re-published in May 2020. The paper explores the (potential) impact of AI on IP policies in areas such as copyright and related rights, patents, trademarks, designs, and overall IP administration. Building on this exploratory work, WIPO is leading a Conversation on IP and AI, bringing together governments and other stakeholders, to discuss the impact of AI on IP. WIPO is also working on an AI and IP strategy clearing house, through which it is collating government instruments (strategies, regulations, etc.) that are relevant to AI and IP. The organisation is additionally developing and deploying AI solutions in the context of various activities; relevant examples are the WIPO Translate and WIPO Brand Image Search, which use AI for automated translation and image recognition.

Alternative dispute resolution 

WIPO’s activities in regard to the Domain Name System revolve around the protection of trademarks and related rights in the context of domain names. It has developed, together with ICANN, the UDRP. Under this policy, WIPO’s Arbitration and Mediation Centre provides dispute resolution services for second level domain name registrations under gTLDs to which the UDPR applies. The Arbitration and Mediation Centre also administers disputes under specific policies adopted by some gTLD registries (e.g. .aero, .asia, .travel). In addition, the Centre offers domain name dispute resolution services for over 70 country code top-level domains (ccTLDs). WIPO has developed a ccTLD Program, with the aim to provide advice to many ccTLD registries on the establishment of dispute resolution procedures. WIPO also contributes to the work carried out within the framework of ICANN in regard to the strengthening of existing trademark rights protection mechanisms or the development of new such mechanisms.

Intellectual property rights 

Trademarks: WIPO has long been involved in issues related to the protection of trademarks in the context of the Domain Name System. The first phase of the WIPO Internet Domain Name Process, carried out in 1991, explored trademark abuse in second-level domain names, and led to the adoption, by ICANN, of the UDRP. WIPO has also contributed to the development of several trademark rights protection mechanisms applicable to generic top-level domains  (such as legal rights objections, the Trademark Clearinghouse, and the uniform rapid suspension system). The WIPO Arbitration and Mediation Centre administers trademark-related dispute resolution cases for several gTLDs and ccTLDs.

Copyright: WIPO is actively contributing to international discussions on the protection of copyright in the digital environment. The organisation administers the ‘Internet Treaties’, which contain international norms aimed at preventing unauthorised access to and use of creative works on the Internet or other digital networks. Among others, the treaties clarify that existing IP rights apply on the Internet, but also introduce new ‘online rights’. WIPO also carries out research and organises seminars and other meetings on aspects concerning challenges and possible solutions for the protection of copyright and related rights in the digital era.

Liability of intermediaries 

Given WIPO’s concerns with regard to the protection of copyright and related rights on the Internet, the organisation is exploring issues related to the roles and responsibilities of Internet intermediaries when it comes to online copyright infringements. The organisation carries out or commissions research and publishes studies on the relationship between copyright and Internet intermediaries (such as comparative analysis of national approaches of the liability of Internet intermediaries), and organises events (seminars, workshops, sessions at the World Summit on the Information Society Forum and Internet Governance Forum meetings, etc.) aimed at facilitating multistakeholder discussions on the potential liability of Internet intermediaries in relation to copyright infringements.

Sustainable development 

WIPO is of the view that IP is a critical incentive for innovation and creativity, and, as such, a key to the success of the sustainable development goals (SDGs). The organisation works to enable member states to use the IP system to drive the innovation, competitiveness, and creativity needed to achieve the SDGs. It does so, for instance, through supporting countries in their efforts to build an innovative IP ecosystem, providing legislative advice on updating national IP laws, and supporting judiciary systems in keeping up with technological innovation. WIPO’s contribution to the implementation of the Agenda 2030 is guided by its Development Agenda.

Climate change 

WIPO’s Global Challenges programme brings together various stakeholders to explore issues related to green technologies and the environment. For instance, it hosts WIPO Green, a multistakeholder platform aimed to promote innovation and diffusion of green technologies, and it provides analysis of relevant IP issues to facilitate international policy dialogue.

Digital tools

WIPO is using multiple digital tools in relation to its services. Below are some examples:

  • WIPO Match – platform that matches seekers of specific IP-related development needs with potential providers offering resources
  • WIPO Proof – a service that provides a date- and time-stamped digital fingerprint of any file
  • Madrid e-services – online tools and resources
  • Electronic Forum – enables the electronic distribution and submission by email of comments concerning preliminary draft working documents and draft reports.
  • WIPO Academy, which also includes an eLearning Centre
  • Platforms for online meetings (not so clear which platform(s) WIPO is using)

CyberPeace Institute

Address: Av. de Sécheron 15, 1202 Genève, Switzerland

Website: https://cyberpeaceinstitute.org

Stakeholder group: NGOs and associations

 The CyberPeace Institute, an independent, neutral, and collaborative non-governmental organization, was created to enhance the stability of cyberspace. It aims to decrease the frequency, harm, and scale of cyber-attacks on civilians and critical civilian infrastructure, and increase the resilience of vulnerable actors. The Institute subscribes to the following principles in its work:

  • Impact: Reducing the frequency, harm, and scale of cyber-attacks by pushing for greater restraint in the use of cyber-attacks, increasing accountability for attacks that occur, and enhancing capabilities to prevent and recover from attacks.
  • Inclusiveness: Being inclusive and collaborative in the approach, cooperating with, and supporting, existing synergistic efforts.
  • Independence: Operating free from the direction or control of any other actors, including states, industries, and other organisations.
  • Integrity: Ensuring that its work and interactions with the cybersecurity community and victims of cyber-attacks reflect the highest ethical and analytical standards.
  • Neutrality: Supporting the stability and security of cyberspace rather than the interests of individual actors; as such, engaging with stakeholders and cyber-attack victims regardless of geographic location, nationality, race, or religion.
  • Transparency: Being transparent about its operations and methodologies, when it is feasible and responsible.

Through field analysis and global campaigning, the Institute’s goal is to protect the most vulnerable and to achieve peace and justice in cyberspace.  Its work is structured around three pillars: assistance, analysis, and advancement. These pillars form the core of the Institute’s mission, building on the simple reality that infrastructure, networks, regulations, norms, and protocols are merely enablers in cyberspace.

To fulfil this mission, and to deliver products and services which have a real impact, the Institute has four strategic objectives, ensuring a human-centric response to the technological, ethical, and regulatory challenges of cyberspace. Each of these objectives enables operational, tactical, and strategic responses with the goal of empowering people by maintaining a vibrant, open, free, and peaceful online space. The first three objectives are aligned with the three pillars, while the fourth objective ensures that the Institute and its staff are at the forefront of what will be tomorrow’s challenges in cyberspace.

  1. Strategic Objective 1: To increase and accelerate assistance efforts towards the most vulnerable, globally.
  2. Strategic Objective 2: To close the accountability gap through collaborative analyses of cyberattacks.
  3. Strategic Objective 3: To advance international law and norms in order to promote responsible behaviour in cyberspace.
  4. Strategic Objective 4: To forecast and analyse security threats associated with emerging and disruptive technologies, to innovate breakthrough solutions, and to close the skill gap to address global cyber challenges.

The Institute has an international scope, and is independent, apolitical, and impartial in its operations, publications, and partnerships.

Digital Activities

The Institute provides assistance to vulnerable communities, analyses cyberattacks to increase accountability, advocates for the advancement of the role of international law and norms for responsible behaviour in cyberspace, forecasts future threats (with a focus on disruptive technology), and supports capacity building.

Example of operational activities include:

  • Mapping the threat landscape in relation to critical civilian infrastructure.
  • Supporting the delivery of assistance at scale to the most vulnerable victims of cyberattacks.
  • Co-ordinating resources to amplify the impact of existing assistance efforts.
  • Conducting forensic and impact analyses of sophisticated cyberattacks and cyber operations, in co-operation with a consortium of experts from academia, industry, and civil society.
  • Co-ordinating relief efforts through a network of volunteers and providing knowledge products to increase resiliency.
  • Advancing the role of international law and norms governing the behaviour of state and non-state actors in cyberspace.
  • Analysing responses to violations of norms, and how normative or legal gaps are exposed and undermined.
  • Increasing public awareness of the real-life impact of cyberattacks, and providing a platform where vulnerable populations can tell their stories.
  • Analysing potential threats and opportunities stemming from the convergence of disruptive technologies (e.g., artificial intelligence, brain machine interface, augmented Reality, virtual Reality, 5G, etc.).
  • Acting as a platform to share innovative approaches and capacity-building strategies.

Digital policy issues

Critical infrastructure 
Consistent with its human-centric approach, one of the Institute’s key areas of focus is the protection of civilian infrastructure from systemic cyberattacks. For instance, in 2020, the Institute, together with a number of partners, launched Cyber 4 Healthcare, a targeted service for healthcare organizations fighting COVID-19. The initiative helps people find trusted and free cybersecurity assistance provided by qualified and reputable companies. In May 2020, the Institute issued a call for governments to stop all cyberattacks on healthcare organizations and to work with civil society and the private sector to ensure that medical facilities are protected and that perpetrators are held accountable.

Following that appeal to governments, the Institute launched a Strategic Analysis Report in March 2021.  Playing with Lives: Cyberattacks on Healthcare are Attacks on People  urges governments to remove rewards for criminals and hostile states attacking healthcare. The first of its kind, this analytical report focuses on the impacts of attacks on people and society and highlights the responsibilities of nation-states in leading the way for attacks to decrease globally and threat actors to be held accountable.  It maps existing initiatives and provides actionable recommendations to governments and policymakers to engage with civil society, industry and academia and design collective solutions.

Cyberpeace: From Human Experience to Human Responsibility
While the international community has recognized the need to be more “human-centric,” the CyberPeace Institute believes that an increased focus on human impact is not enough. In our pursuit of cyberpeace, we must start with the human impact. In each and every response, we must recall that the digital is human.

In cyberspace, everyone has a role to play. This collective action is essential to promoting justice, effecting change and ensuring human security, dignity and equity.

The CyberPeace Institute is gathering testimonials and digital evidence from the field to track these diverse accountabilities, ensuring that cyberattacks and cyberoperations are investigated in their local context. Closing the accountability gap will be made possible by shedding light on responsibilities in the context of the societal impact of irresponsible behaviour.

Network security 

To increase the scale and impact of its efforts to assist civilian victims of cyber-attacks, the Institute is building the CyberPeace Builders network, composed of volunteers from a range of backgrounds and locations worldwide, administered by a dedicated management structure, in collaboration with partners with established assistance capabilities. The network will provide emergency incident response and longer-term recovery plans to civilian victims recovering from significant cyberattacks perpetrated by malicious actors. It also assists vulnerable individuals in increasing their resilience and guarding against future cyberattacks.

Interdisciplinary approaches 

In order to contribute to closing the accountability gap in cyberspace, the Institute seeks to advance the role of international law and norms. This includes initiatives such as: publishing analyses of the economic and social impacts of cyberattacks; driving external engagement with stakeholders, individuals, and organizations focused on enhancing the stability of cyberspace; conducting reviews of cyberattacks based on international law and norms; and assessing potential remedies to fill the identified gaps. The Institute is actively engaged in the work of the United Nations Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security, and is co-Chair of the Paris Call Working Group 5:  Building a cyberspace stability index, one of six groups established in November 2020 which are dedicated to ensure that fundamental rights and principles that apply in the physical world are respected in cyberspace.  More information on the Paris Call here

Capacity development 
In 2020, the Institute initiated a series of CyberPeace Labs webinars, bringing together experts from academia, the private sector, international organizations, civil society, and governmental bodies as discussants. Within the context of the COVID-19 pandemic, the first CyberPeace Lab:  Infodemic: A Threat to Cyberpeace, explored how malicious actors exploit infodemics to facilitate cyberattacks. The discussions from the series produced a set of best practices and actionable recommendations to inform initiatives undertaken by the Institute and, ultimately, to improve resilience against cyberattacks and bring about online peace.

The Institute also aims to facilitate the creation and scale-up of operational partnerships for cyber capacity-building, notably with grassroots practitioners and civil society organizations, to maximise the beneficial impact on local communities and individuals, while taking into account specific human contexts.

The Institute is also developing tailored products, such as the Resilience Toolkits, which are tailored to improve cyber hygiene.  These Toolkits reflect specific local and regional contexts and are designed, produced, and delivered in collaboration with local partners and stakeholders to accelerate existing efforts at the regional level.

In 2021 the Institute launched the Cyber Awareness Café, an online resource that promotes cyber awareness through sharing of information and cybersecurity tips with NGOs and local entities around the world.

Digital tools

In addition to its CyberPeace Labs, the Institute shares useful video materials and discussion recordings on its YouTube channel, maintains blogs on Medium, and is an active user of a number of social media channels, for example, Twitter, LinkedInInstagram and Facebook.

International Organization for Standardization

Acronym: ISO

Address: Chem. de Blandonnet 8, 1214 Vernier, Switzerland

Website: https://iso.org

Stakeholder group: International and regional organisations

The International Organization for Standardization (ISO) is a non-governmental international organisation composed of 165 national standard-setting bodies that are either part of governmental institutions or mandated by their respective governments. Each national standard-setting body therefore represents a member state.

After receiving a request from a consumer group or an industry association, ISO convenes an expert group tasked with the creation of a particular standard through a consensus process.

ISO develops international standards across a wide range of industries, including technology, food, and healthcare, in order to ensure that products and services are safe, reliable, of good quality, and ultimately, facilitate international trade. As such, it acts between the public and the private sector.

To date, ISO has published more than 22 000 standards.

Digital Activities

A large number of the international standards and related documents developed by ISO are related to information and communication technologies (ICTs), such as the Open Systems Interconnection (OSI) that was created in 1983 and established a universal reference model for communication protocols. The organisation is also active in the field of emerging technologies including blockchain, the Internet of Things (IoT), and artificial intelligence (AI).

The standards are developed by various technical committees dedicated to specific areas including information security, cybersecurity, privacy protection, AI, and intelligent transport systems.

Digital policy issues

Artificial intelligence 

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) for AI is known as ISO/IEC JTC1/SC 42 Artificial intelligence and is responsible for the development of standards in this area. To date, it has published one standard specifically pertaining to AI with 18 others in development.

ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks associated and addresses approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy.

The standards under development include those that cover: concepts and terminology for AI (ISO/IEC 22989); bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027); AI risk management (ISO/IEC 23894); a framework for AI systems using machine learning (ISO/IEC 23053); and the assessment of machine learning classification performance (ISO/IEC TS 4213).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Cloud computing 

ISO and IEC also have a joint committee for standards related to cloud computing which currently has 19 published standards and a further 7 in development.

Of those published, two standards of note include ISO/IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 17789, which specifies the cloud computing reference architecture.

Standards under development include those on health informatics (ISO/TR 21332.2); the audit of cloud services (ISO/IEC 22123-2.2); and data flow, categories, and use (ISO/IEC 19944-1).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Internet of things 

Recognising the ongoing developments in the field of IoT, ISO has a number of dedicated standards both published and in development, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181-9), unique identification for IoT (ISO/IEC 29161), Internet of Media Things (ISO/IEC 23093-3), trustworthiness of IoT (ISO/IEC 30149), and industrial IoT systems (ISO/IEC 30162).

 IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security.

 In addition, there are seven standards under development, some of which provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147); a trustworthiness framework (ISO/IEC 30149); the requirements of an IoT data exchange platform for various IoT services (ISO/IEC 30161); and a real-time IoT framework (ISO/IEC 30165).

 Up-to-date information on the ISO and IEC joint technical committee for IoT (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Telecommunications infrastructure 

ISO’s standardisation work in the field of telecommunications infrastructure covers areas such as planning and installation of networks (e.g. ISO/IEC 14763-2 and ISO/IEC TR 14763-2-1), corporate telecommunication networks (e.g. ISO/IEC 17343), local and metropolitan area networks (e.g. ISO/IEC/IEEE 8802-A), private integrated telecommunications networks (e.g. ISO/IEC TR 14475), and wireless networks. Next generation networks – packet-based public networks able to provide telecommunications services and make use of multiple quality of service enabled transport technology – are equally covered (e.g. ISO/IEC TR 26905).

ISO also has standards for the so-called future networks, which are intended to provide futuristic capabilities and services beyond the limitations of current networks, including the Internet.

Up-to-date information on the joint ISO and IEC technical committee that develops these standards (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Blockchain 

ISO has published three standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; and ISO 22739 covers fundamental blockchain terminology respectively.

ISO also has a further ten standards on blockchain in development. These include those related to: security risks, threats and vulnerabilities (ISO/TR 23245.2); security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); legally-binding smart contracts (ISO/TS 23259); and guidelines for governance (ISO/TS 23635).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Emerging technologies 

ISO develops standards in the area of emerging technologies. Perhaps the largest number of standards in this area are those related to robotics. ISO has more than 40 different standards either published or in development that cover issues such as: collaborative robots (e.g. ISO/TS 15066); safety requirements for industrial robots (e.g. ISO 10218-2); and personal care robots (e.g. ISO 13482).

Autonomous or so-called intelligent transport systems (ITS) standards are developed by ISO’s ITS Technical Committee and include those for forward vehicle collision warning systems (ISO 15623) and secure connections between trusted devices (ISO/TS 21185).

Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/IEC 23843) and the display device interface for augmented reality (ISO/IEC 23763).

Network security 

Information security and network security is also addressed by ISO and IEC standards. The ISO and IEC 27000 family of standards covers information security management systems and are used by organisations to secure information assets such as financial data, intellectual property, and employee information.

For example, ISO/IEC 27031 and ISO/IEC 27035 are specifically designed to help organisations respond, diffuse, and recover effectively from cyberattacks. ISO/IEC 27701 is an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management, and details requirements and guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).

Network security is also addressed by standards on technologies such as the IoT, smart community infrastructures, medical devices, localisation and tracking systems, and future networks.

Up-to-date information on the joint ISO and IEC technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Encryption 

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information becomes increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1, currently under development, addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772 that covers authenticated encryption, ISO/IEC 18033-3 that specifies encryption systems (ciphers) for the purpose of data confidentiality, and ISO 19092 that allows for encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons.

ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and many more related areas.

Data governance 

Big data is another area of ISO standardization, and around 80% of related standards are developed by the ISO/IEC AI committee. The terminology for big data-related standards is outlined in ISO/IEC 20546, while ISO/IEC 20547-3 covers big data reference architecture.

ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations and ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. A further eight standards are in development and include those for big data security and privacy (ISO/IEC 27045), terminology used in big data within the scope of predictive analytics (ISO 3534-5), and data science life cycle (ISO/TR 23347).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Privacy and data protection 

Privacy and data protection in the context of ICTs is another area covered by ISO’s standardisation activities. One example is ISO/IEC 29101 which describes a privacy architecture framework.

Others include those for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

Digital identities 

Digital signatures that validate digital identities help to ensure the integrity of data and authenticity of particulars in online transactions. This, therefore, contributes to the security of online applications and services. Standards to support this technology cover elements such as: anonymous digital signatures (e.g. ISO/IEC 20008-1 and ISO/IEC 20008-2); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, which is where the content of the message to be signed is disguised, used in contexts where, for example, anonymity is required. Examples of such standards are ISO 18370-1 and ISO/IEC 18370-2.

Digital tools

ISO has developed an online browsing platform that provides up to date information on ISO standards, graphical symbols, publications, and terms and definitions.

Future of Meetings

Any reference to online or remote meetings?

Any reference to holding meetings outside HQ?

Any reference to deliberation or decision making online?

  • Yes, ISO governance groups are also meeting virtually.

Internet Governance Forum

Acronym: IGF

Address: Villa Bocage Palais des Nations, CH-1211 Geneva 10 Switzerland

Website: https://intgovforum.org

Stakeholder group: International and regional organisations

The Internet Governance Forum (IGF) was established in Paragraph 72 of the Tunis Agenda of the World Summit on the Information Society (WSIS) as a forum for multistakeholder policy dialogue. The mandate of the Forum is to discuss public policy issues related to key elements of Internet governance, in order to foster the sustainability, robustness, security, stability, and development of the Internet. Even though the IGF is not a decision-making body, its great potential lies in open discussions among all stakeholders on challenges and best practices related to the use and evolution of the Internet.

Starting 2006, the IGF holds annual meetings: Athens (2006), Rio de Janeiro (2007), Hyderabad (2008), Sharm El Sheikh (2009), Vilnius (2010), Nairobi (2011), Baku (2012), Bali (2013), Istanbul (2014), João Pessoa (2015), Guadalajara (2016). The programme of the annual meeting and the general direction of the IGF work are deliberated by the Multistakeholder Advisory Group (MAG) to the UN Secretary General.

The IGF Secretariat, currently based at the United Nations Office at Geneva, conducts the preparations for the annual IGF meetings, coordinates the IGF intersessional activities (between two annual meetings), and assists the MAG in its work.

United Nations Conference on Trade and Development

Acronym: UNCTAD

Address: Palais des Nations, Av. de la Paix 8-14, 1211 Genève, Switzerland

Website: https://unctad.org

Stakeholder group: International and regional organisations

The United Nations Conference on Trade and Development (UNCTAD) is a UN body dedicated to supporting developing countries in accessing the benefits of a globalised economy more fairly and effectively. It provides analysis, facilitates consensus-building, and offers technical assistance, thus helping countries use trade, investment, finance, and technology to support inclusive and sustainable development.

UNCTAD also works to facilitate and measure progress towards achieving the sustainable development goals (SDGs), through a wide range of activities in areas such as technology and innovation, trade, investment, environment, transport and logistics, and the digital economy.

UNCTAD’s work often results in analyses and recommendations that can inform national and international policy-making processes, and contribute to promoting economic policies aimed at ending global economic inequalities and generating human-centric sustainable development.

Digital Activities

UNCTAD is particularly active in the field of e-commerce, trade, and the digital economy, carrying out a wide range of activities from research and analysis to providing assistance to member states in developing adequate legislative frameworks and facilitating international dialogue on the development opportunities and challenges associated with the digital economy. UNCTAD also works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of science, technology, and innovation (STI) for development. Consumer protection, gender equality, and privacy and data protection are other digital policy areas where UNCTAD is active.

Digital policy issues

E-commerce and trade 

UNCTAD’s work programme on e-commerce and the digital economy (ECDE Programme), encompasses several research and analysis, consensus building and technical assistance activities, as follows:

Research and analysis

UNCTAD conducts research and analysis on e-commerce and the digital economy and their implications for trade and development. These are mainly presented in its flagship publication, the Digital Economy Report (known as Information Economy Report until 2017), and in its Technical Notes on ICT for Development.

Consensus building on e-commerce and digital economy policies

UNCTAD’s Intergovernmental Group of Experts on E-commerce and the Digital Economy meets regularly to discuss ways to strengthen the development dimension of e-commerce and the digital economy. The group’s meetings are usually held in conjunction with the eCommerce Week, an annual event hosted by UNCTAD and featuring discussions on development opportunities and challenges associated with the digital economy.

E-Commerce assessments and strategy formulation

The eTrade Readiness Assessments (eT Readies) assist least developed countries (LDCs) and other developing countries in understanding their e-commerce readiness in key policy areas in order to better engage in and benefit from e-commerce. The assessments provide recommendations to overcome identified barriers and bottlenecks to growth and enjoying the benefits of digital trade.

UNCTAD’s work on information and communication technology (ICT) policy reviews and national e-commerce strategies involves technical assistance, advisory services, diagnostics, and strategy development on e-commerce, and national ICT planning at the request of governments. Through an analysis of the infrastructural, policy, regulatory, institutional, operational, and socioeconomic landscape, the reviews help governments to overcome weaknesses and bureaucratic barriers, leverage strengths and opportunities, and put in place relevant strategies.

Legal frameworks for e-commerce

UNCTAD’s E-commerce and Law Reform work helps to develop an understanding of the legal issues underpinning e-commerce through a series of capacity-building workshops for policymakers at the national and regional levels. Concrete actions include: Assistance in establishing domestic and regional legal regimes to enhance trust in online transactions, regional studies on cyber laws harmonisation, and the global mapping of e-commerce legislation through its ‘Global Cyberlaw Tracker’.

Measuring the information economy

UNCTAD’s work on measuring the information economy includes statistical data collection and the development of methodology, as well as linking statistics and policy through the Working Group on Measuring E-commerce and the Digital Economy, established by the Intergovernmental Group of Experts on E-Commerce and the Digital Economy. Figures are published in the biennial Digital Economy Report and the statistics portal UNCTADstat. Technical co-operation here aims to strengthen the capacity of national statistical systems to produce better, more reliable, and internationally comparable statistics on the following issues: ICT use by enterprises, size and composition of the ICT sector, and e-commerce and international trade in ICT-enabled services. UNCTAD also produces the B2C E-commerce Index which measures an economy’s preparedness to support online shopping.

Smart Partnerships through eTrade for all

The eTrade for all initiative (eT4a) is a global collaborative effort of 32 partners to scale up co-operation, transparency, and aid efficiency towards more inclusive e-commerce. Its main tool is an online platform (etradeforall.org), a knowledge-sharing and information hub that facilitates access to a wide range of information and resources on e-commerce and the digital economy. It offers a gateway for matching the suppliers of technical assistance with those in need. Beneficiaries can connect with potential partners, learn about trends, best practices, up-to-date e-commerce indicators, and upcoming events all in one place. The initiative also acts as catalyst of partnership among its members for increased synergies. This collaboration has concretely translated into the participation of several eT4a partners as key contributors to the various eCommerce Weeks organised by UNCTAD and in the conduct and review of eTrade Readiness Assessments.

Consumer protection 

Through its Competition and Consumer Policies Programme, UNCTAD works to assist countries in improving their competition and consumer protection policies. It provides a forum for intergovernmental deliberations on these issues, undertakes research, policy analysis and data collection, and provides technical assistance to developing countries. The Intergovernmental Group of Experts on Consumer Protection Law and Policy monitors the implementation of the UN Guidelines for Consumer Protection and carries out research and provides technical assistance on consumer protection issues (including in the context of e-commerce and the digital economy).

UNCTAD’s work programme on consumer protection is guided, among others, by the UN Conference of Competition and Consumer Protection (held every five years). In 2020, the conference will hold high-level consultations on strengthening consumer protection and competition in the digital economy, and international enforcement co-operation among consumer protection authorities in electronic commerce.

Given the significant imbalances in market power in the digital economy, competition policy is becoming increasingly relevant for developing countries. UNCTAD addresses this issue in the Intergovernmental Group of Experts on Competition Law and Policy.

UNCTAD also runs the Research Partnership Platform, aimed at contributing to the development of best practices in the formulation and implementation of competition and consumer protection laws and policies.

Sustainable development 

UNCTAD works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of STI for development. The organisation supports countries in their efforts to integrate STI in national development strategies, through initiatives such as Science, Technology and Innovation Policy Reviews and capacity building programmes (such as the Innovation Policy Learning Programme). The eT4a initiative is also intended to contribute to several SDGs, especially in relation to decent work and economic growth, innovation and infrastructure, global partnerships, and gender equality. Moreover, UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development.

UNCTAD’s Investment Policy Framework for Sustainable Development provides guidance for policymakers in formulating national investment policies and in negotiating investment agreements. The organisation is also part of the Toolbox for Financing for SDGs – a platform launched in 2018 at the initiative of the President of the UN General Assembly to assist countries and financial actors in exploring solutions to the challenges of financing the SDGs.

UNCTAD carries out research and analysis work covering various development-related issues, examples being its Digital Economy Report and the Technical notes on ICT for development. As the body responsible for servicing the UN Commission on Science and Technology for Development (CTSD), UNCTAD also assists the CSTD in its sustainable development-related work, for instance by preparing studies and reports on issues such as the impact of advanced technologies on sustainable development.

Other UNCTAD activities designed to contribute to sustainable development cover issues such as climate change, the circular economy, and intellectual property.

Capacity development 

Many activities undertaken by UNCTAD have a capacity development dimension. For instance, its work on e-commerce and trade includes supporting developing countries in establishing adequate legal frameworks in these areas (e.g. its eCommerce and Law Reform work) and in producing statistics that can guide effective policy-making (e.g. the Measuring E-commerce and the Digital Economy activities and the ICT Policy Reviews ). UNCTAD’s E-Learning on Trade platform provides courses and training on issues such as trade, gender and development and non-tariff measures in trade.

UNCTAD also works to build capacity in STI policy-making in developing countries, through initiatives such as the Innovation Policy Learning programme and STI training provided in the context of the P166 programme.

Additionally, UNCTAD’s Virtual Institute – run in co-operation with universities worldwide – is dedicated to building knowledge for trade and development. Another area where UNCTAD provides capacity building for developing countries is that of statistics: The organisation and its partners assist national statistics organisations in the collection, compilation and dissemination of their statistics in domains such as trade, sustainable development, and investments.

Gender rights online 

UNCTAD runs a Trade, Gender and Development Programme dedicated to assisting countries in developing and implementing gender-sensitive trade policies, conducting gender impact analyses of trade policies and agreements, and strengthening the links between trade and gender. One notable initiative is the eTrade for Women initiative, dedicated to advancing the empowerment of women through ICTs.

Other initiatives undertaken in this area include capacity building on trade and gender, the Women in STEM: Changing the narrative dialogues, and the  Data and statistics for more gender-responsive trade policies in Africa, the Caucasus and Central Asia project.

Data governance? 

As data has become a key resource in the digital economy, data governance is a fundamental part of the work of UNCTAD. This is illustrated, for example, in the research and analysis work of the Digital Economy Report 2019, which focused on the role of data as the source of value in the digital economy and how it is created and captured. Moreover, some of UNCTAD’s work on e-commerce and digital trade touches specifically on privacy and data protection issues. For instance, the eCommerce and Law Reform work dedicated to supporting developing countries in their efforts to establish adequate legal frameworks for e-commerce also covers data protection and privacy among the key issues addressed. The Global Cyberlaw Trackers offers information on data protection laws in UNCTAD member states.

Also relevant for data governance discussions is UNCTAD’s work on statistics, as the organisation collects and analyses a wide range of data on issues such as economic trends, international trade, population, and the digital economy. Moreover, UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development.

UNCTAD is also running several projects focused on improving the efficiency of data management in the context of activities such as maritime trade (e.g. the Digitising Global Maritime Trade project) and customs operations (e.g. the Automated System for Customs Data).

Digital tools

 UNCTAD has developed several digital tools and online platforms in recent years. Examples include:

Future of meetings

Any reference to online or remote meetings?

Any reference to deliberation or decision making online?

Geneva Internet Platform

Acronym: GIP

Address: WMO Building, 7bis, Avenue de la Paix, CH-1202 Geneva, Switzerland

Website: https://giplatform.org

Stakeholder group: NGOs and associations

The Geneva Internet Plaform (GIP) is a Swiss initiative operated by DiploFoundation that strives to engage digital actors, foster digital governance, and monitor digital policies.

It aims to provide a neutral and inclusive space for digital policy debates, strengthen the participation of small and developing countries in Geneva-based digital policy processes, support activities of Geneva-based Internet governance (IG) and ICT institutions and initiatives, facilitate research for an evidence-based, multidisciplinary digital policy, bridge various policy silos, and provide tools and methods for in situ and online engagement that could be used by other policy spaces in International Geneva and worldwide. The GIP’s activities are implemented based on three pillars: a physical platform in Geneva, an online platform and observatory, and a dialogue lab.

DiploFoundation

Address: 7bis, Avenue De La Paix, CH-1202 Geneva, Switzerland

Website: https://diplomacy.edu

Stakeholder group: Academia & think tanks

DiploFoundation is a leading global capacity development organisation in the field of Internet governance.

Diplo was established by the governments of Switzerland and Malta with the goal of providing low cost, effective courses and training programmes in contemporary diplomacy and digital affairs, in particular for developing countries. Its main thematic focuses are on Internet governance (IG), e-diplomacy, e-participation, and cybersecurity.

Diplo’s flagship publication ‘An Introduction to Internet governance’ is among the most widely used texts on IG, translated into all the UN languages and several more. Its online and in situ IG courses and training programmes have gathered more than 1500 alumni from 163 countries. Diplo also hosts the Geneva Internet Platform (GIP).

Diplo also provides customised courses and training both online and in situ.