Topic: Critical infrastructure

International Electrotechnical Commission

Acronym: IEC

Established: 1906

Address: 3 rue de Varembé, 1211 Geneva 20 , Switzerland

Website: https://www.iec.ch/

Stakeholder group: International and regional organisations

The IEC is the world leader in preparing international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to over 170 countries, coordinating the work of more than 20,000 experts. We administer four IEC Conformity Assessment Systems, representing the largest working multilateral agreement based on the one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.

IEC International Standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.

IEC Standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Every member country and all its stakeholders represented through the IEC National Committees has one vote and a say in what goes into an IEC International Standard.

Our work is used to verify the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digitisation, artificial intelligence (AI), or virtual reality applications, protects information technology (IT) and critical infrastructure systems from cyberattacks and increases the safety of people and the environment.

Digital activities 

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues.

Digital policy issues

Artificial intelligence and the internet of things

AI applications are driving digital transformation across diverse industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.

For example, the digital transformation of the grid enables increased automation, making it more efficient and able to integrate fluctuating renewable energy sources seamlessly. IEC Standards pave the way for the use of a variety of digital technologies relating to intelligent energy. They deal with issues such as integrating renewable energies within the electrical network but also increased automatisation.

The IEC’s work in the area of AI takes a three-pronged approach. IEC experts focus on sector-specific needs (vertical standards) and conformity assessment, while the joint IEC and International Organization for Standardization (ISO) technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards).

In addition, IEC Safety Standards are an essential element of the framework for AI applications in power utilities and smart manufacturing. IEC Conformity Assessment Systems complete the process by ensuring the standards are properly implemented.

SC 42 addresses some concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.

Governance standards in AI and the business process framework for big data analytics address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.

The joint IEC and ISO technical committee also develop foundational standards for the IoT. Among other things, SC 41 standards promote interoperability, as well as architecture and a common vocabulary for the IoT.

Hardware

The IEC develops standards for many of the technologies that support digital transformation. Sensors, cloud, and edge computing are examples.

Advances in data acquisition systems are driving the growth of big data and AI use cases. The IEC prepares standards relating to semiconductor devices, including sensors.

Sensors can be certified under the IEC Quality Assessment System for Electronic Components (IECQ), one of the four IEC Conformity Assessment Systems.

Cloud computing and its technologies have also supported the increase of AI applications. The joint IEC and ISO technical committee prepares standards for cloud computing, including distributed platforms and edge devices, which are close to users and data collection points. The publications cover key requirements relating to data storage and recovery.

Building trust

International Standards play an important role in increasing trust in AI and help support public and private decision-making, not least because they are developed by a broad range of stakeholders. This helps to ensure that the IEC’s work strikes the right balance between the desire to deploy AI and other new technologies rapidly and the need to study their ethical implications.

The IEC has been working with a wide range of international, regional, and national organisations to develop new ways to bring stakeholders together to address the challenges of AI. These include the Swiss Federal Department of Foreign Affairs (FDFA) and the standards development organisations, ISO, and the International Telecommunication Union (ITU).

More than 500 participants followed the AI with Trust conference, in-person and online, to hear different stakeholder perspectives on the interplay between legislation, standards and conformity assessment. They followed use-case sessions on healthcare, sensor technology, and collaborative robots, and heard distinguished experts exchange ideas on how they could interoperate more efficiently to build trust in AI. The conference in Geneva was the first milestone of the AI with Trust initiative.

The IEC is also a founding member of the Open Community for Ethics in Autonomous and Intelligent Systems (OCEANIS). OCEANIS brings together standardisation organisations from around the world to enhance awareness of the role of standards in facilitating innovation and addressing issues related to ethics and values.

Read more

e-tech

IEC and ISO Work on Artificial Intelligence

AI for the Last Mile

Computational Approaches for AI Systems

–  IEC Blog

Digital Transformation

–  Video

Ian Oppermann (AI with Trust)

AI with Trust conference interviews AI Governance

Network security and critical infrastructure

The IEC develops cybersecurity standards and conformity assessments for IT and operational technology (OT). One of the biggest challenges today is that cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to cyberattacks.

Cyberattacks on IT and OT systems often have different consequences. The effects of cyberattacks on IT are generally economical, while cyberattacks on critical infrastructure can impact the environment, damage equipment, or even threaten public health and lives.

When implementing a cybersecurity strategy, it is essential to consider the different priorities of cyber-physical and IT systems. The IEC provides relevant and specific guidance via two of the world’s best-known cybersecurity standards: IEC 62443 for cyber-physical systems and ISO/IEC 27001 for IT systems.

Both take a risk-based approach to cybersecurity, which is based on the concept that it is neither efficient nor sustainable to try to protect all assets in equal measure. Instead, users must identify what is most valuable and requires the greatest protection and identify vulnerabilities.

Conformity assessment provides further security by ensuring that the standards are implemented correctly: IECEE certification for IEC 62443 and IECQ for ISO/IEC 27001.

ISO/IEC 27001 for IT

IT security focuses equally on protecting the confidentiality, integrity, and availability of data – the so-called CIA triad. Confidentiality is of paramount importance and information security management systems, such as the one described in ISO/IEC 27001, are designed to protect sensitive data, such as personally identifiable information (PII), intellectual property (IP), or credit card numbers, for example.

Implementing the information security management system (ISMS) described in ISO/IEC 27001 means embedding information security continuity in business continuity management systems. Organisations are shown how to plan and monitor the use of resources to identify attacks earlier and take steps more quickly to mitigate the initial impact.

IEC 62443 for OT

In cyber-physical systems, where IT and OT converge, the goal is to protect safety, integrity, availability, and confidentiality (SIAC). Industrial control and automation systems (ICAS) run in a loop to check continually that everything is functioning correctly.

The IEC 62443 series was developed because IT cybersecurity measures are not always appropriate for ICAS. ICAS are found in an ever-expanding range of domains and industries, including critical infrastructure, such as energy generation, water management, and the healthcare sector.

ICAS must run continuously to check that each component in an operational system is functioning correctly. Compared to IT systems, they have different performance and availability requirements and equipment lifetime.

Conformity assessment: IECEE

Many organisations are applying for the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE) conformity assessment certification to verify that the requirements of IEC 62443 have been met.

IECEE provides a framework for assessments in line with IEC 62443, which specifies requirements for security capabilities, whether technical (security mechanisms) or process (human procedures) related. Successful recipients receive the IECEE industrial cybersecurity capability certificate of conformity.

Conformity assessment: IECQ

While certification to ISO/IEC 27001 has existed since the standard was published in 2013, it is only in recent years that the IEC Quality Assessment System for Electronic Components (IECQ) has set up a true single standardised way of assessing and certifying an ISMS to ISO/IEC 27001.

International standards such as IEC 62443 and ISO/IEC 27001 are based on industry best practices and reached by consensus. Conformity assessment confirms that they have been implemented correctly to ensure a safe and secure digital society.

Read more

Video

Digital tools

IEC has developed a number of online tools and services designed to help everyone with their daily activities.

Social media channels

Facebook @InternationalElectrotechnicalCommission

LinkedIn @IECStandards

Pinterest @IECStandards

X @IECStandards

YouTube @IECstandards

CyberPeace Institute

Acronym: CyberPeace Institute

Established: 2019

Address: Campus Biotech Innovation Park, 15 avenue de Sécheron, 1202 Geneva, Switzerland

Website: https://cyberpeaceinstitute.org/

Stakeholder group: NGOs and associations

The CyberPeace Institute is an independent and neutral non-governmental organisation (NGO) that strives to reduce the frequency, impact, and scale of cyberattacks, to hold actors accountable for the harm they cause, and to assist vulnerable communities.

The institute is a Geneva-based NGO, also working in close collaboration with relevant partners to reduce the harm from cyberattacks on people’s lives worldwide and provide assistance. By analysing cyberattacks, we expose their societal impact and how international laws and norms are being violated, and advance responsible behaviour to enforce cyberpeace.

At the heart of the Institute’s efforts is the recognition that cyberspace is about people. We support providers of essential services to the most vulnerable members of society, ultimately benefitting us all, like NGOs and the healthcare sector. Attacking them can have a devastating impact on beneficiaries and patients, putting their rights and even lives at risk.

To deliver on this mission, we rely on donations and the generosity of individuals, foundations, companies, and other supporters. This support enables us to assist and support vulnerable communities, including NGOs, to enhance their resilience to cyberattacks.

The Institute also provides evidence-based knowledge and fosters awareness of the impact of cyberattacks on people, to give a voice to and empower victims to highlight the harm and impact of cyberattacks. We remind state and non-state actors of the international laws and norms governing responsible behaviour in cyberspace, and advance the rule of law to reduce harm and ensure the respect of the rights of people.

Digital activities

Created in 2019, the Institute assesses the impact of cyberattacks from a human perspective, focusing on the rights of people. We ground our analysis on evidence and the impact on human well-being, telling the story of people, linking it with the technical reality of cyberattacks, and assessing it against the violation of laws. The Institute advocates for an evidence-based, human-centric approach to the analysis of cyberattacks as essential to the process of redress, repair, and/or justice for victims. It works collaboratively in our research, analysis, assistance, mobilisation, and advocacy. We engage with vulnerable communities to understand their needs for cybersecurity support and provide free and trusted cybersecurity assistance to vulnerable communities.

The CyberPeace Institute

  • assists NGOs and other vulnerable communities to prepare for and recover from cyberattacks.
  • investigates cyberattacks targeting vulnerable communities, analysing these attacks to provide alerts and support and for accountability.
  • advocates to advance the rule of law and respect for the rights of people.
  • anticipates threats to people associated with emerging and disruptive technologies.
    • Examples of operational activities
  • Assisting humanitarian and other NGOs with free and trusted cybersecurity support.
  • Analysing cyberattacks and highlighting their impact on people and how they violate the rule of law.
  • Documenting violations of international laws and norms and advocating for strengthened legal protection in cyberspace.
  • Offering expertise and support to states and civil society in relation to responsible behaviour in cyberspace.
  • Foreseeing and navigating future trends and threats in cyberspace.

Digital policy issues

Critical infrastructure

Cyberattacks against critical infrastructure have been on the rise, from attacks against hospitals and vaccine supply chains to attacks on the energy sector. When such disruptions occur, access to basic services is at risk. It is vital that there is an increase in the capacity and ability to improve resilience to cyberthreats in critical sectors, such as healthcare. The CyberPeace Institute urges stakeholders in diplomatic, policy, operational, and technical areas to increase their capacity and resilience to cyberthreats.

The Institute advocates for capacity building aimed at enabling states to identify and protect national critical infrastructure and to cooperatively safeguard its operation. This includes capacity building, implementation of norms of responsible behaviour, and confidence building measures. In strengthening efforts to protect critical infrastructure, the Institute calls for the sharing of lessons learned between countries to assist those with less capacity and fewer capabilities.

NGOs in civilian-critical sectors, for example water, food, healthcare, energy, finance, and information, need support and expertise to help them strengthen their cybersecurity capabilities. While these NGOs provide critical services to communities and bridge areas not covered by public and private actors, they lack the resources to protect themselves from cybersecurity threats.

Examples of the Institute’s work in this regard:

  • Calls to governments to take immediate and decisive action to stop all cyberattacks on hospitals and healthcare and medical research facilities, as well as on medical personnel and international public health organisations.
  • Capacity building is essential for achieving cyber preparedness and resilience across sectors and fields, and activities focus on providing assistance and capacity building to NGOs that might lack technical expertise and resources.
  • Publication of the strategic analysis report Playing with Lives: Cyberattacks on Healthcare are Attacks on People, and launch of the Cyber Incident Tracer (CIT) #Health platform that bridges the current information gap about cyberattacks on healthcare and their impact on people. This is a valuable source of information for evidence-led operational, policy, and legal decision-makers.
  • Analysis and evaluation of cyberattacks and operations targeting critical infrastructure and civilian objects in the armed conflict between Ukraine and the Russian Federation through the publicly accessible Cyber Attacks in Times of Conflict Platform #Ukraine and a two-part video series to offer visual representation of key findings further developed in our quarterly analytical reports.
  • An interactive platform named The CyberPeace Watch to expand the monitoring to other contexts including other situations of armed conflict and to the application of relevant laws and norms. This informs policy and legal processes and developments, the preparedness and protection of critical infrastructure, and cyber capacity building.
  • Participation in the INFINITY project to transform the traditional idea of criminal investigation and analysis. INFINITY has received funding from the European Union’s Horizon 2020. Its concept is based around four core research and technical innovations that together, will provide a revolutionary approach and convert data into actionable intelligence.
  • Participation in the UnderServed project, an EU- funded initiative to address the lack of adequate cybersecurity measures for vulnerable sectors, including humanitarian, development, and peace non-governmental organisations (NGO). The primary objective of the project is to establish a comprehensive platform for reporting and analysing cyber threats. This platform is tailor-made for NGOs vulnerable to cyberattacks, which often lack the resources to effectively mitigate such threats.

Network security

NGOs play a critical role in ensuring the delivery of critical services, such as the provision of healthcare, access to food, micro-loans, information, and the protection of human rights.

Malicious actors are already targeting NGOs in an effort to get ransoms and exfiltrate data. Often these NGOs do not have the budget, know-how, or time to effectively secure their infrastructures and develop a robust incident response to manage and overcome sophisticated attacks.

With this in mind, the Institute launched its CyberPeace Builders programme in 2021, a unique network of corporate volunteers providing free pre- and post-incident assistance to NGOs supporting vulnerable populations.

This initiative brings support to NGOs in critical sectors at a level that is unequalled in terms of staff, tools, and capabilities. It assists NGOs with cybersecurity whether they work locally or globally, and supports them in crisis-affected areas across the globe.

Capacity development

The Institute believes that meaningful change can occur when a diversity of perspectives, sectors, and industries work together. To address the complex challenges related to ensuring cyberpeace, it works with a wide range of actors at the global level including governments, the private sector, civil society, academia, philanthropies, policymaking institutions, and other organisations. The Institute contributes by providing evidence-led knowledge, emphasising the need to integrate a genuine human-centric approach in both technical and policy-related projects and processes, and by highlighting the civil society perspective to support and amplify existing initiatives.

Training

The CyberPeace Institute is providing comprehensive training for NGOs Boards and Staff, Foundations and Volunteers designed to empower organisations with vital tools for safeguarding their missions.

We recently launched a Cyber School, in partnership with Microsoft, to create a unique, free offer to
participate in an 8-week virtual course for everyone who is interested in taking their first step into a new career path.

Interdisciplinary approaches

To contribute to closing the accountability gap in cyberspace, the Institute seeks to advance the role of international law and norms.

It reminds state and non-state actors of the international law and norms governing responsible behaviour in cyberspace, and contributes to advancing the rule of law to reduce harm and ensure the respect of the rights of people.

Contribution to UN processes

  • In 2021–2022, the Institute contributed to and commented on various UN-led processes (notably the United Nations Group of Governmental Experts on Advancing responsible state behaviour in cyberspace in the context of international security (UN GGE) and the Working Group (WG) on the use of mercenaries as a means of violating human rights and impeding the exercise of the rights of peoples to self-determination).
  • Since its inception, the Institute has closely followed the work of the UN Open-Ended Working Group (UN OEWG) on developments in the field of information and telecommunications in the context of international security, advocating recognition of the healthcare sector as a critical infrastructure and raising concerns about the lack of commitment towards an actionable and genuine human-centric approach.
  • In the Open-Ended Working Group on security of and in the use of information and communications technologies 2021–2025 (OEWG II), the Institute set out three key action areas and related recommendations, and is contributing its expertise in relation to the protection of humanitarian and development organisations from cyberattacks.
  • – The Institute issued a Statement at the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes (Cybercrime Convention
  • Moreover, the Institute sought to advance the Cyber Programme of Action (PoA) by offering recommendations concerning the range, organisation, and approaches for stakeholder participation.
  • Also, the Institute welcomed the call for civil society organisations to contribute to the Global Digital Compact and provided a set of recommendations.

Participation in international initiatives: The Paris Call Working Groups

The Paris Call for Trust and Security in Cyberspace is a multistakeholder initiative launched by the French government at the Paris Peace Forum in November 2018. The Call itself sets out nine principles promoting and ensuring the security of cyberspace and the safer use of information and communications technology (ICT).

At the World Economic Forum meeting in Davos, in May 2022, the CyberPeace Institute joined Access Now, the Office of the High Commissioner for Human Rights (OHCHR), Human Rights Watch (HRW), Amnesty International, the International Trade Union Confederation (ITUC), and Consumers International to call on decision-makers to take action and initiate a moratorium limiting the sale, transfer, and use of abusive spyware until people’s rights are safeguarded under international human rights law.

This is in addition to a call made in 2021, in which the Institute joined more than 100 civil society organisations calling for a global moratorium on the sale and transfer of surveillance technology until rigorous human rights safeguards are adopted to regulate such practices and guarantee that governments and non-state actors don’t abuse these capabilities.

EU Processes

At the Institute, we conduct an evaluation of best practices in implementing EU regulations, focusing on
their evolution and development to ensure effective execution. Simultaneously, we analyse EU mechanisms like the EU Cyber Diplomacy Toolbox, aimed at countering malicious cyber activities and bolstering resilience, while providing targeted observations and recommendations.

Digital technology plays an important role in conflict mediation and global peacebuilding. It can extend inclusion, allowing more women or people from marginalised groups to take part in or follow a mediation process. It can make mediation faster and more efficient and can allow mediators to draw on resources from around the world.

However, digital technology brings risks, too. It can increase polarisation, for example, and allow disinformation to spread to more people, more quickly. It can increase vulnerability to malicious actors, spying, and data breaches. These risks can undermine trust in the process.

Mediators work in low-trust, volatile contexts and don’t always have the knowledge to assess the risks posed by digital technology. A new online platform helps to raise awareness of those risks, as well as offering training on how to deal with them. The Digital Risk Management E-Learning Platform for Mediators was created in 2021 by the CyberPeace Institute, CMI – Martti Ahtisaari Peace Foundation, and the UN Department of Political and Peacebuilding Affairs (UNDPPA) Mediation Support Unit.

As part of the integration and engagement with the stakeholder ecosystem in Geneva, the Institute is a member of the Geneva Chamber of Commerce, Industry and Services (CCIG). Various academic collaborations are ongoing through participation in conferences, workshops, and lectures,
namely with the Ecole Polytechnique Fédérale de Lausanne Centre for digital trust EPFL (C4DT), the University of Geneva (UNIGE), and the Graduate Institute (IHEID). In 2020, the Institute formed a strategic partnership with the SwissTrust Valley for Digital Transformation and Cybersecurity.

The Institute and its staff have received several awards for innovative and continuous efforts promoting cyberpeace including the 2020 Geneva Centre for Security Policy (GCSP), second prize for Innovation in Global Security, and the Prix de l’Economie in 2021 from CCIG.

Social media channels

The Institute maintains a website providing alerts, blogs, articles, and publications on key issues related to its mission for cyberpeace, and shares video materials and discussion recordings on YouTube channel.

The latest news and developments are shared via:

Facebook @CyberpeaceInstitute

Instagram @cyberpeaceinst

LinkedIn @cyberpeace-institute

X @CyberpeaceInst

Sign up for the monthly newsletter to receive updates about what’s happening at the Institute, as well as news about cyberpeace.

World Intellectual Property Organization

Acronym: WIPO

Established: 1967

Address: Chemin des Colombettes 34, 1211 Geneva 20, Switzerland

Website: https://www.wipo.int/

Stakeholder group: International and regional organisations

WIPO is a UN agency functioning as the global forum for intellectual property (IP) related services (patents, copyright, trademarks, and designs), policy, information, and cooperation. The organisation was established in 1967. It currently has 193 member states and over 200 observers representing non-governmental organisations (NGOs) and intergovernmental organisations. WIPO leads the development of a balanced and effective global IP ecosystem to promote innovation and creativity for a better and more sustainable future.

Digital activities

WIPO runs several online registration systems for patents and trademarks. There are also numerous databases available for use by stakeholders on the same subjects.

Digital policy issues

Frontier technologies including artificial intelligence

WIPO pays particular attention to the interplay between frontier technologies including artificial intelligence (AI) and IP.

The WIPO Conversation on IP and Frontier Technologies provides an open, inclusive forum to engage with and facilitate discussion and knowledge-building among the widest possible set of stakeholders. It leads the global discourse on the impact of frontier technologies on IP, in this fast-moving, complex space. Each year, WIPO usually holds two sessions of the Conversation covering both the uses and applications of frontier technologies to assist IP Offices and IP owners as well as more conceptual policy-based discussions to ensure that the IP systems continue to foster innovation. The five sessions of the WIPO Conversation to date have focused on AI, data, and frontier technologies in IP administration.

WIPO has prepared a paper exploring the (potential) impact of AI on IP policies in areas such as copyright and related rights, patents, trademarks, designs, and overall IP administration. It also maintains an AI and IP strategy clearing house, which collates government instruments (strategies, regulations, etc.) that are relevant to AI, data, and IP.

WIPO is also developing and deploying AI solutions in the context of various activities; relevant examples are WIPO Translate and the WIPO Brand Image Search, which use AI for automated translation and image recognition. The WIPO Index of AI Initiatives in IP Offices seeks to foster information sharing and collaboration between national IP Offices working on similar projects.

Alternative dispute resolution and critical internet resources

WIPO’sactivitiesregarding the Domain Name System(DNS) revolve around the protection of trademarks and related rights in the context of domain names. It developed the Uniform Domain-Name Dispute-Resolution Policy (UDRP) with the Internet Corporation for Assigned Names and Numbers (ICANN). Under this policy, WIPO’s Arbitration and Mediation Center provides dispute resolution services for second-level domain name registrations under generic top-level domains (gTLDs) to which the UDPR applies. The Center also administers disputes under specific policies adopted by some gTLD registries (e.g. .aero, .asia, .travel). In addition, it offers domain name dispute resolution services for over 70 country code top-level domains (ccTLDs). WIPO has developed a ccTLD Program to provide advice to many ccTLD registries on the establishment of dispute resolution procedures. It also contributes to the work carried out within the framework of ICANN in regard to the strengthening of existing trademark rights protection mechanisms or the development of new such mechanisms.

Intellectual property rights

Trademarks

WIPO has long been involved in issues related to the protection of trademarks in the context of the DNS. The first phase of the WIPO Internet Domain Name Process, carried out in 1991, explored trademark abuse in second-level domain names, and led to the adoption, by ICANN, of the UDRP. WIPO has also contributed to the development of several trademark rights protection mechanisms applicable to gTLDs (such as legal rights objections, the Trademark Clearinghouse, and the uniform rapid suspension system). The WIPO Arbitration and Mediation Center administers trademark-related dispute resolution cases for several gTLDs and ccTLDs.

Copyright

WIPO is actively contributing to international discussions on the opportunities offered by copyright in the digital environment, especially to developing economies, small and medium enterprises  (SMEs) and women entrepreneurs. The organisation administers the Internet Treaties and the Beijing Treaty, which clarify that existing copyright and related rights apply on the internet, and introduce new online rights, while also establishing international norms aimed at preventing unauthorised access to and use of creative works on the internet or other digital networks. The WIPO Accessible Books Consortium furthers the practical implementation of the Marrakesh Treaty to increase the number of books available worldwide in accessible digital formats. WIPO member states are considering topics related to copyright in the digital environment at the multilateral level. WIPO also carries out research and organises seminars and other meetings on aspects concerning challenges and possible solutions for taking advantage of the opportunities offered by copyright and related rights in the digital era.

Liability of intermediaries

Given WIPO’s concerns  regarding  the  protection of copyright and related rights on the internet, the organisation is exploring issues related to the roles and responsibilities of internet intermediaries when it comes to online copyright infringements. The organisation carries out or commissions research and publishes studies on the relationship between copyright and internet intermediaries (such as comparative analyses of national approaches to the liability of Internet intermediaries), and organises events (seminars, workshops, sessions at the World Summit on the Information Society (WSIS) Forum and Internet Governance Forum (IGF) meetings, etc.) aimed at facilitating multistakeholder discussions on the potential liability of internet intermediaries concerning copyright infringements.

  • Comparative analysis of national approaches of the liability of the internet intermediaries (I and II).

Sustainable development

WIPO is of the view that IP is a critical incentive for innovation and creativity, and, as such, a key to the success of the sustainable development goals (SDGs). The organisation works to enable member states to use the IP system to drive the innovation, competitiveness, and creativity needed to achieve the SDGs. It does so, for instance, through supporting countries in their efforts to build an innovative IP ecosystem, providing legislative advice on updating national IP laws, and supporting judiciary systems in keeping up with technological innovation. WIPO’s contribution to the implementation of the Agenda 2030 is guided by its Development Agenda.

Climate change

WIPO’s Global Challenges programme brings together various stakeholders to explore issues related to green technologies and the environment. It hosts WIPO GREEN, a multistakeholder platform aimed to promote innovation and diffusion of green technologies, and it provides analysis of relevant IP issues to facilitate international policy dialogue. The WIPO GREEN platform includes a digital database of green technologies in sectors such as energy, water and transportation. In 2022, WIPO launched the Green Technology Book, a major digital publication to showcase concrete solutions related to climate change adaptation. The report will be fully integrated with the WIPO GREEN database, allowing for continuous additions by technology providers.

  • WIPO GREEN – online marketplace for sustainable/ green technologies

Digital tools

Here are some examples of the digital tools WIPO uses in relation to its services:

  • WIPO Online Case Administration Tools, including WIPO eADR (allowing parties in a dispute, mediators, arbitrators, and experts in a WIPO case to securely submit communications electronically into an online docket) and online facilities for meetings and hearings as part of WIPO cases.
  • WIPO GREEN – online marketplace for sustainable technologies.
  • WIPO Match – platform that matches seekers of specific IP-related development needs with potential providers offering resources.
  • WIPO Alert – platform to upload information on entities that infringed copyright at national level.
  • Madrid e-services – online tools and resources.
  • Electronic Forum – enables the electronic distribution and submission by email of comments concerning preliminary draft working documents and draft reports.
  • WIPO Academy – also includes an eLearning Centre.
  • WIPO Connect – enables collective management of copyright and related rights at local and central levels.
  • ABC Global Book Service – on-line catalogue that allows participating libraries for the blind and organisations serving people who are print disabled to obtain accessible content.
  • WIPO Knowledge Centre – hosts virtual exhibitions. Recent subjects have included geographical indications, and AI.

Social media channels

Facebook @WIPO

Flickr @WIPO

Instagram @wipo

LinkedIn @WIPO

Podcast @https://www.wipo.int/podcasts/en/

X @WIPO

YouTube @WIPO

International Organization for Standardization

Acronym: ISO

Established: 1947

Address: Chemin de Blandonnet 8, 1214 Vernier, Geneva, Switzerland

Website: https://www.iso.org/iso/home.html

Stakeholder group: International and regional organisations

ISO is the International Organization for Standardization, the world’s largest developer of international standards. It consists of a global network of 170 national standards bodies – our members. Each member represents ISO in its country. The organisation brings together global experts to share knowledge and develop voluntary, consensus-based, market-relevant International Standards. It is best known for its catalogue of almost 25,000
standards spanning a wide range of sectors, including technology, food, and healthcare.

Digital activities

A large number of the international standards and related documents developed by ISO are related to information and communication technologies (ICTs), such as the Open Systems Interconnection (OSI) that was created in 1983 to establish a universal reference model for communication protocols. The organisation is also active in the field of emerging technologies including blockchain, the Internet of Things (IoT), and AI. The standards are developed by various technical committees dedicated to specific areas including information security, cybersecurity, privacy protection, AI, and intelligent transport systems.

Digital policy issues

Artificial intelligence

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) for AI is known as ISO/IEC JTC1/SC 42 Artificial intelligence and is responsible for the development of standards in this area. To date, it has published 20 standards specifically pertaining to AI with 35 others in development. ISO/IEC 42001 is the flagship AI Management System Standard, which provides requirements for establishing, implementing, maintaining, and continually improving an AI management system within the context of an organisation. ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks and addresses approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy. The standards under development include those that cover concepts and terminology for AI (ISO/IEC 22989); bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027); AI risk management (ISO/IEC 23894); a framework for AI systems using machine learning (ISO/IEC 23053); and the assessment of machine learning classification performance (ISO/IEC TS 4213). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Cloud computing

ISO and IEC also have a joint committee for standards related to cloud computing which currently has 27 published standards and a further 5 in development. Of those published, two standards of note include ISO/IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 22123-3, which specifies the cloud computing reference architecture.Standards under development include those on health informatics (ISO/TR 21332); the audit of cloud services (ISO/IEC 22123-2); and data flow, categories, and use (ISO/IEC 19944 series). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Internet of things

Recognising the ongoing developments in the field of IoT, ISO has a number of dedicated standards both published and in development, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181 series), unique identification for IoT (ISO/IEC 29161), Internet of Media Things (ISO/IEC 23093-3), the trustworthiness of IoT (ISO/IEC 30149), and industrial IoT systems (ISO/IEC 30162). IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security. In addition, there are 26 standards under development, some of which provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147); a trustworthiness framework (ISO/IEC 30149); the requirements of an IoT data exchange platform for various IoT services (ISO/IEC 30161); and a real-time IoT framework (ISO/IEC 30165). Up-to-date information on the ISO and IEC joint technical committee for IoT (e.g. scope, programme of work, contact details) can be found on the committee page

Telecommunication infrastructure

ISO’s standardisation work in the field of telecommunications infrastructure covers areas such as planning and installation of networks (e.g. ISO/IEC 14763-2), corporate telecommunication networks (e.g. ISO/IEC 17343), local and metropolitan area networks (e.g. ISO/IEC/IEEE 8802-A), private integrated telecommunications networks (e.g. ISO/IEC TR 14475), and wireless networks. Next-generation networks – packet-based public networks able to provide telecommunications services and use multiple quality-of-service-enabled transport technologies – are equally covered (e.g. ISO/IEC TR 26905). ISO also has standards for the so-called future networks, which are intended to provide futuristic capabilities and services beyond the limitations of current networks, including the internet. Up-to-date information on the joint ISO and IEC technical committee that develops these standards (e.g. scope, programme of work, contact details ) can be found on the committee page.

Blockchain

ISO has published 11 standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; and ISO 22739 covers fundamental blockchain terminology respectively. ISO also has a further eight standards on blockchain in development. These include those related to:  security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); and guidelines for governance (ISO/TS 23635). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Emerging technologies

ISO develops standards in the area of emerging technologies. 

Dozens of standards in the area of emerging technologies are those related to robotics. ISO has more than 40 different standards either published or in development that cover issues such as collaborative robots (e.g. ISO/TS 15066); safety requirements for industrial robots (e.g. ISO 10218 series); and personal care robots (e.g. ISO 13482). Autonomous or so-called intelligent transport systems (ITS) standards are developed by ISO’s ITS Technical Committee and include those for forward vehicle collision warning systems (ISO 15623) and secure connections between trusted devices (ISO/TS 21185). Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/IEC 23843).

Network security

ISO and IEC standards also address information security and network security . The ISO and IEC 27000 family of standards covers information security management systems and are used by organisations to secure information assets such as financial data, intellectual property, and employee information. For example,ISO/IEC 27031 and ISO/IEC 27035 are specifically designed to help organisations respond, diffuse, and recover effectively from cyberattacks. ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002 for privacy information management, and details requirements and guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).Network security is also addressed by standards on technologies such as the IoT, smart community infrastructures, medical devices, localisation and tracking systems, and future networks. Up-to-date information on the joint ISO and IEC technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Encryption

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information becomes increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1, currently under development, addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772 which covers authenticated encryption, ISO/IEC 18033-3 which specifies encryption systems (ciphers) for the purpose of data confidentiality, and ISO 19092 which allows for encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons. ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and many more related areas. 

Data governance

Big data is another area of ISO standardisation; around 80% of related standards are developed by the ISO/IEC AI committee. The terminology for big-data-related standards is outlined in ISO/IEC 20546, while ISO/IEC 20547-3 covers big data reference architecture. ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations and ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Digital identities

Digital signatures that validate digital identities help to ensure the integrity of data and authenticity of particulars in online transactions. This, therefore, contributes to the security of online applications and services. Standards to support this technology cover elements such as anonymous digital signatures (e.g. ISO/IEC 20008 series); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, which is where the content of the message to be signed is disguised, used in contexts where, for example, anonymity is required. Examples of such standards are ISO 18370-1 and ISO/IEC 18370-2.

Privacy and data protection

Privacy and data protection in the context of ICTs is another area covered by ISO’s standardisation activities. One example is ISO/IEC 29101 which describes a privacy architecture framework. Others include those for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

Digital tools

ISO has developed an online browsing platform that provides up-to-date information on ISO standards, graphical symbols, publications, and terms and definitions.

Future of meetings

Future ISO meetings can be found at ISO – meeting calendar

Social media channels

Facebook @isostandards

Instagram @isostandards

LinkedIn @isostandards

X @isostandards

YouTube @iso

Geneva Internet Platform

Acronym: GIP

Established: 2014

Address: 7bis, Avenue de la Paix, CH-1202 Geneva

Website: https://www.giplatform.org/

Stakeholder group: NGOs and associations

The Geneva Internet Plaform (GIP) is a Swiss initiative operated by DiploFoundation that strives to engage digital actors, foster digital governance, and monitor digital policies.

It aims to provide a neutral and inclusive space for digital policy debates, strengthen the participation of small and developing countries in Geneva-based digital policy processes, support activities of Geneva-based Internet governance (IG) and ICT institutions and initiatives, facilitate research for an evidence-based, multidisciplinary digital policy, bridge various policy silos, and provide tools and methods for in situ and online engagement that could be used by other policy spaces in International Geneva and worldwide. The GIP’s activities are implemented based on three pillars: a physical platform in Geneva, an online platform and observatory, and a dialogue lab.

DiploFoundation

Acronym: Diplo

Established: 2002

Address: 7bis, Avenue de la Paix CH-1202 Geneva, Switzerland

Website: https://www.diplomacy.edu

Stakeholder group: Academia & think tanks

DiploFoundation (Diplo) is a Swiss-Maltese non-governmental organisation that specialises in capacity development in the field of Internet governance and digital policy. Established in 2002, Diplo, among other things, works to improve the role of small and developing states in global diplomacy by:

  • training officials through online courses, workshops, and simulation exercises;
  • developing capacity on Internet governance, cybersecurity, data, artificial intelligence, and other emerging tech issues;
  • promoting and developing digital tools for inclusive and impactful governance and policy-making.

Diplo’s main activities:

Capacity Development

Diplo’s capacity development support begins with individuals, but through the activities of these individuals, its impact reaches into the larger systems of which they and their organisations are a part. Diplo’s approach includes online training, policy research, policy immersion, and the development of communities of practice, combined in various ways as appropriate to each policy context. Diplo’s capacity development activities center around education, online training, courses, workshops, as well as online events, webinars, and research on topics such as AI, big data, science diplomacy, and cybersecurity.

Events

To address pressing issues in global governance, Diplo’s events bring together people from different perspectives, including diplomats, business professionals, academics, members and staff of international organisations, members of civil society, and members of the technical community. Diplo works to make its events more accessible through e-tools that support remote participation. These events often evolve into teaching activities, publications, or online interactions.

Courses

Diplo offers postgraduate-level academic courses and training workshops on a variety of diplomacy-related topics for diplomats, civil servants, staff of international organisations and NGOs, and students of international relations. Combining a highly developed learning methodology with a unique online learning platform, Diplo’s courses are flexible, personal, interactive, and community-building. Courses are delivered online, face-to-face, and in a blended format.

Research

Diplo’s efforts on capacity development also include research on a variety of digital topics such as AI, big data, science diplomacy, and cybersecurity. This research has been conducted in collaboration with a number of partners, including swissnex and the Ministry for Foreign Affairs of Finland.

Artificial Intelligence

In the area of AI, Diplo has established its AI Lab, a multifaceted initiative that includes research and analysis on AI policy, capacity development in the field of AI and related areas, reports from main events and discussions on AI, and analysis of the impact of AI on diplomacy.

At IGF 2019 in Berlin, Diplo launched its humAInism project as a response to calls for regulation and oversight of AI technologies. The project aims to anchor AI in the core values of humanity by understanding how AI functions and what reasonable policy trade-offs need to be made. It looks under the AI bonnet to understand the technology and analyses the policy, legal, and ethics-related impacts of algorithms and other AI tools.

United Nations Conference on Trade and Development

Acronym: UNCTAD

Established: 1964

Address: Palais des Nations, Av. de la Paix 8-14, 1211 Geneva 10, Switzerland

Website: https://unctad.org/

Stakeholder group: International and regional organisations

UNCTAD is a UN body dedicated to supporting developing countries in accessing the benefits of a globalised economy more fairly and effectively. It provides analysis, facilitates consensus building, and offers technical assistance, thus helping countries use trade, investment, finance, and technology to support inclusive and sustainable development.

UNCTAD also works to facilitate and measure progress towards achieving the sustainable development goals (SDGs), through a wide range of activities in areas such as technology and innovation, trade, investment, environment, transport and logistics, and the digital economy. It places special emphasis on supporting the most vulnerable developing countries, including least developed countries (LDCs), landlocked developing countries (LLDCs), small island developing states (SIDS), and African countries to build resilience to economic shocks and to achieve structural economic transformation.

UNCTAD’s work often results in analyses, statistics, and recommendations that inform national and international policymaking processes, and contribute to promoting economic policies aimed at ending global economic inequalities and generating human-centric sustainable development.

Digital activities

UNCTAD is particularly active in the field of e-commerce, trade, and the digital economy, carrying out a wide range of activities from research and analysis to providing assistance to member states in developing adequate legislative and regulatory frameworks and facilitating international dialogue on the development opportunities and challenges associated with the digital economy.

UNCTAD also works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of science, technology, and innovation (STI) for development. Consumer protection, gender equality, productive capacity building, and privacy and data protection are other digital policy areas where UNCTAD is active.

Digital policy issues

Data governance

As data has become a key resource in the digital economy, data governance is a fundamental part of the work of UNCTAD. This is illustrated, for example, in the research and analysis work of the Digital Economy Report 2019, which focused on the role of data as the source of value in the digital economy and how it is created and captured and the Digital Economy Report 2021, which analysed cross-border data flows and development. Moreover, some of UNCTAD’s work on e-commerce and digital trade touches specifically on privacy and data protection issues. For instance, the eCommerce and Law Reform work dedicated to supporting developing countries in their efforts to establish adequate legal frameworks for e-commerce also covers data protection and privacy among the key issues addressed. The Global Cyberlaw Trackers offers information on data protection laws in UNCTAD member states.

Also relevant for data governance discussions is UNCTAD’s work on statistics, as the organisation collects and analyses a wide range of data and statistics on issues such as economic trends,  international trade, investment, development, and the digital economy. UNCTAD’s statistical capacity development activities help countries enhance their statistical and data infrastructures and often address issues of data governance, such as statistical confidentiality, access to data, and privacy protection. UNCTAD also contributes actively to global work to enhance data governance in statistics and beyond and to develop universal principles to guide the collection, dissemination, use, and storage of data.

UNCTAD makes its data and statistics available as open-source in the UNCTADstat data centre. Statistics underpin UNCTAD’s analytical work and are featured in many publications. The UNCTAD Handbook of Statistics disseminates key messages from UNCTAD’s statistics including infographics and UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development. In addition, Development and Globalization Facts and Figures publications provide thematic updates on topical issues with the latest number focusing on SIDS. To provide timely information on the global economy and trade, UNCTAD Statistics publishes a weekly Trade and Economy Nowcast.

UNCTAD is also running several projects focused on improving the efficiency of data management for example by developing a plug-and-play system to compile Trade in Services Statistics, its activities in the Digitising Global Maritime Trade project, and by supporting customs operations with the Automated System for Customs Data. UNCTAD’s own statistical activities are governed by the UNCTAD Statistics Quality Assurance Framework, which is aligned with principles governing international statistical activities.

E-commerce and trade

UNCTAD’s work programme on e-commerce and the digital economy (ECDE Programme), encompasses several research and analysis, consensus-building, and technical assistance activities, as follows:

Research and analysis

UNCTAD conducts research and analysis on e-commerce and the digital economy and their implications for trade and development. These are mainly presented in its flagship publication, the Digital Economy Report (known as the Information Economy Report until 2017), and in its Technical Notes on ICT for Development. The Technology and Innovation Report, another flagship publication, highlights the need to build science, technology, and innovation capabilities as prerequisites to enabling developing countries and LDCs to adopt and adapt frontier technologies, including digital technologies.

Consensus building on e-commerce and digital economy policies

UNCTAD’s Intergovernmental Group of Experts on E-commerce and the Digital Economy meets regularly to discuss ways to strengthen the development dimension of e-commerce and the digital economy. The group’s meetings are usually held in conjunction with UNCTAD eWeek an annual event hosted by UNCTAD featuring discussions on development opportunities and challenges associated with the digital economy.

UNCTAD also serves as a knowledge partner to the deliberations of the G20 Digital Economy Working Group on Data Free Flow with Trust and Cross-border Data Flows.

Under the auspices of the UN Commission on Science and Technology for Development (CSTD), UNCTAD provides substantive work on the follow-up to the World Summit on the Information Society (WSIS) – a unique two-phase UN summit that was initiated to create an evolving multistakeholder platform to address the issues raised by information and communications technologies (ICTs) through a structured and inclusive approach at the national, regional, and international levels.

To that end, the CSTD:

  • Reviews and assesses progress at the international and regional levels in the implementation of action lines, recommendations, and commitments contained in the outcome documents of the Summit.
  • Shares best and effective practices and lessons learned and identifies obstacles and constraints encountered, and actions and initiatives to overcome them alongside important measures for further implementation of the Summit outcomes.
  • Promotes dialogue and fosters partnerships, in coordination with other appropriate UN funds, programmes and specialised agencies, to contribute to the attainment of the Summit.
  • Monitors objectives and the implementation of its outcomes and the use of ICTs for development and the achievement of internationally agreed development goals, with the participation of governments, the private sector, civil society, the UN, and other international organisations in accordance with their different roles and responsibilities.

E-Commerce assessments and strategy formulation

The eTrade Readiness Assessments (eT Readies) assist LDCs and other developing countries in understanding their e-commerce readiness in key policy areas to better engage in and benefit from e-commerce. The assessments provide recommendations to overcome identified barriers and bottlenecks to growth and enjoying the benefits of digital trade.

UNCTAD’s work on ICT policy reviews and national strategies involves technical assistance, advisory services, diagnostics, and strategy development on e-commerce, and national ICT planning at the request of governments. Through an analysis of the infrastructural, policy, regulatory, institutional, operational, and socio-economic landscape, the reviews help governments to overcome weaknesses and bureaucratic barriers, leverage strengths and opportunities, and put in place relevant strategies.

Legal frameworks for e-commerce

UNCTAD’s e-commerce and law reform work helps to develop an understanding of the legal issues underpinning e-commerce through a series of capacity-building workshops for policymakers at the national and regional levels. Concrete actions include assistance in establishing domestic and regional legal regimes to enhance trust in online transactions, regional studies on cyber laws harmonisation, and the global mapping of e-commerce legislation through its Global Cyberlaw Tracker.

Measuring the information economy

UNCTAD’s work on measuring the information economy includes statistical data collection and the development of methodology, as well as linking statistics and policy through the Working Group on Measuring E-commerce and the Digital Economy, established by the Intergovernmental Group of Experts on E-Commerce and the Digital Economy. Figures are published in the biennial Digital Economy Report and the UNCTADstat Data Centre. Technical cooperation here aims to strengthen the capacity of national statistical systems to produce better, more reliable, and internationally comparable statistics on the following issues: ICT use by enterprises, size and composition of the ICT sector, and e-commerce and international trade in ICT-enabled services.

Smart partnerships through eTrade for all

The eTrade for all initiative (eT4a) is a global collaborative effort of 35 partners to scale up cooperation, transparency, and aid efficiency towards more inclusive e-commerce.  Its main tool is an online platform (etradeforall.org), a knowledge-sharing and information hub that facilitates access to a wide range of information and resources on e-commerce and the digital economy. It offers a gateway for matching the suppliers of technical assistance with those in need. Beneficiaries can connect with potential partners, and learn about trends,  best practices,  up-to-date e-commerce indicators,  and upcoming events all in one place. The initiative also acts as a catalyst of partnership among its members for increased synergies. This collaboration has concretely translated into the participation of several eT4a partners as key contributors to the various UNCTAD e Week organised by UNCTAD and in the conduct and review of eTrade Readiness Assessments.

Market access and rules of origin for least developed countries

LDCs are granted preferential tariff treatment in the markets of developed and developing countries under several schemes and arrangements. Since its inception, UNCTAD has assisted governments in developing preferential rules of origin (RoO). UNCTAD assists governments and regional economic communities, as well as the AfCFTA Secretariat, in negotiating and drafting their RoO. Most recently, UNCTAD’s technical assistance has focused on the implementation of the World Trade Organization’s (WTO’s) 2005 Hong Kong decision on Duty-free, Quota-free (DFQF) market access, and understanding and drafting RoO.

UNCTAD has undertaken extensive research on DFQF and RoO. The UNCTAD Database on the African Continental Free Trade Area (AfCFTA) provides information on trade statistics, rules of origin, and tariff offers under AfCFTA at the Harmonized Commodity Description and Coding System (HS) subheading (6-digit) level The Harmonized Commodity Description and Coding System – commonly known as the Harmonized System or HS – is an internationally standardised nomenclature for the description, classification, and coding of goods.. The database enables automatic data visualisation to create a snapshot of the object of interest and matching trade statistics within the AfCFTA tariff offers, and product-specific rules of origin where available.

The UNCTAD Generalized System of Preferences (GSP) utilisation database provides information on the utilisation of the GSP schemes as well as other trade preferences granted to developing countries and LDCs under GSP, DFQF arrangements, and trade preferences under reciprocal free trade agreements (FTAs).

UNCTAD serves as co-lead of the

Consumer protection Consumer protection and competition are jointly addressed in the work of UNCTAD

Through its Competition and Consumer Policies Programme, UNCTAD works to assist countries in improving their competition and consumer protection policies. It provides a forum for intergovernmental deliberations on these issues; undertakes research, policy analysis and data collection; and provides technical assistance to developing countries. The Intergovernmental Group of Experts on Consumer Protection Law and Policy monitors the implementation of the UN Guidelines for Consumer Protection, and carries out research and provides technical assistance on consumer protection issues (including in the context of e-commerce and the digital economy). UNCTAD’s work programme on consumer protection is guided, among others, by the UN Conference of Competition and Consumer Protection (held every five years).

Given the significant imbalances in market power in the digital economy, competition policy is becoming increasingly relevant for developing countries. UNCTAD addresses this issue in the Intergovernmental Group of Experts on Competition Law and Policy.

UNCTAD also runs the Research Partnership Platform, aimed at contributing to the development of best practices in the formulation and implementation of competition and consumer protection laws and policies.

UNCTAD serves as co-lead of the

Internet Governance Forum

Acronym: IGF

Established: 2006

Address: Palais des Nations, 1211 Geneva 10, Switzerland

Website: https://www.intgovforum.org

Stakeholder group: International and regional organisations

The IGF provides the most comprehensive coverage of digital policy issues on the global level. The IGF Secretariat in Geneva coordinates both the planning of IGF annual meetings (working together with the Multistakeholder Advisory Group (MAG) and the wider IGF community) and a series of intersessional activities (run all year long). These activities could be summarised in three ‘multi’ initiatives:

  • Multistakeholder participation: It involves governments, business, civil society, the technical community, academia, and other actors who affect or are affected by digital policy This diversity is reflected in IGF processes, events, and consultations.
  • Multidisciplinary coverage: It relates to addressing policy issues from technological, legal, security, human rights, economic, development, and sociocultural perspectives. For example, data, as a governance issue, is addressed from standardisation, e-commerce, privacy, and security perspectives.
  • Multilevel approach: It spans IGF deliberations from the local level to the global level, through a network of over 165 national, subregional, and regional IGF (as of November 2023). They provide context for discussions on digital policy like the real-life impact of digitalisation on policy, economic, social, and cultural fabric of local communities. The IGF Secretariat supports such initiatives (which are independent) and coordinates the participation of the overall network.

The IGF ecosystem converges around the annual IGF, which is attended by thousands of participants. The last few IGFs include Paris (2018), Berlin (2019), online edition due to the pandemic (2020), Katowice (2021), Addis Ababa (2022), and Kyoto (2023), which engaged over 11,000 participants, and more than 1,000 speakers in over 300 sessions.

The intersessional work includes best practice forums (on issues such as cybersecurity, local content, data and new technologies, and gender and access); dynamic coalitions (on issues such as community connectivity, network neutrality, accessibility and disability, and child safety online etc.); policy networks (on AI, environment, meaningful access and Internet fragmentation); and other projects such as Policy Options for Connecting and Enabling the Next Billion(s) (which ran between 2015 and 2018) as well as a number of capacity development activities.

IGF mandate

The IGF mandate was outlined in the Tunis Agenda for the Information Society of the World Summit on the Information Society (WSIS, November 2005). It was renewed for another 10 years by the UN General Assembly (UNGA) on 16 December 2015, (70/125).

The main functions of the IGF are specified in Article 72 of the Tunis Agenda. The mandate of the Forum is to:

  • Discuss public policy issues related to key elements of Internet governance in order to foster the sustainability, robustness, security, stability, and development of the internet.
  • Facilitate discourse between bodies dealing with different cross-cutting international public policies regarding the internet and discuss issues that do not fall within the scope of any existing body.
  • Interface with appropriate inter-governmental organisations and other institutions on matters under their purview.
  • Facilitate the exchange of information and best practices, and in this regard, make full use of the expertise of the academic, scientific, and technical communities.
  • Advise all stakeholders in proposing ways and means to accelerate the availability and affordability of the Internet in the developing world.
  • Strengthen and enhance the engagement of stakeholders in existing and/or future internet governance mechanisms, particularly those from developing countries.
  • Identify emerging issues, bring them to the attention of the relevant bodies and the general public, and where appropriate, make recommendations.
  • Contribute to capacity building for internet governance in developing countries, drawing on local sources of knowledge and expertise.
  • Promote and assess, on an ongoing basis, the embodiment of WSIS principles in internet governance processes.
  • Discuss, inter alia, issues relating to critical internet resources.
  • Help to find solutions to the issues arising from the use and misuse of the internet, of particular concern to everyday users.
  • Publish its proceedings.

In fulfilling its mandate, the Forum is institutionally supported by the UN Secretariat for the Internet Governance Forum placed with the Department of Economic and Social Affairs (DESA). Its working modalities also include MAG and most recently the Leadership Panel, both appointed by the UN Secretary-General.

Digital policy issues

Until 2019, IGF annual meetings used to host sessions tackling a wide range of digital policy issues (for instance, IGF 2018 had eight themes: cybersecurity, trust, and privacy; development, innovation, and economic issues; digital inclusion and accessibility; human rights, gender, and youth; emerging technologies; evolution of internet governance; media and content; and technical and operational issues). In 2019, in an effort to bring more focus within the IGF, the MAG decided (considering community input) to structure the IGF programme around a limited number of tracks: security, safety, stability, and resilience; data governance; and digital inclusion. This approach was kept for IGF 2020, which saw four thematic tracks: data, environment, inclusion, and trust. The thematic approach did not mean that the IGF saw some digital policy issues as being less relevant than others, but rather that it encouraged discussions at the intersection of multiple issues. The Geneva Internet Platform (GIP) Digital Watch hybrid reporting (IGF 2023) illustrates this trend, showing that the IGF discussed a wide range of policy issues (across all seven internet governance baskets of issues) within the limited number of thematic tracks.

The leadership panel

In line with the IGF mandate and as recommended in the Secretary-General’s Roadmap for Digital Cooperation, the UN Secretary-General established the IGF Leadership Panel as a strategic, empowered, multistakeholder body, to address urgent, strategic issues, and highlight Forum discussions and possible follow-up actions to promote greater impact and dissemination of IGF discussions.

More specifically, the Panel provides strategic inputs and advice on the IGF; promotes the IGF and its outputs; supports both high-level and at-large stakeholder engagement in the IGF and IGF fundraising efforts; exchanges IGF outputs with other stakeholders and relevant forums; and feeds input from these decision-makers and forums to the IGF’s agenda-setting process, leveraging relevant MAG expertise.

The 15-member Panel with ex-officios meet at least three times a year in person, in addition to regular online meetings.

Future of meetings

Since its first meeting in Athens (2006), the IGF has been a pioneer in online deliberation and hybrid meetings. In addition to individual online participation, the IGF has encouraged the development of a network of remote hubs where participants meet locally while following online deliberations from the global IGF. In this way the IGF has created a unique interplay between local and global deliberations through the use of technology. For hybrid meetings delivered in situ and online, the IGF developed the function of remote moderator, who ensures that there is smooth interplay between online and in situ discussions.

The 19th annual IGF meeting will be hosted by the Government of Saudi Arabia in Riyadh in December 2024. The 2025 host is yet to be announced.

Social media channels

Facebook @IGF – Internet Governance Forum

Flickr @IGF

Instagram @intgovforum

LinkedIn @intgovforum

X @intgovforum

YouTube @Internet Governance Forum (IGF)

Skip to content