[Webinar] Enhancing signalling security and privacy using globally interoperable digital signatures

Event description

Event date: 16 June 2022, 15:00–17:00 CEST

The International Telecommunication Union (ITU) will explore the history and status quo of signalling systems and summarise ITU’s ongoing efforts in security-minded protocol standardisation to cope with potential signalling attacks on telecom operators. Signalling protocols play a cornerstone role in providing different ICT services. Nevertheless, as they were designed without security and privacy in mind, they are prone to attacks on ICT infrastructures. This webinar will cover the signalling architectures of telecommunication networks, an overview of the key signalling exchange procedures (call/SMS/USSD flows), and an outline of the vulnerabilities of existing signalling protocols. ITU-T recommendations and how they have been implemented will also be discussed.

For more information, and to register, please visit the official page.

International Electrotechnical Commission

Acronym: IEC

Established: 1906

Address: 3 rue de Varembé, 1211 Geneva 20 , Switzerland

Website: https://www.iec.ch/

Stakeholder group: International and regional organisations

The IEC is the world leader in the preparation and publication of international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to over 170 countries, coordinating the work of more than 20,000 experts. We administer four IEC Conformity Assessment Systems, which represent the largest working multilateral agreement based on one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.

IEC International Standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.

IEC Standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Every member country, and all its stakeholders represented through the IEC National Committees has one vote and a say in what goes into an IEC International Standard.

Our work is used in the verification of the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digitisation, arteficial inteligence (AI), or virtual reality applications; protects information technology (IT) and critical infrastructure systems from cyberattacks, and increases the safety of people and the environment.

 

Digital activities 

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues.

 

Digital policy issues

Artificial intelligence and the internet of things

AI applications are driving digital transformation across a diverse range of industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.

For example, digital transformation of the grid is enabling increased automation, making it more efficient and able to integrate fluctuating renewable energy sources seamlessly. IEC Standards pave the way for the use of a variety of digital technologies relating to smart energy. They deal with issues such as the integration of renewable energies within the electrical network but also increased automatisation.

The IEC’s work in the area of AI takes a three-pronged approach. IEC experts focus on sector-specific needs (vertical standards) and conformity assessment, while the joint IEC and International Organization for Standardization (ISO) technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards).

In addition, IEC Safety Standards are an essential element of the framework for AI applications in power utilities and smart manufacturing. IEC Conformity Assessment Systems complete the process by ensuring that the standards are properly implemented.

SC 42 addresses some of the concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.

Governance standards in AI and the business process framework for big data analytics address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.

The joint IEC and ISO technical committee also develop foundational standards for the IoT. Among other things, SC 41 standards promote interoperability, as well as architecture and a common vocabulary for the IoT.

 

Hardware

The IEC develops standards for many of the technologies that support digital transformation. Sensors, cloud, and edge computing are examples.

Advances in data acquisition systems are driving the growth of big data and AI use-cases. The IEC prepares standards relating to semiconductor devices, including sensors.

Sensors can be certified under the IEC Quality Assessment System for Electronic Components (IECQ), one of the four IEC Conformity Assessment Systems.

Cloud computing and its technologies have also supported the increase of AI applications. The joint IEC and ISO technical committee prepares standards for cloud computing including distributed platforms and edge devices, which are situated close to users and data collection points. The publications cover key requirements relating to data storage and recovery.

 

Building trust

International Standards play an important role in increasing trust in AI and help support public and private decision-making, not least because they are developed by a broad range of stakeholders. This helps to ensure that the IEC’s work strikes the right balance between the desire to deploy AI and other new technologies rapidly and the need to study their ethical implications.

The IEC has been working with a wide range of international, regional, and national organisations to develop new ways to bring stakeholders together to address the challenges of AI. These include the Swiss Federal Department of Foreign Affairs (FDFA) and the standards development organisations, ISO, and the International Telecommunication Union (ITU).

More than 500 participants followed the AI with Trust conference, in-person and online, to hear different stakeholder perspectives on the interplay between legislation, standards and conformity assessment. They followed use-case sessions on healthcare, sensor technology, and collaborative robots, and heard distinguished experts exchange ideas on how they could interoperate more efficiently to build trust in AI. The conference in Geneva was the first milestone of the AI with Trust initiative.

The IEC is also a founding member of the Open Community for Ethics in Autonomous and Intelligent Systems (OCEANIS). OCEANIS brings together standardisation organisations from around the world to enhance awareness of the role of standards in facilitating innovation and addressing issues related to ethics and values.

Read more

e-tech

IEC and ISO Work on Artificial Intelligence

AI for the Last Mile

Computational Approaches for AI Systems

–  IEC Blog

Artificial Intelligence

–  Video

Ian Oppermann (AI with Trust)

AI with Trust conference interviews AI Governance

 

Network security and critical infrastructure

The IEC develops cybersecurity standards and conformity assessments for both IT and operational technology (OT). One of the biggest challenges today is that cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to cyberattacks.

Cyberattacks on IT and OT systems often have different consequences. The effects of cyberattacks on IT are generally economic, while cyberattacks on critical infrastructure can impact the environment, damage equipment, or even threaten public health and lives.

When implementing a cybersecurity strategy, it is essential to take the different priorities of cyber-physical and IT systems into account. The IEC provides relevant and specific guidance via two of the world’s best-known cybersecurity standards: IEC 62443 for cyber-physical systems and ISO/IEC 27001  for IT systems.

Both take a risk-based approach to cybersecurity, which is based on the concept that it is neither efficient nor sustainable to try to protect all assets in equal measure. Instead, users must identify what is most valuable and requires the greatest protection and identify vulnerabilities.

Conformity assessment provides further security by ensuring that the standards are implemented correctly: IECEE certification for IEC 62443 and IECQ for ISO/IEC 27001.

ISO/IEC 27001 for IT

IT security focuses in equal measure on protecting the confidentiality, integrity, and availability of data – the so-called CIA triad. Confidentiality is of paramount importance and information security management systems, such as the one described in ISO/IEC 27001, are designed to protect sensitive data, such as personally identifiable information (PII), intellectual property (IP), or credit card numbers, for example.

Implementing the information security management system (ISMS) described in ISO/IEC 27001 means embedding information security continuity in business continuity management systems. Organisations are shown how to plan and monitor the use of resources to identify attacks earlier and take steps more quickly to mitigate the initial impact.

IEC 62443 for OT

In cyber-physical systems, where IT and OT converge, the goal is to protect safety, integrity, availability, and confidentiality (SIAC). Industrial control and automation systems (ICAS) run in a loop to check continually that everything is functioning correctly.

The IEC 62443 series was developed because IT cybersecurity measures are not always appropriate for ICAS. ICAS are found in an ever-expanding range of domains and industries, including critical infrastructure, such as energy generation, water management, and the healthcare sector.

ICAS must run continuously to check that each component in an operational system is functioning correctly. Compared to IT systems, they have different performance and availability requirements and equipment lifetime.

Conformity assessment: IECEE

Many organisations are applying for the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE) conformity assessment certification to verify that the requirements of IEC 62443 have been met.

IECEE provides a framework for assessments in line with IEC 62443, which specifies requirements for security capabilities, whether technical (security mechanisms) or process (human procedures) related. Successful recipients receive the IECEE industrial cybersecurity capability certificate of conformity.

Conformity assessment: IECQ

While certification to ISO/IEC 27001 has existed since the standard was published in 2013, it is only in recent years that the IEC Quality Assessment System for Electronic Components (IECQ), has set up a true single standardised way of assessing and certifying an ISMS to ISO/IEC 27001.

International standards such as IEC 62443 and ISO/IEC 27001 are based on industry best practices and reached by consensus. Conformity assessment confirms that they have been implemented correctly to ensure a safe and secure digital society.

Read more

Video

 

Social media channels

Facebook @InternationalElectrotechnicalCommission

LinkedIn @IECStandards

Pinterest @IECStandards

Twitter @IECStandards

YouTube @IEC – International Electrotechnical Commission

Ecma International

Acronym: Ecma

Established: 1961

Address: Rhône Street 114, 1204 Geneva, Switzerland

Website: https://www.ecma-international.org/

Stakeholder group: NGOs and associations

Ecma International is an industry association that works on standardisation in information and communication technology (ICT) and consumer electronics.

The association develops global standards and technical reports to facilitate and standardise the use of ICTs and consumer electronics. It also encourages the correct use of standards by influencing the environment in which they are applied.

Its membership includes entities such as Alibaba, Apple, Bloomberg, Google, Hitachi, HP, Huawei, IBM, Intel, Meta, Microsoft, Netflix, and PayPal, as well as prominent universities and research institutes.

Digital activities

Since its creation in 1961, Ecma has published numerous standards and technical reports covering areas such as data presentation and communication; data interchange and archiving; access systems, interconnection, and multimedia; programming languages; and software engineering and interfaces. FORTRAN, one of the oldest programming languages developed by Ecma, was approved in 1965. ECMAScript, with several billion implementations, is one of the most used standards worldwide.

Digital policy issues

Digital standards

A large part of Ecma’s activity is dedicated to defining standards and technical reports for ICTs (hardware, software, communications, media storage, etc.). This work is carried out through technical committees and task groups focusing on issues such as information storage, multimedia coding and communications, programming languages, open XML formats, and product-related environmental attributes. The standards and technical reports developed in committees and groups are subject to an approval vote in the Ecma General Assembly. Once approved by the assembly, some standards are also submitted to other standardisation organisations (such as the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC), and the European Telecommunications Standards Institute (ETSI)) for their approval and publication through a liaison agreement that Ecma has with those organisations.

Telecommunications infrastructure

Network security

Sustainable development/Digital and environment

Programming languages such as ECMAScript (JavaScript) and C#

Data-related standards

  • Multiple Ecma standards covering issues such as data interchange, data presentation, and data communication
  • Ecma technical reports covering data communication and data interchange.

Technical committees (TCs) and task groups (TGs) covering issues such as access systems and information exchange between systems (TC51), information storage (TC31), product-related environmental attributes (TC38), ECMAScript language (TC39), office open XML formats (TC45) and ECMAScript modules for embedded systems (TC53).

Information storage

Standards developed by Ecma include optical and magnetic storage systems (disks, cartridges, etc.), methods for determining the life expectancy of storage media, and the interchange of information on media by specifying its volume and file structure.

Where other optical storage systems such as compact discs (CDs), digital versatile disks (DVDs), or hard disks only store data on their surface, holographic data storage goes beneath the surface using the entire recording medium.

Holographic storage is a high-capacity storage technology that records binary information into holograms (three dimensions), which can be read by low-power laser beams. In December 2021, the ECMA-420 standard was published. It specifies device interface information and requirements for high-speed image retrieval and collation using holographic optical correlation based on shift-multiplex recording of coaxial holography.

Ecma has several projects in development, which include a standard on a quality discrimination method and an operating method of storage systems for long-term data preservation. This standard will enable data storage systems to be built using optical disks for storing and accumulating important digital information safely and on a permanent basis. There is also a plan to develop a standard defining a holographic data storage system with a capacity of 1,000 Gbytes per disk, which will enable long-term data preservation storage systems to be built, with features such as high capacity, long-term reliability, and lower operational costs.

Future of meetings

Ecma meetings, such as its General Assembly, typically take place as a physical meeting to allow face-to-face discussions and interaction among members, but remote attendance is possible by using videoconferencing and other digital tools for the members that cannot attend in person. Ecma TCs hold either physical, hybrid, or virtual meetings depending on their specific needs.

Ecma meetings are typically held outside of Ecma’s HQ at the invitation of a TC member who hosts the meeting at their own or another facility.

Economy and efficiency are factors in choosing the meeting place and the meeting mode. Digital or a combination of digital and face-to-face meetings are possible options. This is decided by the committee.

Social media channels

LinkedIn @ecma-international

Twitter @EcmaIntl

International Organization for Standardization

Acronym: ISO

Established: 1947

Address: Chemin de Blandonnet 8, 1214 Vernier, Geneva, Switzerland

Website: https://www.iso.org/iso/home.html

Stakeholder group: International and regional organisations

ISO is an international non-governmental organisation (NGO) composed of 165 national standard-setting bodies that are either part of governmental institutions or mandated by their respective governments. Each national standard-setting body therefore represents a member state. After receiving a request from a consumer group or an industry association, ISO convenes an expert group tasked with creating a particular standard through a consensus process. ISO develops international standards across a wide range of industries, including technology, food, and healthcare, to ensure that products and services are safe, reliable, of good quality, and ultimately, facilitate international trade. As such, it acts between the public and the private sector. To date, ISO has published more than 22,000 standards.

Digital activities

A large number of the international standards and related documents developed by ISO are related to information and communications technologies (ICTs), such as the Open Systems Interconnection (OSI) created in 1983; it established a universal reference model for communication protocols. The organisation is also active in the field of emerging technologies including blockchain, the internet of things (IoT), and artificial intelligence (AI).

The standards are developed by various technical committees dedicated to specific areas including information security, cybersecurity, privacy protection, AI, and intelligent transport systems. ISO contributes to all of the sustainable development goals (SDGs). Here you can see the number of ISO standards that apply to each SDG.

Digital policy issues

Artificial intelligence

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) for AI is known as ISO/ IEC JTC1/SC 42 and is responsible for the development of standards in this area. To date, it has published one standard specifically pertaining to AI with 18 others in development.

ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks and addresses approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy. The standards under development include those that cover concepts and terminology for AI (ISO/IEC 22989), bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027), AI risk management (ISO/IEC 23894), a framework for AI systems using machine learning (ML) (ISO/IEC 23053), and the assessment of ML classification performance (ISO/IEC TS 4213).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Cloud computing

ISO and the International Electrotechnical Commission (IEC) also have a joint committee for standards related to cloud computing, which currently has 19 published standards and a further 7 in development.

Of those published, two standards of note include ISO/ IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 17789, which specifies the cloud computing reference architecture.

Standards under development include those on health informatics (ISO/TR 21332.2); the audit of cloud services (ISO/IEC 22123-2.2); and data flow, categories, and use (ISO/IEC 19 944 -1). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Internet of things

Recognising the ongoing developments in the field of IoT, ISO has a number of dedicated standards both published and in development, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181-9), unique identification for IoT (ISO/ IEC 29161), Internet of Media Things (ISO/IEC 23093-3), trust-worthiness of IoT (IS O/IEC 30149), and industrial IoT systems (ISO/IEC 30162). IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security.

In addition, there are seven standards under development, some of which provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147), a trustworthiness framework (ISO/IEC 30149), the requirements of an IoT data exchange platform for various IoT services (ISO/IEC 30161), and a real-time IoT framework (ISO/IEC 30165). Up-to-date information on the ISO and IEC joint technical committee for IoT (e.g. scope, programme of work, contact details) can be found on the committee page.

Telecommunication infrastructure

ISO’s standardisation work in the field of telecommunications infrastructure covers areas such as planning and installation of networks (e.g. ISO/IEC 14763-2 and ISO/IEC TR 14763-2-1), corporate telecommunication networks (e.g. ISO/IEC 17343), local and metropolitan area networks (e.g. ISO/IEC/IEEE 8802-A), private integrated telecommunications networks (e.g.   ISO/ IEC TR 14475), and wireless networks. Next-generation networks – packet-based public networks able to provide telecommunications services and make use of multiple quality of service enabled transport technology – are equally covered (e.g. ISO/IEC TR 26905).

ISO also has standards for the so-called future networks, which are intended to provide futuristic capabilities and services beyond the limitations of current networks, including the internet.

Up-to-date information on the joint ISO and IEC technical committee that develops these standards (e.g. scope, programme of work, contact details) can be found on the committee page.

Blockchain

ISO has published three standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies, ISO/TR 23244 tackles privacy and personally identifiable information protection, and ISO 22739 covers fundamental blockchain terminology respectively.

ISO also has a further ten standards on blockchain in development. These include those related to security risks, threats, and vulnerabilities (ISO/TR 23245.2); security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); legally- binding smart contracts (ISO/TS 23259); and guidelines for governance (ISO/TS 23635).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Emerging technologies

ISO develops standards in the area of emerging technologies. Perhaps the largest number of standards in this area are those related to robotics. ISO has more than 40 different standards either published or in development that cover issues such as collaborative robots (e.g. ISO/TS 15066), safety requirements for industrial robots (e.g. ISO 10218-2), and personal care robots (e.g. ISO 13482).

Autonomous or so-called intelligent transport systems (ITS) standards are developed by ISO’s ITS Technical Committee and include those for forward vehicle collision warning systems (ISO 15623) and secure connections between trusted devices (ISO/TS 21185).

Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/ IEC 23843) and the display device interface for augmented reality (ISO/IEC 23763).

Encryption

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information become increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1, currently under development, addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772, which covers authenticated encryption; ISO/IEC 18033-3, which specifies encryption systems (ciphers) for the purpose of data confidentiality; and ISO 19092, which allows for the encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons.

ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and many more related areas.

Data governance

Big data is another area of ISO standardisation, and around 80% of related standards are developed by the ISO/IEC AI committee. The terminology for big-data-related standards is outlined in ISO/IEC 20546, while ISO/ IEC 20547-3 covers big data reference architecture. ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations. ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. A further eight standards are in development and include those for big data security and privacy (ISO/IEC 27045), terminology used in big data within the scope of predictive analytics (ISO 3534-5), and data science life cycle (ISO/TR 23347).

Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Digital identities

Digital signatures that validate digital identities help to ensure the integrity of data and the authenticity of particulars in online transactions. This, therefore, contributes to the security of online applications and services. Standards to support this technology cover elements such as anonymous digital signatures (e.g. ISO/IEC 20008-1 and ISO/IEC 20008-2); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, which is where the content of the message to be signed is disguised, used in contexts where, for example, anonymity is required. Examples of such standards are ISO 18370-1 and ISO/IEC 18370-2.

Privacy and data protection

Privacy and data protection in the context of ICTs is another area covered by ISO’s standardisation activities. One example is ISO/IEC 29101, which describes a privacy architecture framework. Others include those for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

ISO has developed an online browsing platform that provides up-to-date information on ISO standards, graphical symbols, publications, and terms and definitions.

Future of meetings

ISO’s meetings take place face-to-face, hybrid, or virtually. This is reflected in the ISO meeting calendar. ISO’s governance groups are also meeting face-to-face, hybrid, or virtually.

Social media channels

Facebook @isostandards

Instagram @iisostandards

LinkedIn @isostandards

Twitter @isostandards

YouTube @iso

European Organization for Nuclear Research

Acronym: CERN

Established: 1954

Address: 1211 Geneva 23, Switzerland

Website: https://www.cern.ch/

Stakeholder group: NGOs and associations

CERN is widely recognised as one of the world’s leading laboratories for particle physics. At CERN, physicists and engineers probe the fundamental structure of the universe. To do this, they use the world’s largest and most complex scientific instruments – particle accelerators and detectors. Technologies developed at CERN go on to have a significant impact through their applications in wider society.

Digital activities

CERN has had an important role in the history of computing and networks. The World Wide Web (WWW) was invented at CERN by Sir Tim Berners-Lee. The web was originally conceived and developed to meet the demand for automated information-sharing between scientists at universities and institutes around the world.

Grid computing was also developed at CERN with partners and thanks to funding from the European Commission. The organisation also carries out activities in the areas of cybersecurity, big data, machine learning (ML), artificial intelligence (AI), data preservation, and quantum technology.

Digital policy issues

Artificial intelligence (1)

Through CERN openlab, CERN collaborates with leading information and communications technology (ICT) companies and research institutes. The R&D projects carried out through CERN openlab address topics related to data acquisition, computing platforms, data storage architectures, computer provisioning and management, networks and communication, ML and data analytics, and quantum technologies. CERN researchers use ML techniques as part of their efforts to maximise the potential for discovery and optimise resource usage. ML is used, for instance, to improve the performance of the Large Hadron Collider (LHC) experiments in areas such as particle detection and managing computing resources. Going one step further, at the intersection of AI and quantum computing, CERN openlab is exploring the feasibility of using quantum algorithms to track the particles produced by collisions in the LHC, and is working on developing quantum algorithms to help optimise how data is distributed for storage in the Worldwide LHC Computing Grid (WLCG). This research is part of the CERN Quantum Technology Initiative (QTI) activities, launched in 2020 to shape CERN’s role in the next quantum revolution.

–   CERN openlab: a public-private partnership in which CERN collaborates with ICT companies and other research organisations to accelerate the development of cutting-edge solutions for the research community, including ML.

CERN QTI: a comprehensive R&D, academic, and knowledge-sharing initiative to exploit quantum advantage for high-energy physics and beyond. Given CERN’s increasing ITC and computing demands, as well as the significant national and international interests in quantum-technology activities, it aims to provide dedicated mechanisms for the exchange of both knowledge and innovation.

Cloud computing (2)

The scale and complexity of data from the LHC, the world’s largest particle accelerator, is unprecedented. This data needs to be stored, easily retrieved, and analysed by physicists worldwide. This requires massive storage facilities, global networking, immense computing power, and funding. CERN did not initially have the computing or financial resources to crunch all of the data on-site, so in 2002 it turned to grid computing to share the burden with computer centres around the world. The WLCG builds on the ideas of grid technology initially proposed in 1999 by Ian Foster and Carl Kesselman. The WLCG relies on a distributed computing infrastructure, as data from the collisions of protons or heavy ions are distributed via the internet for processing at data centres worldwide. This approach of using virtual machines is based on the same paradigm as cloud computing. It is expected that further CERN developments in the field of data processing will continue to influence digital technologies.

Telecommunication infrastructure (3)

In the 1970s, CERN developed CERNET, a lab-wide network to access mainframe computers in its data centre. This pioneering network eventually led CERN to become an early European adopter of Transmission Control Protocol/Internet Protocol (TCP/IP) for use in connecting systems on site. In 1989, CERN opened its first external TCP/IP connections and by 1990, CERN had become the largest internet site in Europe and was ready to host the first WWW server. Nowadays, in addition to the WLCG and its distributed computing infrastructure, CERN is also the host of the CERN Internet eXchange Point (CIXP), which optimises CERN’s internet connectivity and is also open to interested internet service providers (ISPs).

Digital standards (4)

Ever since releasing the World Wide Web software under an open-source model in 1994, CERN has been a pioneer in the open-source field, supporting open-source hardware (with the CERN Open Hardware Licence), open access (with the Sponsoring Consortium for Open Access Publishing in Particle Physics SCOAP3) and open data (with the CERN Open Data Portal). Several CERN technologies are being developed with open science in mind, such as Indico, InvenioRDM, REANA, and Zenodo. Open-source software, such as CERNBox, CERN Tape Archive (CTA), EOS, File Transfer Service (FTS), GeantIV, ROOT, RUCIO, and service for web-based analysis (SWAN), has been developed to handle, distribute, and analyse the huge volumes of data generated by the LHC experiments and are also made available to the wider society.

Digital tools

Data governance (5)

CERN manages vast amounts of data; not only scientific data, but also data in more common formats such as webpages, images and videos, documents, and more. For instance, the CERN Data Centre processes on average one petabyte (one million gigabytes) of data per day. As such, the organisation notes that it faces the challenge of preserving its digital memory. CERN also points to the fact that many of the tools that are used to preserve data generated by the LHC and other scientific projects are also suitable for preserving other types of data and are made available to wider society.

The CERN Open Data Policy for scientific experiments at the LHC is essential to make scientific research more reproducible, accessible, and collaborative. It reflects values that have been enshrined in the CERN Convention for more than 60 years that were reaffirmed in the European Strategy for Particle Physics (2020), and aims to empower the LHC experiments to adopt a consistent approach towards the openness and preservation of experimental data (applying FAIR standards to better share and reuse data).

EOSC Future is an EU-funded H2020 project that is implementing the European Open Science Cloud (EOSC) that started in 2016. EOSC will give European researchers access to a wide web of FAIR data and related services.

CERN joined the recently formed EOSC Association in 2020. It also currently has a mandate to represent the European intergovernmental research organisations that make up EIROforum.

Future of meetings

More information about ongoing and upcoming events, you can find on the events page.

Social media channels

Facebook @cern

Instagram @cern

LinkedIn @cern

Twitter @CERN

YouTube @home.cern

1-AI-related projects are developed and referred to as part of the CERN openlab activities.

2-Within its work, CERN refers to ‘cloud computing’ as ‘distributed computing.

3-Within its work, CERN refers to ‘telecommunication infrastructure’ as ‘network infrastructure’.

4-Within its work, CERN addresses ‘web standards’ as ‘open science’.

5-Within its work, CERN refers to ‘data governance’ as ‘data preservation’.


United Nations Economic Commission for Europe

Acronym: UNECE

Established: 1947

Address: Palais des Nations, 1211 Geneva 10, Switzerland

Website: https://www.unece.org/info/ece-homepage.html

Stakeholder group: International and regional organisations

UNECE is one of five regional commissions of the UN. Its major aim is to promote pan-European economic integration. To do so, it brings together 56 countries in Europe, North America, and Central Asia, which discuss and cooperate on economic and sectoral issues.

UNECE works to promote sustainable development and economic growth through policy dialogue, negotiation of international legal instruments, development of regulations and norms, exchange and application of best practices, economic and technical expertise, and technical cooperation for countries with economies in transition. It also sets out norms, standards, and conventions to facilitate international cooperation.

Digital activities

UNECE’s work touches on several digital policy issues, ranging from digital standards (in particular in relation to electronic data interchange for administration, commerce, and transport) to the internet of things (IoT) (e.g. intelligent transport systems). Its activities on connected vehicles and automated driving systems are essential to seize the benefits of technical progress and disruptions in that field and to operationalise new mobility concepts such as Mobility as a Service (MaaS). Its UN/CEFACT develops trade facilitation recommendations and electronic business standards, covering both commercial and government business processes. UNECE also carries out activities focused on promoting sustainable development, in areas such as sustainable and smart cities for all ages; sustainable mobility and smart connectivity; and measuring and monitoring progress towards the sustainable development goals (SDGs).

UNECE’s work in the field of statistics is also relevant for digital policy issues. For example, the 2019 Guidance on Modernizing Statistical Legislation– which guides countries through the process of reviewing and revising statistical legislation – covers issues such as open data, national and international data exchanges, and government data management.

UNECE carries out extensive work in the area of sustainable transport leading on several UN Conventions. Accession to the conventions continues to increase as more and more member states realise the benefits in the time taken and associated costs in the movement of goods. Numerous digitised systems have been developed, and are maintained, hosted, and administered under the auspices of UNECE. For a number of other tools and mechanisms, work is underway.

Digital policy issues

Digital standards

UNECE’s intergovernmental body UN/CEFACT continues making great strides in the area of digital standards. In a recent collaboration with the International Federation of Freight-Forwarders Associations (FIATA), it developed the electronic FIATA Multimodal Bill of Lading (eFBL) data standard. The basis of the mapping of the Negotiable FIATA Multimodal Transport Bill of Lading (FBL) with the UN/CEFACT Multimodal Transport (MMT) reference data model, allows the exchange of BL data in a standardised way, facilitating interoperability between all modes of transport and industry stakeholders. Similar to other data standards developed by UN/CEFACT, the data standard is offered as open-source for all software providers and industry stakeholders to implement. UNECE’s standardisation work builds on a family of reference data models in alignment with its strategy to become the next generation of global standards for trade and transport information exchange. Other digital standards in the areas of supply chain management, agriculture, and travel and tourism (e.g. Buy Ship Pay Reference Data Model, Textile and Leather Data Model (Part 1 and Part 2), and Travel and Tourism Experience Programme Data Model) are a great step toward paperless trade and benefit all actors of the supply chain by reducing costs, increasing security, and gaining efficiency.

Internet of things and artificial intelligence

As the UN centre for inland transport, UNECE hosts international regulatory platforms in the field of automated driving and intelligent transport systems. It hosts multilateral agreements and conventions ruling the requirements and the use of these technologies (such as the UN agreements on vehicle regulations and the Vienna Convention on Road Traffic). Its activities (e.g. facilitating policy dialogue and developing regulations and norms) contribute to enabling automated driving functionalities and ensuring that the benefits of these technologies can be captured without compromising safety and progress achieved in areas such as border crossing and interoperability. It also collaborates with other interested stakeholders, including the automotive and information and communications technology (ICT) industries, consumer organisations, governments, and international organisations.

Another area of work for UNECE is related to harnessing smart technologies and innovation for sustainable and smart cities. In this regard, it promotes the use of ICTs in city planning and service provision and it has developed (together with ITU) a set of key performance indicators for smart sustainable cities. UNECE also works to facilitate connectivity through sustainable infrastructure. For instance, it assists countries in developing smart grids for more efficient energy distribution, and it administers international e-roads, e-rail, and e-waterway networks.

UNECE launched the Advisory Group on Advanced Technology in Trade and Logistics (AGAT) in 2020 on topics, such as distributed ledger technologies (DLT) including blockchain, IoT, and AI.

Artificial intelligence for energy

AI and other technologies are inspiring energy suppliers, transmission and distribution companies, and demand sectors (buildings, industry, transport) to establish new business models to generate, deliver, and consume energy in a more sustainable way.

UNECE established a task force on digitalization in energy to offer a platform for cross-industry experts from the energy sector and digital innovation to develop a unified voice on digitalisation in energy.

The group found that AI and digitalisation have the potential to reduce residential and commercial buildings’ energy use by as much as 10% globally by 2040 if applied throughout a building’s value chain and life cycle. In particular, applications of AI may help optimise a building’s orientation for solar heat gain and predict power and heat needs, thus increasing overall energy security and maximising the integration of renewable energy sources.

The group also found that AI and digitalisation could help achieve energy savings of at least 10%–20% in the industrial sector (which consumes around 38% of global final energy and produces 24% of greenhouse gases).

Automated driving

Blockchain

UNECE’s subsidiary body UN/CEFACT has been exploring the use of blockchain for trade facilitation. For instance, work carried out within the Blockchain White Paper Project has resulted in two white papers: One looking at the impact of blockchain on the technical standards work of UN/CEFACT and another looking at how blockchain could facilitate trade and related business processes. The ongoing Chain Project is focused on developing a framework/mechanism for the development and implementation of blockchain services infrastructure, and creating a whitepaper on strategy for the development and implementation of interoperable global blockchain technology infrastructure. Another blockchain-related project looks into the development of a standard on the creation of a cross-border inter-customs ledger using blockchain technology.

Critical infrastructure

UNECE achieved a transformative milestone with regard to cybersecurity in the broad automotive sector with the adoption of UN Regulation No. 155 (Cyber Security and CSMS) and UN Regulation No. 156 (Software Updates).

Before that, cyber risks related to connected vehicles were apparent but not systematically addressed. Security researchers alerted the public of them by revealing various vulnerabilities. There were only narrow standards and guidelines for securing vehicles, such as standards for secure communication among Electronic Control Units (ECUs) and for hardware encryption.

UNECE’s World Forum for Harmonization of Vehicle Regulations (Working Party on Automated/Autonomous and Connected Vehicles (GRVA) WP.29) adopted two important new regulations on cybersecurity and over-the-air software updates and led to the situation where cybersecurity became non-negotiable for securing market access via type approval for those countries applying this regime. GRVA also developed recommendations on uniform provisions concerning cybersecurity and software updates for countries applying the self-certification regime.

Under the 1958 Agreement (binding to 54 countries)

Data governance

UNECE carries out multiple activities of relevance for the area of data governance.
First, its work on trade facilitation also covers data management issues. For example, it has issued a white paper on a data pipeline concept for improving data quality in the supply chain and a set of Reference Data Model Guidelines. Several projects carried out in the framework of UNECE’s subsidiary UN/CEFACT also cover data-related issues.  Examples include the  Buy-Ship-Pay  Reference Data Model (BSP-RDM), the Supply Chain Reference Data Model (SCRDM), the Multi-Modal Transport Reference Data Model (MMT-RDM), the Cross-border Management Reference Data Model Project (to provide a regulatory reference data model within the UN/CEFACT semantic library in order to assist authorities to link this information to the standards of other organisations), the Sustainable Development and Circular Economy Reference Data Model Project, and the Accounting and Audit Reference Data Model Project.

Second, UNECE has a statistical division, which coordinates international statistical activities between UNECE countries and helps to strengthen, modernise, and harmonise statistical systems under the guidance of the Conference of European Statisticians. Its activities in this area are guided by the Fundamental Principles of Official Statistics, adopted in 1992 and later endorsed by the ECOSOC and the UNGA. Areas of work include economic statistics, statistics on population, gender and society, statistics related to sustainable development and the environment, and modernisation of official statistics. In 2019, UNECE published a Guidance on Modernizing Statistical Legislation to guide countries through the process of reviewing and revising statistical legislation. The guidance covers issues such as open data, national and international data exchanges, and government data management.

Third, UNECE keeps abreast of external developments, (e.g. in Europe or an Organisation for Economic Co-operation and Development (OECD) country), related to challenges related to AI, privacy, and human rights. This is the case for example with the activities on transport and automated vehicles. The GRVA is reflecting on the impact of general AI policies in its activities and developed possible ways to add layers in its multi-pillar approach to validate the performance of the Automated Driving System, and therefore to integrate considerations on data management in the context of AI agent training, support features, and functions of automated driving, and collaborate with the automotive sector on this matter.

E-commerce and trade

UNECE’s subsidiary, UN/CEFACT, serves as a focal point (within ECOSOC) for trade facilitation recommendations and electronic business standards, covering both commercial and government business processes. In collaboration with the Organization for the Advancement of Structured Information Standards (OASIS), UNECE developed the Electronic business using eXtensible Mark-up Language (ebXML). Another output of UNECE is represented by the UN rules for Electronic Data Interchange for Administration, Commerce and Transport (UN/ EDIFACT), which include internationally agreed upon standards, directories, and guidelines for the electronic interchange of structured data between computerised information systems. UNECE has also issued recommendations on issues such as Single Window, electronic commerce agreements, and e-commerce self-regulatory instruments. In addition, UN/CEFACT works on supporting international, regional, and national e-government efforts to improve trade facilitation and e-commerce systems.

Recommendation 33 – Single Window Recommendation

UN Centre for Trade Facilitation and Electronic Business (UN/CEFACT) Trade facilitation recommendations | UNECE

Digital and environment

UNECE’s work in the area of environmental policy covers a broad range of issues, such as air pollution, transboundary water cooperation,  industrial safety,  environmental democracy, the green economy, environmental monitoring and impact assessment, and education for sustainable development. Much of this work is carried out by the Committee on Environmental Policy, which, among other tasks, supports countries in their efforts to strengthen their environmental governance and assesses their efforts to reduce their pollution burden, manage natural resources, and integrate environmental and socio-economic policies. UNECE has put in place an Environmental Monitoring and Assessment Programme to assist member states in working with environmental data and information and enable informed decision-making processes. As part of this programme, it promotes the use of electronic tools for accessing information and knowledge on environmental matters and is supporting the continued development of a Shared Environmental Information System across the UNECE region. The system is intended to enable countries to connect databases and make environmental data more accessible.

The INForest database offers the most up-to-date source of information about the size of the forest area in the UNECE region, how it has changed over decades, the structure of forests, the goods and services forests provide, as well as their contribution to the economy, society and the environment.

UNECE has developed policy guidance to support the digital inclusion of older people. In the Rome Ministerial Declaration on Ageing, adopted in June 2022, Ministers pledged to ‘promote age-friendly digitalisation, products and services, and support innovation for the silver economy’.

Recognising the importance of environmental, social, and governance (ESG) traceability in achieving SDG 12 and considering the rich body of expertise and standards already available through UNECE, UNECE broadened the focus of the Team of Specialists (ToS) on sustainable fisheries to (ESG) traceability of sustainable value chains in the circular economy.

UNECE Environmental Conventions and Protocols (not necessarily covering digital issues directly, but relevant):

Sustainable development

UNECE assists countries in its region to address sustainable development challenges (in areas such as environment, connectivity, and urbanisation) through offering policy advice; leveraging its norms, standards, and conventions; and building capacities. It focuses on driving progress towards the following SDGs: good health and well-being (SDG 3), clean water and sanitation (SDG 6), affordable and clean energy (SDG 7), decent work and economic growth (SDG 8), industry, innovation and infrastructure (SDG 9), sustainable cities and communities (SDG 11), responsible consumption and production (SDG 12), climate action (SDG 13), and life on land (SDG 15). Gender equality (SDG 5) and partnerships (SDG 17) are overarching for all UNECE activities. Activities undertaken by UNECE concerning these SDGs converge under four high-impact areas: sustainable use of natural resources; sustainable and smart cities for all ages; sustainable mobility and smart connectivity; and measuring and monitoring progress towards the SDGs.

UNECE has developed a series of tools and standards to support countries in measuring and monitoring progress towards the SDGs. It has also put in place an Innovation Policy Outlook, which assesses the scope, quality, and performance of policies, institutions, and instruments promoting innovation for sustainable development.

Privacy and data protection

The World Forum for Harmonization of Vehicle Regulations has included guidelines on cybersecurity and data protection in its consolidated resolution on the construction of vehicles, including principles of lawful, fair, and transparent processing of personal data: (1) respecting the identity and privacy of the data subject; (2) not discriminating against data subjects based on their personal data; (3) paying attention to the reasonable expectations of the data subjects with regard to the transparency and context of the data processing; (4) maintaining the integrity and trustworthiness of information technology systems and in particular not secretly manipulating data processing; (5) taking into account the benefit of data processing depending on the free flow of data, communication and innovation, as far as data subjects have to respect the processing of personal data with regard to the overriding general public interest; and (6) ensuring the preservation of individual mobility data according to necessity and purpose.

These guidelines were referred to in the Resolution on Data Protection in Automated and Connected Vehicles adopted during the 39th International Conference of Data Protection and Privacy Commissioners Hong Kong, 25–29 September 2017.

UNECE hosts several portals, applications, and digitalised conventions.

The Customs Convention on the International Transport of Goods under Cover of TIR (Transports Internationaux Routiers) Carnets (TIR Convention, 1975) is one of the most successful international transport conventions. It is the only universal customs transit system in existence.

The TIR system, used by over 34,000 transport and logistics companies in its 77 contracting parties, has already reduced cross-border transport time by up to 80%, and costs by up to 38%. The eTIR international system aims to ensure the secure exchange of data between national customs systems related to the international transit of goods, vehicles, or containers according to the provisions of the TIR Convention and to allow customs to manage the data on guarantees, issued by guarantee chains to holders authorised to use the TIR system.

Digital tools

The ITDB is an international online repository of information for all those authorised by contracting parties to use the TIR procedure. It is an integral part of the eTIR International system since only users approved in ITDB can use the eTIR system. The main goal of the ITDB is to foster the exchange of information between competent authorities of contracting parties and national associations.

  • eCPD – to be launched

The Carnet de Passages en Douane (CPD) system (i.e. a passport card for your vehicle) facilitates the temporary importation of private and commercial vehicles. The CPD system is based on two international conventions: the 1954 Customs Convention on the Temporary Importation of Private Road Vehicles and the 1956 Customs Convention on the Temporary Importation of Commercial Road Vehicles. Hosted by UNECE, the conventions combined have 96 contracting parties. Work has started to prepare the appropriate amendments to the 1954 and 1956 conventions describing the eCPD; prepare the high-level architecture including the concepts and functional and technical specifications of the future eCPD application; and develop the eCPD system based on these specifications.

  • eCMR – to be launched

The eCMR is based on the provisions of the Convention on the Contract for the International Carriage of Goods by Road (CMR) (1956) and especially on the provisions of the Additional Protocol to CMR Concerning the Electronic Consignment Note (2008). UNECE, which administers the CMR Convention, has been mandated by governments to administer the eCMR protocol and to establish a formal group of experts on the operationalisation of the eCMR procedure.

Digital visualisation

The observatory will be developed on a geographic information systems (GIS) platform with three main pillars of services: it offers an electronic repository of UNECE inland transport conventions, an innovative tool to finance transport infrastructure, and a way to promote sustainable regional and interregional connectivity.

The ITIO GIS platform assists in the analysis of possible future impacts of climate change on transport networks. The tool enables experts to identify sections of transport networks potentially exposed to the effects of climate change.

Digital enabler

The SITCIN tool allows countries to measure their degree of transport connectivity, both domestically and bilaterally/sub-regionally, as well as in terms of soft and hard infrastructure.

UNECE digital tools facilitating access to statistical information:

UNECE online platforms and observatories gather updates and policy resources to help member states respond to the COVID-19 crisis:

Future of meetings

Guided by the assessments of the World Health Organization (WHO) and the host country authorities, UNECE’s respective governing bodies and partner organisations amended the format and conduct of meetings during the COVID-19 pandemic to ensure business continuity and delivery of support to its member states.

Hybrid and online meeting formats continue to be used.

UNECE Executive Committee – Special procedures during the COVID-19 period (adopted in April 2020 and extended in July 2020)

  • Use of the silence procedure for decision-making;

Social media channels

Facebook @UNECE

Flickr @UNECE

Instagram @un_ece

Twitter @UNECE

YouTube @UNECE

Sign up for the monthly newsletter on digital issues to receive updates.

World Trade Organization

Acronym: WTO

Established: 1995

Address: Centre William Rappard, Rue de Lausanne 154, 1211 Geneva 21, Switzerland

Website: https://www.wto.org/

Stakeholder group: International and regional organisations

WTO is an intergovernmental organisation that deals with the rules of trade among its members. Its main functions include administering WTO trade agreements, providing a forum for trade negotiations, settling trade disputes, monitoring national trade policies, providing technical assistance and training for developing countries, and ensuring cooperation with other international organisations.

WTO members have negotiated and agreed upon rules regulating international trade, fostering transparency and predictability in the international trading system. The main agreements are the Marrakesh Agreement Establishing the WTO, the General Agreement on Tariffs and Trade (GATT), the General Agreement on Trade in Services (GATS), and the Agreement on Trade-related Aspects of Intellectual Property Rights (TRIPS Agreement).

Digital activities

Several internet governance and digital trade policy- related issues are discussed in WTO. E-commerce discussions are ongoing under the Work Programme on Electronic Commerce and among a group of 87 WTO members currently negotiating e-commerce rules under the Joint Statement Initiative (JSI) on E-commerce. Discussions focus on several digital issues, including data flows and data localisation, source code, cybersecurity, privacy, consumer protection, capacity building, and customs duties on electronic transmissions.

As part of its outreach activities, WTO organises numerous events such as the Aid for Trade Global Review and an annual Public Forum, which brings together governments, non-governmental organisations (NGOs), academics, businesses, and other stakeholders for discussions on a broad range of issues, including many relating to the digital economy.

Digital policy issues

Telecommunications

In 1997, WTO members successfully concluded negotiations on market access for basic telecommunications services, which resulted in new specific commitments in the sector for a significant part of  WTO  membership.  These negotiations also resulted in the Reference Paper, a set of regulatory principles for basic telecommunication services that various members have inscribed in their schedules of commitments. Since 1997, the number of members that have undertaken market access commitments on telecommunications and subscribed to the Reference Paper has continued to increase as a result of new governments joining WTO through the process of accession. Under the JSI negotiations, participants are discussing a proposal that seeks to update the provisions of the Reference Paper.

Digital standards (1)

International standards are important to the global digital economy as they can enable interconnectivity and interoperability for telecommunications and internet infrastructures. The WTO Technical Barriers to Trade Agreement (TBT Agreement) aims to ensure that technical regulations, standards, and conformity assessment procedures affecting trade in goods (including telecommunications products) are non-discriminatory and do not create unnecessary obstacles to trade. The TBT Agreement strongly encourages that such regulatory measures be based on relevant international standards. The TBT Committee serves as a forum where governments discuss and address concerns with specific regulations, including those affecting digital trade. Examples of relevant TBT measures notified to or discussed at the TBT Committee include (1) measures addressing the internet of things (IoT) and related devices in terms of their safety, interoperability, national security/cybersecurity, performance, and quality; (2) measures regulating 5G cellular network technology for reasons related to, among others, national security and interoperability; (3) measures regulating 3D printing (additive manufacturing) devices; (4) measures regulating drones (small unmanned aircraft systems) due to risks for humans/consumers, interoperability problems, and national security risks; and (5) measures dealing with autonomous vehicles, mostly concerned with their safety and performance.

Cybersecurity

Cybersecurity issues have been addressed in several WTO bodies. For example, the TBT Committee has discussed national cybersecurity regulations applicable to information and communications technology (ICT) products and their potential impact on trade. In the TBT Committee, WTO members have raised specific trade concerns related to cybersecurity regulations. Some of the specific issues discussed include how cybersecurity regulations discriminating against foreign companies and technologies can negatively impact international trade in ICT products. Proposals on cybersecurity have also been tabled in the JSI on e-commerce where negotiations are ongoing.

Data governance

The growth of the global digital economy is fuelled by data. Discussions on how provisions of WTO agreements apply to data flows are ongoing among WTO members. In this context, is particularly relevant, as it applies to trade in services such as (1) data transmission and data processing by any form of technology (e.g. mobile or cloud technologies); (2) new ICT business models such as infrastructure as a service (IaaS); (3) online distribution services e.g. (e-commerce market platforms); and (4) financial services such as mobile payments. The extent to which members can impose restrictions on data or information flows affecting trade in services is determined by their GATS schedules of commitments. Under the JSI, proposals on cross-border data flows have been submitted and are being discussed. These proposals envision a general rule establishing the free flow of data for commercial activities. Proposed exceptions to this general rule are, to a large extent, similar to the existing GATS General and Security Exceptions and relate to, for example, protection of personal data, protection of legitimate public policy objectives, national security interests, and exclusion of governmental data. Issues related to data flows have also been raised by members in other contexts at the WTO, such as in the Council for Trade in Services, for instance, when national cybersecurity measures adopted have been considered by some members as trade barriers.

Intellectual property rights

The TRIPS Agreement is a key international instrument for the protection of IP and is of relevance to e-commerce. The technologies that underpin the internet and enable digital commerce such as software, routers, networks, switches, and user interfaces are protected by IP. In addition, e-commerce transactions can involve digital products with IP-protected content, such as e-books, software, or blueprints for 3D-printing. As IP licences often regulate the usage rights for such intangible digital products, the TRIPS Agreement and the international IP Conventions provide much of the legal infrastructure for digital trade.

These conventions include:

The role of IP in promoting innovation and trade in the digital age has been highlighted in recent WTO World Trade Reports.

IP-related issues are also being discussed in the JSI. Submitted proposals include text on limiting requests to the access or transfer of source code. The source code or the data analysis used in the operation of programmes or services is often legally protected by IP law through copyright, patent, or trade secret provisions. The main goal of the JSI proposals on access to source code is to prevent members from requiring access or transfer of the source code owned by a national of another member state as a condition for market access. Some exceptions to this general prohibition have also been proposed. For example, for software that is used for critical infrastructures and public procurement transactions.

Electronic commerce

WTO agreements cover a broad spectrum of trade topics, including some related to e-commerce, which has been on the WTO agenda since 1998 when the ministers adopted the Declaration on Global Electronic Commerce. The Declaration instructed the General Council to establish a Work Programme on electronic commerce. In that Declaration, members also agreed to continue the practice of not imposing customs duties on electronic transmissions (the ’moratorium’). The Work Programme provides a broad definition of e-commerce and instructs four WTO bodies (Council for Trade in Goods; Council for Trade in Services; TRIPS Council; and the Committee on Trade and Development) to explore the relationship between WTO Agreements and e-commerce. The Work Programme and the moratorium on customs duties on electronic transmissions have been periodically reviewed and renewed. At its recently concluded 12th Ministerial Conference (MC12) in June 2022, WTO members agreed to reinvigorate the Work Programme, particularly in line with its development dimension, and to intensify discussions on the moratorium, including on its scope, definition, and impact. Furthermore, members agreed to extend the moratorium on customs duties on electronic transmissions until MC13 (2).

At MC11 in 2017, a group of members issued the Joint Statement Initiative (JSI) on E-Commerce to explore work towards future WTO negotiations on trade-related aspects of e-commerce. Following the exploratory work, in January 2019, 76 members confirmed their ‘intention to commence WTO negotiations on trade-related aspects of electronic commerce’ and to ‘achieve a high standard out- come that builds on existing WTO agreements and frameworks with the participation of as many WTO members as possible’. Negotiations are continuing among 87 members (3) and are structured under 6 broad themes, namely enabling e-commerce, openness and e-commerce, trust and e-commerce, cross-cutting issues, telecommunications, and market access. JSI participants have reached a high degree of convergence on e-authentication and e-signatures, e-contracts, open government data, online consumer protection, unsolicited commercial electronic messages (spam), transparency, open internet access and paperless trading. Negotiations on electronic transactions frameworks, source code, cybersecurity, electronic invoicing, privacy, telecommunications, and customs duties on electronic transmissions continue. On the margins of the MC12, the co-convenors of the JSI (Australia, Japan, and Singapore), issued a statement underlining the importance of developing global rules on e-commerce and, together with Switzerland, launched the E-commerce Capacity Building Framework to strengthen digital inclusion and to help developing and least developed countries to harness the opportunities of digital trade.

Access (4)

Information Technology Agreement (ITA-I and ITA-II)

The ITA-I was concluded by 29 participants in 1996. Through this agreement, participating WTO members eliminated tariffs and other duties and charges (ODCs) on hundreds of ICT products – including computers, laptops, servers, routers, communication devices (i.e. mobile telephones),  semiconductors, semiconductor manufacturing equipment and parts thereof – to foster the development of ICT global value chains and facilitate greater adoption of the ICT products that lie at the core of a global digital economy and power the downstream innovative and competitive capacity of every industry that deploys them. Currently, 83 WTO members are participants in ITA-I, accounting for approximately 97% of world trade in ITA-I products. As technology continues to evolve, ICT is found at the core of an ever-increasing range of products. At the MC10 in Nairobi in 2015, over 50 WTO members concluded ITA-II negotiations and agreed to expand the ITA product coverage by around 200 products. ICT products such as GPS navigation equipment, satellites, and medical equipment were included and tariffs on these products have been eliminated among ITA-II participants. At present, the ITA-II consists of 55 WTO members, representing over 90% of world trade in ITA-II products. The ITA is being discussed in the JSI under the market access focus group.

Social medial channels

Facebook @WorldTradeOrganization

Flickr @WorldTradeOrganization

Instagram @worldtradeorganization

Twitter @wto

YouTube @WorldTradeOrganization

1-The issue of digital standards is addressed as ‘standards and regulations’ within the work of WTO.

2-WT/MIN(22)/32; WT/L/1143

3-87 Members as of end of September 2022: Albania; Argentina; Australia; Austria; Bahrain, Kingdom of; Belgium; Benin; Brazil; Brunei Darussalam; Bulgaria; Burkina Faso; Cameroon; Canada; Chile; China; Colombia; Costa Rica; Côte D’Ivoire; Croatia; Cyprus; Czech Republic; Denmark; Ecuador; El Salvador; Estonia; Finland; France; Georgia; Germany; Greece; Guatemala;Honduras; Hong Kong, China; Hungary; Iceland; Indonesia; Ireland; Israel; Italy; Japan; Kazakhstan; Kenya; Korea, Republic of; Kuwait, the State of; Latvia; Lao People’s Democratic Republic; Liechtenstein; Lithuania; Luxembourg; Malaysia; Malta; Mauritius; Mexico; Moldova, Republic of; Mongolia; Montenegro; Myanmar; Netherlands; New Zealand; Nicaragua; Nigeria; North Macedonia; Norway; Panama; Paraguay; Peru; Philippines; Poland; Portugal; Qatar; Romania; Russian Federation; Saudi Arabia, Kingdom of; Singapore; Slovak Republic; Slovenia; Spain; Sweden; Switzerland; Separate Customs Territory of Taiwan, Penghu, Kinmen and Matsu; Thailand; Turkey; Ukraine; United Arab Emirates; United Kingdom; United States; and Uruguay

4-The issue of arbitration is referred to under the issue of ‘market access’ within the work of WTO.



United Nations Conference on Trade and Development

Acronym: UNCTAD

Established: 1964

Address: Palais des Nations, Av. de la Paix 8-14, 1211 Geneva 10, Switzerland

Website: https://unctad.org/

Stakeholder group: International and regional organisations

The United Nations Conference on Trade and Development (UNCTAD) is a UN body dedicated to supporting developing countries in accessing the benefits of a globalised economy more fairly and effectively. It provides analysis, facilitates consensus-building, and offers technical assistance, thus helping countries use trade, investment, finance, and technology to support inclusive and sustainable development.

UNCTAD also works to facilitate and measure progress towards achieving the sustainable development goals (SDGs), through a wide range of activities in areas such as technology and innovation, trade, investment, environment, transport and logistics, and the digital economy.

UNCTAD’s work often results in analyses and recommendations that can inform national and international policy-making processes, and contribute to promoting economic policies aimed at ending global economic inequalities and generating human-centric sustainable development.

Digital Activities

UNCTAD is particularly active in the field of e-commerce, trade, and the digital economy, carrying out a wide range of activities from research and analysis to providing assistance to member states in developing adequate legislative frameworks and facilitating international dialogue on the development opportunities and challenges associated with the digital economy. UNCTAD also works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of science, technology, and innovation (STI) for development. Consumer protection, gender equality, and privacy and data protection are other digital policy areas where UNCTAD is active.

Digital policy issues

E-commerce and trade 

UNCTAD’s work programme on e-commerce and the digital economy (ECDE Programme), encompasses several research and analysis, consensus building and technical assistance activities, as follows:

Research and analysis

UNCTAD conducts research and analysis on e-commerce and the digital economy and their implications for trade and development. These are mainly presented in its flagship publication, the Digital Economy Report (known as Information Economy Report until 2017), and in its Technical Notes on ICT for Development.

Consensus building on e-commerce and digital economy policies

UNCTAD’s Intergovernmental Group of Experts on E-commerce and the Digital Economy meets regularly to discuss ways to strengthen the development dimension of e-commerce and the digital economy. The group’s meetings are usually held in conjunction with the eCommerce Week, an annual event hosted by UNCTAD and featuring discussions on development opportunities and challenges associated with the digital economy.

E-Commerce assessments and strategy formulation

The eTrade Readiness Assessments (eT Readies) assist least developed countries (LDCs) and other developing countries in understanding their e-commerce readiness in key policy areas in order to better engage in and benefit from e-commerce. The assessments provide recommendations to overcome identified barriers and bottlenecks to growth and enjoying the benefits of digital trade.

UNCTAD’s work on information and communication technology (ICT) policy reviews and national e-commerce strategies involves technical assistance, advisory services, diagnostics, and strategy development on e-commerce, and national ICT planning at the request of governments. Through an analysis of the infrastructural, policy, regulatory, institutional, operational, and socioeconomic landscape, the reviews help governments to overcome weaknesses and bureaucratic barriers, leverage strengths and opportunities, and put in place relevant strategies.

Legal frameworks for e-commerce

UNCTAD’s E-commerce and Law Reform work helps to develop an understanding of the legal issues underpinning e-commerce through a series of capacity-building workshops for policymakers at the national and regional levels. Concrete actions include: Assistance in establishing domestic and regional legal regimes to enhance trust in online transactions, regional studies on cyber laws harmonisation, and the global mapping of e-commerce legislation through its ‘Global Cyberlaw Tracker’.

Measuring the information economy

UNCTAD’s work on measuring the information economy includes statistical data collection and the development of methodology, as well as linking statistics and policy through the Working Group on Measuring E-commerce and the Digital Economy, established by the Intergovernmental Group of Experts on E-Commerce and the Digital Economy. Figures are published in the biennial Digital Economy Report and the statistics portal UNCTADstat. Technical co-operation here aims to strengthen the capacity of national statistical systems to produce better, more reliable, and internationally comparable statistics on the following issues: ICT use by enterprises, size and composition of the ICT sector, and e-commerce and international trade in ICT-enabled services. UNCTAD also produces the B2C E-commerce Index which measures an economy’s preparedness to support online shopping.

Smart Partnerships through eTrade for all

The eTrade for all initiative (eT4a) is a global collaborative effort of 32 partners to scale up co-operation, transparency, and aid efficiency towards more inclusive e-commerce. Its main tool is an online platform (etradeforall.org), a knowledge-sharing and information hub that facilitates access to a wide range of information and resources on e-commerce and the digital economy. It offers a gateway for matching the suppliers of technical assistance with those in need. Beneficiaries can connect with potential partners, learn about trends, best practices, up-to-date e-commerce indicators, and upcoming events all in one place. The initiative also acts as catalyst of partnership among its members for increased synergies. This collaboration has concretely translated into the participation of several eT4a partners as key contributors to the various eCommerce Weeks organised by UNCTAD and in the conduct and review of eTrade Readiness Assessments.

Consumer protection 

Through its Competition and Consumer Policies Programme, UNCTAD works to assist countries in improving their competition and consumer protection policies. It provides a forum for intergovernmental deliberations on these issues, undertakes research, policy analysis and data collection, and provides technical assistance to developing countries. The Intergovernmental Group of Experts on Consumer Protection Law and Policy monitors the implementation of the UN Guidelines for Consumer Protection and carries out research and provides technical assistance on consumer protection issues (including in the context of e-commerce and the digital economy).

UNCTAD’s work programme on consumer protection is guided, among others, by the UN Conference of Competition and Consumer Protection (held every five years). In 2020, the conference will hold high-level consultations on strengthening consumer protection and competition in the digital economy, and international enforcement co-operation among consumer protection authorities in electronic commerce.

Given the significant imbalances in market power in the digital economy, competition policy is becoming increasingly relevant for developing countries. UNCTAD addresses this issue in the Intergovernmental Group of Experts on Competition Law and Policy.

UNCTAD also runs the Research Partnership Platform, aimed at contributing to the development of best practices in the formulation and implementation of competition and consumer protection laws and policies.

Sustainable development 

UNCTAD works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of STI for development. The organisation supports countries in their efforts to integrate STI in national development strategies, through initiatives such as Science, Technology and Innovation Policy Reviews and capacity building programmes (such as the Innovation Policy Learning Programme). The eT4a initiative is also intended to contribute to several SDGs, especially in relation to decent work and economic growth, innovation and infrastructure, global partnerships, and gender equality. Moreover, UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development.

UNCTAD’s Investment Policy Framework for Sustainable Development provides guidance for policymakers in formulating national investment policies and in negotiating investment agreements. The organisation is also part of the Toolbox for Financing for SDGs – a platform launched in 2018 at the initiative of the President of the UN General Assembly to assist countries and financial actors in exploring solutions to the challenges of financing the SDGs.

UNCTAD carries out research and analysis work covering various development-related issues, examples being its Digital Economy Report and the Technical notes on ICT for development. As the body responsible for servicing the UN Commission on Science and Technology for Development (CTSD), UNCTAD also assists the CSTD in its sustainable development-related work, for instance by preparing studies and reports on issues such as the impact of advanced technologies on sustainable development.

Other UNCTAD activities designed to contribute to sustainable development cover issues such as climate change, the circular economy, and intellectual property.

Capacity development 

Many activities undertaken by UNCTAD have a capacity development dimension. For instance, its work on e-commerce and trade includes supporting developing countries in establishing adequate legal frameworks in these areas (e.g. its eCommerce and Law Reform work) and in producing statistics that can guide effective policy-making (e.g. the Measuring E-commerce and the Digital Economy activities and the ICT Policy Reviews ). UNCTAD’s E-Learning on Trade platform provides courses and training on issues such as trade, gender and development and non-tariff measures in trade.

UNCTAD also works to build capacity in STI policy-making in developing countries, through initiatives such as the Innovation Policy Learning programme and STI training provided in the context of the P166 programme.

Additionally, UNCTAD’s Virtual Institute – run in co-operation with universities worldwide – is dedicated to building knowledge for trade and development. Another area where UNCTAD provides capacity building for developing countries is that of statistics: The organisation and its partners assist national statistics organisations in the collection, compilation and dissemination of their statistics in domains such as trade, sustainable development, and investments.

Gender rights online 

UNCTAD runs a Trade, Gender and Development Programme dedicated to assisting countries in developing and implementing gender-sensitive trade policies, conducting gender impact analyses of trade policies and agreements, and strengthening the links between trade and gender. One notable initiative is the eTrade for Women initiative, dedicated to advancing the empowerment of women through ICTs.

Other initiatives undertaken in this area include capacity building on trade and gender, the Women in STEM: Changing the narrative dialogues, and the  Data and statistics for more gender-responsive trade policies in Africa, the Caucasus and Central Asia project.

Data governance? 

As data has become a key resource in the digital economy, data governance is a fundamental part of the work of UNCTAD. This is illustrated, for example, in the research and analysis work of the Digital Economy Report 2019, which focused on the role of data as the source of value in the digital economy and how it is created and captured. Moreover, some of UNCTAD’s work on e-commerce and digital trade touches specifically on privacy and data protection issues. For instance, the eCommerce and Law Reform work dedicated to supporting developing countries in their efforts to establish adequate legal frameworks for e-commerce also covers data protection and privacy among the key issues addressed. The Global Cyberlaw Trackers offers information on data protection laws in UNCTAD member states.

Also relevant for data governance discussions is UNCTAD’s work on statistics, as the organisation collects and analyses a wide range of data on issues such as economic trends, international trade, population, and the digital economy. Moreover, UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development.

UNCTAD is also running several projects focused on improving the efficiency of data management in the context of activities such as maritime trade (e.g. the Digitising Global Maritime Trade project) and customs operations (e.g. the Automated System for Customs Data).

Digital tools

 UNCTAD has developed several digital tools and online platforms in recent years. Examples include:

Future of meetings

Any reference to online or remote meetings?

Any reference to deliberation or decision making online?