[Webinar] Enhancing signalling security and privacy using globally interoperable digital signatures

Event description

Event date: 16 June 2022, 15:00–17:00 CEST

The International Telecommunication Union (ITU) will explore the history and status quo of signalling systems and summarise ITU’s ongoing efforts in security-minded protocol standardisation to cope with potential signalling attacks on telecom operators. Signalling protocols play a cornerstone role in providing different ICT services. Nevertheless, as they were designed without security and privacy in mind, they are prone to attacks on ICT infrastructures. This webinar will cover the signalling architectures of telecommunication networks, an overview of the key signalling exchange procedures (call/SMS/USSD flows), and an outline of the vulnerabilities of existing signalling protocols. ITU-T recommendations and how they have been implemented will also be discussed.

For more information, and to register, please visit the official page.

International Electrotechnical Commission

Acronym: IEC

Established: 1906

Address: 3 rue de Varembé, 1211 Geneva 20 , Switzerland

Website: https://www.iec.ch/

Stakeholder group: International and regional organisations

The IEC is the world leader in preparing international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to over 170 countries, coordinating the work of more than 20,000 experts. We administer four IEC Conformity Assessment Systems, representing the largest working multilateral agreement based on the one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.

IEC International Standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.

IEC Standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Every member country and all its stakeholders represented through the IEC National Committees has one vote and a say in what goes into an IEC International Standard.

Our work is used to verify the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digitisation, artificial intelligence (AI), or virtual reality applications, protects information technology (IT) and critical infrastructure systems from cyberattacks and increases the safety of people and the environment.

Digital activities 

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues.

Digital policy issues

Artificial intelligence and the internet of things

AI applications are driving digital transformation across diverse industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.

For example, the digital transformation of the grid enables increased automation, making it more efficient and able to integrate fluctuating renewable energy sources seamlessly. IEC Standards pave the way for the use of a variety of digital technologies relating to intelligent energy. They deal with issues such as integrating renewable energies within the electrical network but also increased automatisation.

The IEC’s work in the area of AI takes a three-pronged approach. IEC experts focus on sector-specific needs (vertical standards) and conformity assessment, while the joint IEC and International Organization for Standardization (ISO) technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards).

In addition, IEC Safety Standards are an essential element of the framework for AI applications in power utilities and smart manufacturing. IEC Conformity Assessment Systems complete the process by ensuring the standards are properly implemented.

SC 42 addresses some concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.

Governance standards in AI and the business process framework for big data analytics address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.

The joint IEC and ISO technical committee also develop foundational standards for the IoT. Among other things, SC 41 standards promote interoperability, as well as architecture and a common vocabulary for the IoT.

Hardware

The IEC develops standards for many of the technologies that support digital transformation. Sensors, cloud, and edge computing are examples.

Advances in data acquisition systems are driving the growth of big data and AI use cases. The IEC prepares standards relating to semiconductor devices, including sensors.

Sensors can be certified under the IEC Quality Assessment System for Electronic Components (IECQ), one of the four IEC Conformity Assessment Systems.

Cloud computing and its technologies have also supported the increase of AI applications. The joint IEC and ISO technical committee prepares standards for cloud computing, including distributed platforms and edge devices, which are close to users and data collection points. The publications cover key requirements relating to data storage and recovery.

Building trust

International Standards play an important role in increasing trust in AI and help support public and private decision-making, not least because they are developed by a broad range of stakeholders. This helps to ensure that the IEC’s work strikes the right balance between the desire to deploy AI and other new technologies rapidly and the need to study their ethical implications.

The IEC has been working with a wide range of international, regional, and national organisations to develop new ways to bring stakeholders together to address the challenges of AI. These include the Swiss Federal Department of Foreign Affairs (FDFA) and the standards development organisations, ISO, and the International Telecommunication Union (ITU).

More than 500 participants followed the AI with Trust conference, in-person and online, to hear different stakeholder perspectives on the interplay between legislation, standards and conformity assessment. They followed use-case sessions on healthcare, sensor technology, and collaborative robots, and heard distinguished experts exchange ideas on how they could interoperate more efficiently to build trust in AI. The conference in Geneva was the first milestone of the AI with Trust initiative.

The IEC is also a founding member of the Open Community for Ethics in Autonomous and Intelligent Systems (OCEANIS). OCEANIS brings together standardisation organisations from around the world to enhance awareness of the role of standards in facilitating innovation and addressing issues related to ethics and values.

Read more

e-tech

IEC and ISO Work on Artificial Intelligence

AI for the Last Mile

Computational Approaches for AI Systems

–  IEC Blog

Digital Transformation

–  Video

Ian Oppermann (AI with Trust)

AI with Trust conference interviews AI Governance

Network security and critical infrastructure

The IEC develops cybersecurity standards and conformity assessments for IT and operational technology (OT). One of the biggest challenges today is that cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to cyberattacks.

Cyberattacks on IT and OT systems often have different consequences. The effects of cyberattacks on IT are generally economical, while cyberattacks on critical infrastructure can impact the environment, damage equipment, or even threaten public health and lives.

When implementing a cybersecurity strategy, it is essential to consider the different priorities of cyber-physical and IT systems. The IEC provides relevant and specific guidance via two of the world’s best-known cybersecurity standards: IEC 62443 for cyber-physical systems and ISO/IEC 27001 for IT systems.

Both take a risk-based approach to cybersecurity, which is based on the concept that it is neither efficient nor sustainable to try to protect all assets in equal measure. Instead, users must identify what is most valuable and requires the greatest protection and identify vulnerabilities.

Conformity assessment provides further security by ensuring that the standards are implemented correctly: IECEE certification for IEC 62443 and IECQ for ISO/IEC 27001.

ISO/IEC 27001 for IT

IT security focuses equally on protecting the confidentiality, integrity, and availability of data – the so-called CIA triad. Confidentiality is of paramount importance and information security management systems, such as the one described in ISO/IEC 27001, are designed to protect sensitive data, such as personally identifiable information (PII), intellectual property (IP), or credit card numbers, for example.

Implementing the information security management system (ISMS) described in ISO/IEC 27001 means embedding information security continuity in business continuity management systems. Organisations are shown how to plan and monitor the use of resources to identify attacks earlier and take steps more quickly to mitigate the initial impact.

IEC 62443 for OT

In cyber-physical systems, where IT and OT converge, the goal is to protect safety, integrity, availability, and confidentiality (SIAC). Industrial control and automation systems (ICAS) run in a loop to check continually that everything is functioning correctly.

The IEC 62443 series was developed because IT cybersecurity measures are not always appropriate for ICAS. ICAS are found in an ever-expanding range of domains and industries, including critical infrastructure, such as energy generation, water management, and the healthcare sector.

ICAS must run continuously to check that each component in an operational system is functioning correctly. Compared to IT systems, they have different performance and availability requirements and equipment lifetime.

Conformity assessment: IECEE

Many organisations are applying for the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE) conformity assessment certification to verify that the requirements of IEC 62443 have been met.

IECEE provides a framework for assessments in line with IEC 62443, which specifies requirements for security capabilities, whether technical (security mechanisms) or process (human procedures) related. Successful recipients receive the IECEE industrial cybersecurity capability certificate of conformity.

Conformity assessment: IECQ

While certification to ISO/IEC 27001 has existed since the standard was published in 2013, it is only in recent years that the IEC Quality Assessment System for Electronic Components (IECQ) has set up a true single standardised way of assessing and certifying an ISMS to ISO/IEC 27001.

International standards such as IEC 62443 and ISO/IEC 27001 are based on industry best practices and reached by consensus. Conformity assessment confirms that they have been implemented correctly to ensure a safe and secure digital society.

Read more

Video

Digital tools

IEC has developed a number of online tools and services designed to help everyone with their daily activities.

Social media channels

Facebook @InternationalElectrotechnicalCommission

LinkedIn @IECStandards

Pinterest @IECStandards

X @IECStandards

YouTube @IECstandards

Ecma International

Acronym: Ecma

Established: 1961

Address: Rhône Street 114, 1204 Geneva, Switzerland

Website: https://www.ecma-international.org/

Stakeholder group: NGOs and associations

Ecma International is an industry association that works on standardisation in information and communication technology (ICT) and consumer electronics.

The association develops global standards and technical reports to facilitate and standardise the use of ICTs and consumer electronics. It also encourages the correct use of standards by influencing the environment in which they are applied.

Its membership includes entities such as Alibaba, Apple, Bloomberg, Google, Hitachi, HP, Huawei, IBM, Intel, Meta, Microsoft, Netflix, and PayPal, as well as prominent universities and research institutes.

Digital activities

Since its creation in 1961, Ecma has published numerous standards and technical reports covering areas such as data presentation and communication; data interchange and archiving; access systems, interconnection, and multimedia; programming languages; and software engineering and interfaces. FORTRAN, one of the oldest programming languages developed by Ecma, was approved in 1965. ECMAScript, with several billion implementations, is one of the most used standards worldwide.

Digital policy issues

Digital standards

A large part of Ecma’s activity is dedicated to defining standards and technical reports for ICTs (hardware, software, communications, media storage, etc.). This work is carried out through technical committees and task groups focusing on issues such as information storage, multimedia coding and communications, programming languages, open XML formats, and product-related environmental attributes. The standards and technical reports developed in committees and groups are subject to an approval vote in the Ecma General Assembly. Once approved by the assembly, some standards are also submitted to other standardisation organisations (such as the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC), and the European Telecommunications Standards Institute (ETSI)) for their approval and publication through a liaison agreement that Ecma has with those organisations.

Telecommunications infrastructure

Network security

Sustainable development/Digital and environment

Programming languages such as ECMAScript (JavaScript) and C#

Data-related standards

  • Multiple Ecma standards covering issues such as data interchange, data presentation, and data communication
  • Ecma technical reports covering data communication and data interchange.

Technical committees (TCs) and task groups (TGs) covering issues such as access systems and information exchange between systems (TC51), information storage (TC31), product-related environmental attributes (TC38), ECMAScript language (TC39), office open XML formats (TC45) and ECMAScript modules for embedded systems (TC53).

Information storage

Standards developed by Ecma include optical and magnetic storage systems (disks, cartridges, etc.), methods for determining the life expectancy of storage media, and the interchange of information on media by specifying its volume and file structure.

Where other optical storage systems such as compact discs (CDs), digital versatile disks (DVDs), or hard disks only store data on their surface, holographic data storage goes beneath the surface using the entire recording medium.

Holographic storage is a high-capacity storage technology that records binary information into holograms (three dimensions), which can be read by low-power laser beams. In December 2021, the ECMA-420 standard was published. It specifies device interface information and requirements for high-speed image retrieval and collation using holographic optical correlation based on shift-multiplex recording of coaxial holography.

Ecma has several projects in development, which include a standard on a quality discrimination method and an operating method of storage systems for long-term data preservation. This standard will enable data storage systems to be built using optical disks for storing and accumulating important digital information safely and on a permanent basis. There is also a plan to develop a standard defining a holographic data storage system with a capacity of 1,000 Gbytes per disk, which will enable long-term data preservation storage systems to be built, with features such as high capacity, long-term reliability, and lower operational costs.

Future of meetings

Ecma meetings, such as its General Assembly, typically take place as a physical meeting to allow face-to-face discussions and interaction among members, but remote attendance is possible by using videoconferencing and other digital tools for the members that cannot attend in person. Ecma TCs hold either physical, hybrid, or virtual meetings depending on their specific needs.

Ecma meetings are typically held outside of Ecma’s HQ at the invitation of a TC member who hosts the meeting at their own or another facility.

Economy and efficiency are factors in choosing the meeting place and the meeting mode. Digital or a combination of digital and face-to-face meetings are possible options. This is decided by the committee.

Social media channels

LinkedIn @ecma-international

Twitter @EcmaIntl

International Organization for Standardization

Acronym: ISO

Established: 1947

Address: Chemin de Blandonnet 8, 1214 Vernier, Geneva, Switzerland

Website: https://www.iso.org/iso/home.html

Stakeholder group: International and regional organisations

ISO is the International Organization for Standardization, the world’s largest developer of international standards. It consists of a global network of 170 national standards bodies – our members. Each member represents ISO in its country. The organisation brings together global experts to share knowledge and develop voluntary, consensus-based, market-relevant International Standards. It is best known for its catalogue of almost 25,000
standards spanning a wide range of sectors, including technology, food, and healthcare.

Digital activities

A large number of the international standards and related documents developed by ISO are related to information and communication technologies (ICTs), such as the Open Systems Interconnection (OSI) that was created in 1983 to establish a universal reference model for communication protocols. The organisation is also active in the field of emerging technologies including blockchain, the Internet of Things (IoT), and AI. The standards are developed by various technical committees dedicated to specific areas including information security, cybersecurity, privacy protection, AI, and intelligent transport systems.

Digital policy issues

Artificial intelligence

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) for AI is known as ISO/IEC JTC1/SC 42 Artificial intelligence and is responsible for the development of standards in this area. To date, it has published 20 standards specifically pertaining to AI with 35 others in development. ISO/IEC 42001 is the flagship AI Management System Standard, which provides requirements for establishing, implementing, maintaining, and continually improving an AI management system within the context of an organisation. ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks and addresses approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy. The standards under development include those that cover concepts and terminology for AI (ISO/IEC 22989); bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027); AI risk management (ISO/IEC 23894); a framework for AI systems using machine learning (ISO/IEC 23053); and the assessment of machine learning classification performance (ISO/IEC TS 4213). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Cloud computing

ISO and IEC also have a joint committee for standards related to cloud computing which currently has 27 published standards and a further 5 in development. Of those published, two standards of note include ISO/IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 22123-3, which specifies the cloud computing reference architecture.Standards under development include those on health informatics (ISO/TR 21332); the audit of cloud services (ISO/IEC 22123-2); and data flow, categories, and use (ISO/IEC 19944 series). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Internet of things

Recognising the ongoing developments in the field of IoT, ISO has a number of dedicated standards both published and in development, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181 series), unique identification for IoT (ISO/IEC 29161), Internet of Media Things (ISO/IEC 23093-3), the trustworthiness of IoT (ISO/IEC 30149), and industrial IoT systems (ISO/IEC 30162). IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security. In addition, there are 26 standards under development, some of which provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147); a trustworthiness framework (ISO/IEC 30149); the requirements of an IoT data exchange platform for various IoT services (ISO/IEC 30161); and a real-time IoT framework (ISO/IEC 30165). Up-to-date information on the ISO and IEC joint technical committee for IoT (e.g. scope, programme of work, contact details) can be found on the committee page

Telecommunication infrastructure

ISO’s standardisation work in the field of telecommunications infrastructure covers areas such as planning and installation of networks (e.g. ISO/IEC 14763-2), corporate telecommunication networks (e.g. ISO/IEC 17343), local and metropolitan area networks (e.g. ISO/IEC/IEEE 8802-A), private integrated telecommunications networks (e.g. ISO/IEC TR 14475), and wireless networks. Next-generation networks – packet-based public networks able to provide telecommunications services and use multiple quality-of-service-enabled transport technologies – are equally covered (e.g. ISO/IEC TR 26905). ISO also has standards for the so-called future networks, which are intended to provide futuristic capabilities and services beyond the limitations of current networks, including the internet. Up-to-date information on the joint ISO and IEC technical committee that develops these standards (e.g. scope, programme of work, contact details ) can be found on the committee page.

Blockchain

ISO has published 11 standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; and ISO 22739 covers fundamental blockchain terminology respectively. ISO also has a further eight standards on blockchain in development. These include those related to:  security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); and guidelines for governance (ISO/TS 23635). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Emerging technologies

ISO develops standards in the area of emerging technologies. 

Dozens of standards in the area of emerging technologies are those related to robotics. ISO has more than 40 different standards either published or in development that cover issues such as collaborative robots (e.g. ISO/TS 15066); safety requirements for industrial robots (e.g. ISO 10218 series); and personal care robots (e.g. ISO 13482). Autonomous or so-called intelligent transport systems (ITS) standards are developed by ISO’s ITS Technical Committee and include those for forward vehicle collision warning systems (ISO 15623) and secure connections between trusted devices (ISO/TS 21185). Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/IEC 23843).

Network security

ISO and IEC standards also address information security and network security . The ISO and IEC 27000 family of standards covers information security management systems and are used by organisations to secure information assets such as financial data, intellectual property, and employee information. For example,ISO/IEC 27031 and ISO/IEC 27035 are specifically designed to help organisations respond, diffuse, and recover effectively from cyberattacks. ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002 for privacy information management, and details requirements and guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).Network security is also addressed by standards on technologies such as the IoT, smart community infrastructures, medical devices, localisation and tracking systems, and future networks. Up-to-date information on the joint ISO and IEC technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Encryption

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information becomes increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1, currently under development, addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772 which covers authenticated encryption, ISO/IEC 18033-3 which specifies encryption systems (ciphers) for the purpose of data confidentiality, and ISO 19092 which allows for encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons. ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and many more related areas. 

Data governance

Big data is another area of ISO standardisation; around 80% of related standards are developed by the ISO/IEC AI committee. The terminology for big-data-related standards is outlined in ISO/IEC 20546, while ISO/IEC 20547-3 covers big data reference architecture. ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations and ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Digital identities

Digital signatures that validate digital identities help to ensure the integrity of data and authenticity of particulars in online transactions. This, therefore, contributes to the security of online applications and services. Standards to support this technology cover elements such as anonymous digital signatures (e.g. ISO/IEC 20008 series); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, which is where the content of the message to be signed is disguised, used in contexts where, for example, anonymity is required. Examples of such standards are ISO 18370-1 and ISO/IEC 18370-2.

Privacy and data protection

Privacy and data protection in the context of ICTs is another area covered by ISO’s standardisation activities. One example is ISO/IEC 29101 which describes a privacy architecture framework. Others include those for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

Digital tools

ISO has developed an online browsing platform that provides up-to-date information on ISO standards, graphical symbols, publications, and terms and definitions.

Future of meetings

Future ISO meetings can be found at ISO – meeting calendar

Social media channels

Facebook @isostandards

Instagram @isostandards

LinkedIn @isostandards

X @isostandards

YouTube @iso

European Organization for Nuclear Research

Acronym: CERN

Established: 1954

Address: 1211 Geneva 23, Switzerland

Website: https://www.cern.ch/

Stakeholder group: NGOs and associations

CERN is widely recognised as one of the world’s leading laboratories for particle physics. At CERN, physicists and engineers probe the fundamental structure of the universe. To do this, they use the world’s largest and most complex scientific instruments – particle accelerators and detectors. Technologies developed at CERN go on to have a significant impact through their applications in wider society.

Digital activities

CERN has had an important role in the history of computing and networks. The World Wide Web (WWW) was invented at CERN by Sir Tim Berners-Lee. The web was originally conceived and developed to meet the demand for automated information-sharing between scientists at universities and institutes around the world.

Grid computing was also developed at CERN with partners and thanks to funding from the European Commission. The organisation also carries out activities in the areas of cybersecurity, big data, machine learning (ML), artificial intelligence (AI), data preservation, and quantum technology.

Digital policy issues

Artificial intelligence AI-related projects are developed and referred to as part of the CERN openlab activities.

Through CERN openlab, CERN collaborates with leading information and communications technology (ICT) companies and research institutes. The R&D projects carried out through CERN openlab address topics related to data acquisition, computing platforms, data storage architectures, computer provisioning and management, networks and communication, ML and data analytics, and quantum technologies. CERN researchers use ML techniques as part of their efforts to maximise the potential for discovery and optimise resource usage. ML is used, for instance, to improve the performance of the Large Hadron Collider (LHC) experiments in areas such as particle detection and managing computing resources. Going one step further, at the intersection of AI and quantum computing, CERN openlab is exploring the feasibility of using quantum algorithms to track the particles produced by collisions in the LHC, and is working on developing quantum algorithms to help optimise how data is distributed for storage in the Worldwide LHC Computing Grid (WLCG). This research is part of the CERN Quantum Technology Initiative (QTI) activities, launched in 2020 to shape CERN’s role in the next quantum revolution.

–   CERN openlab: a public-private partnership in which CERN collaborates with ICT companies and other research organisations to accelerate the development of cutting-edge solutions for the research community, including ML.

CERN QTI: a comprehensive R&D, academic, and knowledge-sharing initiative to exploit quantum advantage for high-energy physics and beyond. Given CERN’s increasing ITC and computing demands, as well as the significant national and international interests in quantum-technology activities, it aims to provide dedicated mechanisms for the exchange of both knowledge and innovation.

Cloud computing Within its work, CERN refers to ‘cloud computing’ as ‘distributed computing.

The scale and complexity of data from the LHC, the world’s largest particle accelerator, is unprecedented. This data needs to be stored, easily retrieved, and analysed by physicists worldwide. This requires massive storage facilities, global networking, immense computing power, and funding. CERN did not initially have the computing or financial resources to crunch all of the data on-site, so in 2002 it turned to grid computing to share the burden with computer centres around the world. The WLCG builds on the ideas of grid technology initially proposed in 1999 by Ian Foster and Carl Kesselman. The WLCG relies on a distributed computing infrastructure, as data from the collisions of protons or heavy ions are distributed via the internet for processing at data centres worldwide. This approach of using virtual machines is based on the same paradigm as cloud computing. It is expected that further CERN developments in the field of data processing will continue to influence digital technologies.

Telecommunication infrastructure Within its work, CERN refers to ‘telecommunication infrastructure’ as ‘network infrastructure’.

In the 1970s, CERN developed CERNET, a lab-wide network to access mainframe computers in its data centre. This pioneering network eventually led CERN to become an early European adopter of Transmission Control Protocol/Internet Protocol (TCP/IP) for use in connecting systems on site. In 1989, CERN opened its first external TCP/IP connections and by 1990, CERN had become the largest internet site in Europe and was ready to host the first WWW server. Nowadays, in addition to the WLCG and its distributed computing infrastructure, CERN is also the host of the CERN Internet eXchange Point (CIXP), which optimises CERN’s internet connectivity and is also open to interested internet service providers (ISPs).

Digital standards Within its work, CERN addresses ‘web standards’ as ‘open science’.

Ever since releasing the World Wide Web software under an open-source model in 1994, CERN has been a pioneer in the open-source field, supporting open-source hardware (with the CERN Open Hardware Licence), open access (with the Sponsoring Consortium for Open Access Publishing in Particle Physics SCOAP3) and open data (with the CERN Open Data Portal). Several CERN technologies are being developed with open science in mind, such as Indico, InvenioRDM, REANA, and Zenodo. Open-source software, such as CERNBox, CERN Tape Archive (CTA), EOS, File Transfer Service (FTS), GeantIV, ROOT, RUCIO, and service for web-based analysis (SWAN), has been developed to handle, distribute, and analyse the huge volumes of data generated by the LHC experiments and are also made available to the wider society.

Digital tools

Data governance Within its work, CERN refers to ‘data governance’ as ‘data preservation’.

CERN manages vast amounts of data; not only scientific data, but also data in more common formats such as webpages, images and videos, documents, and more. For instance, the CERN Data Centre processes on average one petabyte (one million gigabytes) of data per day. As such, the organisation notes that it faces the challenge of preserving its digital memory. CERN also points to the fact that many of the tools that are used to preserve data generated by the LHC and other scientific projects are also suitable for preserving other types of data and are made available to wider society.

The CERN Open Data Policy for scientific experiments at the LHC is essential to make scientific research more reproducible, accessible, and collaborative. It reflects values that have been enshrined in the CERN Convention for more than 60 years that were reaffirmed in the European Strategy for Particle Physics (2020), and aims to empower the LHC experiments to adopt a consistent approach towards the openness and preservation of experimental data (applying FAIR standards to better share and reuse data).

EOSC Future is an EU-funded project that is contributing to establishing the European Open Science Cloud (EOSC) to provide a Web of FAIR Data and Services for science in Europe. The implementation of EOSC is based on the long-term process of alignment and coordination pursued by the Commission since 2015.

CERN joined the recently formed EOSC Association in 2020. The EOSC Association is the legal entity established to govern the EOSC and has since grown to more than 250 members and observers.

Future of meetings

More information about ongoing and upcoming events, you can find on the events page.

Social media channels

Facebook @cern

Instagram @cern

LinkedIn @cern

X @CERN

YouTube @CERN




United Nations Economic Commission for Europe

Acronym: UNECE

Established: 1947

Address: Palais des Nations, 1211 Geneva 10, Switzerland

Website: https://www.unece.org/info/ece-homepage.html

Stakeholder group: International and regional organisations

UNECE is one of five regional commissions of the UN. Its major aim is to promote pan-European economic integration. To do so, it brings together 56 countries in Europe, North America, and Central Asia, which discuss and cooperate on economic and sectoral issues.

UNECE works to promote sustainable development and economic growth through policy dialogue, negotiation of international legal instruments, development of regulations and norms, exchange and application of best practices, economic and technical expertise, and technical cooperation for countries with economies in transition. It also sets out norms, standards, and conventions to facilitate international cooperation.

Digital activities

UNECE’s work touches on several digital policy issues, ranging from digital standards (in particular in relation to electronic data interchange for administration, commerce, and transport) to the internet of things (IoT) (e.g. intelligent transport systems). Its activities on connected vehicles and automated driving systems are essential to seize the benefits of technical progress and disruptions in that field and to operationalise new mobility concepts such as Mobility as a Service (MaaS). Its UN/CEFACT develops trade facilitation recommendations and electronic business standards, covering both commercial and government business processes. UNECE also carries out activities focused on promoting sustainable development, in areas such as sustainable and smart cities for all ages; sustainable mobility and smart connectivity; and measuring and monitoring progress towards the sustainable development goals (SDGs).

UNECE’s work in the field of statistics is also relevant for digital policy issues. For example, the 2019 Guidance on Modernizing Statistical Legislation– which guides countries through the process of reviewing and revising statistical legislation – covers issues such as open data, national and international data exchanges, and government data management.

UNECE carries out extensive work in the area of sustainable transport leading on several UN Conventions. Accession to the conventions continues to increase as more and more member states realise the benefits in the time taken and associated costs in the movement of goods. Numerous digitised systems have been developed, and are maintained, hosted, and administered under the auspices of UNECE. For a number of other tools and mechanisms, work is underway.

Digital policy issues

Digital standards

UNECE’s intergovernmental body UN/CEFACT continues making great strides in the area of digital standards. In a recent collaboration with the International Federation of Freight-Forwarders Associations (FIATA), it developed the electronic FIATA Multimodal Bill of Lading (eFBL) data standard. The basis of the mapping of the Negotiable FIATA Multimodal Transport Bill of Lading (FBL) with the UN/CEFACT Multimodal Transport (MMT) reference data model, allows the exchange of BL data in a standardised way, facilitating interoperability between all modes of transport and industry stakeholders. Similar to other data standards developed by UN/CEFACT, the data standard is offered as open-source for all software providers and industry stakeholders to implement. UNECE’s standardisation work builds on a family of reference data models in alignment with its strategy to become the next generation of global standards for trade and transport information exchange. Other digital standards in the areas of supply chain management, agriculture, and travel and tourism (e.g. Buy Ship Pay Reference Data Model, Textile and Leather Data Model (Part 1 and Part 2), and Travel and Tourism Experience Programme Data Model) are a great step toward paperless trade and benefit all actors of the supply chain by reducing costs, increasing security, and gaining efficiency.

Internet of things and artificial intelligence

As the UN centre for inland transport, UNECE hosts international regulatory platforms in the field of automated driving and intelligent transport systems. It hosts multilateral agreements and conventions ruling the requirements and the use of these technologies (such as the UN agreements on vehicle regulations and the Vienna Convention on Road Traffic). Its activities (e.g. facilitating policy dialogue and developing regulations and norms) contribute to enabling automated driving functionalities and ensuring that the benefits of these technologies can be captured without compromising safety and progress achieved in areas such as border crossing and interoperability. It also collaborates with other interested stakeholders, including the automotive and information and communications technology (ICT) industries, consumer organisations, governments, and international organisations.

Another area of work for UNECE is related to harnessing smart technologies and innovation for sustainable and smart cities. In this regard, it promotes the use of ICTs in city planning and service provision and it has developed (together with ITU) a set of key performance indicators for smart sustainable cities. UNECE also works to facilitate connectivity through sustainable infrastructure. For instance, it assists countries in developing smart grids for more efficient energy distribution, and it administers international e-roads, e-rail, and e-waterway networks.

UNECE launched the Advisory Group on Advanced Technology in Trade and Logistics (AGAT) in 2020 on topics, such as distributed ledger technologies (DLT) including blockchain, IoT, and AI.

The UNECE High-Level Group on Modernisation of Official Statistics (HLG-MOS) has been at the forefront of modernisation initiatives in the field of official statistics. These initiatives include innovative areas such as big data, synthetic data, and machine learning (ML). A UNECE guide, Machine Learning for Official Statistics, can help national and international statistical organisations to harness the power of ML to modernise the production of official statistics. Responding to the growing interest in LLM, HLG-MOS is working on a white paper to establish a common understanding of LLM’s potential within the statistical community by exploring implications and opportunities for official statistics.

In trade, the newly released UN/CEFACT JSON-LD Web Vocabulary complements and enhances the capabilities of AI systems for trade-related exchanges. It aims to support the interoperability of trade by allowing supply chain actors to more easily integrate a common vocabulary in their business tools (e.g. software applications, AI algorithms) to ensure that data shared between different entities (e.g. suppliers, manufacturers, distributors, transporters, financiers, and regulators) is consistent and easily interpretable, reducing errors and misunderstandings.

  • Access to the text of UN Regulations
  • UN Regulation No. 155 on Cyber Security and Cyber Security Management
  • UN Regulation No. 156 on Software Updates and Software Updates Management Systems
  • World Forum for Harmonization of Vehicle Regulations (WP.29)
  • Working Party on Automated/Autonomous and Connected Vehicles
  • Access to the text of UN Regulations

    Artificial intelligence for energy

    AI and other technologies are inspiring energy suppliers, transmission and distribution companies, and demand sectors (buildings, industry, transport) to establish new business models to generate, deliver, and consume energy in a more sustainable way.

    UNECE established a task force on digitalization in energy to offer a platform for cross-industry experts from the energy sector and digital innovation to develop a unified voice on digitalisation in energy.

    The group found that AI and digitalisation have the potential to reduce residential and commercial buildings’ energy use by as much as 10% globally by 2040 if applied throughout a building’s value chain and life cycle. In particular, applications of AI may help optimise a building’s orientation for solar heat gain and predict power and heat needs, thus increasing overall energy security and maximising the integration of renewable energy sources.

    The group also found that AI and digitalisation could help achieve energy savings of at least 10%–20% in the industrial sector (which consumes around 38% of global final energy and produces 24% of greenhouse gasses).

    UNECE has partnered with the University of Zürich to develop an AI-powered tool that will offer a real-time interactive compendium of information and data resources on the resilience of energy systems. The platform will equip policymakers with a cutting-edge tool that will inform their policy decisions by facilitating knowledge management and dissemination capabilities. It is also meant to help identify technology and policy breakthroughs and mobilise financial flows for resilience. The European Investment Bank, the International Atomic Energy Agency, the International Energy Agency, the International Telecommunication Union, the Organization for Security and Co-operation in Europe, the World Meteorological Organization, the World Bank, and other organisations contribute their knowledge base to support and shape this tool.

    Automated driving

    Blockchain

    UNECE’s subsidiary body UN/CEFACT has been exploring the use of blockchain for trade facilitation. For instance, work carried out within the Blockchain White Paper Project has resulted in two white papers: One looking at the impact of blockchain on the technical standards work of UN/CEFACT and another looking at how blockchain could facilitate trade and related business processes. The ongoing Chain Project is focused on developing a framework/mechanism for the development and implementation of blockchain services infrastructure, and creating a whitepaper on strategy for the development and implementation of interoperable global blockchain technology infrastructure. Another blockchain-related project looks into the development of a standard on the creation of a cross-border inter-customs ledger using blockchain technology.

    Critical infrastructure

    UNECE achieved a transformative milestone with regard to cybersecurity in the broad automotive sector with the adoption of UN Regulation No. 155 (Cyber Security and CSMS) and UN Regulation No. 156 (Software Updates).

    Before that, cyber risks related to connected vehicles were apparent but not systematically addressed. Security researchers alerted the public of them by revealing various vulnerabilities. There were only narrow standards and guidelines for securing vehicles, such as standards for secure communication among Electronic Control Units (ECUs) and for hardware encryption.

    UNECE’s World Forum for Harmonization of Vehicle Regulations (Working Party on Automated/Autonomous and Connected Vehicles (GRVA) WP.29) adopted two important new regulations on cybersecurity and over-the-air software updates and led to the situation where cybersecurity became non-negotiable for securing market access via type approval for those countries applying this regime. GRVA also developed recommendations on uniform provisions concerning cybersecurity and software updates for countries applying the self-certification regime.

    Under the 1958 Agreement (binding to 54 countries)

  • United Nations Conference on Trade and Development

    Acronym: UNCTAD

    Established: 1964

    Address: Palais des Nations, Av. de la Paix 8-14, 1211 Geneva 10, Switzerland

    Website: https://unctad.org/

    Stakeholder group: International and regional organisations

    UNCTAD is a UN body dedicated to supporting developing countries in accessing the benefits of a globalised economy more fairly and effectively. It provides analysis, facilitates consensus building, and offers technical assistance, thus helping countries use trade, investment, finance, and technology to support inclusive and sustainable development.

    UNCTAD also works to facilitate and measure progress towards achieving the sustainable development goals (SDGs), through a wide range of activities in areas such as technology and innovation, trade, investment, environment, transport and logistics, and the digital economy. It places special emphasis on supporting the most vulnerable developing countries, including least developed countries (LDCs), landlocked developing countries (LLDCs), small island developing states (SIDS), and African countries to build resilience to economic shocks and to achieve structural economic transformation.

    UNCTAD’s work often results in analyses, statistics, and recommendations that inform national and international policymaking processes, and contribute to promoting economic policies aimed at ending global economic inequalities and generating human-centric sustainable development.

    Digital activities

    UNCTAD is particularly active in the field of e-commerce, trade, and the digital economy, carrying out a wide range of activities from research and analysis to providing assistance to member states in developing adequate legislative and regulatory frameworks and facilitating international dialogue on the development opportunities and challenges associated with the digital economy.

    UNCTAD also works to facilitate and measure progress towards achieving the SDGs, in particular through (but not limited to) its activities in the field of science, technology, and innovation (STI) for development. Consumer protection, gender equality, productive capacity building, and privacy and data protection are other digital policy areas where UNCTAD is active.

    Digital policy issues

    Data governance

    As data has become a key resource in the digital economy, data governance is a fundamental part of the work of UNCTAD. This is illustrated, for example, in the research and analysis work of the Digital Economy Report 2019, which focused on the role of data as the source of value in the digital economy and how it is created and captured and the Digital Economy Report 2021, which analysed cross-border data flows and development. Moreover, some of UNCTAD’s work on e-commerce and digital trade touches specifically on privacy and data protection issues. For instance, the eCommerce and Law Reform work dedicated to supporting developing countries in their efforts to establish adequate legal frameworks for e-commerce also covers data protection and privacy among the key issues addressed. The Global Cyberlaw Trackers offers information on data protection laws in UNCTAD member states.

    Also relevant for data governance discussions is UNCTAD’s work on statistics, as the organisation collects and analyses a wide range of data and statistics on issues such as economic trends,  international trade, investment, development, and the digital economy. UNCTAD’s statistical capacity development activities help countries enhance their statistical and data infrastructures and often address issues of data governance, such as statistical confidentiality, access to data, and privacy protection. UNCTAD also contributes actively to global work to enhance data governance in statistics and beyond and to develop universal principles to guide the collection, dissemination, use, and storage of data.

    UNCTAD makes its data and statistics available as open-source in the UNCTADstat data centre. Statistics underpin UNCTAD’s analytical work and are featured in many publications. The UNCTAD Handbook of Statistics disseminates key messages from UNCTAD’s statistics including infographics and UNCTAD’s SDG Pulse offers statistical information on developments related to the 2030 Agenda for Sustainable Development. In addition, Development and Globalization Facts and Figures publications provide thematic updates on topical issues with the latest number focusing on SIDS. To provide timely information on the global economy and trade, UNCTAD Statistics publishes a weekly Trade and Economy Nowcast.

    UNCTAD is also running several projects focused on improving the efficiency of data management for example by developing a plug-and-play system to compile Trade in Services Statistics, its activities in the Digitising Global Maritime Trade project, and by supporting customs operations with the Automated System for Customs Data. UNCTAD’s own statistical activities are governed by the UNCTAD Statistics Quality Assurance Framework, which is aligned with principles governing international statistical activities.

    E-commerce and trade

    UNCTAD’s work programme on e-commerce and the digital economy (ECDE Programme), encompasses several research and analysis, consensus-building, and technical assistance activities, as follows:

    Research and analysis

    UNCTAD conducts research and analysis on e-commerce and the digital economy and their implications for trade and development. These are mainly presented in its flagship publication, the Digital Economy Report (known as the Information Economy Report until 2017), and in its Technical Notes on ICT for Development. The Technology and Innovation Report, another flagship publication, highlights the need to build science, technology, and innovation capabilities as prerequisites to enabling developing countries and LDCs to adopt and adapt frontier technologies, including digital technologies.

    Consensus building on e-commerce and digital economy policies

    UNCTAD’s Intergovernmental Group of Experts on E-commerce and the Digital Economy meets regularly to discuss ways to strengthen the development dimension of e-commerce and the digital economy. The group’s meetings are usually held in conjunction with UNCTAD eWeek an annual event hosted by UNCTAD featuring discussions on development opportunities and challenges associated with the digital economy.

    UNCTAD also serves as a knowledge partner to the deliberations of the G20 Digital Economy Working Group on Data Free Flow with Trust and Cross-border Data Flows.

    Under the auspices of the UN Commission on Science and Technology for Development (CSTD), UNCTAD provides substantive work on the follow-up to the World Summit on the Information Society (WSIS) – a unique two-phase UN summit that was initiated to create an evolving multistakeholder platform to address the issues raised by information and communications technologies (ICTs) through a structured and inclusive approach at the national, regional, and international levels.

    To that end, the CSTD:

    • Reviews and assesses progress at the international and regional levels in the implementation of action lines, recommendations, and commitments contained in the outcome documents of the Summit.
    • Shares best and effective practices and lessons learned and identifies obstacles and constraints encountered, and actions and initiatives to overcome them alongside important measures for further implementation of the Summit outcomes.
    • Promotes dialogue and fosters partnerships, in coordination with other appropriate UN funds, programmes and specialised agencies, to contribute to the attainment of the Summit.
    • Monitors objectives and the implementation of its outcomes and the use of ICTs for development and the achievement of internationally agreed development goals, with the participation of governments, the private sector, civil society, the UN, and other international organisations in accordance with their different roles and responsibilities.

    E-Commerce assessments and strategy formulation

    The eTrade Readiness Assessments (eT Readies) assist LDCs and other developing countries in understanding their e-commerce readiness in key policy areas to better engage in and benefit from e-commerce. The assessments provide recommendations to overcome identified barriers and bottlenecks to growth and enjoying the benefits of digital trade.

    UNCTAD’s work on ICT policy reviews and national strategies involves technical assistance, advisory services, diagnostics, and strategy development on e-commerce, and national ICT planning at the request of governments. Through an analysis of the infrastructural, policy, regulatory, institutional, operational, and socio-economic landscape, the reviews help governments to overcome weaknesses and bureaucratic barriers, leverage strengths and opportunities, and put in place relevant strategies.

    Legal frameworks for e-commerce

    UNCTAD’s e-commerce and law reform work helps to develop an understanding of the legal issues underpinning e-commerce through a series of capacity-building workshops for policymakers at the national and regional levels. Concrete actions include assistance in establishing domestic and regional legal regimes to enhance trust in online transactions, regional studies on cyber laws harmonisation, and the global mapping of e-commerce legislation through its Global Cyberlaw Tracker.

    Measuring the information economy

    UNCTAD’s work on measuring the information economy includes statistical data collection and the development of methodology, as well as linking statistics and policy through the Working Group on Measuring E-commerce and the Digital Economy, established by the Intergovernmental Group of Experts on E-Commerce and the Digital Economy. Figures are published in the biennial Digital Economy Report and the UNCTADstat Data Centre. Technical cooperation here aims to strengthen the capacity of national statistical systems to produce better, more reliable, and internationally comparable statistics on the following issues: ICT use by enterprises, size and composition of the ICT sector, and e-commerce and international trade in ICT-enabled services.

    Smart partnerships through eTrade for all

    The eTrade for all initiative (eT4a) is a global collaborative effort of 35 partners to scale up cooperation, transparency, and aid efficiency towards more inclusive e-commerce.  Its main tool is an online platform (etradeforall.org), a knowledge-sharing and information hub that facilitates access to a wide range of information and resources on e-commerce and the digital economy. It offers a gateway for matching the suppliers of technical assistance with those in need. Beneficiaries can connect with potential partners, and learn about trends,  best practices,  up-to-date e-commerce indicators,  and upcoming events all in one place. The initiative also acts as a catalyst of partnership among its members for increased synergies. This collaboration has concretely translated into the participation of several eT4a partners as key contributors to the various UNCTAD e Week organised by UNCTAD and in the conduct and review of eTrade Readiness Assessments.

    Market access and rules of origin for least developed countries

    LDCs are granted preferential tariff treatment in the markets of developed and developing countries under several schemes and arrangements. Since its inception, UNCTAD has assisted governments in developing preferential rules of origin (RoO). UNCTAD assists governments and regional economic communities, as well as the AfCFTA Secretariat, in negotiating and drafting their RoO. Most recently, UNCTAD’s technical assistance has focused on the implementation of the World Trade Organization’s (WTO’s) 2005 Hong Kong decision on Duty-free, Quota-free (DFQF) market access, and understanding and drafting RoO.

    UNCTAD has undertaken extensive research on DFQF and RoO. The UNCTAD Database on the African Continental Free Trade Area (AfCFTA) provides information on trade statistics, rules of origin, and tariff offers under AfCFTA at the Harmonized Commodity Description and Coding System (HS) subheading (6-digit) level The Harmonized Commodity Description and Coding System – commonly known as the Harmonized System or HS – is an internationally standardised nomenclature for the description, classification, and coding of goods.. The database enables automatic data visualisation to create a snapshot of the object of interest and matching trade statistics within the AfCFTA tariff offers, and product-specific rules of origin where available.

    The UNCTAD Generalized System of Preferences (GSP) utilisation database provides information on the utilisation of the GSP schemes as well as other trade preferences granted to developing countries and LDCs under GSP, DFQF arrangements, and trade preferences under reciprocal free trade agreements (FTAs).

    UNCTAD serves as co-lead of the

    Consumer protection Consumer protection and competition are jointly addressed in the work of UNCTAD

    Through its Competition and Consumer Policies Programme, UNCTAD works to assist countries in improving their competition and consumer protection policies. It provides a forum for intergovernmental deliberations on these issues; undertakes research, policy analysis and data collection; and provides technical assistance to developing countries. The Intergovernmental Group of Experts on Consumer Protection Law and Policy monitors the implementation of the UN Guidelines for Consumer Protection, and carries out research and provides technical assistance on consumer protection issues (including in the context of e-commerce and the digital economy). UNCTAD’s work programme on consumer protection is guided, among others, by the UN Conference of Competition and Consumer Protection (held every five years).

    Given the significant imbalances in market power in the digital economy, competition policy is becoming increasingly relevant for developing countries. UNCTAD addresses this issue in the Intergovernmental Group of Experts on Competition Law and Policy.

    UNCTAD also runs the Research Partnership Platform, aimed at contributing to the development of best practices in the formulation and implementation of competition and consumer protection laws and policies.

    UNCTAD serves as co-lead of the

    World Trade Organization

    Acronym: WTO

    Established: 1995

    Address: Centre William Rappard, Rue de Lausanne 154, 1211 Geneva 21, Switzerland

    Website: https://www.wto.org/

    Stakeholder group: International and regional organisations

    WTO is an intergovernmental organisation that deals with the rules of trade among its members. Its main functions include administering WTO trade agreements, providing a forum for trade negotiations, settling trade disputes, monitoring national trade policies, providing technical assistance and training for developing countries, and ensuring cooperation with other international organisations.

    WTO members have negotiated and agreed upon rules regulating international trade, fostering transparency and predictability in the international trading system. The main agreements are the Marrakesh Agreement Establishing the WTO, the General Agreement on Tariffs and Trade (GATT), the General Agreement on Trade in Services (GATS), and the Agreement on Trade-related Aspects of Intellectual Property Rights (TRIPS Agreement).

    Digital activities

    Several internet governance and digital trade policy-related issues are discussed in WTO. E-commerce discussions are ongoing under the Work Programme on Electronic Commerce and among a group of 90 WTO members currently negotiating e-commerce rules under the Joint Statement Initiative (JSI) on E-commerce. Discussions focus on several digital issues, including data flows and data localisation, source code, cybersecurity, privacy, consumer protection, capacity building, and customs duties on electronic transmissions.

    As part of its outreach activities, WTO organises numerous events such as the Aid for Trade Global Review and an annual Public Forum, which brings together governments, non-governmental organisations (NGOs), academics, businesses, and other stakeholders for discussions on a broad range of issues, including many relating to the digital economy.

    Digital policy issues

    Telecommunications

    In 1997, WTO members successfully concluded negotiations on market access for basic telecommunications services, which resulted in new specific commitments in the sector for a significant part of  WTO  membership.  These negotiations also resulted in the Reference Paper, a set of regulatory principles for basic telecommunication services that various members have inscribed in their schedules of commitments. Since 1997, the number of members that have undertaken market access commitments on telecommunications and subscribed to the Reference Paper has continued to increase as a result of new governments joining WTO through the process of accession. Under the JSI negotiations, participants are discussing a proposal that seeks to update the provisions of the Reference Paper.

    Digital standards The issue of digital standards is addressed as ‘standards and regulations’ within the work of WTO.

    International standards are important to the global digital economy as they can enable interconnectivity and interoperability for telecommunications and internet infrastructures. The WTO Technical Barriers to Trade Agreement (TBT Agreement) aims to ensure that technical regulations, standards, and conformity assessment procedures affecting trade in goods (including telecommunications products) are non-discriminatory and do not create unnecessary obstacles to trade. The TBT Agreement strongly encourages that such regulatory measures be based on relevant international standards. The TBT Committee serves as a forum where governments discuss and address concerns with specific regulations, including those affecting digital trade. Examples of relevant TBT measures notified to or discussed at the TBT Committee include (1) measures addressing the internet of things (IoT) and related devices in terms of their safety, interoperability, national security/cybersecurity, performance, and quality; (2) measures regulating 5G cellular network technology for reasons related to, among others, national security and interoperability; (3) measures regulating 3D printing (additive manufacturing) devices; (4) measures regulating drones (small unmanned aircraft systems) due to risks for humans/consumers, interoperability problems, and national security risks; and (5) measures dealing with autonomous vehicles, mostly concerned with their safety and performance.

    Cybersecurity

    Cybersecurity issues have been addressed in several WTO bodies. For example, the TBT Committee has discussed national cybersecurity regulations applicable to information and communications technology (ICT) products and their potential impact on trade. In the TBT Committee, WTO members have raised specific trade concerns related to cybersecurity regulations. Some of the specific issues discussed include how cybersecurity regulations discriminating against foreign companies and technologies can negatively impact international trade in ICT products. Proposals on cybersecurity have also been tabled in the JSI on e-commerce where negotiations are ongoing.

    Data governance

    The growth of the global digital economy is fuelled by data. Discussions on how provisions of WTO agreements apply to data flows are ongoing among WTO members. In this context, is particularly relevant, as it applies to trade in services such as (1) data transmission and data processing by any form of technology (e.g. mobile or cloud technologies); (2) new ICT business models such as infrastructure as a service (IaaS); (3) online distribution services e.g. (e-commerce market platforms); and (4) financial services such as mobile payments. The extent to which members can impose restrictions on data or information flows affecting trade in services is determined by their GATS schedules of commitments. Under the JSI, proposals on cross-border data flows have been submitted and are being discussed. These proposals envision a general rule establishing the free flow of data for commercial activities. Proposed exceptions to this general rule are, to a large extent, similar to the existing GATS General and Security Exceptions and relate to, for example, protection of personal data, protection of legitimate public policy objectives, national security interests, and exclusion of governmental data. Issues related to data flows have also been raised by members in other contexts at the WTO, such as in the Council for Trade in Services, for instance, when national cybersecurity measures adopted have been considered by some members as trade barriers.

    Intellectual property rights

    The TRIPS Agreement is a key international instrument for the protection of IP and is of relevance to e-commerce. The technologies that underpin the internet and enable digital commerce such as software, routers, networks, switches, and user interfaces are protected by IP. In addition, e-commerce transactions can involve digital products with IP-protected content, such as e-books, software, or blueprints for 3D-printing. As IP licences often regulate the usage rights for such intangible digital products, the TRIPS Agreement and the international IP Conventions provide much of the legal infrastructure for digital trade.

    These conventions include:

    The role of IP in promoting innovation and trade in the digital age has been highlighted in recent WTO World Trade Reports.

    IP-related issues are also being discussed in the JSI. Submitted proposals include text on limiting requests to the access or transfer of source code. The source code or the data analysis used in the operation of programmes or services is often legally protected by IP law through copyright, patent, or trade secret provisions. The main goal of the JSI proposals on access to source code is to prevent members from requiring access or transfer of the source code owned by a national of another member state as a condition for market access. Some exceptions to this general prohibition have also been proposed. For example, for software that is used for critical infrastructures and public procurement transactions.

    Electronic commerce

    WTO agreements cover a broad spectrum of trade topics, including some related to e-commerce, which has been on the WTO agenda since 1998 when the ministers adopted the Declaration on Global Electronic Commerce. The Declaration instructed the General Council to establish a Work Programme on electronic commerce. In that Declaration, members also agreed to continue the practice of not imposing customs duties on electronic transmissions (the ’moratorium’). The Work Programme provides a broad definition of e-commerce and instructs four WTO bodies (Council for Trade in Goods; Council for Trade in Services; TRIPS Council; and the Committee on Trade and Development) to explore the relationship between WTO Agreements and e-commerce. The Work Programme and the moratorium on customs duties on electronic transmissions have been periodically reviewed and renewed. At its recently concluded 12th Ministerial Conference (MC12) in June 2022, WTO members agreed to reinvigorate the Work Programme, particularly in line with its development dimension, and to intensify discussions on the moratorium, including on its scope, definition, and impact. Furthermore, members agreed to extend the moratorium on customs duties on electronic transmissions until MC13. WT/MIN(22)/32; WT/L/1143

    At MC11 in 2017, a group of members issued the Joint Statement Initiative (JSI) on E-Commerce to explore work towards future WTO negotiations on trade-related aspects of e-commerce. Following the exploratory work, in January 2019, 76 members confirmed their ‘intention to commence WTO negotiations on trade-related aspects of electronic commerce’ and to ‘achieve a high standard out- come that builds on existing WTO agreements and frameworks with the participation of as many WTO members as possible’. Negotiations are continuing among 90 members 90 Members as of end of October 2023: Albania; Argentina; Australia; Austria; Bahrain, Kingdom of; Belgium; Benin; Brazil; Brunei Darussalam; Bulgaria; Burkina Faso; Cameroon; Canada; Chile; China; Colombia; Costa Rica; Côte D’Ivoire; Croatia; Cyprus; Czech Republic; Denmark; Ecuador; El Salvador; Estonia; Finland; France; Gambia, Georgia; Germany; Greece; Guatemala;Honduras; Hong Kong, China; Hungary; Iceland; Indonesia; Ireland; Israel; Italy; Japan; Kazakhstan; Kenya; Korea, Republic of; Kuwait, the State of; Kyrgyz Republic;the State of; Lao People’s Democratic Republic; Latvia; Liechtenstein; Lithuania; Luxembourg; Malaysia; Malta; Mauritius; Mexico; Moldova, Republic of; Mongolia; Montenegro; Myanmar; Netherlands; New Zealand; Nicaragua; Nigeria; North Macedonia; Norway; Oman; Panama; Paraguay; Peru; Philippines; Poland; Portugal; Qatar; Romania; Russian Federation; Saudi Arabia, Kingdom of; Singapore; Slovak Republic; Slovenia; Spain; Sweden; Switzerland; Separate Customs Territory of Taiwan, Penghu, Kinmen and Matsu; Thailand; Turkey; Ukraine; United Arab Emirates; United Kingdom; United States; and Uruguay and are structured under five broad themes, namely enabling e-commerce, openness and e-commerce, trust and e-commerce, cross-cutting issues, and telecommunications. JSI participants have reached a high degree of convergence on e-authentication and e-signatures, e-contracts, open government data, online consumer protection, unsolicited commercial electronic messages (spam), transparency, open internet access, paperless trading, cybersecurity, electronic transactions frameworks, e-invoicing and single windows. Negotiations on electronic transactions frameworks, source code, cybersecurity, electronic invoicing, privacy, telecommunications, and customs duties on electronic transmissions continue. On the margins of the MC12, the co-convenors of the JSI (Australia, Japan, and Singapore), issued a statement underlining the importance of developing global rules on e-commerce and, together with Switzerland, launched the E-commerce Capacity Building Framework to strengthen digital inclusion and to help developing and least developed countries to harness the opportunities of digital trade.

    Access The issue of arbitration is referred to under the issue of ‘market access’ within the work of WTO.

    Information Technology Agreement (ITA-I and ITA-II)

    The ITA-I was concluded by 29 participants in 1996. Through this agreement, participating WTO members eliminated tariffs and other duties and charges (ODCs) on hundreds of ICT products – including computers, laptops, servers, routers, communication devices (i.e. mobile telephones),  semiconductors, semiconductor manufacturing equipment and parts thereof – to foster the development of ICT global value chains and facilitate greater adoption of the ICT products that lie at the core of a global digital economy and power the downstream innovative and competitive capacity of every industry that deploys them. Currently, 83 WTO members are participants in ITA-I, accounting for approximately 97% of world trade in ITA-I products. As technology continues to evolve, ICT is found at the core of an ever-increasing range of products. At the MC10 in Nairobi in 2015, over 50 WTO members concluded ITA-II negotiations and agreed to expand the ITA product coverage by around 200 products. ICT products such as GPS navigation equipment, satellites, and medical equipment were included and tariffs on these products have been eliminated among ITA-II participants. At present, the ITA-II consists of 55 WTO members, representing over 90% of world trade in ITA-II products. The ITA is being discussed in the JSI under the market access focus group.

    Social medial channels test test

    Facebook @WorldTradeOrganization

    Flickr @WorldTradeOrganization

    Instagram @worldtradeorganization

    Twitter @wto

    YouTube @WorldTradeOrganization




    Skip to content