WS #227 Sustainability and Data Protection in ESG Enhancement

Summary

This discussion focused on the intersection of Environmental, Social, and Governance (ESG) principles with cybersecurity and internet governance. Panelists explored how ESG frameworks can address sustainability and cybersecurity challenges in the digital age. A key point was the significant environmental impact of data centers and digital infrastructure, with speakers noting the high energy consumption and carbon footprint of these technologies. The need for more sustainable practices in the tech industry was emphasized, including the use of renewable energy sources for data centers.

The conversation also touched on data protection as a crucial aspect of ESG, with panelists stressing the importance of treating data security as a fundamental pillar rather than an afterthought. The potential use of blockchain technology for enhancing transparency in ESG reporting was discussed, though concerns about its energy consumption were raised. Participants highlighted the need for more specific ESG standards tailored to different regional realities, particularly in the Global South.

The discussion emphasized the importance of multi-stakeholder collaboration in developing effective ESG policies and regulations. Panelists suggested expanding the ESG framework to include cybersecurity explicitly, proposing the acronym ESGC. The need for stronger regulatory frameworks and accountability measures for big tech companies was also discussed. The session concluded with calls for more inclusive global conversations on ESG, ensuring representation from diverse regions, particularly Africa and other developing areas. Overall, the discussion underscored the complex interplay between sustainability, data protection, and cybersecurity in the context of ESG and internet governance.

Keypoints

Major discussion points:

– The importance of discussing ESG (Environmental, Social, Governance) issues in relation to internet governance and cybersecurity

– Challenges around energy consumption and environmental impacts of data centers and internet infrastructure

– The need for more specific ESG standards and regulations related to internet/technology issues, especially for developing countries

– Balancing data protection and privacy with ESG reporting and transparency goals

– Expanding ESG to include cybersecurity (ESGC) as a key consideration

The overall purpose of the discussion was to explore the intersection of ESG principles with internet governance and cybersecurity practices, and to consider how to enhance sustainability and accountability in the tech sector.

The tone of the discussion was generally constructive and forward-looking. Panelists shared insights from their areas of expertise while acknowledging challenges and areas for improvement. The conversation became more action-oriented towards the end, with participants and panelists suggesting concrete next steps and areas for further collaboration and research.

Speakers

– Moderator: Session moderator

– Thais Aguiar: Lawyer and researcher in digital rights from Brazil

– Jasmine Ko: Convener of Hong Kong IGF, Certified ESG analyst, Researcher on eco-internet

– Alina Ustinova: Head of youth Russian IGF, Representative of Center for Global IT Cooperation, Specialist in emerging technologies regulation

– Marko Paloski: Coordinator of IGF Macedonia, Part of Youth Coalition on Internet Governance

– Denise Leal: Part of Youth Coalition on Internet Governance, Brazilian youth program participant

– Osei Manu Kagyah: The Institute for ICT Professionals Ghana, Session rapporteur

Additional speakers:

– Peter Zanga Jackson, Jr.: From Liberia, works for regulator

– Chris Odu: From Nigeria, EC Web Technology

– Nicolas Fiumarelli: No specific role/expertise mentioned

The discussion explored the intersection of Environmental, Social, and Governance (ESG) principles with cybersecurity and internet governance. Panelists examined how ESG frameworks can address sustainability and cybersecurity challenges in the digital age, emphasizing the need for more comprehensive and tailored approaches to these issues.

Environmental Impacts of Digital Infrastructure

A central theme of the discussion was the significant environmental impact of data centers and digital infrastructure. Jasmine Ko highlighted the high energy consumption and carbon footprint of these technologies, while Denise Leal stressed the importance of considering the location and community impacts of data centers. Marko Paloski advocated for the use of renewable energy and efficiency measures to mitigate these environmental challenges. The panelists agreed on the urgent need for more sustainable practices in the tech industry, with a recurring emphasis on transitioning to renewable energy sources and improving energy efficiency in data centers.

ESG Standards and Implementation

The discussion revealed both agreements and differences in approaches to ESG implementation. Alina Ustinova proposed expanding ESG to ESGC, explicitly including cybersecurity as a key consideration. Jasmine Ko mentioned specific ESG standards such as GLI and SASB, highlighting the need for alignment across different frameworks. Denise Leal emphasized the need for ESG standards tailored to the realities of the Global South and called for more specific internet-related ESG standards. This difference in focus reflects the complexity of applying ESG principles globally.

Thais Aguiar argued that ESG reporting should go beyond mere compliance to foster trust, while Marko Paloski stressed the need for government regulation to enforce ESG standards. These viewpoints suggest a shared recognition of the need for more robust ESG implementation, albeit with different emphases on voluntary versus regulatory approaches.

Cybersecurity and Data Protection

The discussion highlighted data protection as a crucial aspect of ESG, with panelists stressing the importance of treating data security as a fundamental pillar rather than an afterthought. Alina Ustinova, drawing from her experience in “the most attacked country in the world in terms of cyber attacks”, proposed implementing laws with criminal liability for data breaches. This suggestion aligns with the broader call for stronger regulatory frameworks and accountability measures for big tech companies.

Multi-stakeholder Collaboration and Inclusivity

Speakers emphasized the importance of multi-stakeholder collaboration in developing effective ESG policies and regulations. Jasmine Ko stressed the need to align expectations across stakeholders on ESG reporting. Denise Leal advocated for including marginalized communities in creating ESG standards, particularly those tailored for Global South realities. This focus on inclusivity was echoed by audience members who called for stronger representation from diverse regions, particularly Africa and other developing areas, in global conversations on ESG.

Actionable Steps and Future Directions

The session concluded with several suggested action items:

1. Expanding research on eco-internet impacts across more regions

2. Pushing to change ESG to ESGC, emphasizing cybersecurity as a key component

3. Developing ESG standards specific to internet governance issues

4. Creating regulations with criminal liability for data breaches

5. Implementing a more human-centric approach to ESG and internet governance

The moderator also noted an upcoming session on e-waste solutions, highlighting the interconnected nature of these sustainability challenges.

In summary, the discussion underscored the complex interplay between sustainability, data protection, and cybersecurity in the context of ESG and internet governance. It highlighted the need for more nuanced, inclusive approaches that consider regional contexts, leverage technology responsibly, and balance voluntary initiatives with regulatory frameworks to drive meaningful progress in this critical area. The session also revealed the need for further education on ESG concepts, particularly in relation to developing countries, and emphasized the importance of diverse global representation in shaping future ESG standards and practices.

Moderator: Please welcome to proceed and welcome the speakers. Hi, everyone. Yes. We can hear you. You need to unmute your mic.

Thais Aguiar: Hi, I’m Thais lawyer in Brazil, lawyer and researcher in digital rights for me it’s a pleasure to be here with you today, and also with my dear friends and fellows in the panel hoping to have a great discussion today. We’re talking about the ESG and privacy and data protection, and hope you enjoy this panel with us.

Moderator: Thank you very much so allow me to please introduce my speakers. I’ll start with you Jasmine, please introduce yourself. And then when we are done with our side speakers will move to online.

Jasmine Cole: Hi, everyone. This is Jasmine Cole, I based in Hong Kong so I’m a convener of Hong Kong IGF. Also I’m affiliate with ISO Hong Kong and also Asia. So I’m now also, you know, Cisco, which is certified ESG analysts. So it’s a cert that get recognized on, you know, doing the ESG governance and analysis work. So, also I am a researcher and project leads on the eco internet in. And that’s, that’s how I find the relevance between sustainability and also the IGF.

Alina Ustinova: Thank you. Hi everyone. My name is Alina cinema I am based in Moscow. I’m the head of youth Russian IGF, and also I represent Center for Global IT Cooperation. We do researchers on different topics covered IT, and especially emerging technologies. So I specialize in emerging technologies regulation and the emerging technologies topics that are brought to anything connected with new technologies. And I also try to bring these topics to the youth and to let their opinions be heard among Russian legislative and also different experts. And we also try to cover ESG as well. It’s not like so popular in Russia though, but still there are many opinions about it and we try to bring them up today.

Marko Paloski: Thank you. Hello everyone, I’m Marko Pauski coming from Macedonia. I’m coordinator of the IGF Macedonia and also part of the Youth Coalition on Internet Governance here. I would say this topic is, I’m, how can I say, this year I got in this topic, but as previously mentioned also in Macedonia, this topic is not that much talked about, but now the private sector, especially the international organization and corporation that are here are starting to implement this or request this. So that’s why I’m also getting interested in trying to get involved in this topic because it’s, how can I say, in the future must, and also to implement it as better as possible. So, yeah.

Denise Leal: Thank you very much, Denise. Hello everyone, I hope you are hearing me well. It’s a pleasure to be here with you today. We are talking about this important topic, ESG, and you might question yourselves, what does it mean? Why are we here talking about this? And you will soon discover it. I am part of the Youth Coalition on Internet Governance. I am Brazilian and I was part of the Brazilian… youth program. I am happy to be here. I am also part of the YouthLock IGF organization team. And well, we’ve been diving into so many discussions and it’s really important and really nice that we do have sustainability as a topic in this IGF. I am looking forward to our discussions and I am also happy that we have teams in our room. Welcome everyone. It’s so important that we have an inclusive and also a sustainability session.

Moderator: Thank you very much, my dear panelists. We’re also joined with our rapporteur. His name is Osei. So he’s here. He’s going to take notes on whatever they were going to be discussing. So on this session, we’re going to explore two main critical fields. So the first, we’re going to see how cybersecurity can also enhance transparency, but also safeguard personal data and how this ESG can also, I mean, cybersecurity can enhance sustainable practices. And we have three policy questions that are going to be guiding the discussion today. And I’ll just mention them, but then when I go to a specific speaker, I’ll ask specific questions to each one of them. So the first policy questions that we’re going to be considering says, how do we, why do we need to discuss the ESG in an governance forum? What are sustainability and cybersecurity challenges in ESG systems and how can technology verify and check information accuracy in reports? So moving directly to my first speaker and I’ll start with you, Alina. And my question to you is why are we discussing ESG in governance? Why is it important for us to discuss ESG in governance?

Alina Ustinova: Well, I’ll try to be brief because I would like to share more details like later, but I think that it’s, as you see, like if you look at the name of the topics, we barely discuss ESG. It’s usually connected with some kind of ecological thing, like the infrastructure that is destroying some of the ecological specifics. And especially, for example, in Russia, we have a digital north thing, which is where we try to put our center for data because it is cold and we can protect it there. But still, we should understand that it could be really damaging for the ecological system there and we should also consider everything that goes because sometimes we do not consider this. Sometimes we think that the phone we use, sometimes we throw it away and never look back what happens to it and where it ends up on some kind of a storage. As you know, there is a big, big technological dumpster in one African country and unfortunately, there are a lot of broken and forgotten things that we do not consider. And five years from now, we probably can be in a very dangerous, risky situation. This is why we should talk about ESG in the first place. And of course, the second is kind of cyber security, but we’ll talk about it a little bit later. Thank you.

Moderator: Okay, thank you so much, Alina. Jasmine, you mentioned that you’re ESG certified, right? So, how do you see the current ESG framework address the issue of sustainability and cyber security challenges?

Jasmine Cole: Right, thank you very much. Actually, for what different people have different understanding, knowledge level of ESG, but just to be very brief, within the ESG framework in the social center, the second letter, when it comes to social equity and also the cyber security level, how safe, how people feel safe and how inclusive is internet center and also the service they’ve been using is actually part of the many, many, many index within the ESG framework. But the ESG framework itself has its limitation as well, because as you know, we do have different ESG framework being used such as a GLI, Global Reporting Initiative, second one, SASB, the Sustainability Accounting Standards Board, also the TCF, TCFD, the task force on climate-related financial disclosures, so et cetera, et cetera, just so many standards that people are using. I’m just mentioning those which are more common to use. And actually, if you don’t mind, I want to jump a little bit back on what Anina mentioned about the damage on the ecology from the internet sector itself. Because it involved data center. It involved the operation of it. The energy consumption, the amounts being very soaring. Because we need cooling, we need heating, the system itself, the infrastructure to manage the data center. And this is actually part of the research that I’ve been doing, that eco-internet index. We’ve been mentioning the carbon footprint of the data center across 14 Asia-Pacific jurisdictions. So we’re looking into continuing the research and also to expand it to more Pacific islands and to further Asia. Because mostly now, we are just around the east and the southeast Asia, but not yet to the West Asia. So we’re looking forward to expand our research scope on that one. Last thing to add on. So why we talk about ESG? It sounds like a very commercial term in IGF. But the important is that if you have noticed the reason why people start to do ESG is because we care about the environment. And we need to acknowledge that there is always a carbon footprint when we are into this internet sector. And whoever here, we’re using a laptop, we’re using the screen here, we’re using the light tank here, you know. Wow, actually a lot of things, even just the event itself, it’s consuming a lot of energy. So it is just an affordable topic. And impacts that actually have on the environment. And it is under the big umbrella of sustainability. And I just want to wrap a little bit, this, the effort of sustainability have actually been done, been doing by the ICANNs, ITF, ITU, and of course, my organization as well, DotAsia. So I just want to recognize that there have been works that have been done on sustainability and related to the IGF community.

Moderator: I’m thinking very much, Jasmin, that was really insightful. So when I’m speaking about the ESG issue, another important aspect is data. Like data protection and all that. So now to you, Marco. In what ways can technology verify and enhance accuracy on sustainability reporting while protecting personal data?

Marko Paloski: Hello, thank you for the question. And yeah, I would say it’s a good question. I would give here some, okay, a few examples, how can we use the technology for better accuracy and also verifying the stuff. The first one that is also under tests and development, it’s what we can do is also use the blockchain for transparency and also seeing, I mean, this technology can provide good records of the ACG-related data, such as supply chain, compliance, or emission reporting. Another thing that it also is the IoT sensors, because especially for those kind of data, sometimes we use IoT in the, like we mentioned, in the data centers, in the rooms that we are using, or in the model, not models, but the hardware stuff that we are using because of the consumption of energy or other stuff. So it could be used to monitor and to see the precise data and accuracy. Also we can use, I mean, the topic AI for a part-time detection, because we can see if over a long period of time, if something changed or if drastically changing to check it out if it’s, I mean, that’s the accurate data or something else. About the protection of the personal data, I would say as the previous examples, maybe we use encryption because of these data is very crucial, especially some of the data might be, how can you say, in the process, because some of these data might be publicly available, anonymized, so it can be protected in some way from the data and privacy. And yes, tools or different privacy or federal learnings analysis for sustainability data without exposing individual level details, like I mentioned. Sometimes this information could not be publicly shared with all of the details. I would also want to revert to the question that was, I mean, the first one, but what she also mentioned. I was reading one research analysis on how in the past, because five, 10 years ago, it was promoted to use cloud or something. You want to save, like, don’t buy a CD. You can have a cloud service where you can watch whenever you want. And the cost from production for everything for that CD to come will cost the environment. But now that’s, I think, the smaller issue. If you buy a CD, for example, I get the CD and DVD, you are maybe saving more the earth than using the stream services. Because someone on the stream services always is watching. Or you don’t need to watch it to scroll. I don’t know. There was, like, every click or every sent email on the internet costs energy. Maybe not you, because maybe I will use it with a phone, which uses less consumption than a laptop. But the service in the background uses more consumption than what we are currently doing and what we have in the past doing. So I think it’s a crucial thing. And it’s getting more and more bigger, especially how the data centers are managed. I mean, built. I don’t say that we need to stop building this, but to find some way. Because even if there is no data center, of course, there are a lot of servers. But the data centers are the one big black hole for energy or something like that. So yeah, I just wanted to point out that time is literally changing. And now not everything that we do in the cloud is like, oh, I’m not using that laptop or, I don’t know, TV or DVD for streaming. So I’m saving energy. Maybe you, yes, but the data center is spending much more energy and environment, I would say. Yeah, thank you.

Moderator: Well, thank you so much, Marco. So picking up from the same discussion, I want us to talk more about the data conception of this. I mean, the conception of these data centers. And Denise, now, coming to you. How can we address the environmental challenges associated with the energy consumption of data centers and communication networks? So we have seen Jasmine and Marco have spoken about the data conception of these data centers. So what would be your? Toru on that.

Denise Leal: Hey everyone. So when it comes to ESG topic, we have to understand that ESG is a standard for sustainability, but not only environmental sustainability, but also governance and social sustainability. We talk, when we talk in technology, what is ESG and why we discuss it. We need to discuss the standards of sustainability, social, environmental and governance sustainability, because technology has a huge impact in all of these categories and has changed how we live in society, how we work and with what we work and also has a huge impact in environmental environment. And then we come to this question that is related to energy consumption and data centers. So we have lots of topics related to data that are important here, the reports and other aspects, but specifically talking about energy consumption, we need to consider it as Marco said very well, maybe it was more sustainable to use CDs or DVDs than to use the way we storage data now and informations, because we really use not only energy, but a lot of space and physical space. Many people don’t really understand that when they are keeping their photos online, they are actually using another space that is located in another part of the road. And sometimes in a very important aspect is where are we using this, where are being this data center? indicators are located and what are the environmental impacts and in which communities are these impacts? Because sometimes we think that the way we are impacting the world with the exploration of the environment and the exploration for technology use, it’s well, it’s not seen in other places, but it’s really well seen, especially in marginalized countries where we get the, where we mine to get the important things we need to build our technology and where we storage places that build the technology and this internet that we have now. So it’s important to consider in ESG that the impacts of internet are not so obvious and they need to be considered in these standards. So what I think when it comes to internet governance and what I’ve seen reports is it’s easy to say beautiful things in the reports, in the sustainability reports, but we need to pay attention because when it comes to internet, it’s not, it’s not so obvious that we have another kind of impacts and specifically we need more standards related to internet use and internet aspects because we don’t have enough standards that could take care of this kind of impacts. So what I wanted to call the attention and call for action that I would like to leave in this talk about energy consumption of data centers and communication networks is that we need to pay attention on how we build technology, how we build and how we spend our and use energy and we need to have more specific standards on internet issues and aspects related to ESG. because ESG is a tool to, how can I say, secure, verify and check if enterprises are working well and in a sustainable way. But it’s very easy to work well when you don’t verify internet issues and other aspects of cybersecurity and how you actually make the reports and what you were really caring about when you make these reports. Thanks. I think I talked a lot. I hope it was clear.

Moderator: Thank you so much for that. Jasmine, what ethical considerations should organizations prioritize when aligning cybersecurity practices with ESG goals?

Jasmine Cole: Thank you. It’s not an easy question to answer on because, you know, a little bit similar with what Dennis has been mentioning. When it comes to reporting, it always has to look good. And, you know, the people, the consultant that you pay for doing the ESG report, they get your money. So, you know, you can imagine like what could be their incentive, you know, how much, sometimes there’s like a tricky dynamic in between on data accuracy and transparency. And the considerations when it comes to linking up cybersecurity and ESG, it’s, I think it’s about the organization itself. The leader have to have a clear alignment with their stakeholders, including their employee, including the community they serve, their customer, the supply chain, the upstream, the downstream. They have to be more using a multi-stakeholder approach like the IGF doing something like that. Come to an expectation alignment. Second thing, when it comes to buy-in, it’s important to think about what could be the pain point from each stakeholder when they have to report on the level of, you know, cybersecurity standards and to check the box of different, and that’s when we talk. about cybersecurity level. First thing is about, I think I’m losing track, but I think first thing is about the incentive. So after the pinpoint, it’s about the incentive. So how could you motivate and encourage people to do extra work to measure the data, measure the performance, track it, and trace it? A lot of work have been behind the scenes, actually. A lot of cost, a lot of time involved. So it’s a long and could be a painful but rewarding process in the long term for sustainability of the organization. Sustainability in terms, not just in terms of environmental sustainability, but also the business sustainability. Because nowadays, the business center itself, now it’s a big trend to write on ESG. But of course, we have to remember that there’s also risk and concern about greenwashing. So it’s another topic. I’m not going to talk more about it. But it’s good that we acknowledge there are risks and concerns. This is how we move forward constructively.

Moderator: Thank you very much, Jasmine. Now I want to open the floor to the participants. If you have a contribution from whatever that has been discussed up to this point before I move, I get deeper to other questions. Can you help me pass the mic back there?

Audience: Firstly, my name is Peter Zanga Jackson, Jr. I’m from Liberia, a developing country. And during the opening section, we were told that IGF, no one should be left out. And so when the first orator started her deliberations, she spoke about EGS. And you said you would tell us what EGS is. And she started to talk about EGS, but she didn’t tell us what EGS was. OK, I’m from the regulator. How do I? use the concept of ESG, excuse me, ESG, such that it benefits the society in which I serve. So this is where my little frustration or confusion is. I thought I’d let you know.

Moderator: Okay, so first, if you, before I leave it to my panelists to elaborate more, so first, I think I mentioned earlier that ESG stands for Environment, Sustainability, and Governance. So the discussion that we are having today is about that too, in relation to what? Environmental, social, sorry, Environment, Social, and Governance. So we are talking about ESG in relation to cybersecurity today. So do you guys want us to speak more, Denise? Denise wants to talk.

Denise Leal: Yeah, thank you, Thais and Milenio. So answering to his question, I think it’s an important question. ESG is not always an easy and common topic among many countries and many places. I remembered when I used it to work doing the reports, it wasn’t easy to see how it impacted people’s lives, but it does impact when it makes enterprises think about how they are being sustainable, not only in the environmental way, but also in the social way and the governance way. When it comes to governance, it’s the internal structure of the enterprise. So how they, if they have governance tools, if they have security, but not physical security, the security in a way, their processes are secure and safe in many ways. They don’t have corruption and things like that. But when it comes to social, it’s when we see the impact. in people’s lives because we have a lot of standards that are related to the impact in the society. So if we work with NGOs, if we have allocated money to the society, if we give back what we are receiving in our work, in what we are selling and stuff like that. When it comes to environmental, it’s the easier way because we usually associate, we used to see the word sustainability as an environmental word. But it’s not only an environmental word, what is to be sustainable? This is the discussion, this is the idea, to be sustainable is not only to be sustainable in environmental, but also in society, in our governance model. So the discussion here in this session, we are focusing more in cybersecurity, in data centers, in this stuff because it’s internet governance related, but we can see a lot of impact in other places too. And when it comes to internet, we can see, we could elaborate a lot. But what I wanted to ask, to answer for you, to your question is, we don’t have a lot of regulations in many countries. Many countries don’t talk about ESG, but we do have these internal policies in their enterprises that used to help them to get funds because they have ESG standards, they are accomplishing with it, they have sustainability. So what I think we can do as civil society and as government is, if we explain, if we have more understanding of ESG, we can assure, we can accomplish with the standards within the enterprises because they want to accomplish it, because they will get money and fund. from accomplishing it, so how we can develop more standards that will be useful for us, and they will get benefits from accomplishing them, and we as civil society and government will get also benefits from them to accomplish it. I don’t know, I think it’s clear now. I hope it’s clear now.

Moderator: Is that clear? Yes, Denise. Okay, perfect. I’ll take one more from on-site, and then we’ll move to online. So I’ll take one more from on-site, and then we’ll move to online. Yes. Okay, good evening, ladies and gentlemen.

Audience: I hope I’m audible. Okay, my name is Chris Odu from Nigeria, EC Web Technology, and my question is for one of the panelists, which is Marco. I think I’m glad to be having, I’m part of this conversation, and one thing you talked about which caught my interest is blockchain technology. You did mention you want to use, talking about blockchain technology for transparency of the data, which is a very good thing, but however, I do have some concerns because for you to be able to use the blockchain technology, you need blockchain nodes on the network, and these nodes actually consume a whole lot of energy. Okay, so that’s a bit contradictory, so I would like you to just help me with that so that I’m not, I don’t find myself in a lot of confusion. Thank you very much, okay.

Marko Paloski: Yeah, thank you for the question. What I mentioned is that it’s also in the testing phase and those kind of things, but the idea was to use on the lower edge, like on the Internet of Things, to use the blockchain for secure and accurate transmission of the data, to use on that kind of stuff, so I totally agree with that, and I sometimes got in the conflicts when discussing about blockchain and there’s now the electronic. money and those kind of things but not always all the blockchain technology doesn’t mean that it use that much power and data I mean we are using we are seeing the Bitcoin and those kind of stuff which is your consumption a lot but not every aspect and how it’s implement depends on on that but it’s still in Texas face so I never try it I mean this is from what getting through and the research so but on that point

Moderator: please let me move to online and then get back to the last one side so tight

Thais Aguiar: so thank you mark and indeed those were important considerations for us also we see here that as Denise said we need to discuss sustainability in a broader meaning for us as stakeholders to understand and implement ESG in the way the society needs and wants for sustainable development in a broad sense so bring some additional points on data protection and ESG we see that data protection is a cornerstone of ESG principles especially as organizations increasingly rely on digital systems to manage sustainability and governance efforts so when you see poor data governance or breaches not only in undermines trust but also compromise the integrity of ESG reporting so this raises critical questions about accountability in data stewardship so our organization treating data protection as a fundamental ESG pillar or is in an afterthought in their sustainable strategies so I wanted to leave this provocative question to Alina to so that Alina can share with us how can we assure that ESG commitments to data protection go beyond compliance to actively foster transparency trust and long-term stakeholder engagement so thank you I think this for the question

Alina Ustinova: I guess it’s like a very important issue I will speak from my personal experience I come from I come from the most attacked country in the world in terms of cyber attacks I guess my data my personal that has been five times stolen and sold to someone I receive lots of calls that I don’t take because it’s from numbers I don’t know just because there’s lots of breaches to the system and it’s not because like my data is not protected well but probably because like it’s so much attacked so that We can understand that probably what the companies don’t just don’t need to consider only ESG I guess we should move from ESG to ESG C Where C stands for cyber security and to implement these standards because it’s not only about cyber security companies that protect our data It’s about the cyber security issue in each company that protects our data as well. We should consider that Each company should be responsible for the data it stores not only in data centers, but also we use computers we use internet social media everything and everything that we use has its own creator and the company that is responsible for everything we have because if For example, your phone is stolen. It’s not just the phone you can buy a new phone You can restore his data but if your data is stolen, it’s basically like your personality is stolen if someone can use it to Pretend to be you to use your bank account to steal your money So what we did in Russia, we implemented a law but companies not just pay penalty If this data is stolen, it has a criminal liability for the data stores So I guess that one of the question one of the answer to this question is to have implemented a law which considers that company A crime criminal liable for everything they do with your data because otherwise they will not complain Unfortunately, the big penalties. It’s not a issue for them They can pay they have lots of money, especially the big tech companies but probably if they have something like you will be sent to jail so like some years or you will be your Company could not work. For example on the on this market if you do not complain to the law I guess this something that they can listen and sometimes we Need to do very very risky and destructive things to make them, you know, listen and complain. Thank you

Moderator: I wanted to confirm with you. Is there any contribution from online speakers? I mean from online attendees If you can help me check the chart All right. If we don’t have a line, then we can move on site. Osei. Thank you.

Audience: Thank you very much. I hope I’m audible enough. So this topic is quite interesting in the sense that how can we hold big companies accountable or, say, big tech accountable, and it’s such a very delicate matter. It seems that we are plundering our environment. And my question to my able panelists here is that in a few sentences, two lines, what is the way forward? So let’s bring finally to the conclusion, we are at the top of the hour, right? So I want to hear from my panelists, what do we need to do moving on? Like ask now both things we need to do. Thank you.

Moderator: Are any of the panelists ready to respond?

Alina Ustinova: As I said, I guess we need to change ESG to ESGC and try to move it to every possible panel we can, because otherwise they will just talk to ESG and think it’s more about ecological thing, as we usually think, and not like social thing. Because sometimes social governance are not like, you know, they don’t bring it up. They usually stand only on E, on environmental, and others are just forgotten. So if you set ESGC, that means that they will consider also data protection as well. That’s my point.

Jasmine Cole: Okay, thank you. So perhaps from the very grassroots individual level, it’s to, like for the audience here, to rethink what we’ve been talking about, and try to digest and reflect on how, you know, how does it make sense or not make sense. You know, you can always criticize on many things that you’ve been listening, because it’s about your own judgments. And it’s also about your personal experience. And now it’s like your homework to think about how do you convert the information that you absorb, transform it into something that you can do as an output. So the very, very general term is to keep paying attention, you know, like follow the trend. You know, there are some work that’s been done by different organizations. I mentioned in the beginning, so you can always search it up online. And for my part is to continue doing my eco-internet research. And as I say, we are expanding our research scope, and also to refine our research methodology. So always finding a way to improve, and also bring ESG into IGF, and also bring IGF and cybersecurity into the ESG center. So the major agenda that is in our mind is to integrating and fostering collaboration and dialogue between the two segregated kind of segregated center of ESG and IGF. So that’s my moving on. Thank you.

Moderator: All right. Do you want to say?

Marko Paloski: I will give it a few words. I mean, it’s a very good question because, yeah, we are finally discussing, but what is the next step forward? I mean, we cannot change it from here, but how we see. I would say maybe because the data centers, they will be growing. I mean, the next years, not just the big tech companies, but we now see that the countries are building. Other smaller companies, everyone is, how can I say, going to debt because of the services and data requests. I would say maybe the first thing is going with renewable energy to try to use that, and maybe build data centers where there are a lot of sun, or maybe that you can later use it for electricity and all those kind of stuff. But what is important here, not with just renewable, but also with other, I would say that the government and the policymakers should get bigger role here because, yeah, we agree that we’re going to do this, and it’s better. And the companies are sharing a lot of, I don’t know, like saying to 2030, we’re going to be 100% renewable, those kind of things. But how many people know if they are exactly doing this in the details? So I think that there must be some. kind play of the government and policy makers to make this regulation. Okay, 2025 all data centers must be, I mean 2025 is so close, 2030 all the data centers must be renewable or must have this, more of this kind like a strict regulation because there are still five years to the R6 actually, but to have to implement because without regulation or like we are doing sometimes I think with the plastic in the ecosystem where yeah we need to stop plastic doing but nobody is doing, I mean it’s reverting to the person of course, also we should be, how can I say, mindful how we are using the technology and everything because sometimes we are so used to it, we are using, I don’t know, you play YouTube song on your computer whole day and you’re not even listening, why is that or something like that, but my point is that we need to have some kind of regulation here so to make more strict and to get more serious because like this yeah every company is like mentioned going with the trend but if I don’t want I won’t go with the trend and nobody will do anything to you, yeah might be costly, sometimes it can be cheaper not to go with the trend but nobody is getting, how can I say, how can I say, for that that you are not following the regulations or if it’s not in the policy, yeah that would be my answer. Thank you

Denise Leal: yeah thank you Milenium, just a few words, what I wanted to very much, I wanted to say something, to give us my topic in this discussion is that I believe and I see that we need regulations that are made for and in the global south, we use standards, sustainability standards that usually comes from Europe or USA but we need to create also specific regulations that are related to the reality of global south. And why am I saying that? Because we have these groups, these communities, traditional communities, indigenous and people that have very different realities and they need to be considered in what it means to be sustainable. In ESG or other discussions, so that to happen, we need to better work and improve in regulations, law and policies made by these people. We have to stop using only regulations that come, types of regulations and models of regulations that come from a part of the world and apply it everywhere and sometimes it doesn’t really protect specific interests of people who are so marginalized. So I would recommend that we start reading and understanding also what these communities have to say about these discussions on sustainability and that could be used also in other topics, not only ESG.

Moderator: Thank you so much, Denise. I think that’s really an important point. I think there’s this approach that is called the human-centric approach. So I think that that should be something that we can consider in this kind of a discussion, have people who are affected in these kind of fields, all the stakeholders that are involved in these kind of issues, put them in the table or in the room all together, discuss, understand their needs and then all together come with a solution that we think may work and help us. Yeah, so I want to close the discussion but before I do that, I wonder if any of my panelists, one or two, can help me suggest what actionable steps can stakeholders, let’s say be it the government, the civil societies or the technical communities, use to enhance transparency and accountability in sustainability reporting?

Thais Aguiar: If I may add to Melania’s question, to complement, I would like to I ask you all also, in terms of actionable points, what role should global regulatory frameworks play to harmonize ESG, data protection, and cybersecurity standards across different regions to ensure consistent and equitable implementation?

Moderator: So again, any of the panelists who is ready to take any of the two questions? Mine was the steps that the stakeholders can take to enhance transparency and accountability. Well, you are not easing on us.

Audience: So the question of collaboration, I would say, with stakeholders and government is quite a tricky one, because it’s all about interest. Yeah, it’s all about interest. The big technology, I would say, industry will always have their interest. Government will also have their interest. But that’s where we need to push for the advocacy. That’s where all of us in this room, that’s all of us interested in saving our environment, interested in pushing this cause. We need to push this topic to every corner of the world and holding our leaders accountable, holding industry or, say, stakeholders accountable. That’s the only way we can make progress or we can move forward. But if you are to leave it that way, or, say, if you are to freestyle, your guess is as good as mine. Thank you.

Moderator: OK, Nicolas, you had something to say?

Nicolas Fiumarelli: Hello, everybody. Nicolas Fimarelli. I may revamp the issue about the blockchain, because you can use blockchain to actually accurately measure if, in real-time, you can actually do something like this. real-time if the ESG parameters, right? So that could be a way to disclosure if an organization do this false ESG or quick quick fixes to fit on the ESG reporting, but then on the long term they are not like complaining, right? So if you have a way to measure and to have a real-time blockchain having this information, you will actually disclosure if this organization is not complaining with the ESG.

Moderator: All right, okay now since I don’t have, is there anyone want to contribute before I move to a rapporteur to help us summarize what we have discussed?

Denise Leal: Yes, just to to add something to this question that Thais has asked us about harmonizing the global regulatory frameworks and harmonizing ESG data protection and cyber security standard across different regions. I think that this ESG is pretty global actually and it’s used across the globe. The same, they’re very much the same standards. But what I think we need is to have more specific standards depending on the realities of different regions. So I would not say that we need always to have the, we could and it’s good to have global standards but we also need to have specific standards that apply to different realities. So in terms of how we explore these countries and how we protect these countries and how we make this in enterprises sustainable in each different reality because it’s very different when you were talking about a place that have traditional people who are impacted very differently and have a very different relation with nature and society. So we need there also to consider these different realities, to create different standards, to be more effective in protecting and being sustainable. That’s what I wanted to add. Thank you.

Moderator: Thank you so much to my panelists. And before we close, I would like to invite our rapporteur to summarize for us what we have discussed.

Osei Manu Kagyah: It’s been such a forward-looking conversation. I hope we’ve all enjoyed ourselves. I wanted to make it quite interactive, actually. I’ll come to the summary. So I’m going to take a step here and go out there and hear a word from our participants, and also their interventions or suggestions. And I’ll make a quick run-up. I think we still have a few minutes. So just a few words from our participants, what they have to say about this. Would you like to contribute to this topic?

Audience: Thank you. I like your idea that you discussed today, that regulation and input should be at different levels. Alina told about very top level of contributing cybersecurity to ESG problem at the level of international and from intergovernmental perspective. Another of our colleagues told about implementation into local regulation synchronized in between the regions and between different countries. Another one topic I’ve heard about implementation in the corporate level, in the individual responsibility of each company, not just to find the reasons and to find arguments not to do so, but to find the resources, find the energy to implement the proper standards, despite the fact they are not set up into the regulation. Thank you. Thank you very much. Okay, I think I’m audible. I don’t want to say much, but for me, when I want to speak, I would like to focus more on my primary constituency, which is Africa. I think we should have more collaborations to see that Africa also comes into this kind of conversations, and like the other participants also said, no one should be left behind. How can we include everybody so that these conversations do not just remain in some certain areas of the world, but also extend to other continents as well, least developed and other categories as well. So that’s my own contribution I would like us to just do, and the key word is collaboration, more collaboration. Thank you. Thank you very much. What an amazing end to a very

Osei Manu Kagyah: fruitful discussion. So I then proceed to my reporting. So this topic is quite exceptional in a sense that globally, ESG concerns has been gaining prominence with this rapid growth growing cyber security industry. Both industries are emerging on our way into session, but seldom in these discussions are these perspectives be open » Thanks. We got a fair idea how the cycles are which are in tela data and comes from the data centers , and we had a fair idea of blockchain could be explored, that’s why we had a fair idea of data protection, transparency in reporting ESG, and also most importantly, awareness and effective communication we need around ESG topics. We also had a fair idea of how the conversation should be moved from ESG to ESGC, and not more about the ecological, but also the data protection. We dovetailed into that conversation, more research, more advocacy, and fostering collaborations. Renewable energy could be also explored. So it has been such an insightful conversation, and we hope to continue this conversation through further future discussions and other sessions which seek to explore. I think tomorrow there’s a session on effective e-waste solutions for a sustainable digital future, where Yasmin is the speaker, and just pass by and we can further move this conversation.

Moderator: further. Thank you very much. Over to you my able moderator. Thank you so much, our dearest rapporteur. That was well noted. So I would like to thank everyone for attending this session and much appreciation to my panelists and my online moderator. Thank you so much, this was very interesting. Have a nice evening. Thank you all. Denise, can we take a picture together everyone? Yes, please. For the online. Bye. Thank you all. Thanks, everyone. Bye. . . . . . . . . . .

Agreement Points

Importance of ESG in Internet Governance

Alina Ustinova

Jasmine Ko

Denise Leal

Thais Aguiar

ESG impacts environmental sustainability of internet infrastructure

ESG frameworks address social equity and cybersecurity

ESG standards needed for internet-specific sustainability issues

ESG reporting should go beyond compliance to foster trust

The speakers agree that ESG is crucial for internet governance, addressing environmental sustainability, social equity, cybersecurity, and fostering trust in the digital ecosystem.

Environmental Challenges of Data Centers

Jasmine Ko

Marko Paloski

Denise Leal

Data centers consume significant energy and have large carbon footprints

Renewable energy and efficiency measures needed for data centers

Need to consider location and community impacts of data centers

The speakers concur on the significant environmental impact of data centers and the need for sustainable solutions, including renewable energy and consideration of community impacts.

Technology for ESG Reporting and Data Protection

Marko Paloski

Nicolas Fiumarelli

Blockchain can provide transparent records of ESG data

IoT sensors can monitor precise sustainability data

AI can be used for anomaly detection in ESG reporting

Data encryption and privacy-preserving analytics needed

Use blockchain for real-time measurement of ESG compliance

The speakers agree on the potential of various technologies like blockchain, IoT, and AI to enhance ESG reporting accuracy, transparency, and data protection.

Similar Viewpoints

Both speakers emphasize the need for strong government regulations and enforcement to ensure compliance with ESG and data protection standards.

Alina Ustinova

Marko Paloski

Implement laws with criminal liability for data breaches

Government regulation needed to enforce ESG standards

Both speakers advocate for more inclusive and diverse approaches to ESG standards and reporting, considering different stakeholders and global realities.

Denise Leal

Jasmine Ko

Create ESG standards tailored for Global South realities

Align expectations across stakeholders on ESG reporting

Unexpected Consensus

Expansion of ESG to include Cybersecurity

Alina Ustinova

Jasmine Ko

Move from ESG to ESGC to include cybersecurity

ESG frameworks address social equity and cybersecurity

Despite coming from different backgrounds, both speakers unexpectedly agree on the importance of integrating cybersecurity into ESG frameworks, suggesting a growing recognition of digital security in sustainability discussions.

Overall Assessment

Summary

The speakers generally agree on the importance of ESG in internet governance, the environmental challenges posed by data centers, the potential of technology in ESG reporting and data protection, and the need for more inclusive and enforceable ESG standards.

Consensus level

There is a high level of consensus among the speakers on the main issues, with some variations in emphasis and approach. This strong agreement suggests a growing recognition of the interconnectedness of environmental, social, governance, and cybersecurity issues in the digital realm, which could lead to more holistic and effective approaches to internet governance and sustainability.

Different Viewpoints

Approach to ESG implementation

Alina Ustinova

Denise Leal

Move from ESG to ESGC to include cybersecurity

Create ESG standards tailored for Global South realities

Alina Ustinova advocates for expanding ESG to ESGC to include cybersecurity, while Denise Leal emphasizes the need for ESG standards tailored to the Global South’s realities.

Technology for ESG reporting

Marko Paloski

Nicolas Fiumarelli

Blockchain can provide transparent records of ESG data

Use blockchain for real-time measurement of ESG compliance

While both speakers advocate for blockchain use, Marko Paloski focuses on transparent record-keeping, while Nicolas Fiumarelli emphasizes real-time measurement of compliance.

Unexpected Differences

Focus on data centers vs. broader ESG implementation

Jasmine Ko

Denise Leal

Data centers consume significant energy and have large carbon footprints

Need to consider location and community impacts of data centers

While both discuss data centers, Jasmine Cole unexpectedly focuses on energy consumption and carbon footprint, while Denise Leal emphasizes community impacts, highlighting different priorities within the same issue.

Overall Assessment

summary

The main areas of disagreement revolve around the approach to ESG implementation, the role of technology in ESG reporting, and the focus of ESG standards (global vs. regional).

difference_level

The level of disagreement is moderate. While speakers generally agree on the importance of ESG in internet governance, they differ on implementation strategies and priorities. These differences reflect the complexity of applying ESG principles globally and could lead to challenges in developing universally accepted standards and practices.

Partial Agreements

Both speakers agree on the need for more specific ESG standards, but Marko Paloski emphasizes government regulation, while Denise Leal focuses on tailoring standards to Global South realities.

Marko Paloski

Denise Leal

Government regulation needed to enforce ESG standards

Create ESG standards tailored for Global South realities

Similar Viewpoints

Both speakers emphasize the need for strong government regulations and enforcement to ensure compliance with ESG and data protection standards.

Alina Ustinova

Marko Paloski

Implement laws with criminal liability for data breaches

Government regulation needed to enforce ESG standards

Both speakers advocate for more inclusive and diverse approaches to ESG standards and reporting, considering different stakeholders and global realities.

Denise Leal

Jasmine Ko

Create ESG standards tailored for Global South realities

Align expectations across stakeholders on ESG reporting

Key Takeaways

ESG (Environmental, Social, Governance) is increasingly important in internet governance and needs to include cybersecurity considerations

Data centers have significant environmental impacts that need to be addressed through renewable energy and efficiency measures

Technology like blockchain and IoT can enhance ESG reporting and data protection, but also raise new challenges

ESG standards and implementation need to be tailored for different regional realities, especially in the Global South

Multi-stakeholder collaboration and government regulation are needed to improve ESG practices and accountability

Resolutions and Action Items

Expand research on eco-internet impacts across more regions

Push to change ESG to ESGC to explicitly include cybersecurity

Develop ESG standards specific to internet governance issues

Create regulations with criminal liability for data breaches

Include marginalized communities in developing ESG standards

Unresolved Issues

How to balance blockchain’s potential for ESG reporting with its energy consumption

Specific ways to harmonize global ESG frameworks while addressing regional differences

How to incentivize companies to go beyond compliance in ESG reporting

Concrete steps for different stakeholders to enhance ESG transparency and accountability

Suggested Compromises

Use blockchain selectively for critical ESG data tracking rather than broadly

Develop global ESG standards but allow for regional-specific additions

Balance strict regulation with incentives for companies to improve ESG practices

ESG is not always an easy and common topic among many countries and many places. I remembered when I used it to work doing the reports, it wasn’t easy to see how it impacted people’s lives, but it does impact when it makes enterprises think about how they are being sustainable, not only in the environmental way, but also in the social way and the governance way.

speaker

Denise Leal

reason

This comment provides important context about the challenges and real-world impact of ESG, expanding the discussion beyond theoretical concepts.

impact

It shifted the conversation to focus more on practical implications and challenges of implementing ESG principles across different contexts.

I come from the most attacked country in the world in terms of cyber attacks… We can understand that probably what the companies don’t just don’t need to consider only ESG I guess we should move from ESG to ESG C Where C stands for cyber security and to implement these standards

speaker

Alina Ustinova

reason

This comment introduces a new perspective on integrating cybersecurity more explicitly into ESG frameworks, based on real-world challenges.

impact

It sparked discussion about expanding ESG to ESGC and considering cybersecurity as a core component of sustainability frameworks.

We need regulations that are made for and in the global south, we use standards, sustainability standards that usually comes from Europe or USA but we need to create also specific regulations that are related to the reality of global south.

speaker

Denise Leal

reason

This comment challenges the one-size-fits-all approach to global standards and highlights the need for context-specific regulations.

impact

It broadened the discussion to consider regional differences and the importance of inclusive policy-making in ESG and sustainability efforts.

You can use blockchain to actually accurately measure if, in real-time, you can actually do something like this. real-time if the ESG parameters, right? So that could be a way to disclosure if an organization do this false ESG or quick quick fixes to fit on the ESG reporting

speaker

Nicolas Fiumarelli

reason

This comment introduces a concrete technological solution to address transparency and accountability challenges in ESG reporting.

impact

It shifted the discussion towards practical technological solutions for improving ESG implementation and reporting.

Overall Assessment

These key comments shaped the discussion by expanding it beyond theoretical concepts of ESG to consider real-world challenges, regional differences, and practical solutions. They highlighted the need for a more nuanced, inclusive approach to ESG that considers cybersecurity, regional contexts, and leverages technology for transparency. The discussion evolved from defining ESG to critically examining its implementation and proposing innovative ways to enhance its effectiveness globally.

How can we develop more specific ESG standards that apply to different regional realities, particularly in the Global South?

speaker

Denise Leal

explanation

This is important to ensure ESG standards consider the unique contexts and needs of different regions, especially marginalized communities and traditional peoples.

How can we expand research on the carbon footprint of data centers to more Pacific islands and West Asia?

speaker

Jasmine Ko

explanation

Expanding this research would provide a more comprehensive understanding of the environmental impact of internet infrastructure across different regions.

How can we integrate cybersecurity more explicitly into ESG frameworks?

speaker

Alina Ustinova

explanation

Adding cybersecurity as a fourth pillar (ESGC) would ensure data protection and security are given proper consideration in sustainability assessments.

How can blockchain technology be used to measure ESG parameters in real-time while addressing energy consumption concerns?

speaker

Nicolas Fiumarelli

explanation

This could provide a way to enhance transparency and accountability in ESG reporting, while also addressing the environmental impact of blockchain technology itself.

How can we ensure Africa and other least developed regions are included in ESG and cybersecurity conversations?

speaker

Audience member (unnamed)

explanation

This is crucial for ensuring global representation and addressing the unique challenges and perspectives of developing regions in ESG implementation.

What role should global regulatory frameworks play in harmonizing ESG, data protection, and cybersecurity standards across different regions?

speaker

Thais Aguiar

explanation

This is important for ensuring consistent and equitable implementation of ESG standards globally while respecting regional differences.