Internet of things

International Organization for Standardization

ISO is the International Organization for Standardization, the world’s largest developer of international standards. It consists of a global network of 173 national standards bodies – our members. Each member represents ISO in its country. The organisation brings together global experts to share knowledge and develop voluntary, consensus-based, market-relevant international standards. It is best known for its catalogue of around 25,000 standards, spanning a wide range of sectors, including technology, food, and healthcare.

Digital activities

A large number of international standards and related documents developed by ISO are related to information and communications technologies (ICTs), such as the Open Systems Interconnection (OSI), which was created in 1983 to establish a universal reference model for communications protocols. The organisation is also active in the field of emerging technologies, including blockchain, the internet of things (IoT), and AI. The standards are developed by various technical committees dedicated to specific areas, including information security, cybersecurity, privacy protection, AI, and intelligent transport systems.

Digital policy issues

Artificial intelligence

The joint technical committee of ISO and the International Electrotechnical Commission (IEC) on AI is known as ISO/IEC JTC1/SC 42 Artificial intelligence and is responsible for the development of standards in this area. To date, it has published 34 standards specifically pertaining to AI, with 41 others in development. ISO/IEC 42001 is the flagship AI management system standard, which provides requirements for establishing, implementing, maintaining, and continually improving an AI management system within the context of an organisation. ISO/IEC TR 24028 provides an overview of trustworthiness in AI systems, detailing the associated threats and risks and addressing approaches on availability, resiliency, reliability, accuracy, safety, security, and privacy. Other recently published standards include those that cover concepts and terminology for AI (ISO/IEC 22989); bias in AI systems and AI-aided decision-making (ISO/IEC TR 24027); AI risk management (ISO/IEC 23894); a framework for AI systems using machine learning (ISO/IEC 23053); and the assessment of machine learning classification performance (ISO/IEC TS 4213). Other standards under development to support ISO/IEC 42001 include ISO/IEC 42005 on AI system impact assessments and ISO/IEC 42006, which contains requirements for bodies providing audit and certification of AI management systems. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

ISO has joined forces with its World Standards Cooperation (WSC) partners IEC and ITU to create the International AI Standards Summit, to be held on 2 and 3 December in Seoul and hosted by the Korean Agency for Technology and Standards (KATS). The initiative was announced at the World Economic Forum in Davos and responds to the UN’s call to enhance AI governance through international standards following the adoption of the Global Digital Compact by world leaders in September 2024.

In July, the WSC will join leading experts at the International AI Standards Day during the AI for Good Global Summit to help shape AI governance.ISO is also working alongside IEC and ITU in the AI and Multimedia Authenticity Standards Collaboration, launched in 2024 to develop global standards for AI watermarking, multimedia authenticity, and deepfake detection technologies.

Cloud computing

ISO and IEC also have a joint committee for standards related to cloud computing that currently has 29 published standards and a further 14 in development. Of those published, two standards of note include ISO/IEC 19086-1, which provides an overview, foundational concepts, and definitions for a cloud computing service level agreement framework, and ISO/IEC 22123-3, which specifies the cloud computing reference architecture. Other standards recently published include those on health informatics (ISO/TR 21332); the audit of cloud services (ISO/IEC 22123-2); and data flow, categories, and use (ISO/IEC 19944 series). Standards under development include the ISO/IEC 10822 series on multi-cloud management. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Internet of things

Recognising the ongoing developments in the field of IoT, ISO currently has 50 published standards on the subject, including those for intelligent transport systems (ISO 19079), future networks for IoT (ISO/IEC TR 29181 series), unique identification for IoT (ISO/IEC 29161), internet of media things (ISO/IEC 23093-3), the trustworthiness of IoT (ISO/IEC 30149), and industrial IoT systems (ISO/IEC 30162). IoT security is addressed in standards such as ISO/IEC 27001 and ISO/IEC 27002, which provide a common language for governance, risk, and compliance issues related to information security. In addition, there are standards that provide a methodology for the trustworthiness of an IoT system or service (ISO/IEC 30147); a trustworthiness framework (ISO/IEC 30149); requirements for an IoT data exchange platform for various IoT services (ISO/IEC 30161); and a real-time IoT framework (ISO/IEC 30165). A further 20 standards are in development. Up-to-date information on the ISO and IEC joint technical committee on IoT (e.g. scope, programme of work, contact details) can be found on the committee page

Telecommunication infrastructure

ISO has published 12 standards on blockchain and distributed ledger technologies. Of these, ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; ISO 22739 covers fundamental blockchain terminology; ISO/TR 23576 deals with security management of digital asset custodians; ISO/TS 23258 specifies a taxonomy and ontology; and ISO/TS 23635 provides guidelines for governance. A further 12 standards are in development, including ISO/TS 18126, which specifies a taxonomy and classification for smart contracts, and ISO 20435, which provides a framework for representing physical assets using tokens. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Blockchain

ISO has published 11 standards on blockchain and distributed ledger technologies: ISO/TR 23455 gives an overview of smart contracts in blockchain and distributed ledger technologies; ISO/TR 23244 tackles privacy and personally identifiable information protection; and ISO 22739 covers fundamental blockchain terminology respectively. ISO also has a further eight standards on blockchain in development. These include those related to:  security management of digital asset custodians (ISO/TR 23576); taxonomy and ontology (ISO/TS 23258); and guidelines for governance (ISO/TS 23635). Up-to-date information on the technical committee (e.g. scope, programme of work, contact details, etc.) can be found on the committee page.

Emerging technologies

ISO develops standards that address many different emerging technologies. These include more than 40 standards either published or in development on robotics, covering issues such as collaborative robots (e.g. ISO/TS 15066), safety requirements for industrial robots (e.g. ISO 10218 series), and personal care robots (e.g. ISO 13482). 

The ISO technical committee on intelligent transport systems (ITS) has over 350 published standards, including those on forward vehicle collision warning systems (ISO 15623) and management of electronic traffic regulations (ISO/TS 24315-1). Standards are also being developed to address the use of virtual reality in learning, education, and training (e.g. ISO/IEC 23843).A further three issues are currently being explored in collaboration with IEC, with further developments anticipated in the next couple of years: bio-digital convergence, the metaverse, and brain–computer interfaces (ISO/IEC JTC1/SC43).

Quantum technologies

In January 2024, ISO and IEC launched a new joint technical committee, ISO/IEC JTC 3, on quantum technologies. The committee will develop standards on quantum computing, quantum simulation, quantum sources, quantum metrology, quantum detectors, quantum communications, and fundamental quantum technologies. One standard, on the quantum computing vocabulary (ISO/IEC 4879), has already been published, and an introduction to quantum computing (ISO/IEC TR 18157) is in development.

Network security

ISO and IEC jointly develop standards that address information security and network security. The ISO/IEC 27000 family of standards covers information security management systems (ISMSs) and can be used by organisations to secure information assets such as financial data, intellectual property, and employee information. For example, ISO/IEC 27031 and ISO/IEC 27035 are specifically designed to help organisations respond to, diffuse, and recover effectively from cyberattacks. ISO/IEC 27701, an extension of ISO/IEC 27001 and ISO/IEC 27002, details requirements and guidance for establishing, implementing, maintaining, and continually improving a privacy information management system (PIMS). We have also developed a handbook to assist small and medium-sized enterprises (SMEs) in establishing and maintaining an ISMS according to ISO/IEC 27001, the premier standard for information security. Network security is also addressed by standards on technologies such as IoT, smart community infrastructures, medical devices, localisation and tracking systems, and future networks. Up-to-date information on the joint ISO and IEC technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Encryption

As more and more information (including sensitive personal data) is stored, transmitted, and processed online, the security, integrity, and confidentiality of such information become increasingly important. To this end, ISO has a number of standards for the encryption of data. For example, ISO/IEC 18033-1 addresses the nature of encryption and describes certain general aspects of its use and properties. Other standards include ISO/IEC 19772, which covers authenticated encryption, ISO/IEC 18033-3, which specifies encryption systems (ciphers) for data confidentiality purposes, and ISO 19092, which allows for encryption of biometric data used for authentication of individuals in financial services for confidentiality or other reasons. 

ISO also has standards that focus on identity-based ciphers, symmetric and asymmetric encryption, public key infrastructure, and other related areas.

Data governance

Big data represents another significant area of standardisation for ISO, with around 80% of related standards being developed by ISO/IEC JTC1/SC42. The terminology for standards related to big data is defined in ISO/IEC 20546, while ISO/IEC 20547-3 covers big data reference architecture. ISO/IEC TR 20547-2 provides examples of big data use cases with application domains and technical considerations, and ISO/IEC TR 20547-5 details a roadmap of existing and future standards in this area. Up-to-date information on the technical committee (e.g. scope, programme of work, contact details) can be found on the committee page.

Digital identities

Digital signatures that validate digital identities help ensure the integrity of data and the authenticity of particulars in online transactions, thereby contributing to the security of online applications and services. Standards to support this technology cover elements such as anonymous digital signatures (e.g. ISO/IEC 20008 series); digital signatures for healthcare documents (e.g. ISO 17090-4 and ISO 17090-5); and blind digital signatures, in which the content of the message to be signed is concealed, used in contexts where, for example, anonymity is required. Examples of such standards include ISO 18370-1 and ISO/IEC 18370-2.

Privacy and data protection

Privacy and data protection in the context of ICTs is another area addressed by ISO standards. One prominent example, ISO/IEC 29101, describes a privacy architecture framework. Others include standards for privacy-enhancing protocols and services for identification cards (ISO/IEC 19286); privacy protection requirements pertaining to learning, education, and training systems employing information technologies (ISO/IEC 29187-1); privacy aspects in the context of intelligent transport systems (ISO/TR 12859); and security and privacy requirements for health informatics (ISO/TS 14441).

ISO in numbers

ISO is proud to count 173 members.

Our experts work across 823 technical committees and subcommittees.

In 2024, we published 1,533 new standards and related documents.

The ISO store contains more than 25,703* international standards and related documents.

* Total as of end December 2024.

Digital tools

ISO’s online browsing platform provides up-to-date information on ISO standards, graphical symbols, publications, and terms and definitions.

Social media channels

Facebook @isostandards

Instagram @isostandards

LinkedIn @isostandards

X @isostandards

YouTube @iso

International Electrotechnical Commission

The IEC is the world leader in preparing international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to around 170 countries, coordinating the work of some 30,000 experts. We administer four IEC Conformity Assessment Systems, representing the largest working multilateral agreement based on the one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.

IEC international standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.

IEC standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Experts come from both developed and developing countries. Each member country and all its stakeholders represented through the IEC National Committees have one vote and a say in what goes into an IEC international standard.

Our work is used to verify the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digital transformation, artificial intelligence (AI), or virtual reality applications, protects information technology (IT) and critical infrastructure systems from cyberattacks and increases the safety of people and the environment.

Digital activities 

The IEC works to ensure that its activities have a global reach to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues. IEC international standards and conformity assessment play a crucial role in shaping global AI and digital policies by providing a structured, collaborative, and consensus-driven framework that addresses technical, ethical, and governance challenges.

Digital policy issues

Artificial intelligence

AI applications are driving digital transformation across diverse industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.

For example, the digital transformation of the grid enables increased automation, making it more efficient and able to seamlessly integrate fluctuating renewable energy sources. IEC standards pave the way for the use of a variety of digital technologies relating to intelligent energy. They deal with issues such as the integration of renewable energies within the electrical network but also increased automatisation.

A joint IEC and ISO technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards). IEC experts focus on sector-specific needs (vertical standards) and conformity assessment.

JTC 1/SC 42 addresses concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.

Governance standards in AI and the big data analytics business process framework address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.

Quantum computing

The joint IEC and ISO technical committee for quantum technologies, IEC/ISO JTC 3, is working on standards for all aspects of quantum, including computing, metrology, sources, detectors, communications and fundamental quantum technologies.

Infrastructure

The IEC develops standards for many of the technologies that support digital transformation. Fibre optic cables, sensors, semiconductors, cloud and edge computing are examples.

Cloud computing

The joint ISO/IEC technical committee prepares standards for cloud computing, including distributed platforms and edge devices. The standards cover key requirements relating to data storage and recovery.

Network security and critical infrastructure

The IEC develops cybersecurity standards and conformity assessment for IT and operational technology (OT). Cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to attacks.

Digital tools

The IEC has developed a number of online tools and services designed to help everyone with their daily activities.

Find out more
IEC website
IEC news and blog
IEC e-tech

Social media channels

LinkedIn @IECStandards

Facebook @InternationalElectrotechnicalCommission

YouTube @IECstandards

International Committee of the Red Cross

Established in 1863, the ICRC is an independent international humanitarian organisation headquartered in Geneva. It defends and promotes the respect of international humanitarian law (IHL) and is dedicated to protecting the lives and dignity of victims of war and to providing assistance. Along these lines, it cooperates with governments, the private sector, and other entities affected by international and internal armed conflict and violence.

Together with the International Federation of Red Cross and Red Crescent Societies and 192 individual national societies, the ICRC makes up the so-called International Red Cross and Red Crescent Movement.

Digital activities

Digitalisation is increasingly present in the context of armed conflict and violence. On one hand, affected populations are in demand for digital tools, which humanitarian organisations need to provide in a responsible manner. On the other hand, states use cyber operations as part of warfare with humans affected by the consequences of such operations and other digital risks. To this end, humanitarian organisations also use digital tools to improve their operations. The ICRC addresses the implications of technology, which are multifold and range from data protection for humanitarian actions to the application of IHL to cyber operations in armed conflict. We host expert and intergovernmental discussions and have developed a number of (digital) tools to help improve awareness and understanding of IHL and relevant standards. The ICRC cooperates with other organisations on digital policy issues.

Digital policy issues

Artificial intelligence

The ICRC has explored the impact of AI tools in armed conflict, in particular their use by armed actors. In a document titled Artificial Intelligence and Machine Learning in Armed Conflict: A Human-Centred Approach (2019, revised 2021), we argue: ‘Any new technology of warfare must be used, and must be capable of being used, in compliance with existing rules of international humanitarian law.’ The document touches on the use of AI and machine learning (ML) technologies capable of controlling physical military hardware. It argues that from a humanitarian perspective, AWS are of particular concern given that humans may not be able to control such weapons or the resulting use of force, and AI-controlled AWS would exacerbate these risks. The ICRC has urged states to adopt new international rules on AWS. The position paper also emphasises the potential for AI to exacerbate the risks to civilians and civilian infrastructure posed by cyber and information operations, as well as changing the nature of military decision-making in armed conflict. The ICRC calls for a human-centred approach to the application of AI in armed conflict that preserves human judgement and jointly with the United Nations Secretary-General, ICRC’s president is calling for establishing new prohibitions and restrictions on AWS. The question has been further explored in other reports, such as Autonomy, Artificial Intelligence, Robotics: Technical Aspects of Human Control (2019). 

Cyber operations during armed conflict

The use of cyber operations during armed conflict is a reality today and is likely to increase in future. Through bilateral confidential dialogue, expert discussions, participation in intergovernmental processes, and constant monitoring and analysis, the ICRC is raising awareness of the potential human cost of cyber operations and the application of IHL to cyber operations during armed conflict. Our efforts on this matter date back over two decades. Ever since, the ICRC has held the view that IHL limits cyber operations during armed conflict just as it limits the use of any other weapon, means and methods of warfare in an armed conflict, whether new or old.

Over the years, the ICRC has been actively involved in global policy discussions on cyber-related issues, including those held within the UN (various Groups of Governmental Experts (GGEs) and the Open-Ended Working Groups (OEWGs)). In addition, we convene regional consultations among government experts on how IHL applies to cyber operations, and global expert meetings, such as the potential human cost of cyber operations and avoiding civilian harm from military cyber operations during armed conflicts. Our legal views on how IHL applies to cyber operations during armed conflict are found in a 2019 position paper that was sent to all UN member states in the context of the different UN-mandated processes on information and communications technology (ICT) security. The ICRC explores innovative solutions, such as a digital emblem, to protect medical and humanitarian missions in cyberspace. 

Recently we have focused on non-state actors such as civilians and technological companies getting more and more involved in cyber operations. We first issued three documents. The first focuses on the growing trend of civilians at large getting involved in digital operations and the related risks. The second focuses on when might digital tech companies become targetable in war. And last and more specifically on hacking, we published a paper called 8 Rules for “Civilian Hackers” During War, and 4 Obligations for States to Restrain Them

‘Protection’ in the digital age

The ICRC deals with privacy and data protection within its mandate and context of IHL. In this Atlas, following the Digital Watch Observatory taxonomy, privacy and data protection are part of the human rights basket.

Without undermining the positive impact technology can bring in conflict, including enhancing access to life-saving information and potentially minimising collateral damage, protection work must consider the risks in the digital age. In other words, it must encompass the protection of the rights of people when their lives intersect with the digital sphere. This question remains under-regarded and a blog post tries to shed light on this grey area

The ICRC puts a special emphasis on the impact of misinformation and disinformation as they can increase people’s exposure to risk and vulnerabilities. For example, if displaced people in need of humanitarian assistance are given intentionally misleading information about life-saving services and resources, they can be misdirected away from help and towards harm.

Hate speech, meanwhile, contributes directly or indirectly to endangering civilian populations’ safety or dignity. For example, when online hate speech calls for violence against a minority group, it can contribute to psychological and social harm through harassment, defamation, and intimidation. 

These issues have been tackled in a document we published in 2021 called Harmful Information.

Misinformation and disinformation can also impact humanitarian organisations’ ability to operate in certain areas, potentially leaving the needs of people affected by armed conflict or other violence unmet. When false and manipulated information spreads, it can erode trust within communities and damage the reputation of humanitarian operations.

For the ICRC, whose work is founded on trust, the spread of disinformation, especially where tensions are high, could quickly lead to humanitarian personnel being unable to leave their offices, distribute live-saving assistance, visit detainees, or bring news to people who have lost contact with a family member.

Ultimately, it is important also to note that information operations have limits under IHL!

Outer space

Space systems have been employed for military purposes since the dawn of the space era. As the role of these systems in military operations during armed conflicts increases, so too does the likelihood of their being targeted, with a significant risk of harm to civilians and civilian objects on Earth and in space. This is because technology enabled by space systems permeates most aspects of civilian life, making the potential consequences of attacks on space systems a matter of humanitarian concern. Find out more in this blog called War, Law and Outer Space: Pathways to Reduce the Human Cost of Military Space Operations.

Privacy and data protection

The ICRC plays an active role in regard to privacy and data protection in the context of humanitarian action. It has a data protection framework compliant with international data protection standards that aims to protect individuals from a humanitarian standpoint. The framework consists of ICRC rules on personal data protection, which were revised in 2020 in response to the rapid development of digital technologies, while supervisory and control mechanisms are overseen by an independent data protection commission and a data protection officer.  In 2019, the ICRC spearheaded the adoption of a resolution on Restoring Family Links While Respecting Privacy, Including as it Relates to Personal Data Protection at the International Conference of the Red Cross and Red Crescent. In 2022, we pushed for the adoption of a resolution on Safeguarding Humanitarian Data at the Council of Delegates of the Red Cross and Red Crescent Movement.

Despite the wide range of data sources employed and dealt with by the ICRC, specific attention is dedicated to biometric data, which is often used in forensics and the restoration of family links. To manage this highly sensitive information and to ensure the responsible deployment of new technologies (including new biometric identification techniques), the ICRC has adopted a Biometrics Policy, which sets out the roles and responsibilities of the ICRC and defines the legitimate bases and specified purposes for the processing of biometric data. 

Data protection is also addressed by the ICRC Handbook on Data Protection in Humanitarian Action. The Handbook provides suggestions as to how current data protection principles apply to humanitarian organisations and builds on existing regulations, working procedures, and practices. The second edition specifically provides guidance on the technical aspects of data protection by design and by default and covers technological security measures. In addition, through dedicated chapters, it addresses the potential and risks of digital technology such as blockchain, AI, digital identity, and connectivity for data protection in humanitarian action.

The ICRC has argued in favour of the digitalisation of the Geneva Conventions and on the occasion of the 70th anniversary of these very treaties and additional protocols, released an IHL digital app. The app provides access to over 75 treaties including the Geneva Conventions, and allows users to read through the content and familiarise themselves with the text. The ICRC has a number of databases on IHL, including its customary IHL database and the ICRC national implementation database.  

Digital tools

Research and development

In 2022, the ICRC opened a Delegation for Cyberspace in Luxembourg, which serves as a safe and secure space to do due diligence research and develop and test solutions and ideas to prepare the ground for the support, protection, and deployment of digital services to affected people on a global scale. It will also further explore what it means to be a digital stakeholder in a manner compatible with its mandate; operational modalities; and the principles of neutrality, independence, and impartiality.

Resources

The ICRC’s Law and Policy blog provides a large number of short pieces on cyber operations, featuring tech expert, legal, and policy perspectives. 

Online learning is also used by the ICRC to promote the implementation of IHL. In 2019, we launched an e-learning course entitled Introduction to International Humanitarian Law aimed at non-legal practitioners, policymakers, and other professionals who are interested in the basics of IHL. Other online courses are available through the ICRC training centre as well as e-briefings which are available in the e-briefing library

The ICRC maintains an online training centre and an app with all ICRC publications in English and French. 

Social media channels

Facebook @ICRC

Instagram @ICRC

LinkedIn @ICRC

TikTok @ICRC

X @ICRC

YouTube @ICRC

Ecma International

Ecma International is a global standards development organisation dedicated to the standardisation of information and communication systems. Established in 1961, Ecma has been a pioneer in providing a framework for the collaboration of standardisation and open source. The work is driven by Ecma members to address market requirements, providing a healthy competitive environment where competition is based on the differentiation of products and services and where vendors and users can rely on the interoperability of technical solutions.

Areas of work include the development and publication of standards and technical reports for information and communications technology (ICT) and consumer electronics (CE), with a broad scope of standardisation topics including hardware, software, communications, consumer electronics, the internet of things (IoT), programming languages, media storage, and environmental subjects. Ecma’s pragmatic, flexible, member-driven model is effective in enabling technical committees to form and iterate rapidly on internationally recognised open standards.

Digital activities

For over 60 years, Ecma has actively contributed to worldwide standardisation in information technology and telecommunications. More than 420 Ecma standards and 110 technical reports have been published, covering areas such as data presentation and communication, data interchange and archiving, access systems and interconnection and multimedia, programming languages, and software engineering and interfaces, two-thirds of which have also been adopted as international standards and/or technical reports.

One of the first programming languages developed by Ecma, FORTRAN, was approved in 1965. ECMAScript® (JavaScript), with several billion implementations, is one of the most used standards worldwide.

Digital policy issues

Digital standards

A large part of Ecma’s activity is dedicated to defining standards and technical reports for ICTs (hardware, software, communications, media storage, etc.). This work is carried out through technical committees and task groups focusing on issues such as information storage, multimedia coding and communications, programming languages, open XML formats, and product-related environmental attributes. Our members are committed to Ecma’s success and progress and follow best practices and efficient processes for the development and approval of standards, making Ecma a respected and trusted industry association. Ecma has close working relations – such as liaisons, cooperation agreements, and memberships – with European and international standardisation bodies as well as with some forums and consortia. Our long-established relationships with other standardisation organisations are well maintained and enable us to publish our specifications as international standards. A list of Ecma standards is noted below.

Telecommunications infrastructure

Network security

Sustainable development/Digital and environment

Programming languages such as ECMAScript (JavaScript) and C#

Software engineering and interfaces

Data-related standards

Technical committees (TCs) and task groups (TGs), covering issues such as access systems and information exchange between systems (TC51), information storage (TC31),

product-related environmental attributes (TC38), ECMAScript® language (TC39), office open XML formats (TC45), and ECMAScript® modules for embedded systems (TC53). Additional technical committees include acoustics (TC26), software and system transparency (TC54), web-interoperable server runtimes (TC55), and communication with artificial intelligence (AI) agents (TC56).

In addition, ECMA-425 was published in December 2024, specifying a statistical background correction for information technology and telecommunications equipment noise measurements.

Future of standards

The participation in Ecma of many leading global companies ensures not only the acceptance of Ecma standards in European and international standardisation but also their worldwide implementation.

Ecma’s goal in the next decade is to continue to play a key role in the extraordinary development of IT, telecommunications, and consumer electronics by disseminating new technologies and delivering first-class standards to our members, partners, and the standard-user community. Ecma aims to continue to bring in major contributions, move technology from members to mature standards, and collaborate with the world’s major standards development organisations (SDOs).

In December 2024, Ecma established Technical Committee TC55, tasked with defining, refining, and standardising a ‘minimum common API’ surface, along with a verifiable definition of compliance with that API. This is intended to improve interoperability across multiple ECMAScript environments, expanding beyond web browsers, specifically web servers. In addition, Ecma established TC56, a natural language interaction protocol for communication with AI agents. The scope is to specify a common protocol, framework and interfaces for interactions between AI agents using natural language while supporting multiple modalities.

Digital tools

Conferencing technologies

Ecma maintains a pragmatic approach to meeting participation. Our General Assembly typically takes place as a physical meeting to allow in-person discussions and interaction among members. For members who cannot participate in person, remote attendance is possible with videoconferencing and other digital tools.

Ecma’s technical committees hold either physical, hybrid, or virtual meetings depending on their specific needs.

Ecma meetings are typically held outside of Ecma’s HQ. As a general principle, members are encouraged to host meetings.  Invitations are by a technical committee member who host the meeting at a facility of their choice.

For meetings, consensus building, and voting, Ecma focuses on being efficient and effective. The meeting place and mode are decided upon by the committee.

Social media channels

LinkedIn @ecma-international

X @EcmaIntl