Internet of things

International Electrotechnical Commission

The IEC is the world leader in preparing international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to over 170 countries, coordinating the work of more than 20,000 experts. We administer four IEC Conformity Assessment Systems, representing the largest working multilateral agreement based on the one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.

IEC International Standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.

IEC Standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Every member country and all its stakeholders represented through the IEC National Committees has one vote and a say in what goes into an IEC International Standard.

Our work is used to verify the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digitisation, artificial intelligence (AI), or virtual reality applications, protects information technology (IT) and critical infrastructure systems from cyberattacks and increases the safety of people and the environment.

Digital activities 

The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues.

Digital policy issues

Artificial intelligence

AI applications are driving digital transformation across diverse industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.

For example, the digital transformation of the grid enables increased automation, making it more efficient and able to integrate fluctuating renewable energy sources seamlessly. IEC Standards pave the way for the use of a variety of digital technologies relating to intelligent energy. They deal with issues such as integrating renewable energies within the electrical network but also increased automatisation.

The IEC’s work in the area of AI takes a three-pronged approach. IEC experts focus on sector-specific needs (vertical standards) and conformity assessment, while the joint IEC and International Organization for Standardization (ISO) technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards).

In addition, IEC Safety Standards are an essential element of the framework for AI applications in power utilities and smart manufacturing. IEC Conformity Assessment Systems complete the process by ensuring the standards are properly implemented.

SC 42 addresses some concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.

Governance standards in AI and the business process framework for big data analytics address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.

The joint IEC and ISO technical committee also develop foundational standards for the IoT. Among other things, SC 41 standards promote interoperability, as well as architecture and a common vocabulary for the IoT.

Cloud computing

The IEC develops standards for many of the technologies that support digital transformation. Sensors, cloud, and edge computing are examples.

Advances in data acquisition systems are driving the growth of big data and AI use cases. The IEC prepares standards relating to semiconductor devices, including sensors.

Sensors can be certified under the IEC Quality Assessment System for Electronic Components (IECQ), one of the four IEC Conformity Assessment Systems.

Cloud computing and its technologies have also supported the increase of AI applications. The joint IEC and ISO technical committee prepares standards for cloud computing, including distributed platforms and edge devices, which are close to users and data collection points. The publications cover key requirements relating to data storage and recovery.

Building trust

International Standards play an important role in increasing trust in AI and help support public and private decision-making, not least because they are developed by a broad range of stakeholders. This helps to ensure that the IEC’s work strikes the right balance between the desire to deploy AI and other new technologies rapidly and the need to study their ethical implications.

The IEC has been working with a wide range of international, regional, and national organisations to develop new ways to bring stakeholders together to address the challenges of AI. These include the Swiss Federal Department of Foreign Affairs (FDFA) and the standards development organisations, ISO, and the International Telecommunication Union (ITU).

More than 500 participants followed the AI with Trust conference, in-person and online, to hear different stakeholder perspectives on the interplay between legislation, standards and conformity assessment. They followed use-case sessions on healthcare, sensor technology, and collaborative robots, and heard distinguished experts exchange ideas on how they could interoperate more efficiently to build trust in AI. The conference in Geneva was the first milestone of the AI with Trust initiative.

The IEC is also a founding member of the Open Community for Ethics in Autonomous and Intelligent Systems (OCEANIS). OCEANIS brings together standardisation organisations from around the world to enhance awareness of the role of standards in facilitating innovation and addressing issues related to ethics and values.

Read more

Network security and critical infrastructure

The IEC develops cybersecurity standards and conformity assessments for IT and operational technology (OT). One of the biggest challenges today is that cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to cyberattacks.

Cyberattacks on IT and OT systems often have different consequences. The effects of cyberattacks on IT are generally economical, while cyberattacks on critical infrastructure can impact the environment, damage equipment, or even threaten public health and lives.

When implementing a cybersecurity strategy, it is essential to consider the different priorities of cyber-physical and IT systems. The IEC provides relevant and specific guidance via two of the world’s best-known cybersecurity standards: IEC 62443 for cyber-physical systems and ISO/IEC 27001 for IT systems.

Both take a risk-based approach to cybersecurity, which is based on the concept that it is neither efficient nor sustainable to try to protect all assets in equal measure. Instead, users must identify what is most valuable and requires the greatest protection and identify vulnerabilities.

Conformity assessment provides further security by ensuring that the standards are implemented correctly: IECEE certification for IEC 62443 and IECQ for ISO/IEC 27001.

ISO/IEC 27001 for IT

IT security focuses equally on protecting the confidentiality, integrity, and availability of data – the so-called CIA triad. Confidentiality is of paramount importance and information security management systems, such as the one described in ISO/IEC 27001, are designed to protect sensitive data, such as personally identifiable information (PII), intellectual property (IP), or credit card numbers, for example.

Implementing the information security management system (ISMS) described in ISO/IEC 27001 means embedding information security continuity in business continuity management systems. Organisations are shown how to plan and monitor the use of resources to identify attacks earlier and take steps more quickly to mitigate the initial impact.

IEC 62443 for OT

In cyber-physical systems, where IT and OT converge, the goal is to protect safety, integrity, availability, and confidentiality (SIAC). Industrial control and automation systems (ICAS) run in a loop to check continually that everything is functioning correctly.

The IEC 62443 series was developed because IT cybersecurity measures are not always appropriate for ICAS. ICAS are found in an ever-expanding range of domains and industries, including critical infrastructure, such as energy generation, water management, and the healthcare sector.

ICAS must run continuously to check that each component in an operational system is functioning correctly. Compared to IT systems, they have different performance and availability requirements and equipment lifetime.

Conformity assessment: IECEE

Many organisations are applying for the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE) conformity assessment certification to verify that the requirements of IEC 62443 have been met.

IECEE provides a framework for assessments in line with IEC 62443, which specifies requirements for security capabilities, whether technical (security mechanisms) or process (human procedures) related. Successful recipients receive the IECEE industrial cybersecurity capability certificate of conformity.

Conformity assessment: IECQ

While certification to ISO/IEC 27001 has existed since the standard was published in 2013, it is only in recent years that the IEC Quality Assessment System for Electronic Components (IECQ) has set up a true single standardised way of assessing and certifying an ISMS to ISO/IEC 27001.

International standards such as IEC 62443 and ISO/IEC 27001 are based on industry best practices and reached by consensus. Conformity assessment confirms that they have been implemented correctly to ensure a safe and secure digital society.

Read more

Video

Digital tools

IEC has developed a number of online tools and services designed to help everyone with their daily activities.

Social media channels

Facebook @InternationalElectrotechnicalCommission

LinkedIn @IECStandards

Pinterest @IECStandards

X @IECStandards

YouTube @IECstandards

International Committee of the Red Cross

Established in 1863, the ICRC is an independent international humanitarian organisation headquartered in Geneva. It defends and promotes the respect of international humanitarian law (IHL) and is dedicated to protecting the lives and dignity of victims of war and to providing assistance. Along these lines, it cooperates with governments, the private sector, and other entities affected by international and internal armed conflict and violence.

Together with the International Federation of Red Cross and Red Crescent Societies and 192 individual national societies, the ICRC makes up the so-called International Red Cross and Red Crescent Movement.

Digital activities

Digitalisation is increasingly present in the context of armed conflict and violence. On one hand, affected populations are in demand for digital tools, which humanitarian organisations need to provide in a responsible manner. On the other hand, states use cyber operations as part of warfare with humans affected by the consequences of such operations and other digital risks. To this end, humanitarian organisations also use digital tools to improve their operations. The ICRC addresses the implications of technology, which are multifold and range from data protection for humanitarian actions to the application of IHL to cyber operations in armed conflict. We host expert and intergovernmental discussions and have developed a number of (digital) tools to help improve awareness and understanding of IHL and relevant standards. The ICRC cooperates with other organisations on digital policy issues.

Digital policy issues

Artificial intelligence

The ICRC has explored the impact of AI tools in armed conflict, in particular their use by armed actors. In a document titled Artificial Intelligence and Machine Learning in Armed Conflict: A Human-Centred Approach (2019, revised 2021), we argue: ‘Any new technology of warfare must be used, and must be capable of being used, in compliance with existing rules of international humanitarian law.’ The document touches on the use of AI and machine learning (ML) technologies capable of controlling physical military hardware. It argues that from a humanitarian perspective, AWS are of particular concern given that humans may not be able to control such weapons or the resulting use of force, and AI-controlled AWS would exacerbate these risks. The ICRC has urged states to adopt new international rules on AWS. The position paper also emphasises the potential for AI to exacerbate the risks to civilians and civilian infrastructure posed by cyber and information operations, as well as changing the nature of military decision-making in armed conflict. The ICRC calls for a human-centred approach to the application of AI in armed conflict that preserves human judgement and jointly with the United Nations Secretary-General, ICRC’s president is calling for establishing new prohibitions and restrictions on AWS. The question has been further explored in other reports, such as Autonomy, Artificial Intelligence, Robotics: Technical Aspects of Human Control (2019). 

Cyber operations during armed conflict

The use of cyber operations during armed conflict is a reality today and is likely to increase in future. Through bilateral confidential dialogue, expert discussions, participation in intergovernmental processes, and constant monitoring and analysis, the ICRC is raising awareness of the potential human cost of cyber operations and the application of IHL to cyber operations during armed conflict. Our efforts on this matter date back over two decades. Ever since, the ICRC has held the view that IHL limits cyber operations during armed conflict just as it limits the use of any other weapon, means and methods of warfare in an armed conflict, whether new or old.

Over the years, the ICRC has been actively involved in global policy discussions on cyber-related issues, including those held within the UN (various Groups of Governmental Experts (GGEs) and the Open-Ended Working Groups (OEWGs)). In addition, we convene regional consultations among government experts on how IHL applies to cyber operations, and global expert meetings, such as the potential human cost of cyber operations and avoiding civilian harm from military cyber operations during armed conflicts. Our legal views on how IHL applies to cyber operations during armed conflict are found in a 2019 position paper that was sent to all UN member states in the context of the different UN-mandated processes on information and communications technology (ICT) security. The ICRC explores innovative solutions, such as a digital emblem, to protect medical and humanitarian missions in cyberspace. 

Recently we have focused on non-state actors such as civilians and technological companies getting more and more involved in cyber operations. We first issued three documents. The first focuses on the growing trend of civilians at large getting involved in digital operations and the related risks. The second focuses on when might digital tech companies become targetable in war. And last and more specifically on hacking, we published a paper called 8 Rules for “Civilian Hackers” During War, and 4 Obligations for States to Restrain Them

‘Protection’ in the digital age

The ICRC deals with privacy and data protection within its mandate and context of IHL. In this Atlas, following the Digital Watch Observatory taxonomy, privacy and data protection are part of the human rights basket.

Without undermining the positive impact technology can bring in conflict, including enhancing access to life-saving information and potentially minimising collateral damage, protection work must consider the risks in the digital age. In other words, it must encompass the protection of the rights of people when their lives intersect with the digital sphere. This question remains under-regarded and a blog post tries to shed light on this grey area

The ICRC puts a special emphasis on the impact of misinformation and disinformation as they can increase people’s exposure to risk and vulnerabilities. For example, if displaced people in need of humanitarian assistance are given intentionally misleading information about life-saving services and resources, they can be misdirected away from help and towards harm.

Hate speech, meanwhile, contributes directly or indirectly to endangering civilian populations’ safety or dignity. For example, when online hate speech calls for violence against a minority group, it can contribute to psychological and social harm through harassment, defamation, and intimidation. 

These issues have been tackled in a document we published in 2021 called Harmful Information.

Misinformation and disinformation can also impact humanitarian organisations’ ability to operate in certain areas, potentially leaving the needs of people affected by armed conflict or other violence unmet. When false and manipulated information spreads, it can erode trust within communities and damage the reputation of humanitarian operations.

For the ICRC, whose work is founded on trust, the spread of disinformation, especially where tensions are high, could quickly lead to humanitarian personnel being unable to leave their offices, distribute live-saving assistance, visit detainees, or bring news to people who have lost contact with a family member.

Ultimately, it is important also to note that information operations have limits under IHL!

Outer space

Space systems have been employed for military purposes since the dawn of the space era. As the role of these systems in military operations during armed conflicts increases, so too does the likelihood of their being targeted, with a significant risk of harm to civilians and civilian objects on Earth and in space. This is because technology enabled by space systems permeates most aspects of civilian life, making the potential consequences of attacks on space systems a matter of humanitarian concern. Find out more in this blog called War, Law and Outer Space: Pathways to Reduce the Human Cost of Military Space Operations.

Privacy and data protection

The ICRC plays an active role in regard to privacy and data protection in the context of humanitarian action. It has a data protection framework compliant with international data protection standards that aims to protect individuals from a humanitarian standpoint. The framework consists of ICRC rules on personal data protection, which were revised in 2020 in response to the rapid development of digital technologies, while supervisory and control mechanisms are overseen by an independent data protection commission and a data protection officer.  In 2019, the ICRC spearheaded the adoption of a resolution on Restoring Family Links While Respecting Privacy, Including as it Relates to Personal Data Protection at the International Conference of the Red Cross and Red Crescent. In 2022, we pushed for the adoption of a resolution on Safeguarding Humanitarian Data at the Council of Delegates of the Red Cross and Red Crescent Movement.

Despite the wide range of data sources employed and dealt with by the ICRC, specific attention is dedicated to biometric data, which is often used in forensics and the restoration of family links. To manage this highly sensitive information and to ensure the responsible deployment of new technologies (including new biometric identification techniques), the ICRC has adopted a Biometrics Policy, which sets out the roles and responsibilities of the ICRC and defines the legitimate bases and specified purposes for the processing of biometric data. 

Data protection is also addressed by the ICRC Handbook on Data Protection in Humanitarian Action. The Handbook provides suggestions as to how current data protection principles apply to humanitarian organisations and builds on existing regulations, working procedures, and practices. The second edition specifically provides guidance on the technical aspects of data protection by design and by default and covers technological security measures. In addition, through dedicated chapters, it addresses the potential and risks of digital technology such as blockchain, AI, digital identity, and connectivity for data protection in humanitarian action.

The ICRC has argued in favour of the digitalisation of the Geneva Conventions and on the occasion of the 70th anniversary of these very treaties and additional protocols, released an IHL digital app. The app provides access to over 75 treaties including the Geneva Conventions, and allows users to read through the content and familiarise themselves with the text. The ICRC has a number of databases on IHL, including its customary IHL database and the ICRC national implementation database.  

Digital tools

Research and development

In 2022, the ICRC opened a Delegation for Cyberspace in Luxembourg, which serves as a safe and secure space to do due diligence research and develop and test solutions and ideas to prepare the ground for the support, protection, and deployment of digital services to affected people on a global scale. It will also further explore what it means to be a digital stakeholder in a manner compatible with its mandate; operational modalities; and the principles of neutrality, independence, and impartiality.

Resources

The ICRC’s Law and Policy blog provides a large number of short pieces on cyber operations, featuring tech expert, legal, and policy perspectives. 

Online learning is also used by the ICRC to promote the implementation of IHL. In 2019, we launched an e-learning course entitled Introduction to International Humanitarian Law aimed at non-legal practitioners, policymakers, and other professionals who are interested in the basics of IHL. Other online courses are available through the ICRC training centre as well as e-briefings which are available in the e-briefing library

The ICRC maintains an online training centre and an app with all ICRC publications in English and French. 

Social media channels

Facebook @ICRC

Instagram @ICRC

LinkedIn @ICRC

TikTok @ICRC

X @ICRC

YouTube @ICRC

Ecma International

Ecma International is a global standards development organisation dedicated to the standardisation of information and communication systems. Established in 1961, Ecma has been a pioneer in providing a framework for the collaboration of standardisation and open source. The work is driven by Ecma members to address market requirements, providing a healthy competitive environment where competition is based on the differentiation of products and services, and where vendors and users can rely on the interoperability of technical solutions.

Areas of work include the development and publication of Standards and Technical Reports for information and communications technology (ICT) and consumer electronics (CE), with a broad scope of standardisation topics including hardware, software, communications, consumer electronics, Internet of Things (IoT), programming languages, media storage, and environmental subjects. Ecma’s pragmatic, flexible, member-driven model is effective at enabling technical committees to form and iterate rapidly on internationally recognised open standards.

Digital activities

For over 60 years, Ecma has actively contributed to worldwide standardisation in information technology and telecommunications. More than 400 Ecma Standards and 100 Technical Reports of high quality have been published, covering areas such as data presentation and communication, data interchange and archiving, access systems and interconnection and multimedia, programming languages, and software engineering and interfaces, two-thirds of which have also been adopted as International Standards and/or Technical Reports.

One of the first programming languages developed by Ecma, FORTRAN, was approved in 1965. ECMAScript® (JavaScript), with several billion implementations, is one of the most used standards worldwide.

Digital policy issues

Digital standards

A large part of Ecma’s activity is dedicated to defining standards and technical reports for ICTs (hardware, software, communications, media storage, etc.). This work is carried out through technical committees and task groups focusing on issues such as information storage, multimedia coding and communications, programming languages, open XML formats, and product-related environmental attributes. Our members are committed to Ecma’s success and progress and follow best practices and efficient processes for the development and approval of standards, making Ecma a respected and trusted industry association. Ecma has close working relations – such as liaisons, cooperation agreements, and memberships – with European and international standardisation bodies as well as with some forums and consortia. Our long-established relationships with other standardisation organisations are well maintained and enable us to publish our specifications as international standards.

Telecommunications infrastructure

Network security

Sustainable development/Digital and environment

Programming languages such as ECMAScript (JavaScript) and C#

Data-related standards

Technical committees (TCs) and task groups (TGs) covering issues such as access systems and information exchange between systems (TC51), information storage (TC31), product-related environmental attributes (TC38), ECMAScript® language (TC39), office open XML formats (TC45), and ECMAScript® modules for embedded systems (TC53). The list of Ecma standards is noted above.

Future of standards

The participation in Ecma of many worldwide leading companies ensures not only the acceptance of Ecma Standards in European and international standardisation, but also their worldwide implementation.

Ecma’s goal for the next decade is to continue to play a key role in the extraordinary development of IT, telecommunications and consumer electronics, via the dissemination of new technologies, and by the delivery of first-class standards to our members, partners, and the standard-user community. Ecma aims to continue to bring in major contributions, move technology from members to mature standards, and collaborate with the world’s major standards developing organisations (SDOs).

Digital tools

Conferencing technologies

Ecma maintains a pragmatic approach to meeting participation. Our General Assembly typically takes place as a physical meeting to allow in-person discussions and interaction among members. For members who cannot participate in person, remote attendance is possible with videoconferencing and other digital tools.

Ecma’s technical committees hold either physical, hybrid, or virtual meetings depending on their specific needs.

Ecma meetings are typically held outside of Ecma’s HQ. As a general principle, members are encouraged to host meetings.  Invitations are by a technical committee member who host the meeting at a facility of their choice.

For meetings, consensus building, and voting, Ecma focuses on being efficient and effective. The meeting place and mode are decided upon by the committee.

Social media channels

LinkedIn @ecma-international

X @EcmaIntl