Value of cyber security and privacy in digital and e-commerce space

1 May 2020 14:00h - 15:30h

Event report

[Read more;session reports and updates from the eWeek of Online Event: Dialogues, Webinars and Meeting]

The COVID-19 pandemic has caused a great accelerated push for digitalisation all around the world in the course of 6 to 8 weeks. This abrupt pressure has left many unconnected people behind, but those who were able benefit from the new opportunities might have changed their relationship with e-commerce significantly. This underlines the importance of following basic guiding principles of data protection and cybersecurity to ensure the trust that is vitally needed for the growth and sustainability of e-commerce, said Mr Bernardo Calzadilla Sarmiento (Director of the Department of Trade, UN Industrial Development Organization [UNIDO]). The main data protection instrument for many countries, which is the GDPR, offers a good data protection framework, but we must always try to strive for balanced regulation and implementation.

There has been a high level of personal data usage in tracking, fighting, and offering health services during the pandemic, stated Ms Shamika N. Sirimanne (Director of the Division on Technology and Logistics, UN Conference on Trade and Development [UNCTAD]). The outbreak has amplified concerns regarding privacy and data protection issues globally. Considering how data can be used to support the fight against COVID-19, it becomes vital for policymakers to address how to achieve an adequate balance between protecting personal health data of individuals and protecting them against the Coronavirus. This is especially important considering that countries do not have adequate time to prepare a comprehensive legal framework in the middle of a crisis.

The last decade was marked by the fast growth of data driven businesses and the rise of the Internet of things (IoTs). This has led to a higher number of data breaches each year, as the data economy also grows in size annually. This growth in data breaches and cybersecurity issues impacts least developed countries (LDCs) the most. Many LDCs do not have any data protection and/or cybersecurity regulation in place. Adopting new laws is not an easy task, keeping in mind that new regulations have to (at least aim to) adapt to technological advancements. LDCs lack necessary resources and capacity to do so appropriately. Consequently, in the absence of proper regulatory frameworks and implementation, ongoing digital fraud and privacy breaches hinder the growth of e-commerce in LDCs.

Ms Marilia Maciel (Digital Policy Senior Researcher, DiploFoundation) believes many problems that have been discussed in Internet Governance Forums (IGFs) for the past decade are now also being discussed at mainstream trade and e-commerce circles. The IGF community and other actors of the global Internet governance ecosystem have many lessons and best practices, both substantive (what to do) and procedural (how to do). An example can be on how treaties are mandatory for states, but not for private actors such as companies and standardisation organisations. The multistakeholder model of Internet governance helps ensure that the obligations states agree to in treaties are also observed by private actors after implementation.

Concerns related to cybersecurity issues are growing, as these issues (such as militarial and trade related cybercrime) threaten the security and integrity of critical infrastructures such as financial and energy infrastructures Therefore, Maciel considers that cybersecurity is a precondition for economic growth, as the increased presence of any of these issues generates a level of instability that hurts the economy. For example, acute cybersecurity problems might result in companies refusing to do business in certain countries, as it happened in Nigeria. To deal with these issues, Maciel highlighted the importance of the Budapest Convention as an open global regulatory framework for cybersecurity.

New and emerging technologies also pose a challenge to the economy. Artificial intelligence (AI), for instance, is expected to heavily impact various future cybersecurity scenarios. One case is AI powered malware: It can be much harder to detect as it can learn about the operational context of a certain company or individual and avoid detection. On top of this all, the diplomacy of cybersecurity is being conducted in a high tension world, with a war on technological and economic supremacy between China and the USA in the background.

By Pedro Vilela