On 12 November 2019 I participated in a panel entitled “Implementation of the Paris Call for Principles and Values” with Jean-Baptiste Lemoyne, Secretary of State to the Minister for Europe and Foreign Affairs, John frank, Vice President of European and Government Affairs at Microsoft, Eugene Kaspersky, CEO, Kaspersky, moderated by Frederick Douzet, Professor, Institut Francais de Geopolitique, Université Paris 8. See my panel speaking points below:
The digital transformation is rapidly advancing.
- Almost half of the world’s population is connected to the Internet, up from only 4% in 1995.
- Recent OECD research has found that around one-half of all people across the OECD have accessed public services or health information online.
- Every digital device is exposed to security risk: computers, smartphones, servers, but also digital technologies embedded in planes, cars, insulin pumps, factory robots, domestic appliances…
- Every decision on the design, deployment and use of technologies shapes the digital security risk.
Online crime is common & children are esp affected
- UK estimates show that you are now 20 times more likely to be robbed online than in the street.
- Children are particularly affected by cyber risks: PISA found that a quarter of 15-year olds spend more than 6 hours a day online at the weekend.
- Recent data breaches include 500 million records from Marriott International; 145 million records at the U.S. credit bureau, Equifax, including Social Security numbers; 87 million records at Facebook.
- Estimates of the cost to the global economy from cybercrime stand at almost $450 billion a year.
France (and NZ) have shown great leadership
- A year ago today, President Emmanuel Macron launched The Paris Call for Trust and Security.
- This high-level declaration in favour of the development of common principles for securing cyberspace has already received the backing of almost 70 States, 140 international and civil society organizations, and over 350 businesses.
- New Zealand also a leader. The Christchurch Call outlines collective, voluntary commitments from Governments and online service providers to address terrorist and violent extremist content online and to prevent the abuse of the internet.
Paris Call addresses role & responsibility private sector
- Private companies own most of the digital infrastructure and develop most of the products that use it. They have a crucial role in keeping cyberspace trusted and secure.
- The Call stresses the need for multi-stakeholder collaboration around new cybersecurity standards.
- Co-operation between governments, private sector, and civil society is necessary to bring forward different perspectives, exchange ideas and good practices, and lend credibility to the process and outcomes.
OECD has an important contribution to make (I)
- In 1980 OECD set 1st international standard for personal data protection and in 2019 first inter-governmental guidelines for trustworthy AI.
- 2015 Recommendation on Digital Security Risk Management for Economic & Social Prosperity paved the way in addressing responsibility of private actors and treating digital security as an economic rather than technical issue.
- It provides principles around shared responsibility on risk assessment, security, transparency, cooperation across borders and human rights, as well as guidance on effective national strategies.
OECD has an important contribution to make (II)
- In the days after the Paris Call launch, the OECD’s inaugural OECD Global Forum on Digital Security for Prosperity, working in partnership with France, was discussing role of private sector.
- In addition OECD established this year a working party on digital security policies, to foster shared understanding of actions
- It will focus on enhancing the digital security of products, managing and disclosing vulnerabilities responsibly, and clarifying the limits on what businesses can and cannot do in response to cyber-attacks – priority areas under the Paris Call.
OECD engaged on violent content & child protection
- In response to G7 Leaders’ Summit in Biarritz, OECD is leading work to develop voluntary transparency reporting protocols on detecting, filtering and removing terrorist and violent extremist content (TVEC) on online platforms.
- This is a concrete step towards meeting the Christchurch Call & G20 statements.
- Linked to this is update of 2012 Recommendation on the Protection of Children Online with a new typology of risks linked to social media and mental health and new contact risks from cyberbullying, harassment and sextortion.
- 1 year since the Paris Call, and we can already attest to the shift in the international discourse on cybersecurity.
- By emphasising the complementary role of the private sector and the importance of a multi-stakeholder approach, it reminds us that we are all interconnected and therefore inter-dependent – within and across societies and economies, sectors and countries.
- The cyberspace is shared, and we all carry the responsibility to keep it secure and trusted. Count on the OECD!