IGF 2019 WS #104 Integrated Policy Framework Key to Realize Digital Inclusion

Organizer 1: B Wanner, U.S. Council for International Business
Organizer 2: Jane Coffin, Internet Society
Organizer 4: Toshiya Jitsuzumi, Chuo University
Organizer 5: Lauren Crean, Telecommunications Management Group
Organizer 6: Bruna Santos , Coding Rights

Speaker 1: David Gierton, OECD
Speaker 2: Carlos Lugo Silva, Director, Comision de Regulacion de Comunicaciones, Government of Colombia
Speaker 3: Alex Cooke, Counsellor to the EU, Department of Industry, Innovation and Science, Government of Australia
Speaker 4: Ben Wallis, Microsoft
Speaker 5: Jane Coffin, ISOC


B Wanner, Private Sector, Western European and Others Group (WEOG)

Online Moderator

Bruna Santos , Civil Society, Latin American and Caribbean Group (GRULAC)


Lauren Crean, Private Sector, Western European and Others Group (WEOG)


Break-out Group Discussions - Flexible Seating - 90 Min

Policy Question(s)

The workshop will focus on sharing practical insights on the value of an integrated policy framework for digital transformation in fostering economic prosperity across all sectors and improving societal well-being inclusively. This workshop will use the OECD’s Going Digital integrated policy framework as a reference and explore the value and barriers that may arise in implementing the integrated framework, and how its related Going Digital Toolkit may help to overcome some of the barriers. Policy questions include: 1. What is the best approach to realizing digital inclusion? 2. How does one develop policies to realize digital inclusion that are appropriately balanced to maximize the benefits of digital transformation while minimizing challenges related to privacy and employment, among others? 3. Does the OECD's Going Digital Integrated Policy Framework offer an implementable approach to digital inclusion? Can the Going Digital Toolkit be readily used to overcome some of the challenges? 4. How can business, government and other stakeholders effectively collaborate to realize a workable approach to digital inclusion?


GOAL 1: No Poverty
GOAL 2: Zero Hunger
GOAL 3: Good Health and Well-Being
GOAL 4: Quality Education
GOAL 5: Gender Equality
GOAL 8: Decent Work and Economic Growth
GOAL 9: Industry, Innovation and Infrastructure
GOAL 10: Reduced Inequalities
GOAL 12: Responsible Production and Consumption
GOAL 17: Partnerships for the Goals

Description: This workshop will utilize a “case study” approach to illustrate the value of the OECD’s Going Digital framework as a means of realizing the economic and societal benefits of digital transformation while also addressing potential challenges. Speakers will examine the value of the OECD’s evidence-based approach, which informs the Going Digital Integrated Policy Framework. Government speakers will take a deep dive by providing concrete examples of how they have pursued digital inclusion in the multi-disciplinary fashion advocated by the OECD. These speakers also will broach challenges in implementing the OECD Going Digital framework, sharing insights and best practices that have facilitated implementation as well as stumbling blocks that the Framework may not address effectively. Speakers will provide diverse perspectives by focusing on selected dimensions of the framework – Access (the Internet technical community), Trust (civil society), Market Access and holistic, enabling conditions for investment (business), and Jobs (labor)– and identifying opportunities and challenges across several different countries. This workshop will combine a moderated panel discussion with breakout sessions. The emphasis will be on discussions, not on formal speeches or lengthy Power Point presentations. The moderator will invite all stakeholders to address agenda items #1 and #2. The breakout session will take place in considering agenda item #3. The outcome of the breakout sessions will serve as the basis for recommendations about how to take the Going Digital framework forward in a manner that is readily implementable. The agenda is as follows: 1. What is the Going Digital Integrated Policy Framework? 2. Why is the framework unique, and how has each of the stakeholders provided evidence for the development of the Going Digital Project? 3. What are some of the anticipated challenges in implementing the integrated policy framework and how can they be facilitated. 4. Wrap Up and Recommendations

Expected Outcomes: The breakout session will serve as the means to develop recommendations about how to take the Going Digital framework forward in a manner that is readily implementable. Speakers and participants in the breakout session will be asked to develop concrete recommendations for additions and improvements to the OECD's Going Digital Toolkit as well as necessary follow-up policy work to be undertaken by the OECD as well as by national governments, the private sector, the technical community, civil society, and the trade unions.

The Moderator was selected not only for her expertise in Internet governance, the digital economy, and the OECD's Going Digital project, but also for her experience moderating Roundtable discussions at global conferences on multi-faceted topics involving at least 5 speakers. Drawing on this background, the Moderator will work with the co-organizers and speakers in a series of pre-IGF preparatory teleconferences to orchestrate a coherent "flow" to the first 45 minutes of discussion. Speakers will be asked to identify two or three key points which address their specific topic; the Moderator, in turn, will interweave these points into a series of questions aimed at encouraging both expert commentary as well as discussion between the speakers. The Moderator will preview these questions and anticipated "flow" of the session with speakers in advance of the IGF so speakers can sharpen their comments and, if needed, gather additional statistics or supporting evidence. PowerPoint presentations will be discouraged. The emphasis will be on fostering an inclusive and informed conversation between the workshop speakers. Pre-IGF planning also will feature discussions about the Break-Out session element of the workshop, which will follow and last about 40 minutes. "Discussion leaders" will be selected among the speakers to lead roundtable discussion of policy issues warranting further discussion related to, for example, basic infrastructure, an enabling investment environment, digital skills/employment issues, and public/private partnerships to foster digital inclusion.

Relevance to Theme: Digital technologies have transformed the economy, creating extraordinary opportunities for economic development, commercial success, and entrepreneurialism across all sectors. The digital economy IS the economy. This transformation has already produced benefits to society in the areas of healthcare, education, transportation, and energy efficiency, to name a few. However, pursuing these opportunities must be accompanied by policies that address potential challenges holistically and with a whole-of-government approach. This holistic approach should respect personal privacy protection, encourage employment and development of labor skills, preserve innovation, expand infrastructure, and improve accessibility and use. Finding the appropriate balance that maximizes the benefits of digital transformation while minimizing related challenges requires a holistic, whole-of-government approach that works across all sectors and all policy “silos.”

Relevance to Internet Governance: The theme throughout the workshop will be the importance of including all stakeholders in policy discussions related to development of the digital economy. Such policies will affect how the Internet is used as the conduit for realizing and disseminating digital innovations that foster inclusion. This means that all proposed policies must be consistent with consensus-based approaches to governance of the Internet.

Online Participation

The pre-IGF preparatory process will entail reaching out to and confirming the participation of remote discussants, particularly from emerging economies, who the Moderator will invite to offer comments or pose questions via the Remote Moderator following each agenda topic. Such interventions will be invited before the workshop transitions to the Break-Out Session. In addition, the co-organizers will explore the potential for establishing remote participation hubs, particularly in Colombia, delving into technical capabilities and needs that could be addressed by the business community. Online participants will have a separate queue managed by the Online Moderator. Questions and comments will be rotated between the online queue and the in-person queue at the microphone. The Moderator will work closely with the Online Moderator during the pre-IGF preparations to establish effective means of communication between them to ensure the timely insertion of a remote question/comment. The Online Moderator will be strongly encouraged to participate in pre-IGF training provided by the IGF Secretariat as well as the preparatory teleconferences, the latter to thoroughly familiarize herself with the workshop substance. The pre-IGF preparatory process therefore will entail reaching out to and confirming the participation of online discussants, particularly from emerging economies, who the Moderator will invite to offer comments or pose questions via the Online Moderator.


1. What is the OECD’s Going Digital Integrated Policy Framework and how can it improve policy-making in the digital age?

2. Company, country, organizational examples of initiatives aimed at implementing the Integrated Policy Framework or aspects of it.

3. Challenges encountered in implementing the framework and how they have been addressed. 

4. Striking the Balance – Policies that maximize digital transformation, while also addressing challenges related to privacy and security

5. Toward Public-Private Partnerships and Collaboration – What “Recipe” Delivers to Best Results?

1. Key Policy Questions and Expectations
  1. What are promising approaches to realizing digital inclusion?
  2. How can the OECD's Going Digital Integrated Policy Framework help in the design and implementation of approaches to digital inclusion? Can the Going Digital Toolkit be readily used to overcome challenges to implementation?
  3. How can business, government and other stakeholders effectively collaborate to realize successful approaches to digital inclusion?
2. Summary of Issues Discussed

Tapping the potential of digital transformation for economic and societal benefits requires a multistakeholder, holistic, whole-of-government approach. The OECD’s Integrated Policy Framework (IPF) provides that approach.


Regulatory sandboxes enable both government and industry to experiment to ensure that there are no unintended consequences from policies or regulations.


The OECD needs to provide more targeted guidance to developing countries aimed at “unpacking” the Going Digital Integrated Policy Framework so it is more understandable and can be implemented in stages.


Evidence-based policymaking is critical, but that means gathering data from both developed and developing countries alike. To create an enabling environment for digital transformation you have to understand what the environment is.


Capacity building requires sustained and layered engagement on the ground. “Digital Ambassadors” are needed for to ensure understanding at the grass roots.


For Artificial Intelligence to be utilized in a way that benefits society, access to AI must  be demoncratized.

3. Policy Recommendations or Suggestions for the Way Forward

Tapping the potential of digital transformation for economic and societal benefits requires a multistakeholder, holistic, whole-of-government approach. 


Regulatory sandboxes enable both government and industry to experiment to ensure that there are no unintended consequences from policies or regulations.

Capacity building requires sustained and layered engagement on the ground. “Digital Ambassadors” are needed for to ensure understanding at the grass roots.

For Artificial Intelligence to be utilized in a way that benefits society, access to AI must  be demoncratized.


4. Other Initiatives Addressing the Session Issues

Tapping the potential of digital transformation for economic and societal benefits requires a multistakeholder, holistic, whole-of-government approach. 


Regulatory sandboxes enable both government and industry to experiment to ensure that there are no unintended consequences from policies or regulations.

Capacity building requires sustained and layered engagement on the ground. “Digital Ambassadors” are needed for to ensure understanding at the grass roots.

For Artificial Intelligence to be utilized in a way that benefits society, access to AI must  be demoncratized.

5. Making Progress for Tackled Issues

Regulatory sandboxes enable both government and industry to experiment to ensure that there are no unintended consequences from policies or regulations.

The OECD needs to provide more targeted guidance to developing countries aimed at “unpacking” the Going Digital Integrated Policy Framework so it is more understandable and can be implemented in stages.

Capacity building requires sustained and layered engagement on the ground. “Digital Ambassadors” are needed for to ensure understanding at the grass roots.


6. Estimated Participation

Onsite participants -- 14 total; 8 men, 6 women. No online participation.

7. Reflection to Gender Issues

The workshop did not specifically delve into gender-related issues, but explored digital skill development for the society at large.

8. Session Outputs

Integrated Policy Framework Key to Realizing Digital Inclusion – This workshop focused on sharing practical insights on the value of an integrated policy framework for digital transformation in fostering economic prosperity across all sectors and improving societal well-being inclusively. It used the OECD’s Going Digital integrated policy framework as a reference and explored the value and barriers that may arise in implementing the framework. Speakers also considered how the related Going Digital Toolkit may help to overcome some of the barriers.

David Gierten, OECD

This Going Digital (GD) Project aims to help policymakers better understand the digital transformation and develop policies fit for the digital age. The project started in 2017 and we are currently in the 2nd phase. There are two key publications of Phase I: Going Digital: Shaping Polities, Improving Lives and Measuring Digital Transformation. These summarize some 130 outputs produced under GD Phase I. A third key output also launched in March 2019 is the online GD Toolkit. The Integrated Policy Framework (IPF), also developed in Phase I of GD Project is the structuring element of both publications, as well as of the GD Toolkit. The purpose of the IPF is to:

  • Overcome siloes seen in many countries that address issues arising with digital transformation in all corners of government, but often not yet in a coherent and coordinated manner.
  • Bring together all key policy areas that need to be considered in a whole-of-government approach to digital transformation under seven policy dimensions.

The seven dimensions show a number of different policy areas that should be looked at jointly because they are likely to interact and should, therefore, be coordinated.

Access – high-quality access to communication networks and services as well as access to data, which is becoming increasingly the foundation for the digital economy. Key policies include:

  • Communication infrastructure and services – e.g. ensure that technical enablers are in place
  • Competition – crucial to lower prices and improve quality of communication services
  • Investment – investment in infrastructure that can cater to growing demand for data
  • Regional development – to make sure good connectivity doesn’t stop at city borders

Use – effective use of digital technologies by all actors: individuals, firms and governments. Key policies include:

  • Digital government – to go beyond e-government, adopting a user-driven approach
  • Investment – enable firms to invest not only in ICTs but also in intangible assets
  • SMEs – targeted support to help SMEs catch up and thrive
  • Business dynamism – structural policies that affect technology diffusion
  • Skills – equip everyone with the mix of skills needed to succeed in digital life and work
  • Digital security and privacy – to overcome mistrust and empower people and organizations to manage digital risk

Innovation – fundamentally underpinning digital transformation. Key policies include:

  • Entrepreneurship – reduce regulatory burden for start-ups and enable experimentation
  • SMEs – facilitate R&D in smaller firms
  • Science and technology – foster knowledge diffusion, open innovation, and open science
  • Digital government – open government data
  • Sectoral policies and regulations – new business models and experiments, e.g. regulatory sandboxes 

Jobs both the quantity and quality of jobs are being affected by the digital transformation, positively and negatively. Key policies include:

  • Labor markets – promote successful and fair transitions from declining to expanding jobs
  • Education and training – empower people with the mix of skills needed to succeed
  • Social protection – ensure no one is left behind, incl. those working in new forms of work
  • Tax and benefits – fit for a transforming labor market and new forms of work
  • Regional development – address regional imbalances in transforming labor markets

Societythe digital transformation should be inclusive, improve well-being, and lead to social prosperity. Key policies include:

  • Social policy
  • Tax and benefits – notably in the context of a transforming world of work
  • Education and training - reduce existing digital divides, e.g. by strengthening foundational skills and lifelong learning
  • Environment – unleash the potential of digital technologies to tackle collective and global challenges
  • Health care
  • Digital government – boost civic and stakeholder engagement in the policy process

Trust fundamental condition for a digital society and economy to flourish. Key policies include:

  • Digital risk management – central approach for trust-related policies
  • Digital security, including critical infrastructures and essential services – implemented by all actors
  • Privacy - national privacy strategies address privacy from a whole-of-society perspective
  • Consumer protection - in all digital environments, including in p2p markets
  • SMEs – particularly vulnerable to digital threats and risks

Market Openness - digital technologies and data transform how firms compete, trade, and invest, leading to greater competition in some markets, but also tilting others towards greater concentration. Key policies include:

  • Trade – lower trade barriers
  • Investment – lower barriers to international investment
  • Financial markets – ensure good access to finance for firms going digital
  • Competition – monitor changing competitive dynamics, concentration, and dominance
  • Taxation – ensure tax systems are fit-for-purpose in the digital age (e.g. BEPS)
  • There are some cross-cutting themes that aren’t one single policy dimension but are a part of multiple of the seven above (e.g., gender, skills, digital government, or inclusion).

The Going Digital Toolkit (https://goingdigital.oecd.org/en/)

  • The GD Toolkit is structured by the seven policy dimensions of the IPF and has two strong points: 1) it provides key data for countries to self-assess where they stand in their own digital transformation, and 2) it provides rich policy analysis from the OECD, guidance and innovative practices on key issues arising with digital transformation.
  • The Toolkit is not a snapshot in time and is being updated and developed (e.g. adding new data metrics and expanding policy notes guidance).
  • Each policy dimension has indicators per dimension, where you can compare a country with the OECD average (black dot) or to another country.


Comments from the floor

  • Education and skills in the digital transformation span many of the dimensions. However, educators often are unaware of the work that is being done on this topic, nor are they upskilled on digital technology. This missing feedback loop is important. The educators creating school curricula should be more informed on which skills are needed in the future and what the future of jobs will be. How can we get this information to educators? Could the OECD have an ambassadorship such as the UN’s “SDGs for Educators” program?

Responses from panelists:

  • David Gierten, OECD: Further data and specific publications on digital skills and education, in particular, can be found on the Skills page of the Toolkit (e.g., 2019 Skills Outlook). In terms of skilling the teachers themselves, the OECD’s Education Directorate has released a Skills Strategy that looks specifically at teacher education. Germany, for example, is spending EUR 5 Billion to equip schools with digital tools. This is based on its Education in the Digital Age strategy, which was created in consultation with teachers and curriculum drafters.
  • Ben Wallis, Microsoft: Microsoft sees education and training to be vital to building knowledge and skills that will be in demand in the future. We have a project called “TEALS,” where Microsoft engineers go into schools to teach computer science. Also, LinkedIn provided data to the city of LA on in-demand skills to help map education history and ultimately change educational curricula.
  • Alex Cooke, Government of Australia:  The education structure is at the territory level, which adds complications. Australia has a number of programs to develop digital/STEM skills and resources, as well as to develop R&D and curriculum to develop AI in schools. We are also promoting life-long learning programs and normalizing micro-credentialing.
  • Jane Coffin, ISOC: Educators are well-placed to be “ambassadors” of digital skills, especially among grassroots movements.
  • Where do people with disabilities fit within this Integrated Policy Framework? You highlight certain groups of vulnerable communities; disabled people are just as important to consider.
  • David Gierten, OECD: I agree completely. There are a number of OECD publications that touch on disabled populations more specifically.


Implementing the Integrated Policy Framework (Company, country, organizational examples)

  • Alex Cooke, Government of Australia -- Australia released its standalone policy for the digital economy, called Australia’s Tech Futures, after extensive consultation. This work took into account the OECD’s IPF, as both works were being undertaken simultaneously. Our policy, called Australia’s Tech Future focuses on four key areas: people, services, digital assets, and the enabling environment. If you look at these areas in relation to the Integrated Policy Framework, the categories align quite neatly:  
  • Against the category of People: “developing Australia’s digital skills and leaving no one behind”, sits Jobs, Skills, Society or promoting social prosperity and inclusion; 
  • Against the category of Services: “how government can better deliver digital services” – which relates to Use and one of the metrics of the Going Digital project is the use of government digital services.
  • Against Digital assets: “building infrastructure and providing secure access to high-quality data” – relates to increasing the effective use of digital technologies and data but also enhancing access to communications, infrastructure, services, and data.
  • The enabling environment: maintaining our cybersecurity and reviewing our regulatory systems – which takes into account issues of fostering market openness and maintaining a regulatory environment that is conducive to investment, and development of a technology ecosystem.
  • The Tech Futures policy is an attempt to bring together the current policy approaches in the Australian system, so there are many other aspects of the Australian context which are not brought together under the one policy.
  • Being able to track the effectiveness and implementation of our policy is incredibly import, which is why we are very supportive of the OECD’s measurement roadmap. Australia has also been trying to leverage that work through our national statistics (e.g. need to work on market openness, measure productivity, trust).
  • Ben Wallis, Microsoft, Regulatory Policy Analyst -- Microsoft supports the IPF and sees the OECD as being well-placed to produce this Toolkit because it:
  • Focuses on sustainable economic growth and innovation;
  • Has an evidence-based approach;
  • Embraces the multistakeholder model;
  • Has the data and analytical capabilities to pull this together.
  • Microsoft believes that, in order to achieve the vision and potential of digital transformation, there need to be integrated and holistic approaches to policy problems. There also needs to be clear objectives set by governments at the national level, and those national governments need to work across agencies to look at the digital economy as a whole.
  • This holistic approach to policymaking and implementing the toolkit is challenging because of the difficulty in bringing diverse issues together, the variety of communities of interest, the unclarity of responsibility within national governments (e.g., governments do not often have a ministry devoted to the digital economy so there is not necessarily a natural convening platform).
  • Having a practical way to implement the Integrated Policy Framework – through this Toolkit – is key to actually leveraging the OECD’s work on this topic.


The potential role of regulatory sandboxes in the OECD’s Integrated Policy Framework

  • Ben Wallis, Microsoft -- Technologies evolve quickly, meaning there also needs to be innovation in policy-making to keep up. Regulatory sandboxes can provide a safe way to develop regulation in relation to rapidly-emerging technologies without stifling innovation.
  • AI, as an example, has potential benefits as well as concerns. How can we put guidance in place to encourage the development of the technology in a responsible way, and to encourage the use of the technology in ways that help meet global challenges?
  • We also know that to enable the technology to be most useful, there needs to be experimentation in the ways the technology is used.
  • If you want to use AI in healthcare, there are clearly potential harms that we want to better understand through experimentation. Also, by using experimentation, we can better understand how to apply existing laws (e.g. privacy in healthcare, credit reporting laws in financial services).
  • In cases where companies fear steep consequences of potentially violating an existing regulation, then a regulatory sandbox is a useful tool.
  • For example, the Government of Singapore published AI ethical guidelines, but importantly, it also provided examples of ways in which data can be shared in a responsible manner. They put out this vision of a collaborative data-sharing platform and were clear that they understood not everything is known. Further, they said that if a company has an application it is not sure about, it could come to the government and apply for a potential exemption or a regulatory sandbox to enable it to do the experimentation.
  • It’s not simply about making space for companies to innovate; it also provides a way for governments to understand the actual harms that would require regulation. Are existing regulations sufficient or is something new needed?  Could this be a new interpretation of existing regulations or entirely new regulations? Regulatory sandboxes are a great mechanism to help answers these questions.


Challenges encountered in implementing the IPF and how they have been addressed

  • Jane Coffin, ISOC -- The OECD needs to issue more targeted, specific use case examples, especially video examples. One of the challenges among non-OECD members will be integrating and understanding the IPF, as it relates to them. A cross-sectoral and cross-government approach is really important, but not all countries are on the same page.
  • Measurement benchmarks: Many countries do not have strong statistical benchmarks to measure where they are in their digital transformation.
  • Multi-level engagement: For example, access and digital/communications infrastructure are key. Measurement is often lacking. At the same time, projects aimed to increase access have a distinct “human element” whereby engagement at multiple layers is required to get buy-in to get these projects off the ground.
  • Varying market conditions: How do you implement the IPF in an already complicated environment of digital transition? For example, some countries are just now going through the liberalization of the dominant telecommunication service provider. Adding to this, countries are at the same time barraged with questions on privacy and cybersecurity.
  • Regulatory sandboxes are a great way for countries to test out new services and assess potential impacts that may require regulation. Governments should also understand that there is probably going to be some failures – and that’s okay. The OECD can help non-member countries implement these tools by engaging on a more regional level (e.g., at CITEL).
  • Alex Cooke, Government of Australia -- Australia places a strong emphasis on cyber cooperation, and specifically on cyber cooperation in the so-called Pacific Rim region. We have been doing this through our Cyber Cooperation Programme, but also through our Pacific Step-up.
  • Australia is investing AUS $34 million over seven years (2016-2023) in its Cyber Cooperation Program to champion an open, free and secure cyberspace and build cyber resilience across the Indo-Pacific.
  • The Program supports Australia’s commitment to delivering on the UN 2030 Agenda for Sustainable Development which recognizes the vital role of digital technologies to achieve a better and more sustainable future for all.
  • Specific activities include:
  • Training to foster understanding of responsible state behavior in the cyberspace
  • Activities to fight cybercrime and support technology for development, such as blockchain and e-government readiness assessments
  • Provide next-generation connectivity through our “Pacific Step Up initiative,” which will build the Coral Sea Cable System to connect Papua New Guinea, the Solomon Islands, as well as Malaita Island, Noro, and Taro Islands.


The IPF and “trustworthy AI”

  • Ben Wallis, Microsoft -- As a developer and provider of AI technologies, Microsoft looks at AI from two angles – (1) the AI ecosystem and (2) society at large.
  • On the AI ecosystem, Microsoft is involved in developing AI technologies, but this is only one part of an AI ecosystem. The whole ecosystem includes the people and organizations involved in integrating, deploying, maintaining, and operating AI technology solutions. From Microsoft’s perspective, we think about how we can develop our technologies in a way that would increase awareness of the need for trustworthy and responsible AI throughout the ecosystem.
  • From a societal perspective, what is needed to ensure that AI technologies are adopted and deployed to their utmost potential? On this point, Microsoft is trying to make a contribution in several areas:
  • “AI for Earth”: a 5-year, USD $50 million effort to put the Microsoft Cloud and AI tools in the hands of those working to solve environmental challenges, specifically in relation to climate, agriculture, biodiversity, and water. It is a combination of money and technology – we provide grants for projects and we also make available open-source tools, models, infrastructure, data, and APIs to support sustainability and environmental science.
  • “AI for Accessibility”: a program to work with others to solve some of the most challenging problems for people with disabilities, by making software and devices smarter and more contextually relevant for people with disabilities and to improve daily life.
  • Two other initiatives: “AI for Humanitarian Action” and “AI for Cultural Heritage”
  • For both of these angles – the AI ecosystem and society as a whole - the integrated policy framework can give us guidance, whether in the form of specific requirements to feed into the AI ecosystem or requirements to reflect the broader needs of society, e.g. trust and skills. It can also provide guidance about actions that can be taken in complementary policy areas, e.g. connectivity and access to enable more democratized access to AI so that the deployment of the technology doesn’t exacerbate the digital divide.
  • David Gierten, OECD -- We could look at any specific digital tech, like AI, through the lens of the seven dimensions of the IPF. For instance, the adoption of AI in firms would fall under the “Use” dimension; AI innovation could result in new business models, new jobs, or new tasks that are carried out. Under the “Society” dimension, we can consider the ethical implications of AI. Finally, under the “Trust” dimension, this is very much aligned with the AI principles, with several of the principles dedicated to upholding trust.
  • Jane Coffin, ISOC -- This is about building trust. There is some fear now with respect to technology. Information is critical to building a community of trust; educating communities of what the technology is and how it can promote economic development is critical to help with the adoption of technology and deploying infrastructure.


Striking the Balance: Policies that maximize digital transformation while also addressing privacy and security challenges

  • Ben Wallis, Microsoft -- Microsoft sees privacy and security challenges as being inexorably linked. The proliferation of connected devices and cloud-based services has opened new avenues of attack for cybercriminals and other malicious actors. Protecting our customers and the wider community is a responsibility we take seriously.
  • We believe privacy is a fundamental human right.  As more of who we are and what we do is recorded and stored in digital form, preserving this right becomes more important and increasingly difficult. We take a principled approach to build trust, with strong commitments to privacy, security, and compliance. For example, with the GDPR, Microsoft invested many resources to ensure not just that we are in compliance, but that we can support our customers in ensuring they are compliant, including the customers of our cloud services. This isn’t only with regard to data of people in the EU – we extended the protections enjoyed under the GDPR to all of our customers.
  • Apart from making sure we understand and are fully compliant with privacy laws, there are a couple of other principles we follow and recommend more broadly.
  • Firstly, we think organizations should be required to establish sound privacy practices. Privacy laws should require organizations to demonstrate that they have established sound privacy policies that, at a minimum, ensure compliance with legal requirements. This principle should apply both to organizations that collect and process data (e.g. a bank or hospital), and to those that process data only on behalf of other organizations (e.g. a Cloud Service Provider).
  • Secondly, we need to think about how you define privacy laws. It’s important to be able to draw insights from data analytics and that means that privacy frameworks should not be so restrictive that they prevent governments, businesses and other organizations from using data analytics to draw insights, as long as it is done in an ethical manner.
  • One way that privacy frameworks can achieve this balance is by encouraging the de-identification of data sets, allowing researchers to continue to innovate but not at the expense of the personal data of specific individuals.
  • Alex Cooke, Government of Australia -- Australia supports an open, free and secure Internet that drives economic growth, protects national security and promotes international stability. There is an appropriate role for governments to play in regulating the Internet, but it is not one of control. A state-centered model would restrict and fragment the network, inhibit innovation and constrain opportunity presented by connectivity.
  • One aspect of data localization relates to barriers, such as customs duties. Australia strongly supports the permanence of the WTO moratorium on customs duties for electronic transmissions, and we have advocated for this in current negotiations. Customs duties for electronic transmission will increase the cost of goods and services purchased online, likely acting as a disincentive for customers and suppliers to engage in e-commerce and potentially having a negative impact on an economy’s competitiveness from a global business perspective.
  • One other aspect of data localization hinges around questions of privacy. Our Privacy Act allows cross-border disclosures of personal information in a range of circumstances to facilitate the free flow of information across national borders while ensuring that the privacy of individuals is respected. The Government announced in March 2019 that it will introduce legislation to strengthen penalties and enforcement under the Australian Privacy Act. These reforms will include a binding online privacy code that will apply to social media platforms and other online platforms that trade in personal information, requiring them to be more transparent about data sharing, meet best practice standards when seeking consent to collect, use or disclose personal information stop using or disclosing an individual’s personal information upon request, and follow strengthened rules about handling personal information of children and other vulnerable groups. The Government is presently consulting on this legislation.
  • One last point to Ben (Microsoft), we would be interested in understanding the developments that could address these issues, like cloud-based services to maintain security and compliance with privacy regimes.
  • Jane Coffin, ISOC -- End-to-end encryption (e2ee) is a way to secure information and build trust. Governments can implement this within cybersecurity principles at a very simple level, but you have to work to make sure people know how to implement these policies and they don’t just sit on the shelf.
  • Barbara Wanner, USCIB -- Australia mentioned its view on data localization. Some countries have adopted localization requirements on grounds that they ensure more effective privacy and security protections. USCIB is against this data centralization requirement on grounds that they not only serve as trade barriers but also have the effect of increasing privacy and security risks because the data is stored in central locations and is more vulnerable to breaches and hacks.
  • Ben Wallis, Microsoft -- People around the globe and their leaders are concerned about the power of large tech firms, and I think you can see digital sovereignty solutions as being intended to counteract that balance, which I think reflects a larger trend of distrust.
  • But, as well-intentioned as data localization laws might be, they can also be costly to implement and you lose the efficiencies with come with the global scale of the cloud – undermining the fundamental benefits of the cloud.
  • And while it is possible for global companies like Microsoft to build sovereign cloud systems, the extra cost and complications make it harder for smaller companies to do so, creating a kind of barrier to entry for local cloud providers.
  • A more effective approach is to adopt regulation aligned with global standards or contracts that protect personal data regardless of its location. Such an approach can also help to improve resilience and security and make data processing services more efficient by reducing latency.
  • And importantly, it should be incumbent on data processing companies to understand the laws in each country of origin and make sure that data is managed accordingly.


Public-Private Partnerships and Collaboration

  • Alex Cooke, Government of Australia -- Co-creation with the private sector in Australia has arisen around two issues: 1) AI Ethics Framework and 2) Terrorist and Violent Extremist Content (TVEC).
  • AI Ethics Framework: AI is developing at a fast pace and we are actively engaging with private companies to make sure that we don’t stifle innovation. The “Australian AI Ethics Framework” was released on 7 November 2019 and five businesses, including CBA, NAB, Telstra, Microsoft and Flamingo AI, have signed up to trial these principles. We are also taking into account international discussions, such as those going on in the European Union.
  • TVEC: We are engaging through the Global Internet Forum to Counter Terrorism (GIFCT), as well as the OECD to work on this issue. We see that large companies, like Facebook, can deploy substantial resources to work on this, but that SMEs may not be able to do this. We are also supporting the OECD’s work to develop a transparency reporting protocol. A multistakeholder expert group was hosted in November that gave an opportunity to bring these diverse groups together to work quickly in this area.
  • David Gierten, OECD -- Regarding public-private partnerships (PPPs), Colombia announced that they will work together with Coursera with the objective to have 150,000 students being trained in programming and other ICT skills by 2022. This is a nice example of how Colombia can address key challenges with PPPs.
  • Jane Coffin, ISOC -- PPPs are key to do what we can do, especially to put in local infrastructure in remote areas. Partners on the ground provide vital resources (e.g., training, expertise, funding, human resources, etc). Collaborative partnership is crucial to be able to more sustainably build infrastructure, for example.


Comments from the floor

In Afghanistan, we have had a distinct problem with bringing digital financial services. This is not a problem with accessibility, but rather with trust. People do not trust the security of Internet transactions and therefore are resistant to using such services. What can we do?


  • Jane Coffin, ISOC: It will be a matter of bringing together the right experts, both international and domestic experts, to figure out the problem and brainstorm possible solutions in your country. Training will be essential, and some degree of trial and error is usually necessary for these situations, though I know that banking doesn’t have room for mistakes. One point will be to ensure that online banking has encryption—banks need highly specialized IT support given the criticality of their services.