Building Back Smarter, Safer AND Better

The global recovery needs to be underpinned by a new set of digital protections and renewed global collaboration.

With the Trump administration behind us and many countries now achieving more daily vaccinations than infections, a sense of global optimism is returning and world leaders are looking to ‘Build Back Better.’ Listening to some of the innovations and insights announced at Mobile World Congress (MWC) in Shanghai last month, this optimism was almost infectious. 

As we start to build back, however, we need to ensure that the poorer parts of the world are not left behind. As Huawei’’s Deputy Chairman KenHu noted: "More than 40% of the world's population has never had access to the internet. Let's not forget these people as we push for digital transformation." Much of Huawei’s focus ahead of MWC was on how we can use 5G and other technologies to achieve the United Nations Sustainable Develomnet Goals (UN SDGs). And how we can do this for countries that not only lack connectivity, but don’t even have the logistics and refrigeration to implement vaccine programs. If their economies are left behind then it will be a drag on the global recovery and if COVID-19 remains at large in these regions then they will incubate further strains of the virus.

The Challenge

The late 20th century was a period of unprecedented growth and increasing globalisation that saw a rising tide lift all economies and in which risk appeared almost non-existent. However, a complacent attitude to risk has seen the world stumble from crisis to crisis in the first two decades of the 21st century. As we seek to rebound from the latest catastrophe, there are lessons that need to be learned if we are to have a successful rebound for all.

Major disruption events and inadequate risk awareness

One of the root causes of the financial crisis was the fact that most bank executives were focused entirely on profit and revenue, and not risk. Although the banks all had risk managers that focused on Return on Risk (ROR), all the other board members focused on Return on Investment (ROI). When the risk managers sought to raise the alarm, they were outnumbered, and isolated. Their caution was seen as getting in the way of the bank’s ability to make money.

Similarly, there were warnings about health risk ahead of the pandemic, but almost all politicians were slow to listen. There also were warnings about economic risk ahead of the Sino-American trade war, but there were not enough ‘adults in the room’ in the last administration to take these seriously. And there were warnings about cyber risk ahead of the recent SolarWinds incident, the largest hack in history, but these were also ignored.

When almost all our leaders are focused on ROI measures like profit and revenue and not at risk, it’s like looking at a television feed where only two of the three colours are working. You can kind of see what’s going on, but you’re not getting the whole picture. And those that are looking at the third colour, risk, are ignored when they seek to raise the alarm then we will keep heading for calamity.

If we don’t learn from our mistakes, we are doomed to repeat them 

Our inability to prepare for or deal with these major disruption events has dealt a series of blows to the globalised, interconnected world order, and in a more fractious and regionalised era recovery will depend on three main factors: 

• Our ability to harness technology to build back smarter;
• Our ability appreciate risk to build back safer; and
• Our ability to collaborate to build back better.

This smarter, safer, better world will need to be built on a new architecture comprising of a set of technologies as well as a set of protections. At its core, the new architecture will harness smart IoT devices to feed data via 5G to artificial intelligence systems in the cloud. This technology will only however be effective if matched by policy spanning the following protections:

Protections from cybercrime

Organisations everywhere are facing increasing cybersecurity costs in terms not only of prevention and detection but also in incident resolution. As long as cybercrime is relatively easy and profitable, it will continue to escalate at an enormous cost to all. Without greater international cooperation to crack down on cybercriminals, they will continue to have the upper hand, opportunistically picking off the most vulnerable targets from whatever safe haven they enjoy. 

International cooperation in the investigation, prosecution, and adjudication of cybercrime would restrict their ability to operate, make it less profitable to do so, and deny them the safe havens from which they operate. This will require collaboration between government, law enforcement and the private sector on an international basis to prioritise deterrence, share threat and vulnerability intelligence, and increased public knowledge of cybercrime risks.

Protections for privacy

Following the EU’s introduction of GDPR, many other regions have implemented similar privacy regulations. A common set of guiding principles for privacy protection would enable a basic level of harmonisation to allow international data sharing. The recent overturning of the Privacy Shield agreement between the EU and US shows how complex differences can be between regions and jurisdictions. While national laws would apply locally, guidelines are needed to harmonise international data sharing, and to ensure that any extraterritorial surveillance is proportionate and not indiscriminate and that where possible there are sufficient safeguards, such as effective independent oversight or redress. The fitness for purpose of regulators such as the UK’s ICO needs to be addressed. It currently has no role or powers in regard to achieving redress or compensation from companies or organisations who have a fiduciary duty to secure and protect an individual’s personal data against damaging compromise by bad actors, for an individual whose data privacy has been breached through a cybersecurity failure.

Protection of intellectual property (IP)

IP makes the world go round. Innovation is the fuel that powers successful companies. Huge investments in time and money go into developing new ideas, so keeping them protected by Intellectual Property rights is critical. But the uneven patchwork of national patent regulations does not provide a consistent, effective or level playing field. 

An increasing amount of intellectual property is now digital in nature. At the same time operations are migrating to the cloud with users, computing power, and data storage often simultaneously located in different jurisdictions. Traditional approaches to the registration, application, and enforcement of patents, copyrights, and other intellectual property protections need to be reformed for the digital age in order to prevent jurisdictional arbitrage to exploit gaps and create safe havens for abuse. In a recent discussion hosted by leading IP holder Huawei, Francis Gurry, former head of WIPO called for the harmonisation of national patent reguations for the digital age.

Protection of taxable revenue

Societies need to continue to tax productive effort (labour) and value creation (profit) in order to fund domestic social programs. While international collaboration has allowed progress to be made to crack down on tax havens and tax avoidance, the way that taxation is applied in the digital age needs to be reconsidered. Cloud-based operations mean that value creation is now often spread across multiple tax jurisdictions, providing an enhanced opportunity for tax arbitrage. At the same time, traditional forms of labour, production, and value creation for which tax is easy to collect will be replaced by robotics and artificial intelligence for which this could be almost impossible using current frameworks. While countries such as France have explored digital taxes to address the problem, in order to be effective and avoid conflict or arbitrage, the approach needs to be based on agreed international principles.

Recent post-Brexit squabbles between France and Britain over quarantine rules, Chinese threats of punitive tariffs on Australia for demanding an investigation into the virus’s origins, and a continuation of the US trade war on China don’t help. Such disagreements between trading partners over cybersecurity, privacy, intellectual property, and taxation could derail the global recovery. 

However, all participants stand to gain for more from general agreement on a set of principles for these digital protections. These are topics that will dominate the international agenda for the foreseeable future. These principles are all mutually interdependent and need be discussed in the round. States that are having their vendors blacklisted or having their taxable revenue undermined will have little incentive to cooperate to help stamp out cybercrime or protect privacy.

Furthermore, these protections need to: 

• Be meaningful and equitable: protections are meaningless unless enforced. This must not be to the disadvantage of smaller nations or organisations, and vendors need to be treated in an equitable manner recognising their technical merits rather than their national origin; and
• Maximise social and economic value: we need smarter regulations for data privacy, cybersecurity or risk that, while providing protections, can also help promote the benefits of a data-driven world and can be a catalyst for innovation.

We have already seen some instances of co-operation during the pandemic, such as the Federal Reserve’s loans to other central banks, or the COVAX vaccine-sharing scheme. At MWC Shanghai, Sean Yang, Director of Huawei's Global Cyber Security and Privacy Protection Officer (GSPO) Office emphasized that openness and inclusion are the keys to future prosperity in the digital world, and spoke about Huawei's desire for comprehensive collaboration on cyber security and privacy protection guided by a 4P strategy: Public, Private, Professional, and People.

The recovery will stutter, though, either if countries abandon the idea that the trade in goods has to be treated equally regardless of where they come from, or if flows of capital are restricted and long-term investment then sinks. A patchwork web of national restrictions is unlikely to make life more humane or safer, and is more likely to make it harder for poorer countries to catch up while also making life in the rich world more expensive and less free. The way to make supply chains more resilient is not to domesticate them, which concentrates risk and forfeits economies of scale, but to diversify them. Furthermore, a fractured world would make solving global problems and achieving economic recovery even harder.

The technologies that can power our recovery are well understood, but the policies to implement the protections that we need will require leadership and cooperation. Are we up to the challenge?

This article first appeared here - subscribe for more like it.