Trade in digital services is a fundamental aspect of the world’s shared digital economic future. At the core of the digital transformation of services lie data, which flow with services transactions across borders. Trade agreements seek to ensure that privacy and cybersecurity are preserved when data flows cross borders, and that interoperable standards are put in place. This is a challenge as governments are increasingly adopting divergent national standards, including on privacy, cybersecurity, artificial intelligence (AI), and cloud computing. This disrupts the cross-border technology ecosystem. This Policy Brief calls for increased attention from the G20 to developing international privacy and security standards, given the importance of trade connectivity for an inclusive, digitally transformed services sector. It calls on G20 members to support multilateral efforts towards creating interoperable standards. Policy recommendations include capacity-building to align digital regulatory regimes with international standards, and assistance for small businesses.
The Challenge
The COVID-19 pandemic contributed to a step change in the rate of growth of digital trade. In this hyper-connected digital economy, components, parts, and software that support digital technologies need to “talk to each other” using a common language. Security of data and information must also be protected. Current divergences among trading partners in the standards adopted for privacy and security, are already generating significant cross-border disconnects. Divergences in standards add to business compliance costs and limit the ability of businesses, especially micro, small, and medium-sized enterprises (MSMEs), to connect across borders and reap the benefits from scale and access to technology.
In the area of technical regulations, standards-setting, and conformity assessment, divergence of national approaches has become a pervasive threat to the inclusiveness of digital trade opportunities.
The G20’s Role
As part of the efforts by G20 governments to reduce the global digital divide, they have an opportunity to demonstrate leadership in support of the multilateral standardisation system and standards development bodies. Such leadership is particularly important during periods of rapid and disruptive technological changes. Imposing specific regulations on a new technology too early runs the risk of locking in a suboptimal path and stifling innovation; waiting too long, however, may result in preventable harm, fragmented markets, and foregone benefits from economies of scale.
Through its Digital Economy Working Group, the G20 plays an important role in preparing the ground for international standards-setting with substantive discussions and raising awareness about the importance of interoperable regulations for open, inclusive, digitally transformed services sectors. It also has a role to play in establishing the principles and guidelines for a path to specific global standards.
Adoption of international digital standards reduces regulatory uncertainty and compliance costs for businesses, enhances productivity and economies of scale, and enables access to larger markets. Interconnecting systems and software then enable movement of data across networks and industry sectors, increasing their reach and accessibility, and reducing the digital divide as benefits permeate to consumers.
International standards are voluntary documents that are established by a consensus of subject experts and approved by a recognised international standards body. They set out specifications, procedures, and guidelines to ensure that products, services, and systems are safe, consistent, and reliable. Voluntary international standards are often made mandatory when they are referenced in regulation, or as requirements in contracts, and the strength of the international standard system is that international standards are developed by technical experts from businesses, governments, academia, and consumer groups, from all interested economies across the world. They represent, therefore, truly international solutions and when they are adopted by businesses and regulators, they promote harmonisation in processes for products, services, and systems. They also promote convergence in regulation, provide a shared launch pad for innovation, help lower barriers to trade, facilitate interoperability, and help manage security risks.[1]
With the rapid growth of emerging technologies and digital services, trade governance is in its infancy. Consensus-based international standards that are agile, and global best practice, can be a part of the solution to keep trade flowing and reduce barriers across the borders, as regulators seek to keep up. Facilitating digital trade needs more than just market access and rule-making negotiations to promote cross-border activity. It also requires regulation, regulatory coherence, and mechanisms to facilitate a degree of harmonisation. International standards are globally recognised benchmarks that can provide the basis for this interoperability across markets.
Recent years have witnessed a flurry of unilateral regulations, triggered by concerns about cybersecurity, safety, and privacy (Figure 1).
Figure 1: Global Unilateral Digital Policy Measures
Panel A. No. of Policy Interventions, by Policy Area (2020-Q2 2023)
Source: Global Trade Alert[2]
Panel B. No. of Mentions of AI in Legislative Proceedings
Source: Stanford University Human-Centred AI Index Report 2023[3]
It is understandable that policymakers take action amidst mounting pressure from stakeholders. However, uncoordinated unilateral measures raise the costs of digital services trade significantly. To avoid further fragmentation, countries need to prioritise incorporating interoperability into their regulatory processes with a view to establishing international standards when the technology has reached the maturity to do so. It is vital that policymakers utilise international standards that are developed through an open, transparent consensus model to ensure that they are fit-for-purpose globally. International standards promote international regulatory compatibility when they are utilised as a basis for establishing common approaches to regulation or as a means to demonstrate conformance. They support convergence of services, systems, and products to facilitate global value chains (GVCs) and make compliance simpler and more efficient, thereby making it easier, especially for MSMEs, to work across borders. In this way, they reduce the trade costs for businesses attempting to connect with the rest of the world.
A study[4] by the Organisation for Economic Co-operation and Development (OECD) and the World Trade Organization (WTO) has shown that the G20 countries can achieve savings worth US$150 billion in services trade costs by implementing the principles laid down in the WTO Reference Paper on Services Domestic Regulation.[5] The Reference Paper specifically encourages adoption of technical standards developed through open and transparent processes, including those in international standards-setting bodies, and sets out disciplines to ensure that measures are objective, impartial, and based on transparent criteria.
A 2022 report by Standards Australia[6] found that 4,000 new standards will be needed to keep pace with the transformation of the global economy as digitalisation accelerates over the next 10 years. In the interest of building public trust, G20 governments and businesses need to work together both in their national standards bodies and in international bodies to provide the technical input to standards development and support the local adoption of standards so that businesses can trade under global norms, and consumers can be confident about the safety and reliability of new technologies.
This is urgent work. Indian commentators[7] point to the risks associated with any retreat from international standards. The G20 can play a pivotal role in establishing best practices for regulatory processes, geared towards the ultimate goal of international digital standards, to increase both interoperability and security while decreasing barriers to trade.
Recommendations to the G20
a. Engage actively in an open multistakeholder approach to hasten development and adoption of international digital standards in critical and emerging technologies.
The G20 should draw attention to the urgent need for inclusive multistakeholder participation in the existing international standards-setting processes for critical and emerging technologies in the data and digital domains. These include standards for cybersecurity and privacy protection, AI, data management and interchange, information security, the Internet of Things (IoT), cloud computing, and smart cities. To ensure that all voices are heard in the international standards system, the G20 members should collaborate to promote process improvements in the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to reduce barriers to participation and increase accessibility to and transparency of the standards development process.[8]
b. Boost efforts to reconcile cybersecurity and privacy standards with seamless digital services trade.
Cybersecurity and privacy both require technical standards and regulatory measures to prevent unauthorised access to data. In addition, should breaches occur, it is essential to contain the leakages in their tracks. Technical infrastructure that ensures end-to-end security of sensitive information, supported by a regulatory framework, is essential for services trade over electronic networks to thrive.
The importance of privacy is growing with the development of algorithms that harvest personal data and use them for targeting advertising or for training AI models. Privacy regulation is sometimes related to ownership and portability of data.
There is ongoing discussion about creating a market wherein consumers can monetise their data. This has not been made easier with the development of algorithms that glean information about one consumer based on data from others, undermining both the privacy of consumers who choose to not share their data, and the market for personal data. Additional collaborative G20 work needs to be carried out to disentangle the concepts of privacy as a legal right, ownership of data, and markets for data. G20 members should engage in such work and share best practice models for the benefit of consumers/citizens as well as suppliers, exchanging services and data over digital platforms.[9]
The resilience of the internet relies on, among others, its decentralised infrastructure. Should problems occur along one route, packages are automatically rerouted without any significant impact on users. It is important that regulatory measures, aiming at cybersecurity, privacy or both, do not weaken the resilience of the internet, for instance by centralising the management of internet functions.
According to the Internet Society,[10] a growing number of policy measures around the world are slowly but steadily undermining the internet as an open, globally connected, secure, and trustworthy resource to the detriment of suppliers of digital services around the world. The G20 should raise awareness about this issue among its members and beyond, while supporting standards that ensure cybersecurity and privacy without fragmenting the internet.
c. Strengthen the development of AI standards and guidelines in the light of new generative AI models.
The relationship between AI standards and trade in services is multifaceted, with data at its core. The AI-enabled digital transition of services makes them more easily tradeable, while trade in services and associated data flows provide inputs for further development of AI-enabled applications that may immensely improve human welfare and contribute to sustainable development. AI-enabled applications, such as multilingual language models, also help lower barriers for services SMEs to enter international markets.
At the same time, AI-enabled applications have raised concerns about safety, jobs, privacy, and infringement of intellectual property rights. Recent developments in generative AI, particularly large-scale language models such as GPT-4, have triggered a rush of national regulatory initiatives and even a call for a pause in their development from some stakeholders. There is a sense of urgency to set standards to ensure that the global community reaps the benefits and avoids the pitfalls of AI.
Well-proven policies are yet to be established in this area. Furthermore, not even the developers of the recent large-scale generative models fully understand how they work. This poses a unique opportunity for experimentation and collaboration among G20 countries on agile regulation. Based on the G20 AI Principles,[11] which draw on the OECD Recommendation on AI,[12] the G20 must not miss the window of opportunity to get this right at the start of the process.[13]
d. Strengthen the resilience of global value chains by supporting local adoption of international digital standards.
Digitalising GVCs requires adoption of multiple standards in a consistent manner across trading partners, including those related to e-payments, e-invoicing, QR codes, cross-border logistics and last-mile delivery, wireless communication, digital identities, cross-border data flows, and data portability.
Adoption thereof reduces regulatory uncertainty and compliance costs for businesses, enhances productivity and economies of scale, and enables access to larger and more diverse markets, reducing the digital divide as benefits trickle down to consumers. This is particularly critical for emerging technologies, built on Big Data and AI. Ubiquitous adoption of 5G technologies requires adoption of common 5G standards to ensure compatibility across jurisdictions.
Aligning 5G standards can reduce infrastructure costs and lower the barriers to data-intensive information exchange for digital delivery of services. International standards have proven that they are essential to the development of interoperable technical regulatory requirements in both goods and services sectors; the telecommunications industry provides one such example.
e. Ensure that digital standards conform to WTO disciplines on Technical Barriers to Trade (TBT).
International, voluntary, multistakeholder-driven standards are essential to the development of interoperable technical regulatory requirements for goods. Such standards generate efficiencies of scale and expedite the development and distribution of new innovations, and form the basis for technical regulations that are neither discriminatory nor unnecessarily restrictive.
While regulatory differences constitute a barrier to trade, common standards facilitate trade. The WTO Agreement on TBT encourages use of international standards where such standards exist, in addition to mandating transparency and non-discrimination, and establishing a code for good regulatory practices. The TBT Agreement principles and code for good regulatory practices form a solid basis for the processes geared toward international standards on data governance and AI. Explicitly referring to the relevant WTO rules in the G20’s work on standards can also support the reforms process in the WTO.
f. Undertake public education and capacity-building measures to promote business and government uptake of international digital standards.
The G20 needs to work with other international groupings to help build public trust in the global digital economy, establish a common technical base in support of joint policy objectives, and reduce divergence in approaches to cybersecurity and related regulatory settings. The G20 can lead a visible push to developing and implementing ISO and IEC standards on critical and emerging technologies.
The G20 can pioneer global engagement with the ICT industry community in a public education and capacity-building campaign to provide practical guidance for the development and uptake of data and digital standards. The goal is to broaden the understanding that international standards ensure safe and reliable functioning of diverse and complex technologies while facilitating interoperability and supporting businesses to compete successfully in the global economy. International standards can function as market enablers and as a means to achieve broader business and public policy goals.
The G20 should communicate the benefits of international digital and data standards, identify standards that may apply in specific settings, and promote their development and use among executives, regulators, and policymakers. Public education and capacity-building need to centre on how businesses of various sizes can implement standards in real-world settings and on the benefits of doing so, for safety, security, productivity, and international trade performance.
Jane Drake-Brockman is Visiting Fellow, Institute for International Trade, University of Adelaide, and Director, Australian Services Roundtable.
Manjeet Kripalani is the Executive Director, Gateway House.
Hildegunn Kyvik Nordås is Senior Associate, Council on Economic Policies, Zurich, and Örebro University.
Hosuk Lee-Makiyama is Director, European Centre for International Political Economy.
Badri Narayanan Gopalakrishnan is Non-Resident Senior Fellow, National Council for Applied Economic Research and Centre for Social and Economic Progress.
Download the policy brief here.
This policy brief was first published by T20 India.
Attribution: Jane Drake-Brockman et al., “The Case for International Digital Standards for Interoperability of Trade in Digital Services,” T20 Policy Brief, July 2023.
References
[1] Standards Australia, Data and Digital Standards Landscape, July 2022
[2] Global Trade Alert, Digital Trade Alert: Activity Tracker, 2023.
[3] Stanford University, Human-Centred AI Index Report, 2023
[4] OECD/WTO, Services Domestic Regulation in the WTO: Cutting Red Tape, Slashing Trade Costs, and Facilitating Services Trade, November 2021
[5] WTO, Joint Statement Initiative: Reference Paper on Services Domestic Regulation, INF/SDR/2, November 2021
[6] Standards Australia, Data and Digital Standards Landscape, July 2022
[7] Sanjay Anandaram and Astha Kapoor, Tech Standards: A strategic Imperative, Opinion, Financial Express, April 2022.
[8] By way of example, Standards Australia has been pioneering international standards development to support the rollout of blockchain and distributed ledger technologies, initiating a proposal to ISO in 2016 to establish a technical committee. ISO/TC 307, which now has 41 other countries participating in it and another 20 as observing members. The committee has developed eight standards with another eight under development,
addressing interoperability, terminology, privacy, security, smart contracts, and digital asset management.
[9] To cite an example, the Government of India has proposed the use of Digital Public Infrastructure based on open source architecture and network. Collaborative G20 work needs to be encouraged and best practices shared.
[10] Internet Society. Policy Brief: Internet Shutdowns, 2019
[11] The G20 Osaka Leaders Declaration commits the G20 to cooperating to encourage the interoperability of different frameworks, reaffirms the importance of the interface between trade and digital economy, notes the ongoing discussion under the WTO Joint Statement Initiative on E-Commerce, and reaffirms the importance of the WTO Work Programme on E-Commerce. To further promote innovation in the digital economy, the G20 supports sharing of good practices on effective policy and regulatory approaches and frameworks that are innovative as well as agile, flexible, and adapted to the digital era, including through the use of regulatory sandboxes. The responsible development and use of AI can be a driving force to help advance the Sustainable Development Goals (SDGs) and realise a sustainable and inclusive society; the G20 commits to a human-centred approach to AI and welcomes the non-binding G20 AI Principles, drawn from the OECD Recommendation on AI. The G20 also recognised the growing importance of promoting security in the digital economy and of addressing security gaps and vulnerabilities, given the rapid expansion of emerging technologies, including IoT. The G20 reaffirmed the importance of bridging the digital divide and fostering the adoption of digitalisation among MSMEs.
[12] The Recommendation on Artificial Intelligence (AI) – the first intergovernmental standard on AI – was adopted by the OECD Council at Ministerial level in May 2019. The Recommendation aims to foster innovation and trust in AI by promoting the responsible stewardship of trustworthy AI while ensuring respect for human rights and democratic values. The Recommendation identifies five complementary value-based principles for the responsible stewardship of trustworthy AI and calls on AI actors to promote and implement them: inclusive growth, sustainable development and well-being; human-centred values and fairness; transparency and explainability; robustness, security and safety; and accountability. It also provides five recommendations to policymakers, pertaining to national policies and international cooperation for trustworthy AI, namely investing in AI research and development; fostering a digital ecosystem for AI; shaping an enabling policy environment for AI; building human capacity and preparing for labour market transformation; and international cooperation for trustworthy AI.
[13] OECD, Recommendation of the Council on Artificial Intelligence, OECD Legal Instruments, OECD/LEGAL/04492020 and G20, Osaka Leaders Declaration, 2020