Due to the COVID-19 emergency, this year, the UNCTAD’s E-commerce Week was conducted over Webex videoconferencing from 27 April-1 May 2020. The conference convened stakeholders from different sectors to discuss the role e-commerce can play in supporting communities in addressing various challenges in these unprecedented times.
UNIDO and the Consumer Unity and Trust Society (CUTS), as full members of the ‘e-trade of All Initiative’, organized a webinar session on 1 May to discuss the value of cybersecurity and privacy in digital and e-commerce space. This topic was of particular importance because e-commerce offers nations an avenue to sustain economic activities during times of crisis but, the fundamental bottleneck of increasing in cybercrimes and data theft needs to be tackled, especially in developing countries. This session drew over 400 registrations.
Bernardo Calzadilla-Sarmiento, representing UNIDO, stressed that the current COVID-19 situation has resulted in the growing use of e-commerce and home-based business continuity for enterprises to sustain themselves. He said that to promote functional and reliable implementation of digital technologies and platforms, privacy/data protection and cybersecurity frameworks need to be strengthened.
Calzadilla stated that citizens should have freedom to decide upon the use of their data, saying,“the European Union’s General Data Protection Regulation is emerging as a template about data privacy issues,” However, he cautioned, that the increasing compliance cost due to such regimes may be tough for small businesses. Flagging the presence of strong interplay between regulation and standards vis-a-vis privacy and cyber security, he argued against “over-regulation in the digital space”. He emphasized that UNIDO has the capacity to develop good governance guidelines in the space of cyber-security and data privacy. It has already developed a “Good Governance Framework” to support digital enterprises conduct themselves in the digital space, with an emphasis on the E-commerce.
Shamika Sirimanne, representing UNCTAD, noted that only two-thirds of countries in the world have a data protection regime and remarked that the situation is much less than desirable with respect to cybersecurity laws. Even where laws are in place, many countries are lacking adequate resources and skills for their efficient enforcement. She remarked that “weak legal and regulatory framework exposes consumers and businesses to cybercrime and privacy breaches,” adding that “these are global issues and hence requires global cooperation.” She concluded by stating that there is need for a UN framework that can provide guiding principles, which in turn can shape domestic regimes on privacy and cybersecurity.
Mmabatho Mokiti and John McDonald, founders of an online eE-commerce platform. RedShift, shared their experiences on how they created this platform during the Covid-19 lockdown in South Africa. They provided some practical insights on how the lockdown was threatening the closure of small businesses and preventing consumers’ access essential goods. To secure ‘digital trust’ among its stakeholders, RedShift adopted a security-by-design approach by weaving the best and most secured e-payment gateways available in South Africa into their platform. Both founders acknowledged that data collected on this platform was not monetized and used for research purpose – stressing that “protection of data and cyber security is a core facet of the platform.”
Speaking on India’s viewpoint on ‘privacy’ and ‘cyber-security’, Karti Chidambaram, a member of the Lower House of the Indian Parliament and a member of the Parliamentary Standing Committee on Information Technology, said, “There is no one view on this, since privacy is largely a concern for the upper class Indians and the general mass hardly bother about privacy. though they are concerned about e-payment frauds.” He elaborated on the data protection and utilization capacities of the ‘Aarogya Setu’, app developed by the Ministry of Electronics and Information Technology, Government of India for the purpose of tracing people with symptoms of COVID-19.
Marilia Maciel, from the Geneva-based Diplo Foundation, presented an overview of cyber security regimes around the world including developments in related international and regional rules with respect to Internet governance. She underlined the importance of the Budapest Convention on Cybercrime but, pointed out that there is no international instrument with global reach at the moment. She expressed her caution about situations where artificial intelligence can pose cybersecurity concerns by creating sophisticated malwares that are very hard to detect. When even large firms can take around three months to detect, one can imagine the vulnerability of small businesses.
This session highlighted the various facets of cybersecurity, data privacy and protection. Participants agreed that to promote digital trust the development of multilateral frameworks, good governance and norms on cybersecurity and data privacy is pivotal. It was also recognized that a strong social security system is mooted to mitigate gig workers’ vulnerabilities, especially due to the disruptions caused by COVID-19.