Categories
2021 Highlights November

Securing cyberspace and protecting privacy: meeting the challenges of a digital world

The huge increase in the use of digital technologies throughout the COVID-19 pandemic has led to far greater numbers of connected devices, increasing the attack surface for cyber criminals. How can governments, companies and individuals keep up, who is responsible for securing safety online and what should our priorities be? These were the questions put by moderator Ioana Stupariu, Executive Director, Readytech Consulting, to a diverse panel of experts in a lively debate on the new cybersecurity landscape.

For Rois Ni Thuama, Head of Cyber Governance, Red Sift, ransomware, malware and phishing remain the key threats, despite the many thousands of new vulnerabilities and unique malicious objects. What has changed for the better is that we are now able to mitigate and manage these attacks with the help of trusted, independent sources such as the ENISA threat landscape report, the NIST Cybersecurity Framework, the National Security Centre in the UK or the FBI. All these bodies offer the same guidance on building security online – even if we are not currently implementing their advice as much as we could. “We are all worried about the threat landscape and new vulnerabilities, but we are not getting on top of what we know and what we should do to defend ourselves,” she said, citing the example of a report that only 2% of business domains have deployed global industry standards to protect against phishing.

“Nation state actors are using technically artless ways to get into companies,” she continued. Crime follows opportunity, and these are often not sophisticated attacks. As we have not implemented the established guidance, we are seeing time and again the same threats, the vast majority from simple entrance points. “The threat landscape is noisy and messy, but look to trusted experts to reduce the noise – and address the most significant cyber threats first,” she urged.

Speaking from the Asia Pacific region, Annabel Lee, Head of Digital Policy, Asia-Pacific & Japan, Amazon Web Services (AWS), highlighted that the region was not one country or legal unit, but was made up of many different jurisdictions with varying levels of economic development and digital transformation. Wherever you are, however, “one of the key challenges is the conflation between the importance of security and the location of data, specifically the idea that if you secure data in your country and only your country, that would result in your data being more secure.”

Data breaches happen because companies cannot access good technical services at good prices, so try to implement their own security measures through their own servers and coders without realizing the complexity, leading to poor outcomes. So it is important to be confident in using cloud service providers and high quality security services to protect data. “Governments think if they can keep the data onshore secure it will keep it secure, but this is not true: many incidents occur remotely and data breaches occur over the Internet,” she added.

From a government perspective, the major challenge is balancing the benefits of digital technologies and major trends such as AI and machine learning against the risks incurred, set out Professor Marco Gercke, Director, Cybercrime Research Institute. It is important to be aware of the severe impact attacks can have on society, and to prioritize security by design, implementing regulation to strengthen security or devising comprehensive cyber security strategies.

The risks have to be weighed up against the benefits of increasing digitalization agreed Irene Kaggwa, Acting Executive Director and Director, Engineering and Communication Infrastructure, Uganda Communications Commission. Governments are encouraging people to go online and benefit from ICTs, but “we have to plan for and make provision for risks, so it is not just about the policy and legal but also the technical point of view as a government”. This includes creating enabling laws to prosecute criminals, ensuring a deterrent culture, and establishing emergency response teams. Across the continent of Africa, it is important to note that not everyone has the same financial resources to invest in the necessary cybercrime technology or the expertise to ensure networks are as secure as possible. Providing a continuous flow of information to companies, telcos and end users is critical to keep networks updated, and businesses and consumers aware of good cyber practices.

Government alone cannot solve cybersecurity issues, echoed Gercke. Government policy and legislation are important building blocks in establishing cybersecurity, but must be accompanied by defining obligations and liabilities to increase implementation and enforcement. Major companies are taking cybersecurity more seriously since individual executives or company leaders may be held liable for cyber attacks.

Additional components in the ongoing process of building resilience to cyber attack are important new pieces of legislation, added Ni Thuama. The European Union’s forthcoming Digital Resilience Act (DORA) includes the requirement for company boards to become duly informed and exercise reasonable diligence with regards to existential threats including cyber attacks. In the US, the Department of Defence has produced a cybersecurity maturity model certificate, ensuring suppliers have a raft of security measures in place over a number of levels, depending on what is being supplied, and allowing for maturity over time, as bad actors do not normally suddenly appear.

Securing the supply chain

The problem of third party risk and securing the supply chain against cyber threats has always been with us, explained Gene Yoo, CEO, Resecurity, but has grown larger as cloud enabled apps transform the reach of businesses. “The problem is as big as any company using outside resources, whether human or digital, and without enough time or money to support it,” he said, but “the reality is that we don’t have the resources to protect it.” Due to digitalization and globalization, outside foreign suppliers increase the exposure to risk traditionally inherent in supply chains.

Trust and innovation

Privacy remains a key issue across the world, stressed Ivana Bartoletti Global Chief Privacy Officer, Wipro & Co-Founder, Women Leading in AI. Alignment is happening on privacy and data protection, including during the pandemic when data and digital were so critical to work, business, and education, yet people still focused on ensuring privacy. “There is mistrust, and without trust it is very difficult to innovate” she said, as innovative products or the people who develop them are regarded with suspicion. We need global policy and regulation in consumer and competition law; we do have effective privacy solutions and technologies, but these are costly and not easily accessible for smaller companies or individuals.

The value of privacy and data compliance in the commercial sector is fully understood by ZTE, stressed Ruixin Gao, Director of Data Protection Compliance, ZTE. Privacy is a critical need for end users, but also governments and telco operators who themselves have huge numbers of end users. Good products and a high level of trust earnt from consumers create direct value – prioritizing privacy in production for customers and stakeholders creates value for all parties, including the vendor. “Compliance creates value,” is a key watchword for ZTE as an international telco industry company, said Gao.

Privacy laws and data protection regulation are important for us to trust what companies are doing and ensure the balance of power, providing individual end users with recourse if something goes wrong, agreed AWS’ Lee. But there is a gap between regulators and companies in terms of understanding privacy laws. Bridging this gap is important as if privacy law is not understood, then it will not be complied with or enforced. Customer trust is a top priority for AWS, she added, outlining three key steps: enabling customers to maintain full ownership and control over data, which is never accessed or used to derive data for marketing purposes without customer agreement; ensuring transparency by providing clear information on technology, data policies and protection practices; and building tools for customers to protect data and monitor legal requirements.

Businesses have become more aware of associating their brand with secure content, agreed Ni Thuama. Consumers may not trust private companies currently, but by ensuring data is secure and showing a robust position on security, businesses can drive change. The insurance sector has suffered from the impact of ransomware, and is now responding by demanding a higher standard from the businesses they are insuring, including multi factor authentication, end point detection and encryption as privacy requirements. These are the elements that business should adopt to ensure greater security, she added.

The insurance industry’s response to ransomware may drive change, pointed out Gercke, but the problem was in part created by the insurance sector itself and its willingness to pay out in the face of ransomware attacks rather than the more expensive option of going through the process of further security, so they are in part responsible.

Resecurity’s Yoo highlighted that signing an agreement with a company gives consent for that company to read any content for machine learning and content development purposes. Ransomware is a good business. The technical hygiene problem inherent in many companies makes it easy to make money in cyber space by demanding payouts to stop attacks. Many attacks are not made public, and no amount of regulation will change this. .

Lee agreed that fear and uncertainty may be created to drive insurance, but business users tend to be fully aware of the use of their data by companies in relation to AI and machine learning; companies can be fully transparent about its use and offer opt out options to their customers. The situation is more complicated for individual users companies as lengthy privacy agreements can be confusing: companies must be held to higher standards and accountability demanded.

User perspectives

Where privacy and security intersect, there is always some form of trade off to be made, suggested moderator Stupariu.

Compromising privacy to achieve better health, for example, or physical or cyber security, is often couched in the language of trade off, agreed Bartolletti, but it is not in fact a matter of either or – both privacy and security can be achieved by leveraging new technologies. We should try to make the most of privacy, and understand what automated privacy measures can be put in place so that the user is not continuously asked to make choices. Data can be safeguarded automatically, providing security as and when needed like airbags in cars.

“There is no doubt that companies that can use privacy-enhancing technologies and innovate at the same time have a competitive edge,” she said, given that customers increasingly place value on privacy and will choose not to be tracked when given the choice. “The language of trade-offs is dangerous, negative and lazy –we need to have the courage to say how we can safeguard both privacy and security.”

Borderless cyber threats

Cyber threats are borderless, not localized, and establishing a fortress in national cyber space will not work, as the very act of being online means being exposed to threats, said Stiparu.

Greater collaboration throughout the ecosystem is critical, agreed Kaggwa. Looking at third party suppliers, if you only concentrate on your own part you will not be secure, as you will only ever be as hygienic or fortified as the people you are connected to. More standards and guidance is needed to be global and holistic in approach, to increase reaction time and to make the internet safe for all and mitigate risks by acting across borders.

Best practices for industry and government

In terms of best practice in privacy compliance, ZTE’s Gao highlighted that privacy should be by design or default. The value of the product, whether an app, software or hardware, is enhanced by inbuilt privacy features. ZTE includes data protection as a requirement for all research and testing sites for new products and tools; it is also a company priority for internal staff throughout the world. Compliance with security requirements can make companies more ethical and increase value, he added.

It is important to start from the bottom up, not the top down, in establishing better data hygiene and security habits, said Yoo. The very terms cybersecurity or cultural change should be avoided in favour of terms people know and practical actions they can understand and take.

Cyber security can be treated much like risk management pointed out Ni Thuama – and it is all about leadership. If cybersecurity is seen to be taken seriously, there will be more trust.

It is incumbent on companies and social media companies to safeguard users and take responsibility for both security and privacy, stressed Bartoletti. Users need to understand what can be done to ensure privacy, but “in reality, the best thing users can do is to demand stringent compliance from the company itself,” as it is more difficult for users to understand transparency related to automated machine learning than for companies to do so. “The best is to demand transparency from the companies and refuse to take on all the burden of responsibility,” she urged.

“You cannot trust what you don’t know or can’t see,” said Kaggwa, and we only have the company’s word for it on compliance, privacy or transparency. We may need to gradually redefine what the acceptable levels of privacy are within this environment. In Africa, establishing trust is a process, arising from the recognized need for guidelines or best practice in place to guide operators, financial institutions and a whole range of users to develop cybersecurity standards and hold industry accountable. Governments and consumers must themselves also adopt better cyber security practices, she added.

Accountability and the ability for governments to set up clear objectives with solid enforcement frameworks are key factors, said Lee. In addition, it is critical that consumers do not fear new technology such as machine learning; it is not the AI itself that makes a decision or prediction, but the company that acts upon that decision which should be held accountable.

Final words

“Don’t lose sight of the benefits to society of technology, despite the negative aspects of cyber security,” urged Gercke. Prepare realistically and anticipate exposures, data breaches or attacks, which are bound to happen in both companies and governments.

Kaggwa agreed that it is important not to jettison development and innovation because of cyber security risks. Government cannot solve it alone but needs industry and individuals onboard to engage in a continuous process of sanitizing networks and securing space online.

Privacy is important not just now but for our future, for families and children in the era of machine learning and AI, added Gao.

For Bartoletti, companies will have a competitive edge if they can bring together privacy, security and innovation. Make the most of privacy-enhancing technology and deploy a security by design approach, she urged companies.

“Security and innovation are not mutually exclusive outcomes,” stressed Lee. Moving to the cloud has helped companies in the innovation space have a stronger security position. Innovation and security are interlinked: you can only be successful in innovation by embracing security as well.

“It is a long journey and we need to be patient, with understanding between business, IT and security to work together. Once we build that bridge together with consumers, end users, we will have a better route ahead,” counselled Yoo. There is a great deal of regulation, but no one size fits all. Do not focus on trends or terminology, but on action and basic principles, he concluded.

Resources are limited, so businesses looking for concrete action points should consult credible sources, address challenges based on what is most significant in each individual case, and solve known threats before worrying about new vulnerabilities, said Ni Thuama.

Transparency and accountability is the way to increase consumer trust in the face of threats in cyber space, summed up moderator Stupariu, with all stakeholders in societies and economies worldwide working together across borders to cooperate on prevention measures.

Categories
2021 Highlights November

Greening our own house: addressing the environmental footprint of digital technologies

Sustainability and climate change are among the defining issues of our time. Digital technologies are important tools in helping governments and industry tackle the challenge. But the ICT sector also needs to address its own environmental footprint in terms of energy use, global standards and e-waste in particular – as experts from government, international organizations and businesses large and small discussed in this lively panel, ably moderated by Mate Mester, Managing Partner, Mspire.

Creating sustainability standards

In his opening keynote address, Bilel Jamoussi, Chief of Study Groups, Standardization Bureau, ITU, pointed out that the United Nations Climate Change Conference (COP26) in November 2021 made clear that the world is not yet on track to meet the targets of the Paris Agreement on accelerating progress towards net zero global emissions. As all industry sectors continue to transform with the help of digital technology, “environmental sustainability must become part of the global narrative around digital transformation.”

The environmental impact of the ICT industry, including an increasing proportion of global energy consumption and growing amounts of e-waste, must be taken into account when developing and deploying digital technology. Members from government, business and academia are working together in ITU-T, the UN agency’s tech standardization sector, to develop green industry standards to increase the energy efficiency of ICT equipment and infrastructure, minimize e-waste and help the industry adopt a circular approach to growth and innovation, explained Jamoussi.

One such standard highlights that compliance with the Paris Agreement would require the ICT industry to reduce emissions by 45% in the period 2020 to 2030. This standard outlines a science-based pathway for ITU members to expand standards mitigating climate change, and its ongoing development is led by ITU Study Group 5 on environment, climate change and the circular economy. Focus Groups, open to ITU members and non-members alike, are also exploring how advances in AI, machine learning and data centres can impact on sustainability, he added, urging global action and collaboration to synergize ICT innovation and climate action, and to achieve environmental sustainability.

Echoing the importance of speeding up industry action following COP26, Pernilla Bergmark, Principal Researcher, ICT Sustainability Impacts, Ericsson, explained how the industry carbon footprint takes into account the full life cycle from natural resources in mines to disposal, including data centres, networks and user devices. The industry is responsible for 1.4% of all carbon emissions globally and 4% of all electricity use, baseline figures for the industry established in 2015 and holding true today. “80% of all emissions is related to the use of electricity and energy, so by going renewable we can change that footprint dramatically,” she stated. The remaining part is related to the use of vehicles for operations, which can be replaced with more energy-efficient models; and the use of materials, which are not as easy to substitute.
There is an interesting difference between data centres and networks on the one hand, and devices on the other. Data centres and networks are always on over a long period of time, so most of the emissions are from the use of energy, whereas with devices it is a mixture of usage and embodied emissions from manufacturing. As data centres and networks shift to renewable energy, the relative importance of embodied emissions increases. ITU Study Group 5 has concluded that these emissions should be halved in the next decade and a complementary standard developed to work towards net zero for the industry.

Africa is the continent most badly affected by climate change, suffering the most from the impact of emissions despite not actually creating the most emissions, pointed out Nevine Tewfik, Head of Research, Studies and Policies at the International Relations Division, Ministry of Communications and Information Technology, Egypt. The dilemma in Africa is how to reduce the carbon footprint of ICTs whilst taking full advantage of the potential of digital technologies to leapfrog developmentally. Working on standards can help governments, major industry players and SMEs to shorten the time to market and include environmental sustainability as soon as possible in all activities. Egypt is actively working with ITU, policy makers, the private sector and academia to share best practices and develop sustainability standards for the industry within its National Strategy for 2050.

Emerging economies throughout Africa are increasingly integrated into global supply chains, so the adoption of standards is important to ease integration and promote interregional cooperation within the continent. Sustainability targets on the continent have to be balanced against plans to grow manufacturing capabilities, as well as developing smart cities using standards applicable to the local context. Increasing awareness of sustainability standards and providing training for their implementation is also important.

Industry action

Speaking as a global equipment supplier, Daisy Zhu, Vice-President of Wireless Marketing, Huawei, said that the most important action was to save power consumption and reduce carbon emission in company operations. Environmental protection is one of Huawei’s key strategies as part of its commitment to technology for a better planet. It is focused on reducing environmental impact during production, operations and throughout the whole life cycle of products and services.

The company’s carbon emissions were 33.2% lower in 2020 than in 2012, the baseline year, and Huawei will continue to leverage AI technology and 5G to further reduce emissions. Given the benefits of digital technology and explosive growth in data traffic, it is not realistic to stop using mobile networks, applications and services, but usage and innovation should be balanced against power consumption. We should evaluate green networks using more sophisticated metrics, said Zhu, and “mix carbon emission reduction and performance… leveraging demand and energy consumption to continue to provide competitive network infrastructure to meet the consumer market, the business market and the home broadband market” whilst saving energy.

The use of 5G in mobile networks, smart cities, smart manufacturing and smart offices can improve performance, reduce cost and, importantly, improve energy efficiency. Green innovations include single RAN to support 2G, 3G and 4G simultaneously, using one piece of hardware to support multiple systems and reduce the power consumption of base stations by 50%; massive multiple-input/multiple-out (MIMO) technology to improve the speed of use and improve product energy efficiency on 5G networks; and the introduction of extremely large scale antenna to reduce power consumption by a further 30%. AI in the network can reduce power consumption throughout the network across all generations, added Zhu. “We are looking at every single aspect in the process of producing our product to reduce carbon emission,” across the whole life cycle of ICT infrastructure, including recyclable and reusable packaging.

Public policy driving sustainable ICT

“We believe that technology is a key component in driving environmental sustainability and achieving the SDGs,” said Muath S. Alrumayh, Manager of International Collaboration and Negotiation, CITC, Saudi-Arabia. Multi stakeholder collaboration and effective technology could reduce industry emissions whilst working towards a net zero future. The Kingdom of Saudi Arabia is committed to leveraging innovative technology to achieve net zero goals, with environmental sustainability a primary goal of the national 2030 Vision. This includes state-of-the-art smart cities, innovative urban planning and a circular carbon economy to manage emissions with technology in cooperation with the private sector. “The digital transition of production processes and business models can encourage a sustainable economy,” he added.

“Environmental sustainability should be a new chapter of telecoms regulation,” stated Serge Abiteboul, Board Member of French regulator ARCEP. Internet connection is essential in the digital world, meaning regulators must reconcile digital connectivity with environmental sustainability. This is a new area of expertise for industry regulators, he explained, and the support of partners and use of collective intelligence has been critical in producing a series of recommendations aimed at reducing digital footprint even as the use of digital technology continues to expand.

The three main recommendations are to strengthen public policy capacity to control the digital environment; to incorporate environmental issues into the regulation itself; and to increase incentives for consumers and economic stakeholders to behave more responsibly. ARCEP is now working to precisely measure the environmental footprint of the industry, as well as studying how environmental concerns should impact spectrum frequency allocation. As part of a general goal to have long-lasting, refurbished or recycled phones and terminals, a further study is investigating the impact of smart phone renewal frequency.

An environmental barometer for the digital ecosystem aims to collect, aggregate and make available data on the digital sector’s footprint. “The problem is complicated, and it is a key role of regulation to provide this information to design public policy and guide consumers and companies in choosing how to behave,” concluded Abiteboul.

Consumer actions

On the consumer side, Ericsson’s Bergmark explained, studies are ongoing into the impact and overall footprint of consumer ICT usage. Assuming a world average energy mix, ICT-related activities have a relatively low impact at 1.5% of the total; heavy users such as gamers may use up to 7%, so renewable electricity would make a big difference. The most important actions consumers can take are to “reuse devices, use devices for a longer time, charge with renewable energy” and ask operators to provide details of their own environmental footprints. As an industry it is important to help consumers understand the environmental impact of ICT usage, and to work on decarbonizing throughout the sector.

E-waste and the impact on health

The government of Costa Rica is committed to handling e-waste responsibly, and has issued technical guidelines for the comprehensive management of electric and electronic waste, explained Eugenio Androvetto, Director, Directorate of Radiation Protection and Environmental Health, Ministry of Health, Costa Rica.

Recovery of electronic waste is regulated for importers, distributors, handlers and consumers. Producers or importers of goods which can lead to waste must provide options to ensure the recovery of waste and reduce the quantity that arrives at final sites. The Ministry of Health is in charge of reviewing all guidelines with stakeholders to establish best practice and ensure compliance in e-waste handling, recovery and disposal.

Costa Rica has implemented ITU guidelines on e-waste in a pilot programme to improve the system for the government in the short and medium term, “making it possible to generate public policy, strengthen national legislation, establish recovery goals and evaluate the national system.” Particular emphasis is placed upon enabling SME companies to comply with protocols and be aware of how these can meet the UN Sustainable Development Goals on climate action.

The disposal of e-waste is a challenge with major health implications, explained Marie-Noël Bruné Drisse, Children’s Environmental Health Chemical Safety and Health Unit Department of Environment, Climate Change and Health, World Health Organization (WHO), citing a recent report on the impact of e-waste on child health in particular. Less than 80% of e-waste is properly recycled, and much ends up in the poorest countries where it is dismantled and parts resold.

The scale of the problem is huge. In 2016, an estimated 18 million children were working in e-waste disposal alongside 12.9 million women, many of whom were of child-bearing age. Health impacts of improper recycling of electronic waste include impaired neurological development, especially in the developing brains of children, leading to behavioural and neurological problems. Over 1 000 toxins in e-waste can lead to negative birth outcomes, thyroid problems, cardiovascular problems, immune system impacts and DNA damage; many of these issues do not become apparent until later in life, including some cancers.

Recommendations at national level include eliminating child labour, ratifying chemical conventions, and working with different sectors on the design and implementation of e-waste legislation, putting health and child health at the centre. The health and safety of communities and workers must be ensured even in contexts where e-waste is the only source of income and there is no access to healthcare or health clinics. It is important to work with local communities working on e-waste to build health sector capacity and raise awareness of the health impacts of e-waste as “many times we do not realise that the e-waste challenges is also a health challenge.”

Engaging with young people on the issue and providing local pilots can help tackle the health challenge, as well as working with other UN agencies and international conventions as part of the e-waste coalition to build partnerships, better address the challenge, generate knowledge and advocate at all levels. The WHO itself has a big role to play in creating awareness of the negative health impacts of e-waste, she added, as we can prevent disease and death by doing things differently. Health professionals are generally trusted so should advocate at all levels from ministers to local communities on the link between health and electronic waste. The health sector should also lead by example, taking measures in clinics and hospitals to provide a better model of recycling e-waste and promoting the circular economy.

Bruné Drisse concluded her testimony with a powerful call to action: “We must put the child health argument at the centre of all multi-sectoral and national policies. Children are our most precious resource and the future of the planet. We cannot afford to harm them even before they are born.”

Greening data centres

“Digitalisation is the expansion of this world,” claimed Serge Conesa, CEO, Immersion4 Global, but in order to reduce energy consumption, lower the carbon footprint of the industry and protect the planet for future generations, we need to go back to basics: the electronic components behind all digital technologies.

Powering an electronic component, he explained, automatically generates static electricity, attracting dust; cooling it down with air exposes it to humidity, oxidation and corrosion; and product life span is reduced by mechanical vibration and temperature swing. To protect against all these factors and increase life span, electronics are conventionally coated in chemical and fire-retardant layers, which can be toxic when e-waste is dismantled or burnt. Cooling electronics in special liquid rather than in air can solve many of these issues – and dramatically improve energy efficiency in data centres around the world at the same time.

The current data centre model involves cooling a hot spot in a big room with air circulation so that the electronics in the room can perform well. This is the equivalent of keeping the champagne in your glass at the right temperature by cooling the whole room rather than just the glass. By focusing on cooling just the device itself, as Immersion4 does, you can reduce energy consumption in data centres by up to 70%. New eco-friendly data centres can also be located in any geography, as data can be kept in any building acclimatised to international standards and even distributed throughout cities, removing the need for expensive, noisy, polluting infrastructure.

Rethinking data centres in this way allows for national sovereignty of both energy and data itself; collecting, processing and storing data at source, and making it available for local communities, provides a new model of eco-conversation. “We have a world where through electronics we can all connect to each other, share data, communicate and collaborate. It increased with pandemic and now data centres represent 20% of world energy,” said Conesa.

Optimising electronic cooling will increase data efficiency, allowing for better service in AI, machine learning and crypto currency with less industrial consumption of power and less investment in infrastructure. Making electronics recyclable within a city or a region rather than shipping around the world for disposal is critical – and we are all responsible for making the backbone of the industry sustainable, from chip makers to electronics producers, vendors, back offices and consumers. “Understand the roots, not the consequences, and then adapt the solution to the roots,” he concluded.

Mitigating measures

Tewfik highlighted the work of ITU Study Group 5 in the field of circular economy and e-waste management. E-waste recycling and management is an area with large repercussions on vulnerable sections of the population, including children. Recommendations include best practice on sustainable management of batteries and guidelines on the collection, pre-treatment, dismantling and final disposal of Waste from Electrical and Electronic Equipment (WEEE): This represents a huge field of entrepreneurial work which requires clear organization and guidelines. Further recommendations are the requirement for a global digital sustainable passport for the circular economy to ensure management of digital technology products at the end of life cycle; work in sustainable and resilient digital technologies for adaptation to climate change; and a guide to circular cities.

There are different measures we can take as an industry to mitigate our own footprint, added Ericsson’s Bergmark. Standards at ITU distinguish between second order effects of the industry – which can be positive, such as enabling other sectors to be more sustainable, as well as negative – and higher order effects, such different patterns in social behavior arising from technology. The ICT industry has traditionally congratulated itself on the positive impact of its second order effects in enabling carbon-saving sectors or replacing carbon-intensive industries. “But we need to address in absolute terms as an industry our own footprint, and reduce it by half within a decade,” she continued, based on more detailed, transparent methodologies and guidelines.

For Abiteboul, regulators should move beyond collecting environmental data from major telco operators towards collecting, aggregating and making available data for the entire digital sector footprint. ARCEP is working on enabling a quality life cycle assessment and to quantifying the environmental impact of digital services to identify good practice for the future. More practical initiatives are focused on moving from copper networks to much less energy intensive fibre to the home networks; including an environmental feature in bandwidth allocation for mobile frequencies to mitigate the environmental impact; and assessing the contribution of the area to limiting environmental impact and encouraging environmental responsibility.
Asked about the role of the international community, the private sector, and policy makers in shaping carbon-neutral digital markets, CITC’s Alrumayh pointed out that no single player can address the issue alone: “We need a global response at multilateral level to tackle climate change and help the sector to reduce carbon emissions.” Global leaders and decision makers should come together on platforms such as those provided by ITU in its Study Groups, webinars and events to collaborate on sustainable development and support technological solutions for climate actions at international national, regional and global levels. The private sector has a vital role to play in supporting climate action and creating solutions for e-waste; governments must encourage innovative technology and work with the private sector to reach net zero through policy, a supportive regulatory environment and increasing awareness of the importance of the issue.

Summing up, moderator Mate highlighted the need to speed up work to reduce the industry’s global footprint, focusing on renewable energy and reduction of emissions. Concrete steps include working towards a circular economy in new smart cities; increasing network efficiency through the use of massive MIMO, AI and better packaging; regulating the industry for environmental impact even as the use of digital technologies increases dramatically; innovative cooling systems to reduce energy use in data centres; and working on international standards on industry sustainability, including standards to improve e-waste management and reduce health risks – particularly for the 80 million children endangered by their recycling and waste work “who are our most precious resource and future.”