Building Trust in Cyberspace

THE world of tomorrow promises to be data driven, arguably even more so than today. The advent of the Internet of Things and cloud computing means information can be transferred at any given moment, as long as the question of access is solved.

In an environment where solution and answers are accessible with a single touch, the individual user surrenders much of their trust to systems, organisations, institutions, the public sector and algorithms. Bits and bytes are honed to assist in realising practical aims from hailing a ride, to addressing critical issues such as the management of water pollution and air quality.

The 32nd Asean Summit highlights building a resilient and innovative Asean. A concept note released by Asean aspired for the establishment of a Smart Cities network where technological and digital solutions can be used to resolve issues and enhance the quality and accessibility of services offered by states. Involved in the project are 26 cities to pilot the Asean Smart Cities network.

Despite this commendable thrust into the future, the adoption of technologies is not necessarily a new initiative with various digitalisation drives spurred across the region such as Thailand’s Digital Government Plan 2017-2021 and Malaysia’s own push to embrace Industry 4.0.

McKinsey Global Institute estimates that disruptive technologies such as artificial intelligence (AI) can benefit the region up to US$311 billion (RM1.22 trillion) in the manufacturing sector. The same report mentions that high-tech, telecom and financial companies lead the way for AI adoption in Asean. Most of these are to enhance customer experience. Although Asean’s data ecosystem, development of talent, business experience and current labour conditions may slow the growth of AI in the region, conversations have to take place on the implications of its adoption.

Trust in cyberspace can be multi-pronged, especially if the ecosystem aims to ensure the security of all users, be they the state, the private sector or the individual.

The cybersecurity architecture is a multi-stakeholder environment where everyone is held in an ecosystem of trust to ensure services can carry on. Underpinning the entire ecosystem are regulations that aim to protect, be they critical infrastructure, cross-border data flows or an individual’s privacy.

In recent regional trends, trust is emphasised in the verification of information. Campaigns such as Malaysia’s “Tidak Pasti, Jangan Kongsi” and the recent Anti-Fake News Bill passed indicate the concern in information’s destabilising factors. Less addressed are conversations of trust and cybersecurity in disruptive technologies such as AI, cloud computing and the Internet of Things.

Disruptive technologies indicate trust must be placed in systems and processes, which may differ from trust placed in traditional actors. Anticipating this, there are two considerations for the development of a trusted cyberspace.

FIRST, is to encourage domestic and regional conversations on cybersecurity and disruptive tech. AI’s greatest weakness is data bias, where the output can be limited by the availability of data, programmers and analysts involved. A greater pool of data means chances of thorough and inclusive intelligence increases.

However, this also indicates the need for users to part with information. In Southeast Asia, where the concept of privacy can be minimal, sharing of information may not be the greatest hindrance. Yet, the digital age exacerbates the collection and usage of data. The Cambridge Analytica case illustrates that collection of data can be used for other purposes. The usage of machine-learning services also raises concerns on accountability. For instance, if technology shapes the values of the output, are there mechanisms to contend with the results or responsibility for the outcome?

Essentially, the management of data in a multi-stakeholder environment requires cooperation, compliance and accountability.

SECOND, is the role of the international community in building the culture of trust and architecture of cybersecurity. Data and technology crosses borders, which will impact how some of the information is accessed and governed. While the Asean Smart Cities network does not explicitly indicate the management of data across borders, the nature of disruptive technologies means data will traverse borders and will be utilised by various stakeholders.

In great power rivalry, investment in the tech sector can ring alarm bells particularly where norms of state behaviour and confidence-building measures are not developed. Also a product of the 32nd Asean Summit is the Asean Leaders’ Statement on Cybersecurity Cooperation that addresses the need for international voluntary cybersecurity norms, an expression of commitment for a multi-stakeholder process across different domains and greater regional cybersecurity cooperation and capacity building to address cybersecurity and cybercrimes.

The statement looks at the Asean region and emphasises the coordination of cybersecurity policy and diplomacy. The statement explicitly highlights responsible state behaviour in cyberspace so as to enhance trust and confidence in the use of cyberspace.

This remains an important subject as state behaviours in cyberspace affects the overall security architecture. Thus, conversations on norms are a step in the right direction for the maturity of such technologies in the region.

While one can argue that trust is a key factor in enabling a secure cyber domain, for those who are risk averse, greater trust in a system is the result of fortified cyberspace. The ecosystem of trust can bear fruit in Asean’s drive to embrace innovation whilst building resilience as per the tagline of Singapore’s chairmanship this year.

Leave a Reply

Your email address will not be published.