The five pervasive trends reframe trust perspectives and comfort levels while opening up multimodal possibilities for achieving greater global stability/accountability
As digitalization permeates every aspect of life around the world, and as cybersecurity and data privacy challenges continue to cause friction at work and play, the issue of digital trust has become a foremost consideration.
Digital trust concerns three broad areas of stakeholders: governments and regulatory bodies; citizens and residents; and the organizations that the latter groups operate.
At a macro level, digital trust can be defined as the level of transparency and accountability that participants in a digital ecosystem can expect in all interactions involving the collection, processing and use of information and related resources, within established standards of security, privacy and level of friction.
Various studies, high-profile incidents and research papers have already painted a global landscape where, even with the best of intentions, organizational stakeholders have been shown to have violated digital trust, resulting in cynicism among peoples — especially those who are averse to digital and privacy risks.
If the teething issues of mandating and maintaining high levels of digital trust are to be addressed to keep pace with inevitable super-accelerated global digitalization, global authorities will need to collaborate to establish a universal trust framework that all stakeholders can abide by.
Global digital trust trends
According to a white paper on the topic by SGTech, a trade association in Singapore specializing in accelerating tech adoption, five current global trends impact digital trust levels:
- Misinformation
In a global survey across 25 economies, 86% of online respondents globally believed they had been exposed to fake news. Of these, over 85% reported that they initially believed the veracity of the supposed ‘news’. While not all such inaccurate ‘news’ is intentionally misconstrued, people are accessing global social media platforms. As such, up to 75% of respondents admit to having unwittingly forwarded such information onto their personal networks.
Some or most of the misinformation can therefore create unnecessary distrust — or boost undeserved trust — among different stakeholders in society. Collectively, such activities impact how trust is perceived and acted on, for good or bad.
- Growing awareness of privacy rights
As a result of the missteps of social media giants and misuse of Big Data, such as in the Cambridge Analytica data scandal where personal data of users was collected and used without consent for targeted political advertising. The growing awareness of data bias and opaque decision-making in AI, which in some high-profile cases has resulted in racial profiling, has also prompted caution and unease in the use of AI.
Regionally, studies show that only around 69% of countries have sufficiently mature data privacy regulation and enforcement policies and actions that measure up to Europe’s General Data Protection Regulation (GDPR). However, digital trust management is so critical that even a communist regime such as China has passed their Personal Information Protection Law to ensure their tech firms meet privacy protections expectations in a more transparent, secure, and accountable manner.
Going forward, as wayward stakeholders at every level continue to innovate ways to abuse sensitive data for profit or other agendas, digital trust levels need to be managed through preemptive, preventive frameworks that detect and intervene in such activities early and with strong punitive stakes as a deterrent.
- Data leaks and privacy breaches due to cybercriminal and state-sponsored threats
The growth in cyberattacks in the Asia Pacific region is calculated as being higher than the global average, with a 168% increase between May 2020 and May 2021 alone.
Dark Net-related arrests in South-east Asia have increased in recent years, indicating that criminals perceive the region as a low-risk/high-gain operational environment, where the likelihood of detection remains relatively low.
The region is plagued with enforcement and coordination problems. Regional threat assessment sharing and mapping of cybercrime are some missing collaborations in need of development. Crimes are often cross-border, making enforcement difficult. Penalties also do not seem proportionate to the harm done, and cybercriminals around the region understand how to work the system to reduce their culpability.
Even Singapore, which has a dedicated Cybersecurity Act; a clear Cybersecurity Strategy developed in 2021; and a vibrant cybersecurity ecosystem underpinned by a strong Cybersecurity Agency; is a favored target as it has a big financial hub. Currently, cybercrime comprises 48% of all illegal activities reported in the island state.
To cull such dismal cybercrime numbers, only concerted global collaborations and standards can improve digital trust equitably.
- Data localization, sovereignty and cross-border data flow issues
The importance of data localization and sovereignty has risen over the years due to mounting concerns over privacy, cybersecurity and national security. In 2021, more than 62 countries enacted data localization requirements — up from 35 in 2017. The number of related policies has also doubled from 67 to 144 in the same period.
For example, China requires data localization for the broadly-defined Critical Information Infrastructure operators. Transferring data outside of China involves security assessments conducted by the Cyberspace Administration of China (CAC).
ASEAN is trying to move together on data protection and data flows. For example, the region has already implemented Model Contractual Clauses for cross-border data flows. These are important steps in coordinating data regulatory policies. Strategic priorities for the ASEAN Digital Data Governance Framework include data flow mechanisms with particular focus on certification as well as regulatory sandboxes. The Philippines and Singapore are like-minded partners driving this trend, and are instrumental in the adoption of the ASEAN Digital Data Governance Framework.
- The growing demand for risk management and trust-related solutions and talent
Government regulations and data protection fines are on boardroom agendas, as they now pose existential risks for businesses and other types of organizations.
This trend is creating more demand for new specialized Digital Trust skills such as ‘privacy engineers’ and Data Protection Officers. These roles are increasingly important to enterprises that deal with large amounts of data, such as consumer tech conglomerates.
In the near future, more multinational firms are expected to establish small multi-disciplinary teams with a global Digital Trust mandate, creating strong competition for such talent globally.
Also, entire workforces can be trained to imbibe Digital Trust in every aspect of work and play, with employers continually investing in compliance and real-time risk assessment. Solutions for Governance, Risk, and Compliance (GRC) solutions are expected to ease this initiative. Such solutions provide a macro view of organizational risk that improves oversight and response.
According to the SGTech’s Chair Wong Wai Meng: “The promise of the global digital economy hinges on whether there is trust among economies, companies and individuals to transact with one another. Digital Trust is key to surmounting challenges in this space.”
Inaugural forum
To stimulate further discussion on the topic, on 28 Oct 2022 the ‘SGTech Global Future Series: Digital Trust Forum’ at the Singapore Week of Innovation and Technology (SWITCH) will gather more than 30 international thought leaders to explore and exchange digital trust ideas.
Considered the first global forum dedicated solely to Digital Trust issues, the Digital Trust Forum consists of 16 unique program sessions, ranging from building trust in the metaverse, built environment, cloud ecosystems; to charting opportunities for Privacy Enhancing Technologies; to bridging the digital trust gap with smart technology; and the role of public-private partnerships in co-creating digital trust.