This report presents evidence on efforts taken by companies to ensure trust in the digital economy through transparency reporting. Focussing on the world’s most widely used social media platforms, online communication services, file-sharing platforms and other online services (many of which are based in the United States), the report identifies both good practices and challenges in transparency reporting. Challenges include limited informative value and comparability, as well as an inability to provide reliable information on the extent to which governments gain access to personal data held by the private sector. A range of actions are proposed to address these challenges, recognising the need to develop a more robust evidence base by expanding the number of countries and companies analysed. This report informed the review of the OECD Privacy Guidelines.
Going Digital in Latvia analyses recent developments in Latvia’s digital economy, reviews policies related to digitalisation and make recommendations to increase policy coherence in this area, based on the OECD Going Digital Integrated Policy Framework. The review uses strategic foresight to explore three alternative future scenarios, which could result from the digital transformation of the global economy and society. It also examines the availability and quality of communication networks and services in Latvia as well as related policies and regulations. Further, it reviews trends in digital technology usage among individuals, businesses and the government, and examines policies to foster diffusion. Finally, the review analyses opportunities and challenges raised by digitalisation in key areas, from innovation and skills to digital security and data governance, and evaluates policy responses to these changes in Latvia.
Economies and societies are increasingly reliant upon 'smart products' that contain code and can connect to one another, e.g. through the Internet. Recent cyber-attacks such as Mirai, WannaCry, NotPetya and SolarWinds have underlined that the exploitation of vulnerabilities in smart products can have severe economic and social consequences. Such attacks increasingly threaten users’ safety and well-being, as well. This report shows that economic factors play an important role in the relative 'insecurity' of smart products. It develops an analytical framework based on the value chain and lifecycle of smart products, and applies the framework to three case studies: computers and smartphones, consumer Internet of Things (IoT) devices and cloud services. It demonstrates that complex and opaque value chains lead to a misallocation of responsibility for digital security risk management, while significant information asymmetries and externalities often limit stakeholders’ ability to behave optimally.
From 'traditional' software to cloud services and Internet of Things (IoT) devices, our economies and societies are increasingly reliant upon 'smart products' that contain code and can connect to each other, e.g. through the Internet. Such products are vulnerable to cyber security risk, and economic factors often play a major role in their relative ‘insecurity’. This report discusses how policy makers can address key challenges that prevent smart products from reaching an optimal level of digital security. Increasing transparency and information sharing, promoting co-operation (including at the international level), and ensuring the duty of care of supply-side actors (e.g. through the principles of security-by-design, security-by-default and responsible end-of-life) are important avenues for policy action. Policy makers can leverage many tools to achieve these objectives, from public procurement, certification and multi-stakeholder partnerships, to labels and ex ante legal requirements.
Cloud computing infrastructures underpin an ever-increasing range of business tools, yet measures of cloud service adoption based on business ICT usage surveys give only a partial view of their diffusion. They do not reveal the intensity or volume of use by businesses, or the amount spent on cloud services. This paper assesses the extent to which insights on the use of commercial cloud services (i.e. services purchased from external providers) can be gleaned from economic and business statistics – in particular, from supply-use tables and the underlying business surveys. The paper examines the defining features of cloud services and their treatment in various statistical product classifications, before deriving estimates on the use of specific 'cloud-containing product classes' across businesses. A key finding is that efforts are needed to improve the availability of data that can be used to gain robust insights on business use of cloud services.
While the Internet can bring considerable benefits to children's education and development, it also exposes them to online risks such as access to inappropriate content, abusive interaction with others, exposure to aggressive marketing practices and privacy risks. The OECD has undertaken considerable work on protecting children as users of the Internet.
The digital environment has become an integral part of children’s everyday lives and interactions. The benefits can be tremendous, but there also risks. In 2011, the OECD adopted a Typology of Risks in an effort to broadly categorise those risks. Since then the digital environment has changed significantly, as risks have evolved in nature and new ones have emerged. This report informs the OECD’s broader work on children in the digital environment by examining these trends and presenting an updated Typology of Risks. The Typology provides a high-level overview of the risk landscape, and outlines four risk categories and their manifestations. The Typology also identifies and analyses risks that cut across these four risk categories, and that can therefore have wide-ranging effects on children’s lives.
Data flows across borders are integral to the global digital economy and a necessary input for reaping the benefits of digitalisation. Appropriate governance and safeguards for how governments access personal data held by private entities are an important part of building trust and minimising barriers to data flows. The OECD intends to conduct further work in this area.
Data and databases are increasingly central to business activities today , with even relatively small data flows having the potential to create considerable economic value. Despite this, attempts to conceptualise and measure the value of data remain underdeveloped. This paper explores four different perspectives from which the value of data, databases, and data flows can be conceptualised and measured: i) how much businesses spend on storing data; ii) how much money businesses make from selling data-based products; iii) how the market valuation of 'data-driven firms' compares to that of other firms; and iv) the value of trade flows in digitally deliverable products.