You can read the French translation here.

We’ve started off 2023 with some positive news. In spite of all the geopolitical tensions, the internet infrastructure has remained intact, with the main internet protocol (the TCP/IP) carrying emails, web pages, video and podcasts across the globe. 

We are cautiously optimistic that the internet will survive geopolitics and tensions in 2023. Any other option that affects the oneness of the technical infrastructure can be risky, costly, and sub-optimal. Will wisdom prevail in preserving the internet?

Yet, more and more digital borders will continue impacting the global nature of international digital communication through filtering of traffic, banning the use of competing services, censorship, etc. How do we deal with the legal, economic, and security fragmentation of the internet?

In 2023, we will mark the 25th anniversary of a handful of frameworks which laid the foundation for today’s internet and overall digital governance. So far, the ‘1998 deals’ have stood the test of time. Will they be sufficient for the future digital growth?

In these predictions for 2023 we address these and other questions. You can also find our analysis on future trends in digital geopolitics, the vulnerability of submarine cables, the next steps in digital cooperation, challenges for data governance and cybersecurity, and much more.

Let us know your comments, predictions, and suggestions!

Jovan and DiploTeam

The 1998 deals: Past successes, current relevance, and future upgrades 

2023 is an important year for internet/digital governance as we start revisiting some of the ‘1998 deals’, which laid the foundation for today’s internet/digital governance landscape. After 25 years, we see which arrangements have stood the test of time and which need to be altered to reflect the internet’s growth from 3.6% of the world’s population in 1998 (147 million internet users) to 69% of the world’s population (5.4 billion internet users) in July 2022.

2023 marks a quarter of a century since much of today’s digital governance structure was set. In 1998, the internet governance architecture was developed only in a few months.  

In September 1998:

Google and the Internet Corporation for Assigned Names and Numbers (ICANN) were established.

Discussions were initiated under the UN’s ‘information security’ track that led to the creation of the UN GGE and OEWG. 

The World Trade Organization (WTO) placed itself as a player in the digital economy negotiation table, notably with the adoption of the moratorium on customs duties on electronic transmissions.

In November 1998,

The International Telecommunication Union (ITU) Plenipotentiary conference in Minneapolis, USA decided to host the World Summit on the Information Society (WSIS), initiating a process of digital policy discussions which is active today with the work of the UN Internet Governance Forum (IGF) and the WSIS Forum.  

Dive deeper into the history of internet/digital governance with our Digital cooperation timeline.

Now, there is growing pressure to reform this architecture by: (a) creating mechanisms to make decisions and recommendations on digital policy issues (potentially through a strengthened IGF), (b) creating holistic mechanisms of global data governance, (c)  preserving and advancing the shift towards more inclusive cybersecurity discussions, and (d) avoiding fragmentation trends in the digital economy, currently being brewed by disparate national laws or trade agreements which do not include a large number of developing countries and least developed countries (LDCs). 

1. Technologies: Less hype, more impact

Last year started with a few big promises. Web 3.0, the metaverse, and AI in decentralised blockchain networks promised us astonishing feats. Enthusiasm dwindled towards the end of the year (with the exception of AI’s steady momentum). 

This year started without any announcements about the next big thing in technology. This will create the space to take a step back and see how we would like to shape our digital future.

The metaverse tops the list of the buzzwords in 2022, courtesy of Meta CEO Mark Zuckerberg’s vision announced at the end of 2021. Fast forward to January 2023: The metaverse is not taking off the way it was envisaged by Meta, formerly Facebook, which centred its future business model around the metaverse. The initial monthly target of 500,000 active users on Horizon Worlds – Meta’s metaverse platform – was reduced to 280,000 users. Currently, there are fewer than 200,000 active users per month. Some of Horizon’s virtual spaces have never been visited. 

Yet, we feel this slow down is temporary. Heavyweights Microsoft, Apple, and Google are also heavily investing in metaverse applications and tools. A new generation of users with gaming experience will dominate the internet population in the coming years. In the long-term, the metaverse or virtual/extended/augmented realities are here to stay, and 2023 will be the year for background developments and regrouping, ahead of future growth in the metaverse, VR, and AR in the medium- and long-term. 

Blockchain suffered a negative spillover from the recent troubles on the cryptocurrency market. The demise of the FTX showed how the technical architecture of blockchain can be abused to achieve the exact opposite of the proclaimed benefits.   

Blockchain technology’s potential for decentralisation can be easily transformed into centralised control by those who control access to blockchain-driven platforms and services.  This is what happened with the tech platforms, which ended up dominating the internet market despite the decentralised technical design of the internet as a network of networks. Whether the same will happen with blockchain remains to be seen in the coming years. 

Last but not least, AI is gaining maturity both in the realisation of AI potential and governance. At the end of 2022, Lensa and ChatGPT created new possibilities for generating texts and images. In 2023, AI will have to move towards productive use, requiring less technology and more organisational and management changes for optimal interaction between humans and machines.

2. Digital geopolitics: From submarine cables to satellites

Digital geopolitical tensions are showing no signs of easing in 2023, especially between the USA and China. Worse, global conflicts and tensions could trigger the fragmentation of the internet. Digital geopolitics will be centred around the protection of submarine cables and satellites, the production of semiconductors, and the free flow of data.

Tensions in digital geopolitics are showing no signs of abating in 2023, particularly between the USA and China. As The Economist argues, ‘The tech war between America and China is just getting started’. The next major test in digital relations between the two countries will be the question of TikTok’s status in the USA.

There are at least three main areas where geopolitical tensions will play out more intensely.

(a) The interplay between digital interdependence and sovereignty

Sovereignty, whether it’s digital, data, AI or cyber sovereignty, will remain high on the agenda in 2023. Governments will want to extend their legal jurisdiction over digital activities on their territory and reduce the risks of negative security and economic spillovers from integrated digital networks.

Full sovereignty will be much harder to achieve in the digital world, though, because of how the internet works and how powerful tech companies are.

Approaches to digital sovereignty will vary, depending on a country’s political and legal systems. Legal approaches include national regulation and court judgments; technical ones vary between data filtering and frowned-upon internet shutdowns. 

The term sovereignty will also be used more often in the context of the digital self-determination of citizens and communities, mainly related to control over data and future AI developments. 

Digital interdependence will provide a reality check for initiatives for more digital sovereignty. It is supported by a strong drive of citizens, companies, and countries to be connected across national borders. It can even survive wars. During the Ukraine war, many interdependencies between the two countries have been cut, but it is still possible to exchange messages between citizens in Russia and Ukraine via the internet.

(b) Infrastructure geopolitics: Submarine cables, satellites, semiconductors

Submarine cables are the most vulnerable part of the global digital infrastructure. A major disruption of internet cables, as has happened in the past, could cut entire countries off from the internet. There are over 500 submarine cables, totalling approximately 1.3 million kilometres in length. It’s hard to physically protect such a large network of submarine cables, especially from new, high-tech submarines that are run by naval powers. However, much more needs to be done to ensure the legal protection of submarine cables, which are critical infrastructure of our modern society. 

Satellites may offer some alternatives, but they can’t replace fibre as a global backbone. They have also been shown to be susceptible to geopolitics, such as the hacking of ViaSat or Musk’s pondering whether to continue the provision of Starlink services to Ukraine. Beyond the role that satellites play in giving people access to the internet or letting them talk to each other in an emergency, outer space activities are likely to get more and more attention in governance and diplomacy talks in the coming years. Issues related to frequency interferences, satellite collisions, the cyber-resilience and security of space services, space debris, the exploration of space resources, and the growing competition between nations as well as between private actors will continue to grow in relevance, building on recent developments. 

In 2022 we saw, for instance, a new ITU resolution calling for strengthened public-private cooperation in ensuring that ‘the benefits of space will be brought to everyone, everywhere’; the launch of a UN Open-ended working on reducing space threats through norms, rules and principles of responsible behaviours; and a growing number of countries joining the Artemis Accords (spearheaded by the USA, the Accords outline principles to enhance the governance of civil exploration and use of outer space). It is also telling that the 2024 Summit of the Future, called for by the UN Secretary-General, is expected to include a track on outer space, with the goal to ‘seek agreement on the sustainable and peaceful use of outer space’.

Dive deeper: Space diplomacy  

Semiconductors are at the centre of the geopolitical battle between the USA and China. The US approach of limiting China’s access to cutting-edge microchips and technology production started with President Trump and continued with the Biden administration. China will need years to put together the technology for the production of the next generation of more sophisticated semiconductors.  

These geopolitical tensions are having a rippling effect: 

1. Taiwan, with its Semiconductor Manufacturing Company Limited (TSMC) as the main manufacturer of microchips, is now at the centre of the China-US tension.
2. The USA, Europe, and India have started building their own semiconductors industry to avoid future vulnerabilities, especially in case of a Taiwan war or an economic blockade. 
3. The USA will invest US$280 billion in domestic research and production, aiming, among others, to boost Intel’s manufacturing capabilities and to set up TSMC factories in the USA.
4. The EU’s Chips Act looks at mobilising almost 50 billion euro in public and private investments in the research and production of semiconductors. 
5. Chinese government and companies are investing in the semiconductors field to reduce their reliance on western technologies; Chinese big tech companies – the likes of Alibaba, Huawei, Tencent, and ZTE – are joining RISC-V International, a group focusing on open-source processor architectures. 

(c) Data flows in emerging geopolitics

A general trend has been for countries to store more data on their territory, especially critical data such as health records and digital identities of citizens. 

Many countries will have to balance data sovereignty and integration in the global economy. The more data they keep within national borders, the less they can benefit from the international digital economy and growth. Free flow of data will be essential for small and export-oriented economies.

Data sharing will be critical for dealing with global issues such as climate change. At the same time, data that is collected and processed locally can lead to new AI and open data services on a national or regional scale, which could support the growth of local economies and cut into the profits of some big tech companies. 

3. IBSA digital moment(um): Linking development, democracy, and diplomacy

IBSA, which stands for India, Brazil, and South Africa, is a group of democracies and developing economies with vibrant digital scenes. They are strong supporters of multilateral and multistakeholder approaches, with many examples of inclusion of the tech community, academia, the private sector, civil society, local communities, and other actors in digital governance. 

Can these three countries, which all care about development, democracy, and diplomacy, bring new energy to digital governance?

India, Brazil, and South Africa (IBSA)  – which collaborate together through the IBSA Forum – are likely to play a prominent role in the process of reforming digital governance. 

There’s momentum around the three D’s: The trio are developing economies, functional democracies, and supporters of multilateral diplomacy. 

The first tangible results from IBSA’s digital momentum could be expected during India’s G20 presidency, which, among others, will promote ‘a new gold standard for data’. 

(a) IBSA and development 

Digitalisation is the engine of growth in IBSA economies. Among the three countries, India is the leader, with a vibrant digital economy. In all three, future digital growth will happen due to their large and young populations and economic dynamics.

But digitalisation also tends to exacerbate major societal tensions that these countries face, including the digital divide, and the need to have digital governance that will reflect local cultural, political, and economic specificities. 

The three countries have spearheaded digital inclusion by prioritising affordable access to citizens, by supporting training for digital skills, and by a legal framework for the growth of small digital enterprises. For example, India’s Aadhaar biometric ID system is seen by many as a leading digital identity initiative, inspiring similar systems in other countries. South Africa has been a leader in the inclusion of women and youth. Brazil works hard with other marginalised groups, from people with disabilities to indigenous people. 

On data and sustainable development, India’s G20 presidency  aims for strategic leadership with the following practical initiatives: self-evaluation of nations’ data governance architecture, modernisation of national data systems to incorporate citizen voice and preferences regularly, and transparency principles for governing data. With a big population, IBSA countries also see data as a national resource. The Indian G20 presidency’s calls for ‘a new gold standard for data’ can help reconcile the competing issues around  free flow of data and data sovereignty. 

(b) IBSA and democracy

India, Brazil, and South Africa are all working democracies with regular elections and strong civil society scenes. In India, it was a civil society initiative of over 1 million signatures that blocked Facebook’s Free Basics project and helped preserve net neutrality. Brazil has pioneered a unique national multistakeholder model around the Internet Governance Steering Committee (CGI.br). South Africa has had major successes in youth and female inclusion in digital processes on a national level. 

Like other countries, the IBSA trio also have to deal with the digital aspects of their societal and political problems. India has had the highest number of internet shutdowns in the past few years. Brazil has witnessed major misuse of social media platforms during elections. South African women experienced high levels of online violence.

Digital problems are addressed and discussed in media, civil society spaces, and parliaments in India, Brazil, and South Africa. 

(c) IBSA and diplomacy

India, Brazil, and South Africa are supporters of multilateral diplomacy. As members of various international coalitions, processes, and organisations, they have a strong convening capacity. They can also bring about larger regional and global partnerships by engaging countries with similar digital strengths and problems. 

India and Brazil have both hosted meetings of the UN’s Internet Governance Forum (IGF), and both support policy inclusion of academia, civil society, business, and other significant actors. Brazil hosted the 2014 NetMundial meeting, a unique experiment in multistakeholder decision shaping. 

South Africa has been a relatively active actor in global internet governance, from a very prominent role in WSIS negotiations, to engagement in several digital-related processes and discussions such as the OEWG, the Ad-hoc Committee on Cybercrime, UNESCO’s work on the recommendation on ethics and AI, and UN Human Rights Council debates on digital rights.

Many countries, such as Indonesia and Singapore in Asia, Mexico and Argentina in Latin America, and Nigeria, Kenya, and Rwanda in Africa, share IBSA concerns and approaches to digital governance. 

4. Digital cooperation: Build-up for Global Digital Compact and the ‘digital 2025’

In 2023, digital cooperation processes will accelerate the build-up for 2025 when the World Summit on the Information Society (WSIS) implementation will be revisited, including the future of the Internet Governance Forum (IGF). In 2025, UN cybersecurity discussions will evolve from the OEWG towards the UN Programme of Action (PoA). 

The next few years will also bring digital cooperation around the Agenda 2030 closer as digitalisation will become critical for the realisation of the 17 sustainable development goals (SDGs). An important stop on the way to 2025 will be the adoption of the Global Digital Compact (GDC) during the UN Summit of the Future in 2024.

The year 2025 will be significant for the World Summit on the Information Society (WSIS) process. As the WSIS outcomes implementation is revisited, so will the future of the Internet Governance Forum (IGF). 

At the start of 2023, the IGF will provide input into the Global Digital Compact (GDC) process, building on the messages from IGF 2022. Japan, as the host of the next IGF (Kyoto, October 2023), is likely to give new life to the Osaka Track on Data Governance, initiated during Japan’s G20 presidency in 2019. 

Also worth keeping an eye on in 2023 will be the work of the IGF Leadership Panel. Appointed in 2022, the panel is expected to help raise the visibility of the IGF and ‘provide strategic input and advice’ on the forum.

With the IGF’s current 10-year mandate coming to an end in 2025, we will most likely see discussions about the future of the forum accelerating, including its interplay with the work of the Office of the UN Secretary-General’s Envoy on Technology.  

As for the Global Digital Compact process, facilitated by Rwanda and Sweden together with the UN Secretary-General’s Tech Envoy, the multistakeholder consultations will be followed by discussions at a ministerial meeting in September 2023 (dedicated to preparing the 2024 Summit of the Future). 

Throughout 2022, many questions were raised about the GDC process and the compact itself: 

• How exactly will multistakeholder input feed into the development of the compact, given that it will ultimately be a document that UN member states will negotiate and agree upon? 
• How detailed will the compact be in outlining principles for the digital future? And how realistic is it to expect member states to agree on something that has not yet been said before? 

At least some questions should begin to be answered in 2023.

5. Human rights online: Protecting what makes us human

Human rights are both enabled and endangered online. These two extremes will shape online human rights in 2023 with the following specific developments:

• Deeper implementation of the first generation of human rights online, such as freedom of expression, and privacy protection
• Wider protection for the second generation (economic, social, and cultural rights) galvanised around digital inclusion and third generation (environmental, intergenerational, cultural rights) of human rights online
• The emergence of a fourth generation: Protection of human integrity and free will as they will be affected by AI and neuroscience developments  

The main challenge will be to strengthen the application of existing human rights rules online while charting well-balanced regulations for new areas (e.g. regulations that encourage ethical neuroscience developments while protecting human dignity and integrity).

In 2023, we can expect the USA and countries parties to the Declaration for the Future of the Internet to focus on the implementation of freedom of expression, privacy protection, and other first generation human rights. The EU will continue putting emphasis on the protection of data and privacy. In addition, the EU will work more on linking human rights issues to standardisation and to other ways in which technology is developed. 

A holistic approach to digitalisation and human rights will put the question of second generation (economic, social and cultural rights) and third generation (environmental and intergenerational) of human rights in the spotlight. 

The fourth generation of human rights will also become more relevant, triggered by risks as a result of the developments in AI, bio and nanotechnologies. In September 2022, the UN Human Rights Council adopted a resolution asking for a study ‘on the impact, opportunities and challenges of neurotechnology with regard to the promotion and protection of all human rights, including recommendations on how human rights opportunities, challenges and gaps arising from neurotechnology could be addressed by the Human Rights Council’. The Council of Europe also initiated a policy debate on neurotechnologies.

More new angles and aspects will be introduced into the work of the UN human rights bodies. For example, digital inclusion and internet access will gain additional prominence in the context of promoting and protecting the rights of marginalised groups, youth, women, and people with disabilities. 

As human rights issues are increasingly brought up in standardisation discussions, there will be a push for human-rights-by-design approaches to be embedded into technical standards that form part of the design and development process of new hardware and software.

6. Content: The Twitter experiment and content governance

In 2023, countries and companies will intensify their search for better ways to govern content. This will impact the economy, human rights, and the social fabric of societies worldwide. 

On the multilateral level, UNESCO will focus on content as a public good, while the UN Human Rights Council will address content through freedom of access to information. 

In the corporate sector, the success or failure of Elon Musk’s Twitter experiment will have far-reaching implications for the future of content governance. 

Most initiatives on content governance will try to find a balance between the legal status of social media platforms and their social roles. Legally speaking, these are private companies with very little legal responsibility for the content they publish. Societally speaking, these companies are public information utilities that impact people’s perception of society and politics. Twitter’s founder Jack Dorsey described Twitter as ‘the public conversation layer of the internet’.

Currently in the USA, tech platforms are not responsible for the content they host (as per Section 230 of the US Communication Decency Act). Although there are calls from both parties in the US Congress to revisit this arrangement, content governance in the USA is still in the hands of tech companies. The most important thing to happen in the coming year will be how Musk’s policy experiment with Twitter turns out. If he is successful, he may show that a self-regulation model for content governance is possible. If he fails, it will be a sign that the US Congress has to step in with public regulation, most likely by revising Section 230.

In the EU, content governance has shifted towards public regulation. The Digital Service Act (DSA) introduced new, stricter rules that social media companies will have to follow. Their implementation will start in 2023.

Similar to GDPR and data regulation, many countries are likely to take inspiration from the EU’s DSA approach to content governance.

On a multilateral level, UNESCO will host the conference Internet for Trust: Regulating Digital Platforms for Information as a Public Good in February 2023 as the next step in developing content governance around its Guidance for regulating digital platforms: A multistakeholder approach.

7. Cybersecurity: Preserving the internet in difficult times

Inasmuch as we’d like the internet to be a more secure space, there are at least two reasons hindering everyone’s efforts: 

• New vulnerabilities – as a result of our dependency on complex technologies
• The deteriorating global geopolitics with negative spillovers onto digital space 

The good news is that countries worldwide, especially in Africa and Asia, are increasing their cybersecurity protection. It’s also promising to see UN negotiations on cybersecurity continue. The risks are major, but solutions are emerging.

The Ukraine war, which dominated much of 2022, escalated beyond its borders. The war has been fought both on the ground and online, mostly through cyberattacks. The cyber risks we warned about in the early days of the conflict – from misattribution of cyberattacks to cyber-offences against third countries’ critical infrastructure or companies – remain a viable threat. 

Against this geopolitical backdrop, there are two main reasons why it’s an uphill struggle to make the internet a more secure space.

The first is that we are increasing our dependence on technology more rapidly than ever. For example, we’ve moved everything and anything to the cloud, which once looked safe, but now is becoming less so (as the attacks against and breaches into the cloud services of Twitter, Uber, Revolut, and LastPass confirm). Attackers have become more resourceful and determined to breach anything. 

The second is that technology is getting even more complex: 

• Sensors and the internet of things (IoT) are integrated with industrial systems and their operational technology. 
• Smart code and AI are embedded into everything from health applications to lethal autonomous weapon systems (LAWS) like military drones. 
• Systems get connected through emerging communication technologies like Li-Fi (stands for light fidelity), 5G, and low Earth orbit (LEO) satellites. 

In our rush to innovate, many of these emerging technologies still lack security standards and good practices, and are easy targets.

There is room for optimism, however. Many governments and institutions have strengthened their cyber-resilience in response to the threat of more severe and impactful attacks, such as those seen during the Ukraine war. Developing countries are becoming more interested in the cybersecurity agenda, and their increased participation in global processes could put pressure on the leading cyber powers to act more responsibly. 

In the UN Ad Hoc Committee on Cybercrime, whose main goal is to make the first draft of an international convention on cybercrime, countries have made some progress on provisions related to the definitions of cybercrime, procedural measures, law enforcement, and the applicability of international human rights provisions. And while there are many divergent positions, the overall momentum seems promising, and we may hear more good news from Vienna and New York in 2023.

So far, there have been three sessions, and a consolidated negotiating document has been prepared by the committee Chair with the support of the Secretariat. The document is a compilation of states’ proposals regarding the general provisions, criminalisation, procedural measures, and law enforcement of the draft convention.

A second consolidated negotiating document will be prepared in 2023, based on the outcomes of the committee’s third session regarding international cooperation, technical assistance, preventive measures, mechanism of implementation, and final provisions of the convention. Basically, these combined documents could be used as a starting point for member states to write the convention, which is expected to be presented to the UN General Assembly (UNGA) at its 78th session in September 2023.

One of the main debates that is expected to take place before the finalisation of the draft convention is the criminalisation of offences. In brief, one group of states is proposing that the convention is limited to criminalising cyber-enabled and cyber-dependent crimes, while a second group wants to expand the convention’s competence to other offences, including cyberterrorism. If this debate turns into an impasse, states could either agree to go with a limited scope and leave room for further negotiation down the line, or to extend its scope through an optional protocol.  

Another issue is the protection of human rights and fundamental freedoms. Human rights organisations, such as Human Rights Watch, raised concerns over the protection of human rights when countering cybercrime, and are calling for more efforts to ensure their effective protection.

The UN Open Ended Working Group (OEWG) on cybersecurity is a horse of a different colour, which has also made good progress on its mandate. The OEWG, which is half-way through its five-year mandate, has a busy calendar in 2023, with two substantive sessions, more informal consultations on a Points of Contact (PoC) directory, and another annual progress report. 

Another process in the spotlight will be the Programme of Action (PoA), a UN-driven action-oriented mechanism envisioned to provide concrete support for the implementation of agreed cyber norms. The UN General Assembly First Committee declaration of 5 November 2022 on PoA on cybersecurity made the establishment of the PoA a reality. However, its scope, structure, and content are all up for discussion which will intensify in 2023 ahead of 2025 when PoA is supposed to start following conclusion fo the work of the OEWG (2021-2025). 

8. Digital economy: Trade, taxation, and cryptocurrencies

The digital economy will face the full brunt of the economic crisis, with a possible recession in 2023. There will be less money for the next big thing – whatever it may be. As investors opt for safe economic options, digital investments are unlikely to be their table of choices.

Bitcoin, often labelled as the new gold, has lost its allure due to the recent failures of cryptocurrencies. The Web 3.0 dynamism has slowed down. Quantum computing is too far on the horizon to make a major economic impact. 

In digital economy governance, the main focus will be on digital trade, data flows, the implementation of the new global tax deal, and the regulation of cryptocurrencies.

As the economic crisis unfolds worldwide, the digital economy will face the full brunt. Things aren’t looking up for the ‘next big thing’ – there’s not much money around.

With so many daunting prospects for the economy, the governance of the digital economy will focus on three main areas: free trade, data flows, and the implementation of the new global tax deal.

(a) Digital (free) trade 

The World Trade Organization (WTO) will double down on e-commerce negotiations this year. Here’s why.

In 2019, a subset of WTO members came together to form the Joint Statement Initiative (JSI) on e-commerce. The group of 87 member states are working towards a binding agreement, covering both classical trade topics, such as market access and trade facilitation, as well as digital policy issues, such as data flows and localisation, online privacy, cybersecurity, and spam. Many developing countries, including India and South Africa, are critical of this process. But since the parties negotiating make up 90% of global trade, any deal made within this framework will have big effects on how e-commerce is regulated around the world.  

During the past few years, JSI negotiators have managed to agree on some topics that could be considered ‘low hanging fruit’, including spam, electronic signatures and authentication, open government data, consumer protection, and transparency.

During the second half of 2022, the JSI co-convenors – Australia, Japan, and Singapore – launched a stocktaking effort to identify proposals that did not attract enough support, encouraging proponents to withdraw them. A new consolidated version of the negotiating text shows that progress still needs to be made in bridging positions on the most controversial issues, such as data flows, data localisation and privacy. This new version is the basis for 2023 negotiations. 

JSI members have a difficult task ahead if they want to produce a new agreement by the end of the year. An alternative option would be to aim for a ‘tiered outcome’, securing a more modest agreement on issues that promote more convergence among participants while continuing negotiations on other issues in 2024 – a solution that will upset those countries that have placed emphasis on the most digital topics in the negotiating agenda, and which perceive these issues as the key to a truly meaningful outcome.

The importance of mainstreaming development aspects of e-commerce is also clear. However, development aspects could remain insufficiently tackled if they are only covered by horizontal and general provisions. Deeper vertical commitments made under specific topics could be a viable option.

While negotiations are still on hold at the WTO, digital trade continues to be regulated by free trade agreements and digital economy agreements, which are mushrooming across the world. The JSI has been seen not only as a breath of fresh air at the WTO, potentially bringing new dynamism to negotiations, but also as a way to counter a growing fragmentation on the digital trade norm landscape.

(b) Implementing the new global tax deal

Celebrated as one of the major deals brokered by the Organisation for Economic Co-operation and Development (OECD), the global tax deal faces a tough test: how to implement it. 

The tax deal, also known as the two-pillar solution (with Pillar I focusing on the reallocation of profits to those countries where there is actual activity, and Pillar II setting a global minimum tax of 15%), has been backed by over 130 countries. 

The negotiations on Pillar II are the most advanced. Countries around the world have been publishing draft proposals and launching national public consultations. In December 2022, the EU finally agreed on a draft directive to implement Pillar II in the EU bloc. This came after almost a year of negotiations, first blocked by Poland, and then blocked by Hungary for six months. The USA has also passed a 15% minimum tax (the Inflation Reduction Act), however it still needs to be refined (or reconciled) with the OECD’s global minimum tax to be fully compliant with Pillar II. So what to expect in 2023? 

These negotiations will continue. The USA has work to do. So does the EU, albeit the major impasse seems to be over now. The ultimate aim is that all countries who agreed to the OECD global tax deal in 2021 will eventually have their legislation in order. With the exception of the handful of countries in the no-camp, corporations will not be able to seek refuge in any tax havens, as most countries will have a minimum of 15% tax rate.

However, since the pillars are tied together, we can also expect that some countries will not want to go all the way on Pillar II before there is enough groundwork on how to implement Pillar I.

The negotiations on Pillar I are also moving forward. One of the main challenges is that the technical discussions are complex  – and lengthy. Pillar I will also require countries to drop their unilateral taxes. But if the process takes too long, especially on the USA side (USA companies will be hit the most by the new global tax rule), countries such as Canada will continue threatening to impose new unilateral taxes, or keep existing ones in place. So what can we expect here?

In 2023, complex negotiations will continue designing Pillar I’s ‘Amount A’ (the new taxing right for jurisdictions over parts of the profits made by multinational companies) and ‘Amount B’ (how to price a company’s baseline marketing and distribution activities). The multilateral convention originally planned to be finalised by mid-2022, is now expected by mid-2023. When it comes to the more advanced Pillar II, the multilateral instrument that will implement parts of the new rules is now also expected to be finalised by mid-2023. 

Meanwhile, the biggest risk is stalled negotiations related to Pillar I, which could jeopardise the implementation of Pillar II. Countries could also continue to propose new unilateral tax rules in the hope that this will speed up Pillar I negotiations. Whatever unilateral rules are proposed, these will have to be temporary until the global OECD rules are implemented.  

There is also an ongoing debate on the impact on developing countries: All of these rules, developing countries say, will favour mostly developed countries, so, there needs to be more incentive for developing countries to implement them. In addition, the rules are too complex. What can we expect here? Major players in the global tax deal debate are the USA and the EU. Developing countries may continue to raise concerns, but they do not have enough leverage to change the rules. Regarding complexity, we can also expect the OECD to try to simplify the implementation of the rules, as it started doing in 2022. It’s a tall order, however – tax rules are inherently complex.  

(c) A time of reckoning for cryptocurrency

The year 2022 delivered two opposite sides of the cryptocurrency hype cycle. After the all-time high values in late 2021, the year 2022 started with a declining trend which proved to be constant throughout the year. 

Currently, bitcoin sits at US$ 16,500, which is an issue for bitcoin miners, as this price is on the edge of the costs of mining. This led one of the largest publicly traded cryptocurrency firms Core Scientific (USA) to file for bankruptcy in December 2022. 

_{Bitcoin price fluctuations over the span of a year.}

The year 2022 will be remembered as a year of major breakdowns for the industry’s big players. It started with the collapse of ‘algorithmic stablecoins’ like Luna, extended to the cryptocurrency landing platforms like Celsius, and finished with a bang: the fall of the third largest cryptocurrency exchange in the world, the FTX.

The FTX exchange, headquartered in the Bahamas, misused more than US$2.5 billion of their customers’ funds, syphoning it to a sister company Almeda Research. This high-profile case raised the concern of regulators worldwide. In 2023, states will continue to adopt digital asset regulations, in particular, related to consumer protection, and the clear involvement of the financial institutions in control of the industry. 

It will certainly be a year of reckoning. The key question will be the one which The Economist posed: Can crypto survive its latest winter?

9. Digital standardisation: Governance through technical means 

In 2023, the relevance of digital standards as a ‘soft governance’ approach will increase. Standards provide alternatives to the lack of multilateral policy agreements. 

Standards are also practical, useful, and directly relevant for citizens. For example, in 2023, new iPhone users will be able to use standard USB-C for charging iPhones after Apple had to give up its proprietary plug following pressure from the EU. In 2023, the first home devices built around Matter standards will come to the market. Lightbulbs, thermostats, and other internet of things (IoTs) will become interoperable and simpler to use.

The lull in fast tech developments will provide an opportunity to set standards for the future tech growth of AI, the metaverse, and quantum computing, among others. And, continuing trends from previous years, we will most likely see intensified cooperation on digital standardisation issues between certain countries, as well as a stronger interplay between standard-setting and human rights processes.

Although largely invisible, technical standards are all around us, from the protocols that make the internet work, to the dozens of specifications embedded into our mobile phones. At their core, standards describe how technologies, products, and services are made and how they work. This lets them work together and makes services safer and better.

For instance, one major breakthrough in 2022 was the Connectivity Standards Alliance adoption of Matter, a standard for interoperability between smart home devices. Supported by tech giants Apple, Amazon, Google, and Samsung, the new Matter standard is expected to increase the security of home devices. In the words of president and CEO of the Connectivity Standards Alliance Tobin Richards: ‘Matter also raises the bar for security, using blockchain to validate and store credentials on the home network, encrypting messages (commands) between devices, enabling local control (no cloud), and including a pathway to easy security updates’. 

Beyond their technical nature, standards also have economic, social, and (geo)political dimensions. This multifaceted nature of standards has become increasingly visible in recent years. For instance, standards made it on the agenda of bilateral and multilateral intergovernmental frameworks such as the G7, G20, the Quad (Australia, India, Japan, the USA), and the EU-US Trade and Technology Council. They have also been discussed in unusual settings, such as the UN Human Rights Council. 

What can we expect to see in 2023?

(a) Relevance of standards: From strength to strength

We can expect standards and standardisation processes to continue to increase in relevance in 2023 and beyond, in particular against the backdrop of intensifying technological competition between nations. Like-minded countries will likely work to strengthen cooperation and coordination on standards-related matters, in particular when it comes to the development of standards for emerging and advanced technologies. The EU-US Trade and Technology Council is just one example: building on agreements reached in 2022, the EU and the USA will work to increase standards cooperation and advance the development of international standards in areas such as quantum information science and technology, additive manufacturing, post-quantum encryption, and IoTs. 

(b) A growing relationship with human rights

Another trend picking up in 2023 will be the nexus between human rights and digital standards. To start with, the Office of the High Commissioner on Human Rights will deliver its report to the UN Human Rights Council on ‘the relationship between human rights and technical standard-setting processes for new and emerging digital technologies’, as requested by the council in a June 2021 resolution. The report is likely to include recommendations on fostering more convergences between human rights and standardisation processes, as well as on strengthening the participation of civil society groups in standard-setting work. Then, within standards developing organisations (SDOs) themselves, there will likely be more and more discussions on the human rights implications of the standards under development, for instance, when it comes to AI, IoT, digital identities, and more. 

(c) Standards as de facto governance tools

Standards are, in general, voluntary, and their success depends to the extent they are taken up by the industry. But sometimes, there are also clear links between standards and regulations: Standards can serve as the basis for regulation or can be used as regulatory tools themselves when they are made compulsory by law. The nexus between standards, regulations, and overall digital transformation is illustrated, for instance, by the upcoming 7th Cybersecurity Standardisation Conference in Brussels on 7 February, which will discuss standardisation as a way of supporting the EU’s cybersecurity-related laws such as the Cyber Resilience Act. 

As regulation tends to lag behind technological progress, standards have an important role to play in ensuring the quality, safety, and security for technologies that are not yet covered by regulations. Moreover, as current geopolitical tensions are poised to reduce the chances for multilateral digital governance solutions, internationally-agreed digital standards could fill in this void by becoming de facto governance tools. 

(d) New standards in the making 

While we expect some of the hype around advanced/emerging technologies (quantum computing, the metaverse, etc.) to tone down, standardisation processes will accelerate. For example, work on various standards for quantum computing and quantum communication will advance within bodies such as ITU, the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). When it comes to standardisation activities for quantum-safe cryptography, such work is also being carried out by national and regional SDOs such as the National Institute of Standards and Technology (NIST) in the USA and the European Telecommunications Standards Institute (ETSI) in the EU. 

A few standardisation initiatives are emerging in order to ensure the future interoperability of metaverse platforms. The most prominent is the Metaverse Standards Forum supported by major tech companies. Also noteworthy is the pre-standardisation work on metaverse initiated at the ITU in December 2022. Similar pre-standardisation work, this time in relation to mobile networks, is gaining momentum at ETSI, where an industry specification group has started exploring use cases and frequency band requirements for terahertz (THz) communications, which is a candidate technology for 6G networks.

10. Data governance: Moving away from a one-size-fits-all approach

As discussions on data governance mature, 2023 will see a departure from the one-size-fits-all approach towards conversations on how to regulate the different types of data, such as personal, corporate, public, health, etc. In parallel, this will require a holistic approach that takes into account the standardisation, security, human rights, and legal perspectives.  

For governments worldwide, 2023 could be a landmark year in their search on how to reconcile two aspects: 

• The need to ascertain sovereignty over critical and sensitive data that needs to be stored physically on national territories (registries, health data, etc.)
• The fact that free flow of data across national and corporate borders facilitates economic development and contributes to the public good (e.g. environmental data)

Win-win solutions are of course ideal, but realistically, governments will have to make optimal trade-offs between the two.

In 2023, data will be prominent on the development and trade agenda. India has put data and development high on the Agenda of India’s G20 presidency this year. Data will also be a central theme in e-commerce plurilateral negotiations at the WTO. Most likely, Japan – as a promoter of the free flow of data – will also try to put data high on the agenda of the IGF, which will be hosted in Kyoto, Japan in October 2023. 

So what can we expect these discussions to focus on? There are at least four main policy questions that these forums, as well as other national and regional spaces, are expected to tackle.

(a) How to develop and apply adequate and appropriate regulation to specific types of data

We tend to group all kinds of data into one basket, but in reality, there are different kinds of data – from personal data to sector-specific and open data – all of which need a dedicated data governance approach. 

In 2023, data governance will mature with the realisation that we need as many governance approaches as there are types of data. Thus, the way we govern personal data needs to be different from the way we tackle scientific, business, or communal data. 

This realisation will be gradual and will be initiated in organisations and systems that manage specific data (e.g. World Health Organization for health data, World Meteorological Organization for weather and climate data, etc.). 

(b) How to address data governance issues in multidisciplinary ways

In 2023, countries, companies, and international organisations will have to address the multidisciplinary nature of data governance in holistic ways. It will require organisational, procedural, and practical changes in order to address the following levels of data governance:

• At the technical level, data needs standards in order to be interoperable. Here, the work of standardisation and technical bodies becomes essential. 
• At the security level, data is subject to many breaches. Data security is at the centre of activities of the tech industry and governments worldwide. 
• At the economic level, the internet business model is based on data. The role of tech companies which process user data, and the role of authorities to ensure users and their data are protected, come into play.
• At the legal and human rights level, the main issue pertains to the protection of users’ rights, including the right to privacy and data protection as well as protection from mass surveillance. Since rules are anchored in geographical spaces, jurisdiction is often the main issue that arises in disputes. Courts have increasingly become de facto rule-makers. Civil society plays an important role in advocating for users’ rights.

(c) How to incorporate data governance into traditional policy fields and practices

As data becomes critical for all fields of global cooperation, international organisations will need to intensify the use of data in their activities in 2023, be it health, migration, or trade. Increasing their reliance on data will contribute to more evidence-based policymaking. 

At the same time, the growing relevance of data will also make data governance more political. As has already been happening in the health sector, countries will need to negotiate what type of data they are willing to share with international organisations and how this data will be used. 

(d) How data regulation will likely affect the use and development of AI

AI is built on data, which means that data governance and AI governance go hand in hand. Emerging AI applications such as ChatGPT will trigger more discussions on the deeply-rooted relationship between the two. 

11. AI governance: From debates on ethics to practical governance solutions

AI has entered daily life and continues to challenge existing systems in new and more visible ways. Take OpenAI’s recently launched ChatGPT model: it may be fun to play with, and it surely is impressive, but it is also challenging for educational systems (with professors now trying to detect AI-written texts instead of plagiarised ones), and raising new questions about the protection of intellectual property rights. How prepared are we to deal with these and similar issues? How can existing AI governance address new AI challenges? 

As AI becomes more prevalent in everyday life, questions about how to govern it will become more important. The growing practical relevance of AI will also shift focus from general discussions on ethics (i.e. how to ensure that AI solutions are developed and used in line with ethical principles) to more hands-on issues such as, for example, adjusting pedagogy and educational policies to a possibility that AI can draft students’ assignments and thesis. Similar examples of AI-driven policy changes could be identified across economic, cultural, legal, and other fields. 

The good news is that we will not need to start from scratch. There are numerous ongoing national, regional, and global policy and regulatory processes.

In 2023, Europe will keep its tradition of being a trendsetter in digital governance (think of data, cybersecurity, and anti-monopoly) by advancing the work on the EU’s draft AI Act and the Council of Europe’s Committee on AI’s work on a draft convention on AI and human rights.

Within the EU, there’s a good chance that the  AI Act may be adopted in early 2024. It will all depend on how fast the European Parliament, the Council of the EU, and the European Commission can come to an agreement on contentious points. As the negotiations move forward, many digital actors will step up their lobbying in Brussels because the EU regulation could have effects outside of the EU, like the GDPR. The AI Act could also create tensions with the USA, a strong proponent of self-regulation. 

At the Council of Europe, the Committee on AI (CAI)  has started discussing a Zero Draft [Framework] Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law. The draft presented during the Committee’s latest meeting in September 2022 is not yet public, but the European Commission – party to the discussions – has revealed that it covers provisions related to: 

• ‘purpose and scope of the (framework) convention;
• definitions for an AI system, lifecycle, provider, user and ‘AI subject’;
• certain fundamental principles, including procedural safeguards and rights for AI subjects that would apply to all AI systems, irrespective of their level of risk;
• additional measures for the public sector as well as AI systems posing ‘unacceptable’ and ‘significant’ levels of risk identified on the basis of a risk and impact assessment methodology (to be set out later in an annex to the convention);
• follow-up and cooperation mechanism between the parties;
• final provisions, including a possibility for EU Member States to apply EU law in their mutual relations for matters covered by the convention and a possibility for the Union to accede to the convention.’

The drafting and negotiation process will advance in 2023 with two CAI meetings: 11–13 January and 1–3 February. 

There’s a potential overlap between the two processes, as a recent decision of the Council of the EU indicated: ‘ The convention overlaps to a large extent with [the AI] legislative proposal in its scope since both instruments aim to lay down rules applicable to the design, development, and application of AI systems, provided and used by either public or private entities.’ To resolve this, the Commission has been mandated by the Council to represent the EU in CAI negotiations on ‘matters falling within the exclusive competence of the Union, in order to protect the integrity of Union law and to ensure that the rules of international law and Union law remain consistent’. It remains to be seen how the two parallel processes will evolve and how potential overlaps will be tackled. 

12. The future of work: Hybrid is the new normal

The year 2022 brought us a revanche of meetings as people reconnected in physical spaces and meetings worldwide. In 2023, work and negotiations will ‘settle’ to a hybrid format, combining elements of online and in situ interactions. In addition to Zoom and online meetings, new virtual reality tools will be developed to facilitate seamless online interaction. The focus will be on new routines, procedures, and regulations for hybrid interaction, from regular work to diplomatic negotiations.

The shift to an online way of doing things had long been coming. Companies had already begun slowly experimenting with new work-from-home practices, perhaps once a month, maybe once a week. Employees rejoiced, but managers treaded carefully.

In 2020, the Covid-19 pandemic changed everything. Workplaces were encouraged to shift to online work almost overnight. Employees set up shop in their living rooms. Zoom’s profits skyrocketed. 

As the pandemic began to release the world from its grip, the hybrid way of working and meeting (a mix of working face-to-face from the office, and online from home) emerged as the new norm. With it came a new set of policy considerations:

• How are online meeting tools handling the personal data of users, especially children, who have had to start making use of virtual classrooms?
• What are the risks and negative effects of surveilling performance (if companies really need to)?
• How should governments tackle the status of gig workers, a sector which exploded during the pandemic due to the high demand for the service, and the flexibility it offers?