Discussion Paper

No. 2017-27 | June 06, 2017
G20 safeguards digital economy vulnerabilities with financial sector focus
(Submitted as G20 Policy Paper)


The G20 can ensure a secure, resilient, sustainable and responsible digital economy, especially in the financial sector, by removing vulnerabilities in Internet infrastructure, encouraging cross-border cooperation, providing guidance to telecommunications regulators and implementing norms regarding cyber-attacks.

JEL Classification:

L86, L59, L96, O38


  • Downloads: 245


Cite As

Barry Carin (2017). G20 safeguards digital economy vulnerabilities with financial sector focus. Economics Discussion Papers, No 2017-27, Kiel Institute for the World Economy. http://www.economics-ejournal.org/economics/discussionpapers/2017-27

Comments and Questions

Krish Chetty - Review with a South African Perspective
June 15, 2017 - 09:08

Carin’s article raises crucial concerns pertaining to the regulation, protection and future growth of global e-commerce. Whilst technology grows rapidly, regulation has not kept pace leaving various vulnerabilities to which the globe will continue to face, if international agreements are not introduced and operationalized at all levels of the digital ...[more]

... economy value chain. Although these challenges must be addressed, international agreements must also ensure suitable emphasis is directed to the challenges faced by low/middle income countries. In review of Carin’s paper, I would like to share a few experiences and challenges faced in South Africa and other low/middle income countries.

Carin argues that the need for ecommerce safeguards is vital to promote inclusive growth. The argument made is that services such as online shopping are stifled, due to safety concerns. Whilst this is true and significant in developed countries, one must also consider that digital security may not be considered a leading priority in many low/middle income countries. A vast share of the G20 countries’ population remain offline due to barriers such as infrastructure access, cost and a lack of skills. The International Telecommunication Union (ITU) (2016) notes that half the world’s population is disconnected from the Internet, with over 75% without access across Africa. To promote a more inclusive digital economy, I would argue that a broader strategy is needed to target the challenges of low/middle income countries.

Carin’s recommendations pertain to the need to support cross border cooperation, provide guidance to telecommunication regulators and implementing norms pertaining to cyber-attacks. From a South African perspective, it is of vital interest to ensure that the benefits of e-commerce accrue to the country from which a product/service is sourced. South Africa’s E-commerce Green Paper of 2000 recognises this challenge as one of central importance. Thus the country requires the legal foundation for taxation, custom duties, intellectual property rights and data protection to be established amongst other concerns (South African Department of Communication, 2000). Similar concerns are raised by the UNCTAD Secretariat (2015), which noted the key legal concerns related to E-commerce are e-transaction laws, consumer protection, privacy and data protection, and cybercrime. Developing countries, particularly in Africa in 2014, have far less legislation in place when compared to the developed world with respect to ecommerce protections. Thus, we tend to find that challenges in the developing world are positioned at more elementary levels when compared to those faced by developed countries.

I share Carin’s sentiment that the language of the recommendations adopted by international bodies could be made stronger and more specific, in order to hold member countries to making any possible verifiable commitment. Recommendations which stress ‘cooperation’ and ‘trust’ are generally universally accepted, but lack the necessary content to support significant policy changes amongst member nations. I further agree that the digital economy cannot be safeguarded by policies within a single country. The very nature of the digital economy, is one that cannot be described by borders, thus the need for international agreements. In the absence of international cooperation and agreement, countries may choose to adopt the approach of China to suppress particular streams of information due to the inherent insecurities of the medium. Such an approach is not ideal.

Carin believes that international cooperation is essential for promoting affordable access for the global population. In this area, the author believes that developing trust between nations is needed to maintain and develop growth. However, in my opinion, the emphasis on developing trust amongst nations needs to be supported with a broader strategy which promotes greater inclusion amongst low/middle income countries. Such a strategy should promote business to business, business to consumer, consumer to consumer and government to business cooperation using e-commerce channels as discussed by UNCTAD (2015). As UNCTAD notes the barriers to growth include “inadequate ICT infrastructure and use, unreliable and costly power supply, limited use of credit cards, lack of purchasing power and underdeveloped financial systems.”

I find Carin’s recommendations pertaining to Internet Service Providers, Communication norms for diplomatic and technical channels and the indicators emanating from the Cyber Green Institute, highly relevant and leaves the reader wanting to know more about the specific needs to support these concerns. With regards to the recommendation to vaccinate the internet, I would suggest that Carin offers a framework which could be used as a guide for nations to follow. For example, it would be useful to note whether Carin’s research is supportive of the Industrial Internet Consortium’s Security Framework pertaining to the Internet of Things (2016). The framework was informed by participants from various sectors and details how security can be embedded into the architectural design of new products. Carin’s opinions on possible limitations of such a framework may develop the conversation pertaining to further areas to be addressed.

I disagree with the notion that digital priorities, as discussed in the OECD Report of January 2017, cannot be managed concurrently. The challenge faced by the G20 is to how to simultaneously address the challenges faced by both high and middle/low income countries. This challenge manifests in the order of prioritisation, expressed in research recommendations, derived from these countries’ contexts. Low/middle income countries will need to support recommendations which promote security, regulation and management of the digital economy, even if such recommendations are not immediate priorities. Similarly, higher income countries should recognize and support recommendations which foster conditions for greater digital inclusion within low/middle income countries.

Industrial Internet Consortium. (2016). Industrial Internet of Things Volume G4 : Security Framework. Industrial Internet Consortium. Retrieved from https://www.iiconsortium.org/pdf/IIC_PUB_G4_V1.00_PB.pdf

International Telecommunication Union. (2016). Facts and 2016 figures. Retrieved from http://www.itu.int/en/ITU-D/Statistics/Documents/facts/ICTFactsFigures2016.pdf

South African Department of Communication. (2000). Green paper on Electronic Commerce for South Africa. Pretoria. Retrieved from http://www.info.gov.za/view/DownloadFileAction?id=68917

UNCTAD. (2015). Information Economy Report 2015: Unlocking the Potential of E-commerce in Developing Countries. United Nations New York and Geneva. Geneva. Retrieved from http://unctad.org/en/PublicationsLibrary/ier2015_en.pdf

UNCTAD Secretariat. (2015). Cyberlaws and regulations for enhancing e-commerce: Case Studies and Lessons Learned. United Nations Conference on Trade and Development. Geneva. Retrieved from http://unctad.org/meetings/en/SessionalDocuments/ciiem5d2_en.pdf

Barry Carin - Response to Krish Chetty
June 28, 2017 - 13:22

see attached file

Anonymous - Referee report
June 21, 2017 - 14:17

This is a very well-supported and detailed policy paper on digital vulnerabilities, particularly as they affect the financial sector. Thus, it is dealing with a highly relevant topic, as illustrated by the list of examples cyber-attacks at the beginning of the paper, the most recent one involving the wannacry virus. ...[more]

My recommendations to the author are mainly fourfold and aim at increasing readability and recall for readers:
First, it might be helpful for the reader to say something about the research that these recommendations are built on.
Second, the topics and recommendations, while important and interesting in themselves, come across as a bit "listy", leaving the reader somewhat lost as to what is being discussed next and why. It would be great to offer some overall framework or structure to strengthen cohesion and better orient the reader.
Third, the financial sector is woven into the text here and there, but many topics are on a more general level (e.g. relating to IoT. "modernizing" the Internet, etc.). It might be worth separating those two levels, maybe moving from general, overarching aspects to somehwat more specific aspects of the financtial sector, e-commerce etc.
Fourth, there are a few places where the writing could be improved, specifically, missing or redundant words, etc. I would also suggest making the Proposal section towards the beginning of the paper more concrete and detailed. The first half of the section is not a proposal, really. After all, this is an important section to catch the reader’s attention.

Barry Carin - Response to referee report
June 28, 2017 - 13:20

see attached file