New developments in technology in the developing world require re-thinking what development aid means. Information security can be the means for protecting a developing country’s critical infrastructure, nascent digital economy and preserving on-line digital rights.
Traditional aid to developing countries has focused on fighting poverty, building infrastructure, protecting the environment, and strengthening democratic institutions including human rights. This formula has served development organisations well in the past, but going forward it may not be adequate to support the rapidly changing technological needs of developing countries.
Developing countries have nascent digital economies with critical infrastructure that relies on sophisticated technologies. In addition, citizens’ access to information, privacy, and freedom of expression—human rights according to the Universal Declaration of Human Rights—are fundamentally at risk without adequate information security protections.
The view of the populations in developing countries being technologically illiterate is now obsolete. This is especially true in areas of Africa where mobile technologies have leap-frogged an entire generation of telecommunications that rely upon on physical infrastructure. A recent survey conducted by the Pew Research Centre in 24 emerging and developing economies showed that in regions where mobile money is prevalent, people now regularly use their mobile phones for e-commerce. For example, in Kenya, 82% of the population owns mobile phones and of that number, 68% regularly use them to make or receive electronic payments.
These emerging digital economies can be at systemic risk from cyber-criminals. Rampant fraud or hacking attacks, for example, could stymie or crash a developing nation’s nascent digital economy. Widespread fraud could deter legitimate participants from using e-commerce and thus prevent nations’ macro-economies from benefitting from the increased speed and reduced costs of digital commerce. Without sufficient protection against cybercrime, economies in emerging nations may never make the jump to fully developed nation status.
Developing nations also face risks to their critical infrastructure from more advanced nation-state actors who, in times of crisis, might use their superior cyber-attack capabilities as a means of intimidation. For example, it was recently revealed by security researchers at Cylance that for the past two years, Iranian hackers have infiltrated the networks of many nations’ airports, defense industries, universities, hospitals, telecommunications firms, government agencies, and energy companies. The Iranian group purportedly used an internally developed software to hack other nations’ critical infrastructure and obtain sensitive information. It does not take much imagination to understand how this clandestine information access might be used to intimidate or coerce nations in times of crisis.
Finally, protecting personal data, freedom of expression, and access to public resources for citizens in developing nations is fundamental to preserve human rights in the digital age. A US-based NGO, Freedom House, recently published a Freedom of the Net study showing that internet users in 41 out of 65 countries assessed in the report have either passed or have proposed legislation to penalize legitimate forms of online speech, increase government powers to control content, or expand government surveillance capabilities. In addition, governments, cyber criminals and state-backed intelligence entities have been known to hack citizens’ personal computers for fraudulent purposes or to gain information of intelligence value. Protecting human rights in the digital realm translates to introducing full-fledged cyber security capabilities and information security awareness.
Developing countries may lack expertise or awareness of cyber risks to their critical infrastructure, their emerging digital economies, and security threats that affect basic human rights. One way this may be overcome is by enhancing programmatic assistance to developing countries through cyber security expertise.
The United Nations Development Programme, for example, is now providing information security assistance to developing countries by facilitating the development of local networks of experts to provide technical expertise; by preparing briefing notes that raise awareness about information security issues to policy- and decision-makers at high-level meetings; and by and sharing case studies, success stories, and lessons learned.
As just one example, the highly successful Access 2 Information project, a joint programme of UNDP and USAID with the Prime Minister’s Office in Bangladesh, is adding, with UNDP’s help, an information security programme to its arsenal of technological assistance for a digital Bangladesh. This kind of innovative new programmatic assistance might serve as a blueprint for effective global development aid in our digital age.
—By Paul Raines. The views expressed herein are those of the author and do not necessarily reflect the views of the United Nations Development Programme.
